Re: [PHP] The difference between ereg and preg?

[Dave Goodchild]

On 04/08/06, Chris <[EMAIL PROTECTED]> wrote:


Dave M G wrote:
> PHP List,
>
> Recently I wrote a piece of code to scrape data from an HTML page.
>
> Part of that code deleted all the unwanted text from the very top of the
> page, where it says " of a "" tag.

> Is there any reason why either ereg or preg would be more desirable over
> the other?
>



Ereg uses POSIX regular expressions which only work on textual data and
include locale functionalily. preg uses PCRE, which work on binary as well
as textual data and is a more sophisticated regex engine, incorporating
minimal matching, backreferences, inline options, lookahead/lookbehind
assertions, conditional expressions and so on.

They are often faster than the POSIX equivalents also.




--
http://www.web-buddha.co.uk
http://www.projectkarma.co.uk

Re: [PHP] The difference between ereg and preg?

[Dave M G]

Chris, Ligaya, Dave,

Thank you for responding. I understand the difference in principle 
between ereg and preg much better now.


Chris wrote:

! in perl regular expressions means "not" so you need to escape it:
\!
Still, when including that escape character, the following preg 
expression does not find any matching text:

preg_replace("/<\!DOCTYPE(.*)/", "", $htmlPage);

Whereas this ereg expression does find a match:
ereg_replace("", "", $htmlPage);

What do I need to do to make the preg expression succeed just as the 
ereg expression does?


Thank you for your time and advice.

--
Dave M G

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] The difference between ereg and preg?

[Ford, Mike]

On 04 August 2006 10:52, Dave M G wrote:

> Chris, Ligaya, Dave,
> 
> Thank you for responding. I understand the difference in principle
> between ereg and preg much better now.
> 
> Chris wrote:
> > ! in perl regular expressions means "not" so you need to escape it:
> > \!

AFAIR, that's only true in the (?! assertion sequence.

> Still, when including that escape character, the following preg
> expression does not find any matching text:
> preg_replace("/<\!DOCTYPE(.*)/", "", $htmlPage);
> 
> Whereas this ereg expression does find a match:
> ereg_replace("", "", $htmlPage);
> 
> What do I need to do to make the preg expression succeed just as the
> ereg expression does?

By default, . in preg_* patterns does not match newlines.  If you are matching 
in a multiline string, use the s modifier to change this:

  preg_replace("//s", "", $htmlPage);

You also don't need the parentheses -- these will capture the entire matched 
expression for use in backreferences, but as you don't have any it's then 
immediately thrown away.  So just use:

  preg_replace("//s", "", $htmlPage);

Cheers!

Mike

-
Mike Ford,  Electronic Information Services Adviser,
Learning Support Services, Learning & Information Services,
JG125, James Graham Building, Leeds Metropolitan University,
Headingley Campus, LEEDS,  LS6 3QS,  United Kingdom
Email: [EMAIL PROTECTED]
Tel: +44 113 283 2600 extn 4730  Fax:  +44 113 283 3211 


To view the terms under which this email is distributed, please go to 
http://disclaimer.leedsmet.ac.uk/email.htm

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] The difference between ereg and preg?

[Dave M G]

Jochem,

Thank you for responding.



does this one work?:
preg_replace('#^<\!DOCTYPE(.*)]*>#is', '', $htmlPage);


Yes, that works. I don't think I would have every figured that out on my 
own - it's certainly much more complicated than the ereg equivalent.


If I may push for just one more example of how to properly use regular 
expressions with preg:


It occurs to me that I've been assuming that with regular expressions I 
could only remove or change specified text.


What if I wanted to get rid of everything *other* than the specified text?

Can I form an expression that would take $htmlPage and delete everything 
*except* text that is between a  tag and a  tag?


Or is that something that requires much more than a single use of 
preg_replace?


--
Dave M G

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] The difference between ereg and preg?

[Robin Vickery]

On 04/08/06, Dave M G <[EMAIL PROTECTED]> wrote:


It seemed that the main difference was that preg_replace required
forward slashes around the regular expression, like so:
preg_replace("//", "", $htmlPage);


It requires delimiters - slashes are conventional, but other
characters can be used.



But that didn't work, and returned an error.


What you've written here shouldn't return you an error - what did the
message say?

I suspect you were trying to match until  rather than  and
the pcre engine thought the forward slash was the end of your regular
expression.


Part of that code deleted all the unwanted text from the very top of the
page, where it says "" tag.


It won't quite do that.

The (.*) matches as much as possible (it's called greedy matching) -
so it'll match and replace all the way down to the *last* instance of
a "" tag.

To make it match for the shortest length possible, put a question-mark
after the ".*" like so:

  preg_replace("//", "", $htmlPage);


Since ereg was working, though, I figured I would just stick with it.

Still, I thought it worth asking:

Is there any reason why either ereg or preg would be more desirable over
the other?


pcre has a performance advantage, has more features and can use the
many regexps written for perl with few or no changes.

ereg is a posix standard.

 -robin

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] The difference between ereg and preg?

[Jochem Maas]

Dave M G wrote:
> Chris, Ligaya, Dave,
> 
> Thank you for responding. I understand the difference in principle
> between ereg and preg much better now.
> 
> Chris wrote:
>> ! in perl regular expressions means "not" so you need to escape it:
>> \!
> Still, when including that escape character, the following preg
> expression does not find any matching text:
> preg_replace("/<\!DOCTYPE(.*)/", "", $htmlPage);

does this one work?:

preg_replace('#^<\!DOCTYPE(.*)]*>#is', '', $htmlPage);

> 
> Whereas this ereg expression does find a match:
> ereg_replace("", "", $htmlPage);
> 
> What do I need to do to make the preg expression succeed just as the
> ereg expression does?
> 
> Thank you for your time and advice.
> 
> -- 
> Dave M G
> 

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Problem with wrapper script for Tidy

[Frank Arensmeier]

Hello.

Since my ISP does not provide the tidy module for Apache, I tested  
writing a wrapper script for a locally installed tidy binary. In  
general, the script is triggered by a modification to the .htaccess  
file like so:


AddHandler server-parsed .php
Action server-parsed /tidy_wrapper.php5

All php pages are by that means "treated" by the script  
tidy_wrapper.php5.


Here is the code for tidy_wrapper.php5:

// Including a line with the commend "" will turn  
off tidy conversion


if ( !stristr ( $output, "" ) ) {
$localfile = tempnam ( '../tmp', "tmp" );
$handle = fopen($localfile, "w");
fwrite($handle, $output);
fclose($handle);

	$command = '/Library/WebServer/CGI-Executables/tidy -iq --show- 
errors 0 --show-warnings 0 -wrap 100 ' . $localfile . ' 2>&1';


exec ( $command, $output_exec );
echo implode ( "\n", $output_exec );
unlink ( $localfile );
} else {
echo $output;
}
exit;
?>

Although the script is actually working fine, there is at least one  
downside: speed. As you can see, the output buffer must be written to  
a file in order to be processed by tidy. I was not able to get tidy  
to accept a string for processing. Doing so, tidy throws en error. I  
have looked through tidy documentation without finding any clues. I  
would appreciate any hints. Any ideas for a walk-around for that file  
saving-thing would be welcome!


Otherwise, I strongly feel that this script might become/be a  
security hole. Because it does not validate the included PHP code, it  
could be misused for doing bad stuff, or am I wrong? Once more, any  
suggestions are welcome.


regards,
/frank

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] The difference between ereg and preg?

[Ford, Mike]

On 04 August 2006 11:30, Dave M G wrote:

> Jochem,
> 
> Thank you for responding.
> 
> > 
> > does this one work?:
> > preg_replace('#^<\!DOCTYPE(.*)]*>#is', '', $htmlPage);
> 
> Yes, that works. I don't think I would have every figured
> that out on my
> own - it's certainly much more complicated than the ereg equivalent.
> 
> If I may push for just one more example of how to properly
> use regular
> expressions with preg:
> 
> It occurs to me that I've been assuming that with regular expressions
> I could only remove or change specified text.
> 
> What if I wanted to get rid of everything *other* than the specified
> text? 
> 
> Can I form an expression that would take $htmlPage and delete
> everything *except* text that is between a  tag and a  tag?

That's where capturing expressions and backreferences come in handy:

preg_replace ("/.*(.*).*/", "$1", $htmlPage);

(add qualifiers and other options to taste, as before!)

Cheers!

Mike

-
Mike Ford,  Electronic Information Services Adviser,
Learning Support Services, Learning & Information Services,
JG125, James Graham Building, Leeds Metropolitan University,
Headingley Campus, LEEDS,  LS6 3QS,  United Kingdom
Email: [EMAIL PROTECTED]
Tel: +44 113 283 2600 extn 4730  Fax:  +44 113 283 3211 


To view the terms under which this email is distributed, please go to 
http://disclaimer.leedsmet.ac.uk/email.htm

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] OT promotion & candidates needed

[Jay Blanchard]

Good news/kinda' bad news (but not really); I am proud to say that I
have been promoted to Director of IT in my little corner of the world.
This creates an immediate opening for a creative applications developer
with PHP, MySQL, Oracle, the usual web skills/experience in the San
Antonio, Texas area. C++ a definite plus, Unix/Linux too. If your code
samples contain no comments you need not apply. Position requires the
wearing of many hats and the ability to learn and process quickly.

Thanks!

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] The difference between ereg and preg?

[Jochem Maas]

Dave M G wrote:
> Jochem,
> 
> Thank you for responding.
> 
>>
>> does this one work?:
>> preg_replace('#^<\!DOCTYPE(.*)]*>#is', '', $htmlPage);
> 
> Yes, that works. I don't think I would have every figured that out on my
> own - it's certainly much more complicated than the ereg equivalent.

1. the '^' at the start of the regexp states 'must match start of the string 
(or line in multiline mode)'
2. the 'i' after the the closing regexp delimiter states 'match 
case-insensitively'
3. the 's' after the the closing regexp delimiter states 'the dot also matches 
newlines'
4. the ']*>' matches a UL tag with any number of attributes ... the 
'[^>]*' matches a number
of characters that are not a '>' character - the square brackets denote a 
character class (in
this cass with just one character in it) and the '^' at the start of the 
character class
definition negates the class (i.e. turns the character class definition to mean 
every character
*not* defined in the class)

PCRE is alot more powerful [imho], the downside it it has more modifiers
and syntax to control the meaning of the patterns...

read and become familiar with these 2 pages:
http://php.net/manual/en/reference.pcre.pattern.modifiers.php
http://php.net/manual/en/reference.pcre.pattern.syntax.php

and remember that writing patterns is often quite a complex - when you build one
just take i one 'assertion' at a time, ie. build the pattern up step by step...

if you give it a good go and get stuck, then there is always the list.

> 
> If I may push for just one more example of how to properly use regular
> expressions with preg:
> 
> It occurs to me that I've been assuming that with regular expressions I
> could only remove or change specified text.

essentially regexps are pattern syntax for asserting where something matches
a pattern (or not) - there are various functions that allow you to act upon the
results of the pattern matching depending on your needs (see below)

> 
> What if I wanted to get rid of everything *other* than the specified text?
> 
> Can I form an expression that would take $htmlPage and delete everything
> *except* text that is between a  tag and a  tag?

yes but you wouldn't use preg_replace() but rather preg_match() or 
preg_match_all()
which gives you back an array (via 3rd/4th[?] reference argument) which contains
the texts that matched (and therefore want to keep).

> 
> Or is that something that requires much more than a single use of
> preg_replace?
> 
> -- 
> Dave M G
> 

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Regular Expresson for checking password strength

[James Nunnerley]

I want to have a regular expression that check the following criteria are
met by $password:

- contains at least 6 characters (any)
- has at least 1 letter
- has at least 1 number
- other 6 characters can be anything...

I'm happy to work out the structure of a postcode etc, but to be honest I'm
still fairly new to working with regular expressions.

What the best/easiest way to check whether a variable contains a range?  It
might be RegExp don't do this?

Cheers
Nunners

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] The difference between ereg and preg?

[Jochem Maas]

Ford, Mike wrote:
> On 04 August 2006 11:30, Dave M G wrote:
> 
>> Jochem,
>>

...

> 
> That's where capturing expressions and backreferences come in handy:
> 
> preg_replace ("/.*(.*).*/", "$1", $htmlPage);
> 
> (add qualifiers and other options to taste, as before!)

ah yes, good point - you can do it with preg_replace() (I only mentioned
preg_match() (et al) - guess I left my regexp hat at home today. :-)

> 
> Cheers!
> 
> Mike
> 
> -
> Mike Ford,  Electronic Information Services Adviser,
> Learning Support Services, Learning & Information Services,
> JG125, James Graham Building, Leeds Metropolitan University,
> Headingley Campus, LEEDS,  LS6 3QS,  United Kingdom
> Email: [EMAIL PROTECTED]
> Tel: +44 113 283 2600 extn 4730  Fax:  +44 113 283 3211 
> 
> 
> To view the terms under which this email is distributed, please go to 
> http://disclaimer.leedsmet.ac.uk/email.htm
> 

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Newbie Form Question

[David Ellsworth]

I was wondering how simple it would be to set up a script to provide a
subscribe/unsubscribe form for a list serve. The form would send an email to
the subscribe address or unsubscribe address as selected.

Thanks

David

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] OT promotion & candidates needed

[Jochem Maas]

Jay Blanchard wrote:
> Good news/kinda' bad news (but not really); I am proud to say that I
> have been promoted to Director of IT in my little corner of the world.

did they give you some pointy hair to go with that title? ;-)

congrats btw :-)

> This creates an immediate opening for a creative applications developer
> with PHP, MySQL, Oracle, the usual web skills/experience in the San
> Antonio, Texas area. C++ a definite plus, Unix/Linux too. If your code
> samples contain no comments you need not apply. Position requires the
> wearing of many hats and the ability to learn and process quickly.
> 
> Thanks!
> 

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] PAYPAL TRANSACTION.

[Shafiq Rehman]

On 7/31/06, Chris <[EMAIL PROTECTED]> wrote:


BBC wrote:
> Hi list..
>
> Please any one point me to the web which talk about making transaction
with paypal step by step. Some body offered me the source
> code and tutorial but until know he or she didn't send me.

http://www.paypal.com

I'm sure someone here has used / set up paypal but they provide complete
instructions on everything you need to do.

If you have any problems, that's what their support team is for.

--
Postgresql & php tutorials
http://www.designmagick.com/

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php





Hi,

You can find PHP code examples for paypal integration at

https://www.paypal.com/cgi-bin/webscr?cmd=p/pdn/software_dev_kit_php-outside

--
Shafiq Rehman
Sr. Web Engineer
http://www.phpgurru.com

RE: [PHP] Newbie Form Question

[Jay Blanchard]

[snip]
I was wondering how simple it would be to set up a script to provide a
subscribe/unsubscribe form for a list serve. The form would send an
email to
the subscribe address or unsubscribe address as selected.
[/snip]

I wondered about that the other day myself and came to the conclusion
that it would be really simple. It must be, others have done it.

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Newbie Form Question

[Duncan Hill]

On Friday 04 August 2006 13:27, Jay Blanchard wrote:
> [snip]
> I was wondering how simple it would be to set up a script to provide a
> subscribe/unsubscribe form for a list serve. The form would send an
> email to
> the subscribe address or unsubscribe address as selected.
> [/snip]
>
> I wondered about that the other day myself and came to the conclusion
> that it would be really simple. It must be, others have done it.

Not terribly difficult at all.  One SMTP library for PHP and you're away.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Newbie Form Question

[Russell Jones]

In most cases, your PHP build is set up with mail() attached to whatever
SMTP you have on the server.

you would just use the following...

mail($recipientemail,$subject,$message);

On 8/4/06, Duncan Hill <[EMAIL PROTECTED]> wrote:


On Friday 04 August 2006 13:27, Jay Blanchard wrote:
> [snip]
> I was wondering how simple it would be to set up a script to provide a
> subscribe/unsubscribe form for a list serve. The form would send an
> email to
> the subscribe address or unsubscribe address as selected.
> [/snip]
>
> I wondered about that the other day myself and came to the conclusion
> that it would be really simple. It must be, others have done it.

Not terribly difficult at all.  One SMTP library for PHP and you're away.

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Newbie Form Question

[David Ellsworth]

Yes, the list serve software has the opt-in/confirmation stuff covered. I'm
just trying to get the sub/unsub form on the website going.

Thanks

David


On 8/4/06 8:40 AM, "[EMAIL PROTECTED]"
<[EMAIL PROTECTED]> wrote:

> are you doing your own mailing list management, or using a package that
> includes an explicit subscribe/unsubscribe confirmation capability?
> 
> if you're doing your own list management, then you need to design an
> explicit opt-in/-out system. i.e., no e-mail address is added to (or
> removed from) the list until the user has responded to a
> specific/unique/non-guessable confirmation bit that is included in the
> confirming message that is sent to them (or some other form of explicit
> confirmation). doing this isn't that hard, but far more than a simple
> form.
> 
> if you're using an existing mailing list management package (that
> includes opt-in/-out confirmation capabilities) and you're simply
> feeding the initial subscribe/unsubscribe request to that facility,
> then this is probably fairly easy.
> 
> [it is unwise (and if this is in the US context, be aware of the
> requirements of the can-spam law) to set up a mailing list that does
> not include opt-in/-out confirmation requirements.]
> 
>   - Rick
> 
>  Original Message 
>> Date: Friday, August 04, 2006 08:14:58 AM -0400
>> From: David Ellsworth <[EMAIL PROTECTED]>
>> To: php-general@lists.php.net
>> Subject: [PHP] Newbie Form Question
>> 
>> I was wondering how simple it would be to set up a script to provide a
>> subscribe/unsubscribe form for a list serve. The form would send an
>> email to the subscribe address or unsubscribe address as selected.
>> 
>> Thanks
>> 
>> David
>> 

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: Regular Expresson for checking password strength

[Al]

James Nunnerley wrote:

I want to have a regular expression that check the following criteria are
met by $password:

- contains at least 6 characters (any)
- has at least 1 letter
- has at least 1 number
- other 6 characters can be anything...

I'm happy to work out the structure of a postcode etc, but to be honest I'm
still fairly new to working with regular expressions.

What the best/easiest way to check whether a variable contains a range?  It
might be RegExp don't do this?

Cheers
Nunners


It can be done; but, it's simpler to simply to make an if() with
(strlen($password) > 5) && (strlen($password) < max) && pre_match("%[a-z]+%i"%, $password) 
&& preg_match("%\d+%", $password)

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] The difference between ereg and preg?

[Dave M G]

Jochem,

Thank you for responding, and for explaining more about regular expressions.


yes but you wouldn't use preg_replace() but rather preg_match() or 
preg_match_all()
which gives you back an array (via 3rd/4th[?] reference argument) which contains
the texts that matched (and therefore want to keep).
I looked up preg_match_all() on php.net, and, in combination with what 
was said before, came up with this syntax:


preg_match_all( "#^]*>(.*)]*>#is", $response, $wordList, 
PREG_PATTERN_ORDER );

var_dump($wordList);

The idea is to catch all text between  and  tags.

Unfortunately, the result I get from var_dump is:

array(2) { [0]=> array(0) { } [1]=> array(0) { } }

In other words, it made no matches.

The text being searched is an entire web page which contains the following:
(Please note the following includes utf-8 encoded Japanese text. 
Apologies if it comes out as ASCII gibberish)


日本語は簡単だよ
 日本語 【にほんご】 (n) Japanese language; (P); EP 
 簡単 【かんたん】 (adj-na,n) simple; (P); EP 


So, my preg_match_all search should have found:

日本語 【にほんご】 (n) Japanese language; (P); EP
簡単 【かんたん】 (adj-na,n) simple; (P); EP

I've checked and rechecked my syntax, and I can't see why it would fail.

Have I messed up the regular expression, or the use of preg_match_all?

--
Dave M G

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Newbie Form Question

[David Ellsworth]

what I need is what I would use after the form is submitted - responding to
whether the form sent the value (post likely from a dropdown field) of
"subscribe" or unsubscribe" to the posted page for processing.


On 8/4/06 8:52 AM, "Duncan Hill" <[EMAIL PROTECTED]> wrote:

> On Friday 04 August 2006 13:27, Jay Blanchard wrote:
>> [snip]
>> I was wondering how simple it would be to set up a script to provide a
>> subscribe/unsubscribe form for a list serve. The form would send an
>> email to
>> the subscribe address or unsubscribe address as selected.
>> [/snip]
>> 
>> I wondered about that the other day myself and came to the conclusion
>> that it would be really simple. It must be, others have done it.
> 
> Not terribly difficult at all.  One SMTP library for PHP and you're away.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] The difference between ereg and preg?

[Jochem Maas]

Dave M G wrote:
> Jochem,
> 
> Thank you for responding, and for explaining more about regular
> expressions.
> 
>> yes but you wouldn't use preg_replace() but rather preg_match() or
>> preg_match_all()
>> which gives you back an array (via 3rd/4th[?] reference argument)
>> which contains
>> the texts that matched (and therefore want to keep).
> I looked up preg_match_all() on php.net, and, in combination with what
> was said before, came up with this syntax:
> 
> preg_match_all( "#^]*>(.*)]*>#is", $response, $wordList,

^--- remove the caret as you dont want to only match when 
the line
 starts with  (the  can be anywhere on the line)

I'll assume you also have the mb extension setup.

> PREG_PATTERN_ORDER );
> var_dump($wordList);
> 
> The idea is to catch all text between  and  tags.
> 
> Unfortunately, the result I get from var_dump is:
> 
> array(2) { [0]=> array(0) { } [1]=> array(0) { } }
> 
> In other words, it made no matches.
> 
> The text being searched is an entire web page which contains the following:
> (Please note the following includes utf-8 encoded Japanese text.
> Apologies if it comes out as ASCII gibberish)
> 
> 日本語は簡単だよ
>  日本語 【にほんご】 (n) Japanese language; (P); EP 
>  簡単 【かんたん】 (adj-na,n) simple; (P); EP 
> 
> 
> So, my preg_match_all search should have found:
> 
> 日本語 【にほんご】 (n) Japanese language; (P); EP
> 簡単 【かんたん】 (adj-na,n) simple; (P); EP
> 
> I've checked and rechecked my syntax, and I can't see why it would fail.
> 
> Have I messed up the regular expression, or the use of preg_match_all?
> 
> -- 
> Dave M G
> 

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] writing to fild on another server

[blackwater dev]

I have a web server and an images server.  My web server doesn't have
enought space for the images, hence the images server.  I have to download
properties from a realty database hourly and the data goes in to a db on my
webserver while the image needs to be taken from a MSSQL db and written to
the images server as an actual .jpg or .gif file.  Fopen, however, won't let
me write using the http protocol.  How can I open and write files between
servers?

Thanks!

Re: [PHP] writing to fild on another server

[Brad Bonkoski]

blackwater dev wrote:

I have a web server and an images server.  My web server doesn't have
enought space for the images, hence the images server.  I have to 
download
properties from a realty database hourly and the data goes in to a db 
on my
webserver while the image needs to be taken from a MSSQL db and 
written to
the images server as an actual .jpg or .gif file.  Fopen, however, 
won't let

me write using the http protocol.  How can I open and write files between
servers?

Thanks!


Couple of options come to mind, and I'm sure there are many others...

Option 1: nfs mount / share your partition drive(s) on your web server.
Option 2: Write the files out locally and then have a backend process 
that moves them to the image server.


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] writing to fild on another server

[Duncan Hill]

On Friday 04 August 2006 15:50, blackwater dev wrote:
> I have a web server and an images server.  My web server doesn't have
> enought space for the images, hence the images server.  I have to download
> properties from a realty database hourly and the data goes in to a db on my
> webserver while the image needs to be taken from a MSSQL db and written to
> the images server as an actual .jpg or .gif file.  Fopen, however, won't
> let me write using the http protocol.  How can I open and write files

NFS/CIFS mount?

Write locally, scripted FTP across?

Write locally, scripted rsync across?

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] writing to fild on another server

[Paul Scott]

On Fri, 2006-08-04 at 10:50 -0400, blackwater dev wrote:
>   Fopen, however, won't let
> me write using the http protocol.  How can I open and write files between
> servers?

This scenario would be one of the times that I would use LOB's for the
image data. That way you could simply drop in another SQL server when
you start running out of space with 0 downtime.

That being said, why not try a SOAP webservice or a FTP PUT?

We use SOAP where there are no FP servers, and on the local network it
does well with 100MB+ files. I think also fopen and fput do remote
connections, but I may be wrong there.

--Paul

All Email originating from UWC is covered by disclaimer 
http://www.uwc.ac.za/portal/uwc2006/content/mail_disclaimer/index.htm 

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] writing to fild on another server

[Robert Cummings]

On Fri, 2006-08-04 at 10:50 -0400, blackwater dev wrote:
> I have a web server and an images server.  My web server doesn't have
> enought space for the images, hence the images server.  I have to download
> properties from a realty database hourly and the data goes in to a db on my
> webserver while the image needs to be taken from a MSSQL db and written to
> the images server as an actual .jpg or .gif file.  Fopen, however, won't let
> me write using the http protocol.  How can I open and write files between
> servers?

You mean the http protocol won't let you write. At any rate, you can try
using ftp instead of http (you'll need to make sure it's set up on the
images server). Alternatively you can use a network file system or use
CURL or low level sockets to POST them to your images server.

Cheers,
Rob.
-- 
..
| InterJinn Application Framework - http://www.interjinn.com |
::
| An application and templating framework for PHP. Boasting  |
| a powerful, scalable system for accessing system services  |
| such as forms, properties, sessions, and caches. InterJinn |
| also provides an extremely flexible architecture for   |
| creating re-usable components quickly and easily.  |
`'

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: Regular Expresson for checking password strength

[Adam Zey]

Al wrote:

James Nunnerley wrote:

I want to have a regular expression that check the following criteria are
met by $password:

- contains at least 6 characters (any)
- has at least 1 letter
- has at least 1 number
- other 6 characters can be anything...

I'm happy to work out the structure of a postcode etc, but to be 
honest I'm

still fairly new to working with regular expressions.

What the best/easiest way to check whether a variable contains a 
range?  It

might be RegExp don't do this?

Cheers
Nunners


It can be done; but, it's simpler to simply to make an if() with
(strlen($password) > 5) && (strlen($password) < max) && 
pre_match("%[a-z]+%i"%, $password) && preg_match("%\d+%", $password)


Some mistakes there:

1) You want to assign strlen to a variable before the if, since you're 
calling it twice in the if. I'm not certain how fast strlen is, but it's 
usually a bad idea to repeat useless function calls like that.


2) Isn't your second function call supposed to be preg_match, and not 
pre_match?


Regards, Adam Zey.

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] writing to fild on another server

[Ray Hauge]

On Friday 04 August 2006 10:07, Robert Cummings wrote:
> You mean the http protocol won't let you write. At any rate, you can try
> using ftp instead of http (you'll need to make sure it's set up on the
> images server). Alternatively you can use a network file system or use
> CURL or low level sockets to POST them to your images server.
>

That's what I was thinking if you wanted to keep it all HTTP.  You could have 
an script on the images server that you submit the file to through a POST.  
Then the script would move it to the appropriate place.  Remember to keep 
security in mind though.

-- 
Ray Hauge
Programmer/Systems Administrator
American Student Loan Services
www.americanstudentloan.com
1.800.575.1099

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: The difference between ereg and preg?

[Adam Zey]

Dave M G wrote:

PHP List,

Recently I wrote a piece of code to scrape data from an HTML page.

Part of that code deleted all the unwanted text from the very top of the 
page, where it says "of a "" tag.


That code looks like this:
ereg_replace("", "", $htmlPage);

It works fine. But I noticed that on almost all the tutorial pages I 
looked at, they just about always used preg_replace, and not ereg_replace.


It seemed that the main difference was that preg_replace required 
forward slashes around the regular expression, like so:

preg_replace("//", "", $htmlPage);

But that didn't work, and returned an error.

Since ereg was working, though, I figured I would just stick with it.

Still, I thought it worth asking:

Is there any reason why either ereg or preg would be more desirable over 
the other?


Why does the ereg work for the command above, but preg not?

Thank you for any advice.

--
Dave M G


Everybody missed one important difference. The PCRE module is compiled 
into PHP by default. The POSIX module is not included by default. 
Therefore it's not safe to use the POSIX regular expression module if 
you intend to deploy your code on another system.


Regards, Adam.

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] php behind firewall

[Andrew Senyshyn]

Hi all,

I need to get local user IP, but server with apache and php is in 
another subnetwork.

So from server environment I can get only router's IP.
The only solution that I see - is getting with some magic algorithm 
local IP from brouser and sending it to server.
My application is for intranet, so I don't see any reason to make users 
authorization.

Any ideas for this?
thanks beforehand

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] php behind firewall

[Jochem Maas]

Andrew Senyshyn wrote:
> Hi all,
> 
> I need to get local user IP, but server with apache and php is in
> another subnetwork.
> So from server environment I can get only router's IP.
> The only solution that I see - is getting with some magic algorithm
> local IP from brouser and sending it to server.
> My application is for intranet, so I don't see any reason to make users
> authorization.
> Any ideas for this?

you can't always get the real users IP because of proxies, anonimizers, 
firewalls/gateways
[on the user end] (and don't bother using an IP as an absolute indicator when 
validating a
session - you can use it as one of a number of metrics - for instance AOL users 
have their
IP addresses changed roughly every 300 milliseconds).

nonetheless here are a couple of funcs that might help you (at least to 
understand
what is possible it terms of trying to determine a users IP):

/* Determine if an ip is in a net.
 * E.G. 120.120.120.120 in 120.120.0.0/16
 */
function isIPInSubnet($ip, $net, $mask)
{
$firstpart  = substr(str_pad(decbin(ip2long($net)), 32, "0", STR_PAD_LEFT) 
,0 , $mask);
$firstip= substr(str_pad(decbin(ip2long($ip)), 32, "0", STR_PAD_LEFT), 
0, $mask);

return (strcmp($firstpart, $firstip) == 0);
}

/* This function check if a ip is in an array of nets (ip and mask) */
function isPrivateIP($theip)
{
foreach (array("10.0.0.0/8",
   "172.16.0.0/12",
   "192.168.0.0/16") as $subnet)
{
list($net, $mask) = explode('/', $subnet);
if(isIPInSubnet($theip,$net,$mask)) {
return true;
}
}

return false;
}

/* Building the ip array with the HTTP_X_FORWARDED_FOR and REMOTE_ADDR HTTP 
vars.
 * With this function we get an array where first are the ip's listed in
 * HTTP_X_FORWARDED_FOR and the last ip is the REMOTE_ADDR
 */
function getRequestIPs()
{
$ipList = array();

foreach (array('HTTP_X_FORWARDED_FOR', 'HTTP_FORWARDED_FOR', 'REMOTE_ADDR') 
as $key) {
if (isset($_SERVER[$key]) && $_SERVER[$key]) {
$ipList = array_merge($ipList, explode(',', $_SERVER[$key]));
break;
}
}

return $ipList;
}

/* try hard to determine whAt the users/clients public IP address is */
function getRequestIP($allowPrivIPs = false)
{
foreach (getRequestIPs() as $ip) {
if($ip && ($allowPrivIPs === true || !isPrivateIP($ip))) {
return $ip;
}
}


return 'unknown';
}



> thanks beforehand
> 

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] The difference between ereg and preg?

[John Nichel]

Dave M G wrote:

PHP List,

Recently I wrote a piece of code to scrape data from an HTML page.

Part of that code deleted all the unwanted text from the very top of the 
page, where it says "of a "" tag.


That code looks like this:
ereg_replace("", "", $htmlPage);

It works fine. But I noticed that on almost all the tutorial pages I 
looked at, they just about always used preg_replace, and not ereg_replace.


It seemed that the main difference was that preg_replace required 
forward slashes around the regular expression, like so:

preg_replace("//", "", $htmlPage);

But that didn't work, and returned an error.


You need to comment out the '!'


Since ereg was working, though, I figured I would just stick with it.

Still, I thought it worth asking:

Is there any reason why either ereg or preg would be more desirable over 
the other?




Perl compatible regexs are faster* and more powerful.  Course, writing a 
good Perl regex is an art form in itself (probably why O'Reilly released 
a book just on regexs), and takes some time (and headaches) to master 
(if one ever does master it).


The difference in the people who use one or the other?  Probably nothing 
more than their background.  Those of us who worked with Perl before php 
are more than likely gravitate towards preg.  Those who didn't, or had 
little Perl regex experience more than likely went to the POSIX (ereg) 
style as it's a bit easier to pick up.


*I'm sure there are some out there who will dispute this.

--
John C. Nichel IV
Programmer/System Admin (ÜberGeek)
Dot Com Holdings of Buffalo
716.856.9675
[EMAIL PROTECTED]

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] The difference between ereg and preg?

[Robert Cummings]

On Fri, 2006-08-04 at 13:03 -0400, John Nichel wrote:
>
> Perl compatible regexs are faster* and more powerful.  Course, writing a 
> good Perl regex is an art form in itself (probably why O'Reilly released 
> a book just on regexs), and takes some time (and headaches) to master 
> (if one ever does master it).
> 
> The difference in the people who use one or the other?  Probably nothing 
> more than their background.  Those of us who worked with Perl before php 
> are more than likely gravitate towards preg.  Those who didn't, or had 
> little Perl regex experience more than likely went to the POSIX (ereg) 
> style as it's a bit easier to pick up.
> 
> *I'm sure there are some out there who will dispute this.

I use POSIX primarily because it was a standard and because PCRE was not
originally enabled by default. Seems funny that the POSIX version is
being deprecated *heh*.

Cheers,
Rob.
-- 
..
| InterJinn Application Framework - http://www.interjinn.com |
::
| An application and templating framework for PHP. Boasting  |
| a powerful, scalable system for accessing system services  |
| such as forms, properties, sessions, and caches. InterJinn |
| also provides an extremely flexible architecture for   |
| creating re-usable components quickly and easily.  |
`'

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] php behind firewall

[tedd]

At 12:55 PM -0400 8/4/06, John Nichel wrote:

Wait, are you telling me that I can't auth my customers based on IP
alone?  Great, now how do I let them view their sensitive data?  ;)


Okay, how do you?

tedd
--
---
http://sperling.com  http://ancientstones.com  http://earthstones.com

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] php behind firewall

[John Nichel]

tedd wrote:

At 12:55 PM -0400 8/4/06, John Nichel wrote:

Wait, are you telling me that I can't auth my customers based on IP
alone?  Great, now how do I let them view their sensitive data?  ;)


Okay, how do you?



Retina scan, and DNA sample.

Seriously though, not by IP in any way, shape or form.  The only 
'sensitive' data I keep for customers to view is their order history. 
Credit card numbers are trashed the moment I get a response back from 
the cc gateway.  To get to that they just need their username and 
password.  If they want the system to 'remember' their login, I use a 
hash of quite a few variables that I place into a cookie on their browser.


The only place I use IP to help identify a user (not really a user, but 
a particular computer) is on our Intranet...and I can only safely (for 
the most part) rely on this because I control the network and the IP 
addresses.


--
John C. Nichel IV
Programmer/System Admin (ÜberGeek)
Dot Com Holdings of Buffalo
716.856.9675
[EMAIL PROTECTED]

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] php behind firewall

[John Nichel]

Jochem Maas wrote:

Andrew Senyshyn wrote:

Hi all,

I need to get local user IP, but server with apache and php is in
another subnetwork.
So from server environment I can get only router's IP.
The only solution that I see - is getting with some magic algorithm
local IP from brouser and sending it to server.
My application is for intranet, so I don't see any reason to make users
authorization.
Any ideas for this?


you can't always get the real users IP because of proxies, anonimizers, 
firewalls/gateways
[on the user end] (and don't bother using an IP as an absolute indicator when 
validating a


Wait, are you telling me that I can't auth my customers based on IP
alone?  Great, now how do I let them view their sensitive data?  ;)


session - you can use it as one of a number of metrics - for instance AOL users 
have their
IP addresses changed roughly every 300 milliseconds).



Gawd, AOL causes us so many headaches with that crap.

--
John C. Nichel IV
Programmer/System Admin (ÜberGeek)
Dot Com Holdings of Buffalo
716.856.9675
[EMAIL PROTECTED]

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] php behind firewall

[tedd]

At 1:26 PM -0400 8/4/06, John Nichel wrote:

tedd wrote:

At 12:55 PM -0400 8/4/06, John Nichel wrote:

Wait, are you telling me that I can't auth my customers based on IP
alone?  Great, now how do I let them view their sensitive data?  ;)


Okay, how do you?


Retina scan, and DNA sample.

Seriously though, not by IP in any way, shape or form.  The only 
'sensitive' data I keep for customers to view is their order 
history. Credit card numbers are trashed the moment I get a response 
back from the cc gateway.  To get to that they just need their 
username and password.  If they want the system to 'remember' their 
login, I use a hash of quite a few variables that I place into a 
cookie on their browser.


The only place I use IP to help identify a user (not really a user, 
but a particular computer) is on our Intranet...and I can only 
safely (for the most part) rely on this because I control the 
network and the IP addresses.


Thanks.

Not that I have done this on the net, but has anyone thought about 
using a fuzzy logic approach to the problem? While it wouldn't be a 
perfect solution, you could set a threshold you're comfortable with.


Also while your DNA comment was meant to be humorous, it's not a bad 
idea to build a "trust-index" via user actions that would be similar 
to a DNA-like reasoning solution.


Just food for thought.

tedd
--
---
http://sperling.com  http://ancientstones.com  http://earthstones.com

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] php behind firewall

[Jim Moseby]

> 
> Thanks.
> 
> Not that I have done this on the net, but has anyone thought about 
> using a fuzzy logic approach to the problem? While it wouldn't be a 
> perfect solution, you could set a threshold you're comfortable with.
> 
> Also while your DNA comment was meant to be humorous, it's not a bad 
> idea to build a "trust-index" via user actions that would be similar 
> to a DNA-like reasoning solution.
> 
> Just food for thought.
> 
> tedd

I recently read an article about IP fingerprinting.  The concept is that
every PC-NIC-CABLE-FIREWALL combination has subtle, but measurable
differences in the way they communicate.  It was very in-depth, but it
worked amazingly well.  If I can find the article, I'll post it.

JM

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] php behind firewall

[Austin Denyer]

Jim Moseby wrote:
> 
> I recently read an article about IP fingerprinting.  The concept is that
> every PC-NIC-CABLE-FIREWALL combination has subtle, but measurable
> differences in the way they communicate.  It was very in-depth, but it
> worked amazingly well.  If I can find the article, I'll post it.

Please do.

I can imagine that the concept goes to the wall with wireless users, but
even so, should be a good read.

Regards,
Austin.


signature.asc
Description: OpenPGP digital signature

RE: [PHP] Saving a dynamic file

[Miguel Guirao]

Using the OB functions I got it done!!
Thanks y'all!!

Miguel

-Original Message-
From: Weber Sites [mailto:[EMAIL PROTECTED] Behalf Of WeberSites
LTD
Sent: Sabado, 29 de Julio de 2006 02:00 p.m.
To: 'MIGUEL ANTONIO GUIRAO AGUILERA'; php-general@lists.php.net
Subject: RE: [PHP] Saving a dynamic file


I'm not sure I understand.
If you just need to save the output (e.g. HTML), you can use OB.
If you can generate the page on the fly from your DB than you already
have the data so what do you need to save?

Sincerely

berber

Visit the Weber Sites Today,
To see where PHP might take you tomorrow.
PHP code examples : http://www.weberdev.com
PHP & MySQL Forums : http://www.weberforums.com
Learn PHP & MySQL Playing Trivia : http://www.webertrivia.com
PHP content for your site : http://content.weber-sites.com
SEO Data Monitor http://seo.weberdev.com


-Original Message-
From: MIGUEL ANTONIO GUIRAO AGUILERA [mailto:[EMAIL PROTECTED]
Sent: Saturday, July 29, 2006 4:01 AM
To: php-general@lists.php.net
Subject: [PHP] Saving a dynamic file



Hi!!

I'm in the need of saving to a file a dynamic page that I generated from a
PHP script, taking data from a table!!

So far I have figured out two options:

1) Save the page as a XML document so it can be editable in a word processor
later. Do I have to write line by line until I'm done with the document?

2) Use a class to convert & save the dynamic page into a Word document.

Is there any other options available??
Regards

MIGUEL GUIRAO AGUILERA
Logistica R8 - Telcel
Tel: (999) 960.7994


Este mensaje es exclusivamente para el uso de la persona o entidad a quien
esta dirigido; contiene informacion estrictamente confidencial y legalmente
protegida, cuya divulgacion es sancionada por la ley. Si el lector de este
mensaje no es a quien esta dirigido, ni se trata del empleado o agente
responsable de esta informacion, se le notifica por medio del presente, que
su reproduccion y distribucion, esta estrictamente prohibida. Si Usted
recibio este comunicado por error, favor de notificarlo inmediatamente al
remitente y destruir el mensaje. Todas las opiniones contenidas en este mail
son propias del autor del mensaje y no necesariamente coinciden con las de
Radiomovil Dipsa, S.A. de C.V. o alguna de sus empresas controladas,
controladoras, afiliadas y subsidiarias. Este mensaje intencionalmente no
contiene acentos.

This message is for the sole use of the person or entity to whom it is being
sent.  Therefore, it contains strictly confidential and legally protected
material whose disclosure is subject to penalty by law.  If the person
reading this message is not the one to whom it is being sent and/or is not
an employee or the responsible agent for this information, this person is
herein notified that any unauthorized dissemination, distribution or copying
of the materials included in this facsimile is strictly prohibited.  If you
received this document by mistake please notify  immediately to the
subscriber and destroy the message. Any opinions contained in this e-mail
are those of the author of the message and do not necessarily coincide with
those of Radiomovil Dipsa, S.A. de C.V. or any of its control, controlled,
affiliates and subsidiaries companies. No part of this message or
attachments may be used or reproduced in any manner whatsoever.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] php behind firewall

[Jim Moseby]

> 
> Jim Moseby wrote:
> > 
> > I recently read an article about IP fingerprinting.  The 
> concept is that
> > every PC-NIC-CABLE-FIREWALL combination has subtle, but measurable
> > differences in the way they communicate.  It was very 
> in-depth, but it
> > worked amazingly well.  If I can find the article, I'll post it.
> 
> Please do.
> 
> I can imagine that the concept goes to the wall with wireless 
> users, but
> even so, should be a good read.
> 

Found it:

http://www.caida.org/publications/papers/2005/fingerprinting/

JM

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] php behind firewall

[Jochem Maas]

Jim Moseby wrote:
>> Jim Moseby wrote:
>>> I recently read an article about IP fingerprinting.  The 
>> concept is that
>>> every PC-NIC-CABLE-FIREWALL combination has subtle, but measurable
>>> differences in the way they communicate.  It was very 
>> in-depth, but it
>>> worked amazingly well.  If I can find the article, I'll post it.
>> Please do.

I had read about this before, will read it again.
but I suspect that my current server will probably have a
hard time calculating the finger print for each connection. :-)

>>
>> I can imagine that the concept goes to the wall with wireless 
>> users, but
>> even so, should be a good read.
>>
> 
> Found it:
> 
> http://www.caida.org/publications/papers/2005/fingerprinting/
> 
> JM
> 

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] php behind firewall

[John Nichel]

Jochem Maas wrote:

Jim Moseby wrote:

Jim Moseby wrote:
I recently read an article about IP fingerprinting.  The 

concept is that

every PC-NIC-CABLE-FIREWALL combination has subtle, but measurable
differences in the way they communicate.  It was very 

in-depth, but it

worked amazingly well.  If I can find the article, I'll post it.

Please do.


I had read about this before, will read it again.
but I suspect that my current server will probably have a
hard time calculating the finger print for each connection. :-)



Well, if you would stop using the Vic20, and upgrade!

--
John C. Nichel IV
Programmer/System Admin (ÜberGeek)
Dot Com Holdings of Buffalo
716.856.9675
[EMAIL PROTECTED]

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] php behind firewall

[Jochem Maas]

John Nichel wrote:
> Jochem Maas wrote:
>> Jim Moseby wrote:
 Jim Moseby wrote:
> I recently read an article about IP fingerprinting.  The 
 concept is that
> every PC-NIC-CABLE-FIREWALL combination has subtle, but measurable
> differences in the way they communicate.  It was very 
 in-depth, but it
> worked amazingly well.  If I can find the article, I'll post it.
 Please do.
>>
>> I had read about this before, will read it again.
>> but I suspect that my current server will probably have a
>> hard time calculating the finger print for each connection. :-)
>>
> 
> Well, if you would stop using the Vic20, and upgrade!

how dare you call my altair a vic20. new-fangled rubbish. ;-)
you want real authentication? get some carrier pidgeons like us real
programmers.

> 

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] php behind firewall

[Austin Denyer]

Jochem Maas wrote:
> John Nichel wrote:
>>
>>Well, if you would stop using the Vic20, and upgrade!
> 
> how dare you call my altair a vic20. new-fangled rubbish. ;-)
> you want real authentication? get some carrier pidgeons like us real
> programmers.

So, how many different tunes did you get your Altair to play over the
radio? #;-D

My first machine wasn't quite an Altair, but it did make the Vic look
space-age - I started with a ZX81.

The carrier pigeon trick only works for IP though.  And packet traces
can be a tad messy...

Regards,
Austin.


signature.asc
Description: OpenPGP digital signature

Re: [PHP] php behind firewall

[Adam Zey]

tedd wrote:

At 1:26 PM -0400 8/4/06, John Nichel wrote:

tedd wrote:

At 12:55 PM -0400 8/4/06, John Nichel wrote:

Wait, are you telling me that I can't auth my customers based on IP
alone?  Great, now how do I let them view their sensitive data?  ;)


Okay, how do you?


Retina scan, and DNA sample.

Seriously though, not by IP in any way, shape or form.  The only 
'sensitive' data I keep for customers to view is their order history. 
Credit card numbers are trashed the moment I get a response back from 
the cc gateway.  To get to that they just need their username and 
password.  If they want the system to 'remember' their login, I use a 
hash of quite a few variables that I place into a cookie on their 
browser.


The only place I use IP to help identify a user (not really a user, 
but a particular computer) is on our Intranet...and I can only safely 
(for the most part) rely on this because I control the network and the 
IP addresses.


Thanks.

Not that I have done this on the net, but has anyone thought about using 
a fuzzy logic approach to the problem? While it wouldn't be a perfect 
solution, you could set a threshold you're comfortable with.


Also while your DNA comment was meant to be humorous, it's not a bad 
idea to build a "trust-index" via user actions that would be similar to 
a DNA-like reasoning solution.


Just food for thought.

tedd


Either account-based authentication, or a unique ID stored in a cookie, 
that's how I've done it.


Regards, Adam Zey.

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] php behind firewall

[Jochem Maas]

Austin Denyer wrote:
> Jochem Maas wrote:
>> John Nichel wrote:
>>> Well, if you would stop using the Vic20, and upgrade!
>> how dare you call my altair a vic20. new-fangled rubbish. ;-)
>> you want real authentication? get some carrier pidgeons like us real
>> programmers.
> 
> So, how many different tunes did you get your Altair to play over the
> radio? #;-D
> 
> My first machine wasn't quite an Altair, but it did make the Vic look
> space-age - I started with a ZX81.

I was only joking about the altair - the closest I have got to one of those
is a documentary on the Discovery channel :-P

I do remember having a Spectrum48, although it was only ever used to play
'Horace goes Skiing'

> 
> The carrier pigeon trick only works for IP though.  And packet traces
> can be a tad messy...

seperates the men from the boys ;-)

> 
> Regards,
> Austin.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] php behind firewall

[Austin Denyer]

Jim Moseby wrote:
> 
> Found it:
> 
> http://www.caida.org/publications/papers/2005/fingerprinting/

Thanks!  Interesting stuff...

Regards,
Austin.


signature.asc
Description: OpenPGP digital signature

RE: [PHP] php behind firewall

[Jim Moseby]

> 
> Jim Moseby wrote:
> > 
> > Found it:
> > 
> > http://www.caida.org/publications/papers/2005/fingerprinting/
> 
> Thanks!  Interesting stuff...
> 
> Regards,
> Austin.


No problem.  My recollection of the technique was a bit off, but the concept
was still there.  ;-)

JM 

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] php behind firewall

[Richard Lynch]

On Fri, August 4, 2006 10:25 am, Andrew Senyshyn wrote:
> I need to get local user IP, but server with apache and php is in
> another subnetwork.
> So from server environment I can get only router's IP.
> The only solution that I see - is getting with some magic algorithm
> local IP from brouser and sending it to server.
> My application is for intranet, so I don't see any reason to make
> users
> authorization.
> Any ideas for this?

Don't.

If it's a transparent proxy, you can get their IP.

If it's NOT a transparent proxy, you can't get their IP, by design,
and nothing you can do will change that, at least in PHP.  That's the
whole point of a transparent proxy.

Suppose you wrote some JS to send you the 'local' IP -- Even if that
works, which I suspect not, it would be pointless, since you'd end up
with a few hundred people with IP addresses such as 192.168.1.100,
which is a meaningful IP address only in their subnet, not in the
larger network in general.

Now, to your specific case:
If you can get the browser to send you the IP, then a Bad Guy can
write their browser to send you whatever IP they want, thus defeating
your so-called authentication.

-- 
Like Music?
http://l-i-e.com/artists.htm

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: PHP Frameworks - Opinion

[Manuel Lemos]

Hello,

on 08/03/2006 02:49 PM Robert Cummings said the following:
 The point of the post is that there is no framework in particular to
 recommend. I use my own packages for my needs. They suit me well. It
 does not mean they will suit everybody.
>>> How would you know that there is no framework to recommend if you neve
>>> ruse anyone's code but your own. How could you have possibly given any
>>> framework sufficient attention to have any idea of its pros and cons?
>> I know many frameworks that exist, I have seen their code and their
>> documentation, which is more than enough to reach the conclusion that
>> using the frameworks that exist is not better that using my own
>> solutions for my own purposes.
> 
> Aaaah, so you are trully a genius to be able to at a glance of
> documentation and source code fully deduce the usefulness of something.
> I bow before you.

Be seriuos. Nobody needs to actually use any framework to see that it is
not suitable for your needs, when you can just browse the source code
and documentation. It would be insane to try all PHP frameworks that
exist to reach that conclusion.


>>> You can't have your cake and eat it too. You're either pro-choice with a
>>> myriad of choices to choose from, or you're anti-choice and want only
>>> one framework style. Get of the fence!
>> Having standard API specifications does not prevent anybody to choose
>> using solutions based on APIs that do not conform to any standard
>> specifications.
>>
>> Furthermore I do not think that seem to understand the difference
>> between an API specification and API implementation. J2EE is an API
>> specification with many implementations from different vendors: Sun,
>> IBM, Oracle, BEA, JBoss (this last one is Open Source). You can choose
>> the implementation you want.
>>
>> There is plenty of choice to anybody. If you want to use a J2EE
>> implementation to build your applications, otherwise you are free to use
>> something else.
> 
> 
> It's seems people have chosen... and they've chosen not to bother with
> some kind of standard API. That's not to say one won't emerge, but it
> doesn't seem like it's important at this time.

Sure, but you are missing the point about the way Java specifications
are built. They gather around interested players in the field of each
kind of framework, so it is more consensual that just an unilateral
proposal.

If version 1.0 of an API is not good enough, they gather again,
eventually joining more interested players and build a better
specification. For instance, JDBC API specification had at least 3 major
versions.

There is no need to create a new completely backwards incompatible API
specification. Everybody would loose with that.

Building a completely new API specification would make sense if it was
for very different purposes.


>> Let me give a concrete example, I have developed some plug-ins for this
>> forms class that provide auto-complete support to text inputs and linked
>> select inputs. They use AJAX to retrieve auto-complete text options and
>> switch the linked select options from a database on the server.
>>
>> http://www.phpclasses.org/formsgeneration
>>
>> It is not viable for me to support all database API that exist for PHP.
>> Actually it is already a big deal that that I could find time to support
>> MySQL (directly) or a bunch of other databases using Metabase or
>> PEAR::MDB2 API.
>>
>> The developers that use other database API cannot benefit from these
>> auto-complete and linked select plug-ins, unless they develop variants
>> of the plugins that support the database API that they prefer, but then
>> they would be on their own as I would not be able to provide support to
>> them.
> 
> There's this thing called an adapter pattern. Great for retrofitting
> other people's code without actually modifying it.

That is what Metabase and PEAR::MDB2 do, database adapting, same API
and same behavior for all supported databases.

Furthermore, the plug-in sub-classes that support different databases,
only override a few base class methods . It would not be hard to adapt
them for more API.

I just do not have the time nor the interest to build variants for the
bazillions of other database abstraction layers.

Some do not even support the necessary abstraction features. For
instance, AFAIK other database abstraction layers besides Metabase and
PEAR::MDB2 do not support pattern escaping.

This is necessary to escape wildcards characters that should be taken
literally in patterns. It is needed to implement the auto-complete
feature using SQL conditions of type field LIKE 'typed-text%'. If
typed-text contains % or _, it must be escaped. Some databases like MS
SQL need to escape other characters too.



>> Everybody looses opportunities with this. If there was a standard API
>> database specification for PHP like PDBC similar to JDBC, there would be
>> no such problem.
> 
> There are two ways for standards to come about. They can be hand picked
> or 

Re: [PHP] Newbie Form Question

[Richard Lynch]

On Fri, August 4, 2006 7:14 am, David Ellsworth wrote:
> I was wondering how simple it would be to set up a script to provide a
> subscribe/unsubscribe form for a list serve. The form would send an
> email to
> the subscribe address or unsubscribe address as selected.

It's pretty simple:




Subscribe

Unsubscribe



-- 
Like Music?
http://l-i-e.com/artists.htm

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Problem with wrapper script for Tidy

[Richard Lynch]

Did you try to use "-" as the file and pipe the output?...

That might work...

As far as the Tidy not validating the included PHP, I'm not sure what
you mean, but I don't see this making the PHP code any less secure
than it was before you wrapped Tidy around it...

On Fri, August 4, 2006 6:21 am, Frank Arensmeier wrote:
> Hello.
>
> Since my ISP does not provide the tidy module for Apache, I tested
> writing a wrapper script for a locally installed tidy binary. In
> general, the script is triggered by a modification to the .htaccess
> file like so:
>
> AddHandler server-parsed .php
> Action server-parsed /tidy_wrapper.php5
>
> All php pages are by that means "treated" by the script
> tidy_wrapper.php5.
>
> Here is the code for tidy_wrapper.php5:
>
> 
> chdir ( dirname ( $_SERVER['PATH_TRANSLATED'] ) );
> ob_start();
> include ( $_SERVER['PATH_TRANSLATED'] );
> $output = ob_get_contents();
> ob_end_clean();
>
> // Including a line with the commend "" will turn
> off tidy conversion
>
> if ( !stristr ( $output, "" ) ) {
>   $localfile = tempnam ( '../tmp', "tmp" );
>   $handle = fopen($localfile, "w");
>   fwrite($handle, $output);
>   fclose($handle);
>
>   $command = '/Library/WebServer/CGI-Executables/tidy -iq --show-
> errors 0 --show-warnings 0 -wrap 100 ' . $localfile . ' 2>&1';
>
>   exec ( $command, $output_exec );
>   echo implode ( "\n", $output_exec );
>   unlink ( $localfile );
> } else {
>   echo $output;
> }
> exit;
> ?>
>
> Although the script is actually working fine, there is at least one
> downside: speed. As you can see, the output buffer must be written to
> a file in order to be processed by tidy. I was not able to get tidy
> to accept a string for processing. Doing so, tidy throws en error. I
> have looked through tidy documentation without finding any clues. I
> would appreciate any hints. Any ideas for a walk-around for that file
> saving-thing would be welcome!
>
> Otherwise, I strongly feel that this script might become/be a
> security hole. Because it does not validate the included PHP code, it
> could be misused for doing bad stuff, or am I wrong? Once more, any
> suggestions are welcome.
>
> regards,
> /frank
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>


-- 
Like Music?
http://l-i-e.com/artists.htm

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Postcode proximity classes

[Richard Lynch]

On Thu, August 3, 2006 4:27 pm, tedd wrote:
> At 2:23 PM -0500 8/3/06, Richard Lynch wrote:
>>Note that the number of zip codes is around 60K in the TIGER data,
>> and
>>there have been a whole mess of zip codes added since then.
>
>
> Can you get the postal code by themselves? The last time I looked at
> TIGER data it was in quadrants of around the size of approximately a
> township (6 x 6 miles).

I just loaded in the Zips table and ignored the other ones I didn't
need...

You have to download the whole thing, but don't have to suck it all
into your DB.

I forget what all I went through to import it, many years ago...

After that, any application I write that needs the zip code stuff just
uses the other DB to get it, or if it's on another server, does the
occasional lookup through an HTTP request -- Since I cache the
long/lat on the local table anyway, it only does a lookup when
somebody's zip code changes, so that's pretty infrequent for my usage.

-- 
Like Music?
http://l-i-e.com/artists.htm

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: PHP Frameworks - Opinion

[Robert Cummings]

On Fri, 2006-08-04 at 17:15 -0300, Manuel Lemos wrote:
> Hello,
> 
> on 08/03/2006 02:49 PM Robert Cummings said the following:
>  The point of the post is that there is no framework in particular to
>  recommend. I use my own packages for my needs. They suit me well. It
>  does not mean they will suit everybody.
> >>> How would you know that there is no framework to recommend if you neve
> >>> ruse anyone's code but your own. How could you have possibly given any
> >>> framework sufficient attention to have any idea of its pros and cons?
> >> I know many frameworks that exist, I have seen their code and their
> >> documentation, which is more than enough to reach the conclusion that
> >> using the frameworks that exist is not better that using my own
> >> solutions for my own purposes.
> > 
> > Aaaah, so you are trully a genius to be able to at a glance of
> > documentation and source code fully deduce the usefulness of something.
> > I bow before you.
> 
> Be seriuos. Nobody needs to actually use any framework to see that it is
> not suitable for your needs, when you can just browse the source code
> and documentation. It would be insane to try all PHP frameworks that
> exist to reach that conclusion.

And there's the rub... your article was not about what YOU needed it was
what YOU considered to be the best framework for everyone based on
briefly browsing the code. Your article, if it had any real merit, would
have reported on the actual trial of a substantial number of frameworks
so that you could provide a valuable analysis instead of superficial
opinion. Remember a recommendation, is not about YOU, it's about those
reading the article. I can agree with your previous statement until you
start recommending it in general.

> >>> You can't have your cake and eat it too. You're either pro-choice with a
> >>> myriad of choices to choose from, or you're anti-choice and want only
> >>> one framework style. Get of the fence!
> >> Having standard API specifications does not prevent anybody to choose
> >> using solutions based on APIs that do not conform to any standard
> >> specifications.
> >>
> >> Furthermore I do not think that seem to understand the difference
> >> between an API specification and API implementation. J2EE is an API
> >> specification with many implementations from different vendors: Sun,
> >> IBM, Oracle, BEA, JBoss (this last one is Open Source). You can choose
> >> the implementation you want.
> >>
> >> There is plenty of choice to anybody. If you want to use a J2EE
> >> implementation to build your applications, otherwise you are free to use
> >> something else.
> > 
> > 
> > It's seems people have chosen... and they've chosen not to bother with
> > some kind of standard API. That's not to say one won't emerge, but it
> > doesn't seem like it's important at this time.
> 
> Sure, but you are missing the point about the way Java specifications
> are built. They gather around interested players in the field of each
> kind of framework, so it is more consensual that just an unilateral
> proposal.
> 
> If version 1.0 of an API is not good enough, they gather again,
> eventually joining more interested players and build a better
> specification. For instance, JDBC API specification had at least 3 major
> versions.
> 
> There is no need to create a new completely backwards incompatible API
> specification. Everybody would loose with that.
> 
> Building a completely new API specification would make sense if it was
> for very different purposes.

I wasn't missing the point. I am quite aware of how the process works
behind closed doors with a select few high profile companies and
committees. I'm also quite aware of the pros of standardization, but I
don't necessarily feel that hand picking the standard is necessarily
better than an emergent standard. Either way, as I keep saying, if there
was a strong enough desire for such standardization then I'm sure people
would be forming such groups. maybe with the launch of Zend Framework
there will be a rallying point, but then again, maybe it will just be
yet another framework.

> >> Let me give a concrete example, I have developed some plug-ins for this
> >> forms class that provide auto-complete support to text inputs and linked
> >> select inputs. They use AJAX to retrieve auto-complete text options and
> >> switch the linked select options from a database on the server.
> >>
> >> http://www.phpclasses.org/formsgeneration
> >>
> >> It is not viable for me to support all database API that exist for PHP.
> >> Actually it is already a big deal that that I could find time to support
> >> MySQL (directly) or a bunch of other databases using Metabase or
> >> PEAR::MDB2 API.
> >>
> >> The developers that use other database API cannot benefit from these
> >> auto-complete and linked select plug-ins, unless they develop variants
> >> of the plugins that support the database API that they prefer, but then
> >> they would be on their own as I would n

RE: [PHP] php behind firewall

[Richard Lynch]

On Fri, August 4, 2006 1:08 pm, Jim Moseby wrote:
>>
>> Jim Moseby wrote:
>> >
>> > I recently read an article about IP fingerprinting.  The
>> concept is that
>> > every PC-NIC-CABLE-FIREWALL combination has subtle, but measurable
>> > differences in the way they communicate.  It was very
>> in-depth, but it
>> > worked amazingly well.  If I can find the article, I'll post it.
>>
>> Please do.
>>
>> I can imagine that the concept goes to the wall with wireless
>> users, but
>> even so, should be a good read.
>>
>
> Found it:
>
> http://www.caida.org/publications/papers/2005/fingerprinting/

Just to be pedantic...

It's using the clock skew of the user's computer, and I don't think
that has anything to do with PC-NIC-CABLE-FIREWALL combination
communication.

Rather, it is the error margin of the internal clock chip within the
device, as I understand it...

Or not, as I don't claim to understand that article 100%...

-- 
Like Music?
http://l-i-e.com/artists.htm

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: Regular Expresson for checking password strength

[Al]

Adam Zey wrote:

Al wrote:

James Nunnerley wrote:
I want to have a regular expression that check the following criteria 
are

met by $password:

- contains at least 6 characters (any)
- has at least 1 letter
- has at least 1 number
- other 6 characters can be anything...

I'm happy to work out the structure of a postcode etc, but to be 
honest I'm

still fairly new to working with regular expressions.

What the best/easiest way to check whether a variable contains a 
range?  It

might be RegExp don't do this?

Cheers
Nunners


It can be done; but, it's simpler to simply to make an if() with
(strlen($password) > 5) && (strlen($password) < max) && 
pre_match("%[a-z]+%i"%, $password) && preg_match("%\d+%", $password)


Some mistakes there:

1) You want to assign strlen to a variable before the if, since you're 
calling it twice in the if. I'm not certain how fast strlen is, but it's 
usually a bad idea to repeat useless function calls like that.


2) Isn't your second function call supposed to be preg_match, and not 
pre_match?


Regards, Adam Zey.


You are correct on both counts.  Getting the strlen() first will save about 
.01usec.

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

php-general@lists.php.net

[Richard Lynch]

On Wed, July 26, 2006 8:40 am, Jochem Maas wrote:
>> How did you know that he had an extra space in $u?

Actually...

Since he's getting them from a file, and since fread() and friends
INCLUDE the newline at the end, I would now suggest that the "extra"
character is a single newline, and not a space.

The correct solution there is to remove the newline, and only the
newline, in case somebody wants to use a space at the end of their
password.

Even if space is not allowed, using trim() here is not the Right Place
to enforce that validation of a password.

I'm probably being to pedantic and picuyane again, aren't I? :-)

-- 
Like Music?
http://l-i-e.com/artists.htm

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: PHP Frameworks - Opinion

[Manuel Lemos]

Hello,

on 08/03/2006 02:53 PM Robert Cummings said the following:
>>> The main thing in Manual's post that got me writing this in the first
>>> place was :
>>>
>>> "Imagine if there would be only one PDBC (JDBC for PHP). Instead of that
>>> we have a never ending choice of PHP database abstraction layers that
>>> does not help newcoming developers that are lost and don't know what to
>>> use."
>> I admit I have not expressed myself clearly. What I meant is not that
>> people should be disallowed to implement alternative APIs, but rather
>> that they should not feel the need to do it.
> 
> I think you may be missing the point. Many people probably don't feel
> the "need" to create an alternative API, they may just feel the desire
> to do so. It's a great way to practice your skills, and in the end, you
> have a nice API that meets your needs.

I do not think many people want to reinvent the wheel. Only those that
feel forced to do it, because the alternatives are insufficient, will do
it, only if they feel capable of doing it.

If there were consensual API specifications like in Java world, very few
people would feel forced to reinvent the wheel.


>> In the Java world, JDBC is the de facto standard because Java developers
>> do not feel the need to develop other database APIs. That happens
>> because JDBC is a standard API defined by several players from the SQL
>> database world that sit together and defined a consensual API specification.
>>
>> In the PHP world there is no such organization nor the vision of the
>> benefits of cooperating to define such standards. I already gave an
>> example of the benefits of having such standard API specifications in
>> the other comment to Rob.
> 
> Almost all APIs can be wrapped when necessary. Hell, the PHP engine is
> in many cases just a wrapper around a C API.

The things you say just to avoid agreeing! ;-)

Most of those C APIs are also not based in any consensual standard API
specifications. Because of that, there will always be people that
rewrite other API for the same purpose either in C or even in pure PHP.
The lack of consense is the problem.

-- 

Regards,
Manuel Lemos

Metastorage - Data object relational mapping layer generator
http://www.metastorage.net/

PHP Classes - Free ready to use OOP components written in PHP
http://www.phpclasses.org/

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Big files management

[Richard Lynch]

On Wed, July 26, 2006 5:16 am, Yannick Warnier wrote:
> I'm trying to deal with big files (over 4GB) with PHP4.3.9 ans PHP4.4
> but obviously it's not really possible.

You can't use something like file_get_contents() or file() because it
would pull the whole 4GB into RAM, but
http://php.net/fopen
http://php.net/fread
should work just fine...

> Is there a library somewhere that allows elementary operations on
> these
> kinds of files by, for example, using the operating systems commands
> (Linux in this case)?

You could use:
http://php.net/exec
to run the Linux commands.

-- 
Like Music?
http://l-i-e.com/artists.htm

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: PHP Frameworks - Opinion

[Manuel Lemos]

Hello,

on 08/03/2006 02:52 PM Kilbride, James P. said the following:
>> I admit I have not expressed myself clearly. What I meant is 
>> not that people should be disallowed to implement alternative 
>> APIs, but rather that they should not feel the need to do it.
>>
>> In the Java world, JDBC is the de facto standard because Java 
>> developers do not feel the need to develop other database 
>> APIs. That happens because JDBC is a standard API defined by 
>> several players from the SQL database world that sit together 
>> and defined a consensual API specification.
> 
> This is partially true because Java is owned and managed by SUN, and SUN
> is all about developing API's, both to ensure that it's own later work
> will work, and because it meant a better way for people to interface.

I do not agree with that. Many Java API are defined by many parties
besides Sun.

For instance, the JDBC specification was defined by an experts group
from several companies listed here:

http://www.jcp.org/en/jsr/detail?id=54



> By the same token Pear_DB, and the follow ons were much like the early
> versino of JDBC. As is PDO in a lot of ways. The majority of the
> database specifics have been abstracted out and a general interface has
> emerged. Unlike in Java though, the PDO and Pear_(M)DB(2) families
> haven't settled yet(nor did JDBC overnight) but they are being developed
> by the community. And many people DO recognize the advantage of

The matter here is not PHP versus Java. The matter is using APIs defined
 in consense with several interested parties of the community.

The PHP community is very uncooperative. Let me give you an example.

It happens that I am the Metabase developer. Metabase is the base of
PEAR::MDB. PEAR::MDB2 is the follow-up of PEAR::MDB.

Before PEAR::MDB existed, I invited ADODB author to cooperate and
develop a common PHP database instead of keep copying Metabase features
to provide the same functionality with an incompatible API. He refused
to cooperate without giving a proper reason.

When I tried to submit Metabase to PEAR, it was refused with all
possible lame excuses that PEAR people could find then. They demanded a
complete rewrite to match their style guidelines. That was completely
inviable to me as Metabase had already over 12,000 lines of code.

Instead I proposed that somebody does it. Fortunately Lukas Smith was
brave enough to accept the proposal. It took a lot of time to convert
all the code and many bugs appeared when none existed due to normal
human misunderstanding mistakes.

Meanwhile Metabase continued to evolve and PEAR::MDB too, but
independently, hardly benefiting of mutual efforts. Several tools have
been developed around each API. Tools for one API do not work with
another API without a signficant conversion effort.

It would have been much better if all parties have sit together and
cooperate in defining a consensual API. I am not even talking about
having a single API implemention. Different implementations could exist
based on the same API specification. It would all have been much better
for all the PHP community.


> But you could argue, how is PDO not a standard interface like JDBC? How
> was it not designed by the community and put out there for people to
> implement their own methods for it?

Forget PDO, it is yet another attempt to succeed where PHP ODBC and DBX
extensions have failed. PDO is not based on consensual API
specification. Therefore, it is ill fated to be used only by a fraction
of the PHP users. The same goes to Zend Framework and other unilateral
developements. That was the point of the blog post.

While different API developers do not open their minds and cooperate
with each other, nobody will benefit from consensual API specifications
in the PHP world.


-- 

Regards,
Manuel Lemos

Metastorage - Data object relational mapping layer generator
http://www.metastorage.net/

PHP Classes - Free ready to use OOP components written in PHP
http://www.phpclasses.org/

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] pop up "save dialog" box

[Richard Lynch]

On Wed, July 26, 2006 7:00 am, Jay Blanchard wrote:
> [snip]
>   I have code below which save MYSQL to csv file. I am using ADODB
> library to do this.
>
>   The saving MYSQL to csv file is ok .
>   However i need to allow the the user to enter file name for csv
> file.
>
>   Anybody have any ideas how to do this? Thanks
> [/snip]
>
> If you want a true pop-up you will have to use a JavaScript
> http://www.codefoot.com/javascript/script_invoke_saveas.html

I think you will find this useful:
http://richardlynch.blogspot.com/

-- 
Like Music?
http://l-i-e.com/artists.htm

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: PHP Frameworks - Opinion

[Robert Cummings]

On Fri, 2006-08-04 at 17:23 -0300, Manuel Lemos wrote:
> Hello,
> 
> on 08/03/2006 02:53 PM Robert Cummings said the following:
> >>> The main thing in Manual's post that got me writing this in the first
> >>> place was :
> >>>
> >>> "Imagine if there would be only one PDBC (JDBC for PHP). Instead of that
> >>> we have a never ending choice of PHP database abstraction layers that
> >>> does not help newcoming developers that are lost and don't know what to
> >>> use."
> >> I admit I have not expressed myself clearly. What I meant is not that
> >> people should be disallowed to implement alternative APIs, but rather
> >> that they should not feel the need to do it.
> > 
> > I think you may be missing the point. Many people probably don't feel
> > the "need" to create an alternative API, they may just feel the desire
> > to do so. It's a great way to practice your skills, and in the end, you
> > have a nice API that meets your needs.
> 
> I do not think many people want to reinvent the wheel. Only those that
> feel forced to do it, because the alternatives are insufficient, will do
> it, only if they feel capable of doing it.
> 
> If there were consensual API specifications like in Java world, very few
> people would feel forced to reinvent the wheel.

I beg to differ. I think a good number of people really enjoy
re-inventing the wheel :)

Cheers,
Rob.
-- 
..
| InterJinn Application Framework - http://www.interjinn.com |
::
| An application and templating framework for PHP. Boasting  |
| a powerful, scalable system for accessing system services  |
| such as forms, properties, sessions, and caches. InterJinn |
| also provides an extremely flexible architecture for   |
| creating re-usable components quickly and easily.  |
`'

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] mail headers

[Richard Lynch]

On Tue, July 25, 2006 11:47 pm, Chris wrote:
> There's a default for reply-to in the php.ini? What's the variable
> called - I can't see one. I can see these:

> ; For Win32 only.
> sendmail_from = [EMAIL PROTECTED]
>
> ; For Unix only.  You may supply arguments as well (default: 'sendmail
> -t -i').
> ;sendmail_path =
>
> but they have nothing to do with the reply-to address.

I think you would want something like:

sendmail_path = /usr/bin/sendmail -froot -t -i

The -froot sets the 'from' as documented in man sendmail.

But that's only supposed to be for trusted users, and it's unlikely
that you configured sendmail for the PHP/Apache user to be trusted...

But this is the Right Path to follow for this issue, I think.

Have fun reading sendmail docs. :-)

-- 
Like Music?
http://l-i-e.com/artists.htm

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Lots of queries!

[Richard Lynch]

Put this at the top of the script:


Also, it's possible that the browser is timing out if the script is
too slow.

Another issue is that if you are closing/reopening the 2 database
connections between steps 2 and 3, then it's probably not very
efficient.  Keeping them both open is much more efficient.

On Tue, July 25, 2006 2:39 pm, Philip Thompson wrote:
> Hi all.
>
> I have a list of people in a database who live in particular rooms.
> Next semester, they may live somewhere else, so I need to update my
> database. (I know the data becomes stale, but not that often.) Here's
> what I'm doing to update:
>
> 1. Pull list of IDs from database A - store in array
> 2. Foreach ID in array, search database B to see if they have a new
> room
>2a. If no, go back to step 2 and go to next ID
> 3. Compare new room to current room
>3a. If different, update the record to new room
>
> That's basically it. Now, I know this works (sorta) because the
> records are updating with the appropriate information. Here's the
> problem I'm running into: it only does a certain amount and then
> quits!! WHY!!?!
>
> The total number of records I have is 1335 - pulled from step 1.
> However, when I go through the list and query for new rooms, it
> stops... randomly... not even at the same record each time. Sometime
> it's 230, sometimes it's 476 - truly random from what I can tell. I
> am sorting the query (ORDER BY) each time, so I know it's the same
> order.
>
> Any thoughts on why this is happening? Possibly a buffer issue?
>
> Thanks in advance.
> ~Philip
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>


-- 
Like Music?
http://l-i-e.com/artists.htm

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Error Reporting for file commands

[Richard Lynch]

On Tue, July 25, 2006 10:32 am, James Nunnerley wrote:
> We've created a file manager which allows users to access their web
> space on
> a server.  It's working brilliantly, except that it would seem there
> are
> some caching issues, either by the system cache or the web server
> cache that
> are causing us a headache.
>
> When the script tries to delete a file, we always check (using
> file_exists)
> to see whether the file exists before it's deleted.

But if some other process is deleting that file, you have a race
condition.

It's pointless to check before you delete, really -- You simply have
to use the result from unlink() to know if it worked or not.

> The check comes back true, but the unlink then fails, saying no file
> or
> directory there!
>
> We've tried turning off all errors (using error_reoprting(0) ) but
> this
> would seem to have little difference in the error - it still comes
> back with
> a failure.

Any time the solution is error_reporting(0) then you are doing
something fundamentally wrong.

> We are using our own error handling, but before the command is carried
> out,
> there is this 0 call...

If you use set_error_handler(), it is called regardless of
error_reporting() settings.
http://php.net/set_error_handler

> Does anyone know how we can stop these errors?

I would suggest that you make sure that you are using the FULL PATH to
unlink() -- Relying on any kind of relative path is just going to get
you into trouble.

-- 
Like Music?
http://l-i-e.com/artists.htm

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] PHP Developer Needed in San Jose, CA w/ Occasional Travel to Palo Alto

[Richard Lynch]

On Mon, July 24, 2006 11:58 pm, Paul Scott wrote:
>
> On Mon, 2006-07-24 at 14:17 -0500, Franco Pawlisz wrote:
>
>> My Client is specifically looking for a developer with strong front
>> end PHP experience knowledge of Java and or Ruby is a major plus.
>>
>
> What the heck is "front end PHP", or am I misinterpreting the bad
> punctuation (or lack thereof)?

Recruiters tend to scribble notes and then munge them and then you get
the most interesting job requirements... :-)

I'm pretty sure it's not this:
http://pecl.php.net/package/PHPScript
which is what "front end PHP" would actually mean to any developer.
:-)

-- 
Like Music?
http://l-i-e.com/artists.htm

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Please help me with in_array

[Chris G]

Hi all

I have been stuck on this problem for 4 hours. Please anyone that can help
here I would appreciate it.

If I print_r($_GET) I have

Array ([question] => Array ( [10] => 1 [11] => 2 [12] => 1 [13] => 1)'


So now I try

foreach($_GET['question'] as $key) {
 if(!in_array($key, $_SESSION['question'])) {
  print "not matched lets update".
"$_GET[question][$key]"; // HERE I WANT IT TO SHOW $key
is 10 and its value should be 1 (as printed in the Array above)
 }
else {
 print "matched";
 }
}



Where it gets to the section "not matched" I need to print out from the
question array question[$key][$value] (question '10' => '1' as above)



I am not sure if I am even making sense here anymore...

Thanks in advance


Chris

Re: [PHP] Efficiency question

[Richard Lynch]

On Tue, July 25, 2006 11:41 pm, Paul Scott wrote:
> I have googled around a bit, but not really found anything useful...
>
> Which is more efficient? A case switch or a $$method style method?
>
> An example:
>
> switch($action) {
> case 'edit':
>   //do some stuff
>   ...
>   return "edit_tpl.php";
>
> case 'whatever':
>   //blah
>   ..
>   ..
> }
>
> OR:
>
> $method=$this->convertToMethod($action);

A user-defined function will almost always be more expensive than a
built-in language construct...

If you were willing to just do:

$this->$action();

and to hell with validating $action to be sure it was kosher, it would
be faster...

But your validation of $action to be sure it's not an internal method
you don't want them calling would probably look something like:
switch($action){
  case 'known_action':
  case 'other_action':
return true;
  break;
  default:
error_log("Possible hack attempt $_SERVER[REMOTE_ADDR]");
echo "Invalid Action";
return false;
  break;
}

So now you have a switch/case just as big as you would have had anyway.

> unset($action);
> return $this->$method();
>
> Hope this is reasonably clear... Note the return on the latter code.
>
> If anyone has any ideas around this, please let me know! Are there
> underlying security risks in doing it this way?

If convertToMethod() is not checking against a known list of valid
'action' you are making a security hole.

-- 
Like Music?
http://l-i-e.com/artists.htm

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] database connections

[Richard Lynch]

On Mon, July 24, 2006 10:46 am, Ryan A wrote:
> This is not really a problem, more like a slightly OT
> question.
>
> Recently I have been testing some "CMS/carts/BB
> boards" and other related software, sometimes at the
> end of the page the software outputs the time it took
> to generate the page and the number of database calls.
>
> I have seen some scripts give the number of database
> calls in the hundreds (from 100 - 400) just to
> generate one single damn page.
> Isnt that just too much?
>
> Or am I blowing smoke and MySql can handle that
> without a sweat on a shared hosting environment? (with
> say100 page requests per minute?)

You'd have to time the DB call on your own system to get truly
meaningful data.

The function call to a database on localhost to send a simple query
and get back a tiny result set is very very very cheap, usually.

A big-long-ass complex query is "expensive" but only in the SQL side,
not in PHP side.

A large result set is killer for both SQL and PHP, and the pipe in
between.

It's possible that 100 small queries are faster then a big query, in
some cases, but generally not, for the same given result set.

It's also possible that the database API has some kind of caching
system, so that the "hundreds" of calls are not actually hitting the
DB, but are getting counted anyway.

You're on your own to find out what the metrics actually mean. :-)

I'd pay more attention to actual user-percieved performance than just
the number of DB calls.

Something that does one super-fast DB call in a splintered second and
then outputs HTML that takes the browser 30 seconds to render is a lot
worse than something that does 100 not-so-fast DB calls but generates
quickly-rendered HTML.

-- 
Like Music?
http://l-i-e.com/artists.htm

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Please help me with in_array

[Jochem Maas]

Chris G wrote:
> Hi all
> 
> I have been stuck on this problem for 4 hours. Please anyone that can help
> here I would appreciate it.
> 
> If I print_r($_GET) I have
> 
> Array ([question] => Array ( [10] => 1 [11] => 2 [12] => 1 [13] => 1)'
> 
> 
> So now I try
> 
> foreach($_GET['question'] as $key) {

foreach($_GET['question'] as $key => $value) {

>  if(!in_array($key, $_SESSION['question'])) {
>   print "not matched lets update".
> "$_GET[question][$key]"; // HERE I WANT IT TO SHOW $key
> is 10 and its value should be 1 (as printed in the Array above)
>  }
> else {
>  print "matched";
>  }
> }
> 
> 
> 
> Where it gets to the section "not matched" I need to print out from the
> question array question[$key][$value] (question '10' => '1' as above)
> 
> 
> 
> I am not sure if I am even making sense here anymore...
> 
> Thanks in advance
> 
> 
> Chris
> 

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] database connections

[Richard Lynch]

On Mon, July 24, 2006 1:33 pm, Ryan A wrote:
> Hey Rob,
> Thanks for replying.
>
>
>> It's usually a sign of poor programming and/or
>> purist OOP programming.
>>
>> When I say purist OOP programming...
>> I saw
>> one really retarded
>> implementation of this kind of system where an
>> excess of 2 queries
>> were issued to the database -- on a homepage
>> nonetheless :/
>
>
> That IS retarded, I wonder why someone would want to
> do that.

Because they learned from Java which has an entirely different
architecture with a shared cached DB store across the application
servers, wherein such a technique makes a whole hell of a lot more
sense.

And because they don't REALLY understand the power of OOP, and are too
literal-minded when architecting class inheritence -- But that
describes about 99% of the so-called OOP developers "out there" so
there ya go.

> I was curious about this because I am working on a
> project (with other team players) and we have a way of
> building something with either lots more (complicated)
> code and fewer database calls or less code and
> multiple tables.
>
> If we take the second option (multiple tables) I am
> talking about maybe 15 database calls per page, and
> the site will get around (i guess) 300-750 requests
> for a page a minute at is peak.

Measure it and see.

I've seen times when 15 DB calls was a hell of a lot cheaper than 1 DB
call, depending on the indexes in the DB and the query and...

There's just no way to predict this without a detailed analysis of the
DB schema and the queries and the hardware and...

It's almost-for-sure faster for you to write 2 prototype examples with
realistic-sized data and throw Apache benchmark at them to find out
your answer.

> I wouldnt be going to those extremes, was thinking of
> around 5-15 queries per page.

15 queries per page, with a good schema and reasonable queries is
chump-change.

15 bad queries on a page will kill you before you even launch. :-)

-- 
Like Music?
http://l-i-e.com/artists.htm

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] xml v php question

[Richard Lynch]

On Tue, July 25, 2006 8:33 am, David Tulloh wrote:
> Larry Garfield wrote:
>> Disable short tags.
>>
>> The correct answer is (b).  (PHP 6 won't even have short tags, so
>> get used to
>> not having them.)
>
> Can you find anywhere where this was announced?  I don't recall seeing
> any decision on it.
>
> A quick search found several mentions of the devs deciding to keep
> short
> tags when going from php 4 to php 5.  The php 6 todo list shows that
> <%
> will be removed but http://www.php.net/~derick/meeting-notes.html#remove-support-for-and-script-language-php-and-add-php-var

This may be out-dated...

Personally, I would not miss http://l-i-e.com/artists.htm

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Please help me with in_array

[Jochem Maas]

Chris G wrote:
> I have already tried using
>  
> foreach($_GET['question'] as $key => $value)
>  
> the in_array function does not work with it for some reason.

'does not work with it' ??

use var_dump(); to see what's actually in your variables.

> 
>  
> On 8/5/06, *Jochem Maas* <[EMAIL PROTECTED]
> > wrote:
> 

> foreach($_GET['question'] as $key => $value) {
> 

var_dump($key, $value);

> >  if(!in_array($key, $_SESSION['question'])) {
> >   print "not matched lets update".
> > "$_GET[question][$key]"; // HERE I WANT IT TO
> SHOW $key
> > is 10 and its value should be 1 (as printed in the Array above)
> >  }
> > else {
> >  print "matched";
> >  }
> > }
> >
> >
> >
> > Where it gets to the section "not matched" I need to print out
> from the
> > question array question[$key][$value] (question '10' => '1' as above)
> >
> >
> >
> > I am not sure if I am even making sense here anymore...
> >
> > Thanks in advance
> >
> >
> > Chris
> >
> 
> 

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: PHP Frameworks - Opinion

[Manuel Lemos]

Hello,

on 08/03/2006 05:18 PM Martin Alterisio said the following:
>> Anyway, you may want to read this more in depth reflection of the state
>> of the PHP framework world and recommendations on how to pick what suits
>> best for you:
>>
>> http://www.phpclasses.org/blog/post/52-Recommended-PHP-frameworks.html
> 
> 
> Sorry to intrude with my usual obnoxious behaviour, but this is starting to
> affect my self-esteem (what's left of it). Am I the only one who has a
> really hard time reading the blog posts in phpclasses.org? Everytime a
> reference to this blog is posted I lose track of the discussion, because I
> can't really grasp what Lemos is talking about.
> 
> I'd like to make some some constructive criticism, not just to Lemos but to
> the community in general, since I think many of us need to improve our
> writing skills:
> 
> 1 - Don't make lng boooring posts.

This blog in reality is the site monthly announcement newsletter. Some
months there is more to tell than in others. I usually put a list of
contents when the post is about many subjects.


> 2 - Get to the point. Introduction are great when they are not two pages
> long.

I don't know what you mean by introduction. Usually there is a summary
that goes in the RSS feed that is no longer than 3 or 4 paragraphs.


> 3 - Stick to the topic. Or use appropiate titles.

> 4 - If the topic is inherently long, use distinguishable headers and
> subheaders. It's a pain in the ass to read a 5 pages long article that
> looks
> the same everywhere, with no easy way to know what is the subtopic of what
> are you reading now.

As I said, these posts often cover many topics. It may not seem by topic
sections use titles. The problem is that this newsletter posts used to
go by e-mail to the site subscribers in plain text, so there was no way
to format titles.

Anyway, now that you mentioned it I applied an additional regular
expression to add title formatting when presenting it in the site. Just
let me know if it looks ok now.



> 5 - Don't talk so much about your life! You can always make another blog
> for
> that... Unless your personal experience can bring an unique insight of the
> point you're trying to make.

I suppose you may be talking about other peoples blogs. Personal blogs
are supposed to be personal. This is the PHPClasses site blog. Usually
it covers matters about the site developments and matters of interest to
the site users. It does not talk about my life. It may talk about my
experience when it is relevant to the post topic.

-- 

Regards,
Manuel Lemos

Metastorage - Data object relational mapping layer generator
http://www.metastorage.net/

PHP Classes - Free ready to use OOP components written in PHP
http://www.phpclasses.org/

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] The difference between ereg and preg?

[Dave M G]

Jochem

Thank you for your continued assistance.


^--- remove the caret as you dont want to only match when the line
starts with  (the  can be anywhere on the line)
  

Ah, I get it now. I was confused about the meaning of the caret.


I'll assume you also have the mb extension setup.
  

Yes, I do.

This regular expression is tricky stuff, and its behaviour is not what 
I'd expect.


After much experimentation, I discovered that I needed to take the last 
"s" out of my syntax. This was the "s" that states that the search could 
span across line breaks.


I assumed that the behaviour would be to start at one instance of  
and continue until the first instance of  and extract that as a 
variable. And then start again at the next instance of  and so on.


But instead it seems to be starting from the extreme outside and work 
it's way inwards from both ends, thus trapping all text between the very 
first  in the source string, and the very last  in the source.


So if the "s" option is on to span across lines, then it gets only one 
match for the whole HTML document, containing everything between the 
very first  and the very last . If I take off the "s" option, 
then it only looks at  and  tags within each line, thus 
returning small, discreet matches.


I personally don't think this is very rational behaviour, so either I'm 
doing something wrong still, or perhaps it's me who isn't very rational. 
Either is likely.


--
Dave M G

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] The difference between ereg and preg?

[Robert Cummings]

On Sat, 2006-08-05 at 10:50 +0900, Dave M G wrote:
> Jochem
> 
> Thank you for your continued assistance.
> 
> > ^--- remove the caret as you dont want to only match when the line
> > starts with  (the  can be anywhere on the line)
> >   
> Ah, I get it now. I was confused about the meaning of the caret.
> 
> > I'll assume you also have the mb extension setup.
> >   
> Yes, I do.
> 
> This regular expression is tricky stuff, and its behaviour is not what 
> I'd expect.
> 
> After much experimentation, I discovered that I needed to take the last 
> "s" out of my syntax. This was the "s" that states that the search could 
> span across line breaks.
> 
> I assumed that the behaviour would be to start at one instance of  
> and continue until the first instance of  and extract that as a 
> variable. And then start again at the next instance of  and so on.
> 
> But instead it seems to be starting from the extreme outside and work 
> it's way inwards from both ends, thus trapping all text between the very 
> first  in the source string, and the very last  in the source.
> 
> So if the "s" option is on to span across lines, then it gets only one 
> match for the whole HTML document, containing everything between the 
> very first  and the very last . If I take off the "s" option, 
> then it only looks at  and  tags within each line, thus 
> returning small, discreet matches.

Check out the greediness modifier. Greediness determines whether it
extends the matching to the largest possible match or the smallest
possible match. By default regexes are greedy.

> I personally don't think this is very rational behaviour, so either I'm 
> doing something wrong still, or perhaps it's me who isn't very rational. 
> Either is likely.

It's perfectly valid since it is correctly matching the pattern, just an
issue of how greed ;)

Cheers,
Rob.
-- 
..
| InterJinn Application Framework - http://www.interjinn.com |
::
| An application and templating framework for PHP. Boasting  |
| a powerful, scalable system for accessing system services  |
| such as forms, properties, sessions, and caches. InterJinn |
| also provides an extremely flexible architecture for   |
| creating re-usable components quickly and easily.  |
`'

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Upload files problem with IIS server

[Mace Eliason]

Hi,

I am having problems with uploading files to a windows server using 
php.  I have used the same script on other server with no problems. 

From what I can tell this new server is running windows with IIS.  I 
think the problem is with the path.


Does anyone have any suggestions?  Here is a snipet of some of the code.

$uploadDir =  "/gamestats/";

 $uploadFile = $uploadDir . $_FILES['bannerfile']['name'];
 echo $bannerfile . "";  /* added for testing */
 echo $uploadDir . ""; /* added for testing */
 echo $uploadFile . ""; /* added for testing */

 if (move_uploaded_file($_FILES['bannerfile']['tmp_name'], $uploadFile))
 {
..

I have also ran $_SERVER["PATH_TRANSLATED"] to see what the path is and 
used it but that didn't help either.


Thanks

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Strip non-alphanumerics from beginning and end?

[Brian Dunning]

Is there a command to strip all non-alphanumerics form the beginning  
and end of a string?


Ex.: '&^%kj.h,kj..*(' becomes 'kj.h,kj'

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Strip non-alphanumerics from beginning and end?

[Robert Cummings]

On Fri, 2006-08-04 at 19:12 -0700, Brian Dunning wrote:
> Is there a command to strip all non-alphanumerics form the beginning  
> and end of a string?
> 
> Ex.: '&^%kj.h,kj..*(' becomes 'kj.h,kj'



Cheers,
Rob.
-- 
..
| InterJinn Application Framework - http://www.interjinn.com |
::
| An application and templating framework for PHP. Boasting  |
| a powerful, scalable system for accessing system services  |
| such as forms, properties, sessions, and caches. InterJinn |
| also provides an extremely flexible architecture for   |
| creating re-usable components quickly and easily.  |
`'

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Upload files problem with IIS server

[chris smith]

On 8/5/06, Mace Eliason <[EMAIL PROTECTED]> wrote:

Hi,

I am having problems with uploading files to a windows server using
php.  I have used the same script on other server with no problems.

 From what I can tell this new server is running windows with IIS.  I
think the problem is with the path.

Does anyone have any suggestions?  Here is a snipet of some of the code.

$uploadDir =  "/gamestats/";

  $uploadFile = $uploadDir . $_FILES['bannerfile']['name'];
  echo $bannerfile . "";  /* added for testing */
  echo $uploadDir . ""; /* added for testing */
  echo $uploadFile . ""; /* added for testing */

  if (move_uploaded_file($_FILES['bannerfile']['tmp_name'], $uploadFile))
  {
 ..


and the errors you get are... ?

check the folder is writable:

echo "is_writable: " . is_writable($uploadDir) . "";

Is that the whole code? I doubt this would work on linux platforms
either because your script will not be able to create /gamestats (ie
in the / folder, not in your /home/httpd/domain.com folder or
where-ever it is).

IIS needs the destination folder marked with 'modify' permissions in
IIS so you can create and delete files, maybe that's the problem.
--
Postgresql & php tutorials
http://www.designmagick.com/

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php