[PHP] php file/app/dialog to copy folders

2006-10-03 Thread bruce 
hi...

i'm wondering if anyone has a class/chunk of code to copy a folder to
another folder, along with the underlying descendents (files/folders)...

i'm considering a file management app, and i'd like to allow the user to
select a folder, and then to copy the folder to another folder location...

thanks...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Breaking lines

2006-10-03 Thread Deckard 
Hello,

I have this code to write three lines in a file (config.php):

$stringData = '$hostname = ' . $hostname . '\n' . '$mysql_username = ' .
$mysql_username . '\n' . '$mysql_user_password = ' .
$mysql_user_password . '\n';

but instead of breaking a line, it appears in the file the string \n

How can i make the line break ?

Any help would be appreciated.

Best Regards,
Deckard

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] web based browser...

2006-10-03 Thread bruce 
hi...

i'm trying to find a good web based (php) browsing app for handling remote
file management functions... i've seen a number of open source apps, but
haven't come across any that meet my needs.

i'm looking for the ability to:
 -edit/view/rename/copy/move/delete files
 -copy/rename/move/delete folders
 -display number of files in a folder
 -search for file/folder by name/regex

if you know of an app that does the above, or if you've used a browser based
file manager kind of app that's really good, let me know.

thanks..

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] test

2006-10-03 Thread bruce 
test1

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] RE:[PHP] Client Computer Registration

2006-10-03 Thread Wesley Acheson 

They could also be doing something like giving the client an SSH key
to download, I've heard of this situation in a bank before.

Though it does seem more likely that their just using cookie based
authentication
-
From: "Rahul S. Johari" <[EMAIL PROTECTED]>
To: PHP 
Date: Mon, 02 Oct 2006 08:07:35 -0400
Subject: [PHP] Client Computer Registration
Ave,

I saw this at the Key.Com website for Keybank Customers. When you go to
their website to login to view your account, they ask you to register your
computer for the first time. Once your computer is registered, you can
access the account using that computer. You can choose to Not register that
computer and you won¹t be able to access the account using that computer in
future.

What exactly are they doing?
Can PHP record the MAC Address of the NIC in the computer? Or are they just
recording the IP and creating an IP based filteration?

I¹m looking to implement a similar security system for one of my
applications.

Any advice?

Rahul S. Johari
Supervisor, Internet & Administration
Informed Marketing Services Inc.
500 Federal Street, Suite 201
Troy NY 12180

Tel: (518) 687-6700 x154
Fax: (518) 687-6799
Email: [EMAIL PROTECTED]
http://www.informed-sources.com

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] web based browser...

2006-10-03 Thread bruce 
hi...

i'm trying to find a good web based (php) browsing app for handling remote
file management functions... i've seen a number of open source apps, but
haven't come across any that meet my needs.

i'm looking for the ability to:
 -edit/view/rename/copy/move/delete files
 -copy/rename/move/delete folders
 -display number of files in a folder
 -search for file/folder by name/regex

if you know of an app that does the above, or if you've used a browser based
file manager kind of app that's really good, let me know.

thanks..

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] MySQLDump and master/slave Behavior

2006-10-03 Thread David Giragosian 

Howdy Guys,

I have a PHP backup script running as a cronjob that has an exec(mysqldump)
line followed a bit later by an exec(tar -cjf) line. The backup script runs
against a slave db in the wee hours, and the master gets a continuous stream
of inputs at the rate of about 18,720 per day. Obviously as the database
grows in size, the script takes longer and longer to run. Right now, after
about 15 months of operation,  it's taking about 40 minutes to complete. But
I did a test yesterday, and the mysqldump part only takes about 2 minutes to
finish.

Even though I've never lost data, my concern is that since master-slave
syncing is blocked while the script runs, I just might lose something if
there's a buffer overrun or something like that.

So, Question 1 is: does mysqldump's connection to the slave db exist for the
entire script execution time, or just for the length of time of its own
execution? I imagine if I used mysql_connect() in the script that it would
be for the entire length of the script execution, but mysqldump makes its
own connection, so I'm just not sure about this.

Question 2: Should I, just to be on the safe side, break out the mysqldump
code into its own scipt, and run it, say, 30 minutes before the tar script?

Thanks for your time,

David

[PHP] Breaking lines

2006-10-03 Thread Deckard 
Hello,

I have this code to write three lines in a file (config.php):

$stringData = '$hostname = ' . $hostname . '\n' . '$mysql_username = ' .
$mysql_username . '\n' . '$mysql_user_password = ' .
$mysql_user_password . '\n';

but instead of breaking a line, it appears in the file the string \n

How can i make the line break ?

Any help would be appreciated.

Best Regards,
Deckard

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Coding Style Question...

2006-10-03 Thread tedd 

At 10:23 AM +0800 10/3/06, Glenn Richmond wrote:

I'll probably
get strong opposition for these comments, but in my opinion, there's
nothing worse than mixing two different lanuages in a single file, not
to mention mixing functional code with layout code.

Glenn.


Glenn:

I agree with the concepts of unobtrusive code and the separation of 
content, presentation, and behavior. However, I find it very 
difficult not to mix languages -- for example, trying to generate 
dynamic html from php/mysql without mixing all three languages is 
difficult, if not impossible.


Plus, when php can generate html, css, javascript, and content -- 
it's not possible (by definition) to create language-pure code under 
those conditions.


Also, sometimes mixing languages is preferable (with regard to 
readability) than trying to develop a scheme to separate them.


And lastly, what constitutes separation?  Is an include(), or date(), 
or any php function from within a html, or css, file acceptable? If 
not, what's the cost in readability or lines of additional code to 
obtain the same functionality?


I don't know about others, but the language line is blurred for me. I 
still believe in the "concepts" separation of content, presentation, 
and behavior, but php transcends the other languages in a different 
manner and provides the "glue" to hold them together and make them a 
cohesive functional solution. In my mind, the "concept of separation" 
does not fall clearly along language boundaries.


While this is not meant to demean php, I see php not only as a 
"stand-alone" language, but as an addition to html, css, and 
javascript, which can enhance their functionality. Clearly each of 
those languages can do more with php than without it.


That's my perspective.

tedd

--
---
http://sperling.com  http://ancientstones.com  http://earthstones.com

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: Re: Re: Frustrated trying to get help from your site

2006-10-03 Thread David Robley 
Michelle Konzack wrote:

> Am 2006-09-27 17:39:25, schrieb David Robley:
> 
>> 88 tons!! Point us to an image of that please.
> 
> Currently not availlable but it is an ex Pershing II Transporter
> from the US-Army manufactured by the german Enterprise MAN.

You surely don't mean the tracked vehicle that was used to transport the
missiles? How the #&%@ can you register and drive something like that.
Boggle!




Cheers
-- 
David Robley

"My stereo is working great now," said Tom ecstatically.
Today is Sweetmorn, the 57th day of Bureaucracy in the YOLD 3172. 

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Breaking lines

2006-10-03 Thread Deckard 
Hello,

I have this code to write three lines in a file (config.php):

$stringData = '$hostname = ' . $hostname . '\n' . '$mysql_username = ' .
$mysql_username . '\n' . '$mysql_user_password = ' .
$mysql_user_password . '\n';

but instead of breaking a line, it appears in the file the string \n

How can i make the line break ?

Any help would be appreciated.

Best Regards,
Deckard

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] mysql_real_escape_string() question

2006-10-03 Thread Nisse Engström 
On Fri, 29 Sep 2006 11:41:34 -0500 (CDT), "Richard Lynch" wrote:

> Consider that the user could provide *ANY* string, of any size, of any
> composition, for their "Subject"
> 
> Maybe they POST a worm in Subject, and it has no newlines, but still
> manages to propogate through Outlook.
> 
> Or maybe it's just a nice subject in Japanese.
> 
> I know nada about Unicode, uuencode, and all that crap.
> 
> Or, maybe, it's not even a VALID subject for SMTP, for whatever the
> arcana rules of SMTP-ness are.
> 
> My contention is that the lowly application developer (me) should not
> need a degree in i18n nor SMTP just to pass on a valid SMTP subject in
> an email.

   I've been meaning to look into this, so I might as well
do it now. The obvious assumption would be that the mail()
function would:


   a) escape all its arguments to make them suitable for
  use in an email


   This should, at a minimum, run something like addslashes()
to escape newlines. Ideally, it should also encode the
arguments as quoted-printable if necessary, but the mail()
function would then need to know what character encoding the
strings are in.

   So, the burden of escaping appears to be on the user,
rather than on the mail() function. What then is it that
has to be done?

   The 'Subject:' header is fairly simple. It contents is
'*text' in RFC 822 terms, where problematic 'text' parts
can be replaced by 'encoded-word' in RFC 2047 terms. In
other words, it can be QP-encoded directly.

   The 'To:' header is more problematic. Is it an (RFC 822)
'address', 'mailbox', 'addr-spec' or something else? The
escape mechanism would be different (I think), and the
PHP documentation doesn't provide any information on this.


   b) escape all parameters sent to the sendmail program
  through the shell.


   It would be interesting to run a sendmail dummy that
dumps its arguments to a file to see what's really going
on. I don't seem to be able to test this on my old
Windows clunker at home.


> For *any* data that PHP has to pass back and forth in its "glue" there
> are potentials for the kind of problems we've seen with spam, site
> defacing, viruses, etc.
> 
> What I'm suggesting is that in addition to mysql_escape[_real]_string,
> maybe there needs to be more "escape" string functions.
> 
> So with all these potential issues, I'm wondering if there isn't a
> more systemic approach to this.

   Wouldn't it be nice if strings were associated with a
(hidden) character encoding field, so that mail() and
other functions could just "do their thing" and not
bother us users with the detaily bits?

   Wait a minute... Isn't that what multi-byte string are
for? The mb_send_mail() function looks like a strong
contender here. And no, I haven't tried any funky mb_
stuff so far...

> Plus, for the functions that we *DO* have, a grid of "from" and "to"
> and the appropriate converter function seems like it would be a Good
> Idea.
> 
> It's all to easy to find a problem like ' where addslashes seems like
> the "right answer" but, in reality, what I do not know is that ~ is
> also a special character to the [mumble] extension/protocol/whatever
> and I'm using the wrong escape function.
> 
> There are 2 reasons why I'm not using the right escape function.
> #1. The right one just plain doesn't exist.
> #2. The docs, wonderful as they are, don't really lay out something as
> fundamental as the right escape function for situation X, because you
> need a degree in CS just to "know" that X is really a Y so the right
> function is Z.

   Alas, there are many parts of PHP that is seriously
underspecified.


  --nfe

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] php file/app/dialog to copy folders

2006-10-03 Thread bruce 
hi...

i'm wondering if anyone has a class/chunk of code to copy a folder to
another folder, along with the underlying descendents (files/folders)...

i'm considering a file management app, and i'd like to allow the user to
select a folder, and then to copy the folder to another folder location...

thanks...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] Breaking lines

2006-10-03 Thread Jay Blanchard 
[snip]
How can i make the line break ?
[/snip]

http://www.php.net/nl2br

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Breaking lines

2006-10-03 Thread Brad Bonkoski 

Deckard wrote:

Hello,

I have this code to write three lines in a file (config.php):

$stringData = '$hostname = ' . $hostname . '\n' . '$mysql_username = ' .
$mysql_username . '\n' . '$mysql_user_password = ' .
$mysql_user_password . '\n';

but instead of breaking a line, it appears in the file the string \n

How can i make the line break ?

Any help would be appreciated.

Best Regards,
Deckard

  


$stringData = '$hostname = ' . $hostname . "\n" . '$mysql_username = ' .
$mysql_username . "\n" . '$mysql_user_password = ' .
$mysql_user_password . "\n";

(double quotes around the \n character.)
-B

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: Breaking lines

2006-10-03 Thread Ben Ramsey 

On 10/3/06 8:05 AM, Deckard wrote:

$stringData = '$hostname = ' . $hostname . '\n' . '$mysql_username = ' .
$mysql_username . '\n' . '$mysql_user_password = ' .
$mysql_user_password . '\n';

but instead of breaking a line, it appears in the file the string \n

How can i make the line break ?


Use double quotation marks instead of single quotation marks:
"\n"

See here for why:
http://us3.php.net/manual/en/language.types.string.php#language.types.string.syntax.double

--
Ben Ramsey
http://benramsey.com/

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Breaking lines

2006-10-03 Thread Dave Goodchild 

double-quote it



Best Regards,
Deckard

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php





--
http://www.web-buddha.co.uk

Re: [PHP] RE:[PHP] Client Computer Registration

2006-10-03 Thread Joe Harman 

Hey Rahul...

I have seen this also... It's sort of neat and annoying all at the
same time... I am just wondering if it's just a false sense of
security to get more people to use there online banking... although I
did read through their FAQs about this and they are saying they have
been required by the FFIEC (Federal Financial Institutions Examination
Council) to increase security... although computer registration
remains optional... i would guess this is probably just a cookie... i
am not sure about this, but will firefow run activex stuff??? if it
won't I think you could eliminate the activex possiblity i do know
that this site uses JSP as it's scripting language.

Have a great day, hope i was able to help in atleast a little way
Joe

On 10/3/06, Wesley Acheson <[EMAIL PROTECTED]> wrote:

They could also be doing something like giving the client an SSH key
to download, I've heard of this situation in a bank before.

Though it does seem more likely that their just using cookie based
authentication
-
From: "Rahul S. Johari" <[EMAIL PROTECTED]>
To: PHP 
Date: Mon, 02 Oct 2006 08:07:35 -0400
Subject: [PHP] Client Computer Registration
Ave,

I saw this at the Key.Com website for Keybank Customers. When you go to
their website to login to view your account, they ask you to register your
computer for the first time. Once your computer is registered, you can
access the account using that computer. You can choose to Not register that
computer and you won¹t be able to access the account using that computer in
future.

What exactly are they doing?
Can PHP record the MAC Address of the NIC in the computer? Or are they just
recording the IP and creating an IP based filteration?

I¹m looking to implement a similar security system for one of my
applications.

Any advice?

Rahul S. Johari
Supervisor, Internet & Administration
Informed Marketing Services Inc.
500 Federal Street, Suite 201
Troy NY 12180

Tel: (518) 687-6700 x154
Fax: (518) 687-6799
Email: [EMAIL PROTECTED]
http://www.informed-sources.com

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php





--
Joe Harman
-
Subscribe to my FRIENDS email list by sending an email to
[EMAIL PROTECTED] with subject line of "Subscribe"

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Breaking lines / NEW

2006-10-03 Thread Deckard 
Hi Brad,

Thanks a lot for your answer and the other guys too.
It worked.

Now i have another doubt:

$stringData = '';

The variables contents should be written in the files within quotes, like:

$mysql_username = 'deckard';

This is getting me nuts.

Any ideas ?

Warm Regards,
Deckard

Brad Bonkoski wrote:
> Deckard wrote:
>> Hello,
>>
>> I have this code to write three lines in a file (config.php):
>>
>> $stringData = '$hostname = ' . $hostname . '\n' . '$mysql_username = ' .
>> $mysql_username . '\n' . '$mysql_user_password = ' .
>> $mysql_user_password . '\n';
>>
>> but instead of breaking a line, it appears in the file the string \n
>>
>> How can i make the line break ?
>>
>> Any help would be appreciated.
>>
>> Best Regards,
>> Deckard
>>
>>   
> 
> $stringData = '$hostname = ' . $hostname . "\n" . '$mysql_username = ' .
> $mysql_username . "\n" . '$mysql_user_password = ' .
> $mysql_user_password . "\n";
> 
> (double quotes around the \n character.)
> -B
> 

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Breaking lines / NEW

2006-10-03 Thread Brad Bonkoski 

Deckard wrote:

Hi Brad,

Thanks a lot for your answer and the other guys too.
It worked.

Now i have another doubt:

$stringData = '';

The variables contents should be written in the files within quotes, like:

$mysql_username = 'deckard';

This is getting me nuts.

Any ideas ?

Warm Regards,
Deckard

Brad Bonkoski wrote:
  

Deckard wrote:


Hello,

I have this code to write three lines in a file (config.php):

$stringData = '$hostname = ' . $hostname . '\n' . '$mysql_username = ' .
$mysql_username . '\n' . '$mysql_user_password = ' .
$mysql_user_password . '\n';

but instead of breaking a line, it appears in the file the string \n

How can i make the line break ?

Any help would be appreciated.

Best Regards,
Deckard

  
  

$stringData = '$hostname = ' . $hostname . "\n" . '$mysql_username = ' .
$mysql_username . "\n" . '$mysql_user_password = ' .
$mysql_user_password . "\n";

(double quotes around the \n character.)
-B




  

Simplify your life!
$stringData = "";

the '\' character is the escape...
so
if $var = "string"
echo "$var"; // output string
echo "\$var"; //output $var
-B

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] MySQLDump and master/slave Behavior

2006-10-03 Thread Jon Anderson 

David Giragosian wrote:
So, Question 1 is: does mysqldump's connection to the slave db exist 
for the

entire script execution time, or just for the length of time of its own
execution? I imagine if I used mysql_connect() in the script that it 
would

be for the entire length of the script execution, but mysqldump makes its
own connection, so I'm just not sure about this.
Running mysqldump (an external program), the connection will only exist 
while mysqldump is running. PHP's connections and that of external 
programs are mostly unrelated. Besides, your problem isn't the 
connection, it's the locking that you're worried about. You can pass 
options to mysqldump to tell it to do as little locking as possible. 
That's what I do, considering that running mysqldump on a live database 
doesn't give you a totally up-to-date snapshot anyway. (I.e. as soon as 
you take a snapshot with mysqldump, it's out of date the instant there's 
another insert/update.)
Question 2: Should I, just to be on the safe side, break out the 
mysqldump
code into its own scipt, and run it, say, 30 minutes before the tar 
script?
I don't think it matters. See above. I put my sql dump scripts into 
simple bash scripts that run from cron, but if you're more comfortable 
with PHP, I don't see any reason to switch nor to break it out.


jon

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] MySQLDump and master/slave Behavior

2006-10-03 Thread Joe Wollard 
1. mysqldump will only keep the connection open for as long as it  
needs it. Once your calling script is allowed to continue mysqldump  
has either exited successfully or with an error, but either way the  
connection should no longer be active.


2. I don't think that would be a good idea. 30 minutes should buy you  
enough time, but if the system is getting slammed or some other  
unforeseeable event happens that makes the system slow down to a  
crawl then you run the risk of breaking your backup process. The bulk  
of the execution time in your script is almost certainly with your  
tar command. The 'j' option is telling it to use the bzip2 algorithm  
for compression, which is a very high compression level, but takes a  
long time to obtain compared to other compression algorithms. In  
short, I don't think anything that you're doing is going to cause any  
data loss as long as mysqldump isn't locking the slave database for a  
huge amount of time.


As an aside, this isn't really PHP related so much as it is MySQL or  
even *nix shell commands related, you might try a MySQL list for  
verification.



On Oct 3, 2006, at 10:29 AM, David Giragosian wrote:


Howdy Guys,

I have a PHP backup script running as a cronjob that has an exec 
(mysqldump)
line followed a bit later by an exec(tar -cjf) line. The backup  
script runs
against a slave db in the wee hours, and the master gets a  
continuous stream
of inputs at the rate of about 18,720 per day. Obviously as the  
database
grows in size, the script takes longer and longer to run. Right  
now, after
about 15 months of operation,  it's taking about 40 minutes to  
complete. But
I did a test yesterday, and the mysqldump part only takes about 2  
minutes to

finish.

Even though I've never lost data, my concern is that since master- 
slave
syncing is blocked while the script runs, I just might lose  
something if

there's a buffer overrun or something like that.

So, Question 1 is: does mysqldump's connection to the slave db  
exist for the
entire script execution time, or just for the length of time of its  
own
execution? I imagine if I used mysql_connect() in the script that  
it would
be for the entire length of the script execution, but mysqldump  
makes its

own connection, so I'm just not sure about this.

Question 2: Should I, just to be on the safe side, break out the  
mysqldump
code into its own scipt, and run it, say, 30 minutes before the tar  
script?


Thanks for your time,

David



--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] MySQLDump and master/slave Behavior

2006-10-03 Thread Richard Lynch 
On Tue, October 3, 2006 9:29 am, David Giragosian wrote:
> So, Question 1 is: does mysqldump's connection to the slave db exist
> for the
> entire script execution time, or just for the length of time of its
> own
> execution?

exec() runs its own little mini-not-quite-shell, so as soon as it
ends, the connection would, almost-for-sure, be dead, even if
mysqldump itself didn't close it, which, almost-for-sure it does.

You could write another cron job to send that one query to mysql to
show the open connections...  Or am I thinking PostgreSQL?...  Well,
MySQL probably has it too anyway...

Run that 20 minutes into the other script, and see if the mysqldump
connection looks open, if you can detect that sort of thing...

> Question 2: Should I, just to be on the safe side, break out the
> mysqldump
> code into its own scipt, and run it, say, 30 minutes before the tar
> script?

The problem with the "disjoint" is what if mysqldump doesn't work for
whatever reason?

Then you tar up the wrong thing, and pretend it's "OK"?

Gotta plan this out, if it matters.

You are *probably* fine, but it's better to check on your own system
than to just take whatever some goof like me says on a mailing list.

It should not be too hard to test it reliably to be 100% sure.



Another option to consider:
Set up a whole 'nother slave, and then do your dump and backup from THAT.
So you really don't CARE if you manage to screw it up, in terms of
your failure-is-not-an-option stream of incoming data to the master.

Your backup is at slightly higher risk of failing.

You have some "timing" issues of maybe losing a few more
transactions/inserts/whatever.

But reducing risk to the master and its input stream is drastic, so
probably worth considering.


I understand it's common to also set up an extra slave JUST for
reporting, so your Marketing guys can't bring down the whole system
just because they want to play "what happened" and "what if" games by
generating a cross-indexed report of every field in every table... :-)

This is definitely straying into the area of things you really would
better find covered on the MySQL mailing list/forum/whatever.


PS
[re-arranged original post, sorry]
> I imagine if I used mysql_connect() in the script that it
> would
> be for the entire length of the script execution, but mysqldump makes
> its
> own connection, so I'm just not sure about this.

You could always use mysql_connect and then mysql_close() to manage a
connection, but that would not be the fast way to get a dump in the
first place, so is kind of moot.

-- 
Some people have a "gift" link here.
Know what I want?
I want you to buy a CD from some starving artist.
http://cdbaby.com/browse/from/lynch
Yeah, I get a buck. So?

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] changing the global variables (_SERVER[HTTP_USER_AGENT])

2006-10-03 Thread Balaji A 

Hi,
in php.ini I have changed the register_global to "On".

Is it possible to change the global variable _SERVER[HTTP_USER_AGENT]?

Thanks in advance..


Thanks
Balaji

Re: [PHP] Breaking lines / NEW

2006-10-03 Thread Dave Goodchild 

There is no real need to keep flipping in and out of the string like that,
just use this:

$stringData = "\n\n\$'$hostname = '$hostname\n\$$database =
wordlife\n\$$mysql_username = $mysql_username\n\$$mysql_user_password =
$mysql_user_password\n\n";

...or something similar - use double quotes to interpolate the variable
values and escape the newlines and literal dollar signs

Re: [PHP] Breaking lines

2006-10-03 Thread Richard Lynch 
On Tue, October 3, 2006 7:05 am, Deckard wrote:
> I have this code to write three lines in a file (config.php):
>
> $stringData = '$hostname = ' . $hostname . '\n' . '$mysql_username = '
> .
> $mysql_username . '\n' . '$mysql_user_password = ' .
> $mysql_user_password . '\n';
>
> but instead of breaking a line, it appears in the file the string \n
>
> How can i make the line break ?

There are only *TWO* characters that are "special" after a '
\
'

' is used to note the end of the string.
\ is used to indicate that the following ' is *NOT* the end of the
string, but is an embedded '
\ can then also be used to indicate that the following \ is *NOT* a \
to indicate that the following ' is *NOT* the end of the string, but
just a plain old embedded \

Examples:
PHPInternal string
'\''   a single apostrophe
'\\'   a single backslash
'\\n'  a single backslash followed by 'n'
'\n'   a very confusing way to get a single backslash followed by 'n'

I will not document the "rules" for the characters following a "
because they are MUCH more complex.
http://us3.php.net/manual/en/language.types.string.php

The point, however, is that \n is a newline ONLY inside of ", and not
' because ' is a much more limited vocabulary.

" has a much richer vocabulary, so you could just write:

$stringData = "\$hostname = $hostname\n\$mysql_username =
$mysql_username\n\$mysql_user_password = $mysql_user_password\n";

A cleaner option might be:
$stringData = "hostname = $hostname\n";
$stringData .= "mysql_username = $mysql_username\n";
$stringData .= "mysql_password = $mysql_user_password\n";

Presumably this was for a human to read anyway, so the leading $ on
the label was not crucial...

YMMV

-- 
Some people have a "gift" link here.
Know what I want?
I want you to buy a CD from some starving artist.
http://cdbaby.com/browse/from/lynch
Yeah, I get a buck. So?

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] php file/app/dialog to copy folders

2006-10-03 Thread Richard Lynch 
On Tue, October 3, 2006 12:09 am, bruce wrote:
> i'm wondering if anyone has a class/chunk of code to copy a folder to
> another folder, along with the underlying descendents
> (files/folders)...
>
> i'm considering a file management app, and i'd like to allow the user
> to
> select a folder, and then to copy the folder to another folder
> location...

Off the top of my head:

exec("cp -Ra $source $destination", $output, $error);
if ($error){
  echo perror($error); //see http://l-i-e.com/perror
  echo nl2br(htmlentities(implode("", $output)));
  exit;
}

You're on your own to scrub $source and $destination, as that is a
custom tailoring job, not an off the rack job.

-- 
Some people have a "gift" link here.
Know what I want?
I want you to buy a CD from some starving artist.
http://cdbaby.com/browse/from/lynch
Yeah, I get a buck. So?

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] web based browser...

2006-10-03 Thread Richard Lynch 


I've used an "okay" one in the webmasters.com control panel, but am
always flummoxed that they didn't give me an "ln -s" action...

So consider this a Feature Request to let me make symlinks in yours.

Not that I'll every actually use it, mind you, but *somebody* will
thank you for it some day.

On Tue, October 3, 2006 12:01 am, bruce wrote:
> hi...
>
> i'm trying to find a good web based (php) browsing app for handling
> remote
> file management functions... i've seen a number of open source apps,
> but
> haven't come across any that meet my needs.
>
> i'm looking for the ability to:
>  -edit/view/rename/copy/move/delete files
>  -copy/rename/move/delete folders
>  -display number of files in a folder
>  -search for file/folder by name/regex
>
> if you know of an app that does the above, or if you've used a browser
> based
> file manager kind of app that's really good, let me know.
>
> thanks..
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>


-- 
Some people have a "gift" link here.
Know what I want?
I want you to buy a CD from some starving artist.
http://cdbaby.com/browse/from/lynch
Yeah, I get a buck. So?

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Coding Style Question...

2006-10-03 Thread Richard Lynch 
On Mon, October 2, 2006 7:32 pm, Tony Di Croce wrote:
> I am relatively new to PHP... I have about 1.5 years of light PHP work
> under
> my belt... Over the past year or so my PHP coding style has evolved
> significantly and I'm curious as to how experienced programmers write
> PHP...
>
> Basically, here is what I have evolved to:
>
> 1) ALL php code is at the top of the file.
> 2) ALL html code is in a here document at the bottom.
> 3) php code is run before 1 character is outputed (and hence, no
> headers are
> sent, leaving redirects open for possibilities)
> 4) I almost always following my require_once directives with a
> session_start() at the top of the file.
> 5) Often, my forms submit to the PHP page that generated them but do
> so with
> a hidden posted variable. If that variable is set, then I process the
> form
> submission.
>
> I think the most important part of all this is #1 & #2... I think I am
> using
> PHP a little like template engine this way...
>
> It seems to me that I most often see code snippets that try to
> intertwine
> HTML and PHP, but in my experience, except for trivial examples, this
> doesn't work so good...
>
> What do you think?

I do the same, but will mingle HTML/PHP for layout/formatting or User
Interface logic.

And I don't bother with a heredoc, since I find it easier to edit HTML
with the occasional  in it.

E.g., a popup menu of the years from "current" to 10 years into the
future for the credit card expiration is not exactly complex back-end
business logic.  A simple 'for' loop in my HTML to do that is vastly
superior to the "solution" of templates that require hours of
back-tracking through 7 PHP/template/HTML/whatever files to sort out
what the heck is going on here...

And, yes, I *did* once waste hours to find out how they were
generating a 10-year popup for the credit card expiration... Which
they had HARD-CODED the 'start' year in their business logic!!! 
Sheesh!  Back-tracking that through the files turned a 5-minute task
into hours wasted.  And folks wonder why I think PHP *is* a template
language and you shouldn't use another one on top of it...

-- 
Some people have a "gift" link here.
Know what I want?
I want you to buy a CD from some starving artist.
http://cdbaby.com/browse/from/lynch
Yeah, I get a buck. So?

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] MySQLDump and master/slave Behavior

2006-10-03 Thread David Giragosian 

Thank you Jon, Joe, and Richard.

I guess I'll leave things as they are and continue to monitor daily.
Fortunately, only up to 3 years worth of data needs to be kept "live" in the
master-slave db's, so there is a limit to how much data I will have to cope
with.

David

Re: [PHP] Breaking lines

2006-10-03 Thread Deckard 
Hi

Yes, it worked, but there's this strange thing.

The output of in to the file is:

$stringData = "";

is:



i. e., the variable $mysql_user_password within quotes is assuming its
value, not the string $mysql_user_password, while the others are ok.

*sigh*

Warm Regards,
Deckard


Brad Bonkoski wrote:
> Deckard wrote:
>> Hello,
>>
>> I have this code to write three lines in a file (config.php):
>>
>> $stringData = '$hostname = ' . $hostname . '\n' . '$mysql_username = ' .
>> $mysql_username . '\n' . '$mysql_user_password = ' .
>> $mysql_user_password . '\n';
>>
>> but instead of breaking a line, it appears in the file the string \n
>>
>> How can i make the line break ?
>>
>> Any help would be appreciated.
>>
>> Best Regards,
>> Deckard
>>
>>   
> 
> $stringData = '$hostname = ' . $hostname . "\n" . '$mysql_username = ' .
> $mysql_username . "\n" . '$mysql_user_password = ' .
> $mysql_user_password . "\n";
> 
> (double quotes around the \n character.)
> -B
> 

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] set cookie with non-english

2006-10-03 Thread Richard Lynch 
You'll have to read the cookie spec to confirm, but I'm pretty sure it
either specifically disallows other charsets, or at least predates the
globalization/i18n efforts...

IOW, you can't...

You COULD just use session_start() and let them have the PHP cookie,
and then store whatever string you want in $_SESSION['UserName']

On Mon, October 2, 2006 5:15 pm, Ahmad Al-Twaijiry wrote:
> Hi everyone
>
> in my PHP code I use the following command to set a cookie with
> non-english word (UTF-8) :
>
> @setcookie ("UserName",$Check[1]);
>
> and in my html page I get this cookie using javascript :
>
> 
>  
>
> but the result from writing the cookie using javascript is garbage, I
> don't get the right word !!
>
> anyone know how to resolve it ?
>
> BTW:
> * I also tried the php function setrawcookie and I get the same
> problem
> * I use  in my page
>
> --
>
> Ahmad Fahad AlTwaijiry
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>


-- 
Some people have a "gift" link here.
Know what I want?
I want you to buy a CD from some starving artist.
http://cdbaby.com/browse/from/lynch
Yeah, I get a buck. So?

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] changing the global variables (_SERVER[HTTP_USER_AGENT])

2006-10-03 Thread Balaji A 

Thanks for the reply rick.

I actually want to change the user agent header in the request sent by the
client.

I want to send a request to the server with different user agent header.

Is it possible to change?

Thanks
Balaji


On 10/3/06, [EMAIL PROTECTED] <
[EMAIL PROTECTED]> wrote:


the "HTTP_USER_AGENT" global returns the value presented by the client.
i.e., this isn't a server-side value, hence nothing to be changed on
the server side.

on the client-side, various clients let the user set the value returned
by their client (others, of course, don't let the user near that).

  - Rick


 Original Message 
> Date: Tuesday, October 03, 2006 10:43:44 AM -0700
> From: Balaji A <[EMAIL PROTECTED]>
> To: php-general@lists.php.net
> Subject: [PHP] changing the global variables
(_SERVER[HTTP_USER_AGENT])
>
> Hi,
> in php.ini I have changed the register_global to "On".
>
> Is it possible to change the global variable _SERVER[HTTP_USER_AGENT]?
>
> Thanks in advance..
>
>
> Thanks
> Balaji

-- End Original Message --

RE: [PHP] Client Computer Registration

2006-10-03 Thread Richard Lynch 
On Mon, October 2, 2006 4:19 pm, bruce wrote:
> actually richar, and others...
>
> depending on what they're doing, it's quite alot to it.

I sincerely doubt that it is, and apologize in advance to Keybank if
it is, but I suspect they just plain don't know what they are doing...

I certainly wouldn't use their site without a LOT more research!

> if the bank is being agressive, they might be requiring a client app
> to be
> downloaded and is then able to communicate with the client app,
> thereby
> getting a great deal more information. a few companies have begun the
> process of not just dealing with authorizing the user, but the
> computer/device as well. and it really makes sense. in this way, i as
> a
> business can state with a high degree of confidence that the computer
> in the
> house (assuming i as a business were to take it that far) was used for
> the
> transaction in question...

Until the Bad Guys write a virus/Trojan that finds that file, and
copies it up to their server, so they can then put it on their
computer, and thus take over your identity, without even cracking SSL.
[shudder]

> furthermore, if the dispute isn't satisfied, i can then add the
> computer to
> a "blacklist" of devices.. if enough companies use this kind of
> system, and
> the database is large enough, it becomes an additional tool to use to
> minimize online transaction abuse...

Yeah, that RBL is really effective and has very few false positives to
it...

[that was sarcasm, just in case you didn't catch it...]

There are simply going to be too many records, too many false
positives, and *way* too many issues with this.

It can not be made to work.

That doesn't mean there aren't "experts" out there that disagree with
me and aren't going to go ahead and do it.

It just means *I* will not be using a bank that does things this way.

> as to if people want to be part of this kind of system.. that's a huge
> unknown... to be frank, it does open up a number of potential
> 'privacy'
> issues.. but as scott mcnealy said before.."you have no privacy, get
> over
> it!!"

I am under no illusion about my lack of privacy.

That doesn't mean I want to use a bank that is, based on the limited
info we've discussed here, LEAKING MY BANK ACCOUNT TO THE PLANET...

-- 
Some people have a "gift" link here.
Know what I want?
I want you to buy a CD from some starving artist.
http://cdbaby.com/browse/from/lynch
Yeah, I get a buck. So?


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Remove Spaces from Middle of String

2006-10-03 Thread Kevin Murphy 
This works, but I was wondering if this was the best way to  
accomplish this or not. I'm trying to remove any extra spaces (not  
whitespace like carriage returns) from the middle of a string  
mainly for times where people put extra spaces after periods in  
paragraph.


while(preg_match('/  /',$data))
{   $data = str_replace("  "," ",$data);}

Is there a better way to accomplish this same task? (PHP 4.x). Thanks.


--
Kevin Murphy
Webmaster: Information and Marketing Services
Western Nevada Community College
www.wncc.edu
775-445-3326

Re: [PHP] RE:[PHP] Client Computer Registration

2006-10-03 Thread Richard Lynch 
On Tue, October 3, 2006 2:33 am, Wesley Acheson wrote:
> They could also be doing something like giving the client an SSH key
> to download, I've heard of this situation in a bank before.

Is the key tied to my hardware?

At least that stops the virus/Trojan scenario.

But not the petty thief who breaks in and takes my computer, and "oh
look, now I have his bank account too!  Sweet!!!"

Puhleeze!

Do you really want to bank with a place that does this?

-- 
Some people have a "gift" link here.
Know what I want?
I want you to buy a CD from some starving artist.
http://cdbaby.com/browse/from/lynch
Yeah, I get a buck. So?

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Breaking lines / STILL :(

2006-10-03 Thread Deckard 
Hi,

Yes, it worked, but there's this strange thing.

The output of in to the file is:

$stringData = "";

is:



i. e., the variable $mysql_user_password within quotes is assuming its
value, not the string $mysql_user_password, while the others are ok.

*sigh*

Warm Regards,
Deckard


Brad Bonkoski wrote:
> Deckard wrote:
>> Hello,
>>
>> I have this code to write three lines in a file (config.php):
>>
>> $stringData = '$hostname = ' . $hostname . '\n' . '$mysql_username = ' .
>> $mysql_username . '\n' . '$mysql_user_password = ' .
>> $mysql_user_password . '\n';
>>
>> but instead of breaking a line, it appears in the file the string \n
>>
>> How can i make the line break ?
>>
>> Any help would be appreciated.
>>
>> Best Regards,
>> Deckard
>>
>>   
> 
> $stringData = '$hostname = ' . $hostname . "\n" . '$mysql_username = ' .
> $mysql_username . "\n" . '$mysql_user_password = ' .
> $mysql_user_password . "\n";
> 
> (double quotes around the \n character.)
> -B
> 

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Breaking lines

2006-10-03 Thread Richard Lynch 
First, you're scaring the [bleep] out of me from a security standpoint
writing mysql passwords into files...

If you are NOT an expert in this stuff, stop now, please...

Next, you are missing the ';' at the end of each line to make valid
PHP code.

Finally, what you are saying about the password being a value and the
others not being a value is making no sense from your output provided.

You are either VERY confused (I.e., have no business trying to write
what you are trying to write) or you've posted inaccurate output and
we can't help you.

I'm not trying to be a jerk -- But you're opening yourself up to HUGE
potential risk, and it just doesn't seem like you have the experience
to do what you are doing.

If you *have* to proceed, consider hiring somebody to audit/review
your code and process when you are done.

http://phpsec.org is a MUST READ, and obviously to any regular reader,
Chris should be on your short-list of auditors.

On Tue, October 3, 2006 1:00 pm, Deckard wrote:
> Hi
>
> Yes, it worked, but there's this strange thing.
>
> The output of in to the file is:
>
> $stringData = " 'wordlife'\n\$mysql_username = '$mysql_username'\n$mysql_user_password
> =
> '$mysql_user_password'\n\n?>";
>
> is:
>
> 
> $hostname = 'localhost'
> $database = 'wordlife'
> $mysql_username = 'gamito'
> blabla = 'blabla'
>
> ?>
>
> i. e., the variable $mysql_user_password within quotes is assuming its
> value, not the string $mysql_user_password, while the others are ok.
>
> *sigh*
>
> Warm Regards,
> Deckard
>
>
> Brad Bonkoski wrote:
>> Deckard wrote:
>>> Hello,
>>>
>>> I have this code to write three lines in a file (config.php):
>>>
>>> $stringData = '$hostname = ' . $hostname . '\n' . '$mysql_username
>>> = ' .
>>> $mysql_username . '\n' . '$mysql_user_password = ' .
>>> $mysql_user_password . '\n';
>>>
>>> but instead of breaking a line, it appears in the file the string
>>> \n
>>>
>>> How can i make the line break ?
>>>
>>> Any help would be appreciated.
>>>
>>> Best Regards,
>>> Deckard
>>>
>>>
>>
>> $stringData = '$hostname = ' . $hostname . "\n" . '$mysql_username =
>> ' .
>> $mysql_username . "\n" . '$mysql_user_password = ' .
>> $mysql_user_password . "\n";
>>
>> (double quotes around the \n character.)
>> -B
>>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>


-- 
Some people have a "gift" link here.
Know what I want?
I want you to buy a CD from some starving artist.
http://cdbaby.com/browse/from/lynch
Yeah, I get a buck. So?

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] changing the global variables (_SERVER[HTTP_USER_AGENT])

2006-10-03 Thread Brad Fuller 
You can use cURL to send a request and you can set the user agent to
whatever you want.

http://www.php.net/curl

See function: "curl_setopt" and option: "CURLOPT_USERAGENT"


-Brad

-Original Message-
From: Balaji A [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, October 03, 2006 2:05 PM
To: [EMAIL PROTECTED]; php-general@lists.php.net
Subject: Re: [PHP] changing the global variables (_SERVER[HTTP_USER_AGENT])

Thanks for the reply rick.

I actually want to change the user agent header in the request sent by the
client.

I want to send a request to the server with different user agent header.

Is it possible to change?

Thanks
Balaji


On 10/3/06, [EMAIL PROTECTED] <
[EMAIL PROTECTED]> wrote:
>
> the "HTTP_USER_AGENT" global returns the value presented by the client.
> i.e., this isn't a server-side value, hence nothing to be changed on
> the server side.
>
> on the client-side, various clients let the user set the value returned
> by their client (others, of course, don't let the user near that).
>
>   - Rick
>
>
>  Original Message 
> > Date: Tuesday, October 03, 2006 10:43:44 AM -0700
> > From: Balaji A <[EMAIL PROTECTED]>
> > To: php-general@lists.php.net
> > Subject: [PHP] changing the global variables
> (_SERVER[HTTP_USER_AGENT])
> >
> > Hi,
> > in php.ini I have changed the register_global to "On".
> >
> > Is it possible to change the global variable _SERVER[HTTP_USER_AGENT]?
> >
> > Thanks in advance..
> >
> >
> > Thanks
> > Balaji
>
> -- End Original Message --
>
>

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] Client Computer Registration

2006-10-03 Thread bruce 
rich(ard)...

not knowing what keybank is doing.. i really can't comment much on their
approach...

however, if they are creating a unique identifier for the targeted computer,
it's not some string/cookie residing in a file on the harddrive... in fact,
the unique ID would be based on the physical hardware components of the
pc... which essentially locks the ID with the given hardware. it's been
shown (not 100%) that this kind of approach is really reasonable, even
though you might remove/update various hardware components of the machine...

but none of this is tightly coupled to php...

peace..

-Original Message-
From: Richard Lynch [mailto:[EMAIL PROTECTED]
Sent: Tuesday, October 03, 2006 11:07 AM
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]; 'Rahul S. Johari'; 'PHP'
Subject: RE: [PHP] Client Computer Registration


On Mon, October 2, 2006 4:19 pm, bruce wrote:
> actually richar, and others...
>
> depending on what they're doing, it's quite alot to it.

I sincerely doubt that it is, and apologize in advance to Keybank if
it is, but I suspect they just plain don't know what they are doing...

I certainly wouldn't use their site without a LOT more research!

> if the bank is being agressive, they might be requiring a client app
> to be
> downloaded and is then able to communicate with the client app,
> thereby
> getting a great deal more information. a few companies have begun the
> process of not just dealing with authorizing the user, but the
> computer/device as well. and it really makes sense. in this way, i as
> a
> business can state with a high degree of confidence that the computer
> in the
> house (assuming i as a business were to take it that far) was used for
> the
> transaction in question...

Until the Bad Guys write a virus/Trojan that finds that file, and
copies it up to their server, so they can then put it on their
computer, and thus take over your identity, without even cracking SSL.
[shudder]

> furthermore, if the dispute isn't satisfied, i can then add the
> computer to
> a "blacklist" of devices.. if enough companies use this kind of
> system, and
> the database is large enough, it becomes an additional tool to use to
> minimize online transaction abuse...

Yeah, that RBL is really effective and has very few false positives to
it...

[that was sarcasm, just in case you didn't catch it...]

There are simply going to be too many records, too many false
positives, and *way* too many issues with this.

It can not be made to work.

That doesn't mean there aren't "experts" out there that disagree with
me and aren't going to go ahead and do it.

It just means *I* will not be using a bank that does things this way.

> as to if people want to be part of this kind of system.. that's a huge
> unknown... to be frank, it does open up a number of potential
> 'privacy'
> issues.. but as scott mcnealy said before.."you have no privacy, get
> over
> it!!"

I am under no illusion about my lack of privacy.

That doesn't mean I want to use a bank that is, based on the limited
info we've discussed here, LEAKING MY BANK ACCOUNT TO THE PLANET...

--
Some people have a "gift" link here.
Know what I want?
I want you to buy a CD from some starving artist.
http://cdbaby.com/browse/from/lynch
Yeah, I get a buck. So?


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] changing the global variables (_SERVER[HTTP_USER_AGENT])

2006-10-03 Thread Richard Lynch 
On Tue, October 3, 2006 12:43 pm, Balaji A wrote:
> Hi,
> in php.ini I have changed the register_global to "On".
>
> Is it possible to change the global variable _SERVER[HTTP_USER_AGENT]?
>
> Thanks in advance..

E.

You're not making sense...

You want my browser to LIE to your server about what browser it is?
Opera will let you do that.

You want to not believe I'm not using the browser I say I'm using, by
changing the string it sends you to identify itself?
Just ignore what I send.

You are trying to masquerede as some other browser, but don't want to
let us know because you think it's some big Security thing, or you're
scraping things you think somebody cares about or...?
I hesitate to help you, but the bottom line is that there are *dozens*
of tools to web scrape and masquerede as any browser you want, so even
if you're as, e, naive, as this post indicates, you're going to
find them within a week.


None of this has ANYTHING to do with register_globals, so you clearly
are not understanding the User-agent: header, or register_globals, or
both.  Probably both, to be honest...

re-read the register_globals page on php.net

And for the User-agent, Opera, wget, Firefox with LiveHTTPHeaders, and
dozens of other tools let you alter that.

But ain't no way you can make *MY* browser not send you the User-agent
it wants to send.  It's *MY* browser, on *MY* computer, thank you very
much.

-- 
Some people have a "gift" link here.
Know what I want?
I want you to buy a CD from some starving artist.
http://cdbaby.com/browse/from/lynch
Yeah, I get a buck. So?

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] class usage

2006-10-03 Thread Richard Lynch 
On Fri, September 29, 2006 1:21 pm, Robert Cummings wrote:
> #3 In PHP
> PHP has no namespaces, use classes to improve your chances of avoiding
> namespace collisions.
>
> And I realize Richard will call this the wrong answer, but when you
> don't have the tools you need, you make use of the ones you do have.

Nope.

Right Answer.

#3 Code Releases
If you are releasing your PHP code to "the world" wrapping it all up
in a WELL-DESIGNED class so that you minimize the risk of namespace
collision is a Good Thing.


It's just that I am more of a "here's my home-brew code you can have"
kind of an Open Source guy than a "here's the code I spent an extra 10
X amount of time making it bullet-proof so you could mindlessly
install and use it" Open Source guy... :-)

Obviously if you want to be the latter kind of OSS guy, you need to
use classes to release your code instead of just slapping an
"ln -s foo.php foo.phps"
into your web tree to let it all hang out.

YMMV

:-)

#3 Caveat
There are *way* too many really badly-architected files out there that
the author thinks are #3, but they aren't.

-- 
Some people have a "gift" link here.
Know what I want?
I want you to buy a CD from some starving artist.
http://cdbaby.com/browse/from/lynch
Yeah, I get a buck. So?

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Breaking lines

2006-10-03 Thread Deckard 
Hi Richard,

Richard Lynch wrote:
> First, you're scaring the [bleep] out of me from a security standpoint
> writing mysql passwords into files...
It's not that unusual.
It's a matter of securing the web server.


> If you are NOT an expert in this stuff, stop now, please...
I'me not an expert, but also not a nerd :)


> Next, you are missing the ';' at the end of each line to make valid
> PHP code.
I know. I missed it.

Best Regards,
Deckard

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] class usage

2006-10-03 Thread Richard Lynch 
My goal was to make you aware that you are on a wide-open path with
many branches, most of which lead you to disaster, but several of
which are VERY GOOD PATHS to using OOP in a sensible and incredibly
beneficial manner.

Unfortunately, to get to the GOOD PATHS you have to hop over a couple
streams and take several bad paths, and then realize how/why they are
bad, and then backtrack and start all over, and then you have to be
very careful, because there is an entirely whole other class of BAD
PATHS at a whole new level of complexity, with only a few GOOD PATHS
at the very very very end...

It's really a whole lot like a very very very long and complicated
adventure with only 3 "winning" outcomes, and a heck of a lot of false
trails that LOOK good until you end up dead, or, worse, wandering
around the maze *thinking* you're making great progress and everything
is fine, when, in reality, you've already broken off from the viable
paths to the winning ends.

You could spend an entire career making decent money in this maze,
mind you, but it doesn't mean your code is any good in my book. :-)

Hope that clarifies rather than confuses.

On Fri, September 29, 2006 5:17 pm, benifactor wrote:
> thank you all for your input, and thank you richard for breaking that
> down
> nice and slow for me :) uhh, that was just me trying to see how a
> class
> works, and is by no means a real program and will never be. just as i
> was
> coding my first class i confused myself thinking that i could do the
> same
> stuff without classes and such...  however i need to make trivial
> useless
> scripts to learn before i come across the need to use real classes and
> objects to avoid ending up lost and begging the list for help. any
> other
> comments would also be appreciated... thanks again.
> - Original Message -
> From: "Richard Lynch" <[EMAIL PROTECTED]>
> To: "benifactor" <[EMAIL PROTECTED]>
> Cc: "php" 
> Sent: Friday, September 29, 2006 9:07 AM
> Subject: Re: [PHP] class usage
>
>
>> On Fri, September 29, 2006 4:35 am, benifactor wrote:
>> > ..and this seems to work fine, i could easily add  the mail
>> function
>> > and insert real variables into send() but what i don't understand
>> is i
>> > could also easily do this without a class... so i guess the real
>> > question is what are some real life examples of class usage and
>> why is
>> > it used as  opposed to regular non oop? thank you for any input
>> into
>> > the subject that you may have.
>>
>> For something that small, using a class is ridiculous, bloated,
>> over-engineered pointless exercise.
>>
>> Rather than type "ridiculous, bloated, over-engineered pointless
>> exercise" in this email again, I'll simply dub that "Wrong Answer"
>> and
>> type that a lot.
>>
>> In fact, for almost *ANY* small/simple problem OOP is the "Wrong
>> Answer".
>>
>> OOP shines, however, in some large-scale usage:
>>
>> #1. One architect, many developers
>> If you have ONE project architect cleanly map out a Plan in the form
>> of a large class structure, with a clear and clean internal API, and
>> a
>> bunch of junior programmers to fill in the details, the Architect
>> can
>> use OOP with stub functions, just like you wrote above, to build the
>> framework, and the junior programmers can fill in all the stubs.
>>
>> #2 Real-world parallels
>> Sometimes when modeling real-world parallels (or even Virtual World
>> parallels like game prototyping, windowing systems, etc) having OOP
>> leads to a very natural readable maintainable code-base, as the
>> operations and variables and the interaction between them mirrors to
>> a
>> large extent the operation and interaction between their real-world
>> counterparts.
>>
>> The biggest problem in OOP, in my experience, is that you have many
>> developers, like yourself, who begin using OOP solely because they
>> are
>> told that "it's better"
>>
>> Many of these developers then go on to write *BAD* OOP code, for all
>> the wrong reasons, in all the wrong places, to solve trivial
>> problems
>> with the "Wrong Answer".
>>
>> Many of these developers continue to use the "Wrong Answer" over and
>> over, and never actually utilize any of the strengths of OOP, but
>> instead train themselves to misapply OOP.  Their code "works" it's
>> just oftentimes the "Wrong Answer"
>>
>> Unfortunately, learning to use OOP correctly is a long-term process,
>> and you have to do a bunch of trivial things with the "Wrong Answer"
>> just to figure out how it works -- Which means you really should
>> re-do
>> them as non OOP, or be doing them solely as a means of learning and
>> not throwing them into Production.
>>
>> Alas, this is not how 99% of OOP code in Production ends up in
>> Production...  All too often, it's the "Wrong Answer" that gets
>> thrown
>> into Production.
>>
>> This is not meant as a "dis" of the great OOP code out there.  I've
>> seen some very very very nice OOP systems in the past -- in Lisp, to
>> solve large-scale problems.
>>
>> In PHP,

Re: [PHP] Rapid application development

2006-10-03 Thread Alexandru E. Ungur 
>>> sender: "Ahmad Al-Twaijiry" date: "Sat, Sep 30, 2006 at 08:44:48AM +0300" 
>>> << Hi Everyone,
Hi,

> I need your feedback in this
> 
> What is the best RAD (Rapid application development) do you use for
> PHP to develop an *advance* application in few days or weeks ?
> 
> I like programming but one this that I hate is the first stage of
> programming when you start creating the basic code (db connection,
> interface, insert,update,etc), this is why I'm looking for a good
> RAD tool that can speed up my programming.
You can give PHP Code Genie a try. I for one found it quite interesting 
and handy at times:
http://www.unitedflyersofsonoma.org/site/coder/genie.php?lang=en&server=1

Cheers,
Alex

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Remove Spaces from Middle of String

2006-10-03 Thread Alexandru E. Ungur 
>>> sender: "Kevin Murphy" date: "Tue, Oct 03, 2006 at 11:08:23AM -0700" << This works, but I was wondering if this was the best way to  
> accomplish this or not. I'm trying to remove any extra spaces (not  
> whitespace like carriage returns) from the middle of a string  
> mainly for times where people put extra spaces after periods in  
> paragraph.
> 
>   while(preg_match('/  /',$data))
>   {   $data = str_replace("  "," ",$data);}
> 
> Is there a better way to accomplish this same task? (PHP 4.x). Thanks.
Sure:

$ cat test.php 


$ php -f test.php 
A string with many spaces inside


Cheers,
Alex

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Remove Spaces from Middle of String

2006-10-03 Thread Richard Lynch 
If you have this, it's better:
$data = preg_replace("/  /", $data);
You may want to consider "/\\s+/" if you want newlines to be collapsed
in as well.

If preg_replace is not in your PHP, so you gotta use str_replace, then
strstr is better to find the '  ' because it's probably slightly
faster than preg_match()

I suspect preg_replace() is available everywhere preg_match() is
available, but will not swear to it.

On Tue, October 3, 2006 1:08 pm, Kevin Murphy wrote:
> This works, but I was wondering if this was the best way to
> accomplish this or not. I'm trying to remove any extra spaces (not
> whitespace like carriage returns) from the middle of a string
> mainly for times where people put extra spaces after periods in
> paragraph.
>
>   while(preg_match('/  /',$data))
>   {   $data = str_replace("  "," ",$data);}
>
> Is there a better way to accomplish this same task? (PHP 4.x). Thanks.
>
>
> --
> Kevin Murphy
> Webmaster: Information and Marketing Services
> Western Nevada Community College
> www.wncc.edu
> 775-445-3326
>
>
>


-- 
Some people have a "gift" link here.
Know what I want?
I want you to buy a CD from some starving artist.
http://cdbaby.com/browse/from/lynch
Yeah, I get a buck. So?

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Breaking lines

2006-10-03 Thread Google Kreme 

On 03 Oct 2006, at 12:40 , Deckard wrote:

Richard Lynch wrote:
First, you're scaring the [bleep] out of me from a security  
standpoint

writing mysql passwords into files...

It's not that unusual.


It might not be unusual, but it's not that bright.


It's a matter of securing the web server.


There are better ways to go.  My solution (which is not a great one,  
but better, at least) is to put the database login info into a  
separate file named something like .htdbpass.


require('.htdbpass');

This way, at least, apache is pre-build to never allow access to the  
file, since it blocks all accesses to .ht*


And yeah, a key is better, but I've not gotten that far.

--
Critics look at actresses one of two ways: you're either bankable or  
boinkable.


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] Excel Spreadsheet Writer

2006-10-03 Thread Jef Sullivan 
OUTSTANDING!!!

Thanks for taking the time.

 

However, I am bit confused. Are you telling me that the blank lines are what is 
causing my problems?

 

 

Jef 

 



From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, October 03, 2006 12:41 PM
To: Jef Sullivan; php-general@lists.php.net
Subject: re: [PHP] Excel Spreadsheet Writer

 

Jef, 

Hello, Knowing nothing about Excel Writer at the start, I thought I would 
tackle this... 

I found all of the pieces on the net and copied to my webserver...

I got the same results you did  until I got my header warnings fixed:

Warning: Cannot modify header information - headers already sent by (output 
started at C:\WebServ\www\trunk\include\parser.php:1762) in 
C:\WebServ\www\trunk\include\excelWriter.php on line 67

Warning: Cannot modify header information - headers already sent by (output 
started at C:\WebServ\www\trunk\include\parser.php:1762) in 
C:\WebServ\www\trunk\include\excelWriter.php on line 68

Warning: Cannot modify header information - headers already sent by (output 
started at C:\WebServ\www\trunk\include\parser.php:1762) in 
C:\WebServ\www\trunk\include\excelWriter.php on line 69

Warning: Cannot modify header information - headers already sent by (output 
started at C:\WebServ\www\trunk\include\parser.php:1762) in 
C:\WebServ\www\trunk\include\excelWriter.php on line 70

Warning: Cannot modify header information - headers already sent by (output 
started at C:\WebServ\www\trunk\include\parser.php:1762) in 
C:\WebServ\www\trunk\include\excelWriter.php on line 71

I had serveral others besides the ones listed above...  These are caused by 
PHP Scripts that post anything before or after the Excel (or any other ) 
Headers are sent... AND THIS INCLUDES BLANK LINES.
My problems were caused by:

1.
2.

Line one above can't be present.

and: 

1.   
10.
11.

Lines 10 and 11 above can't be present...

Once I fixed all of my "Cannot Modify Headers" errors, the Cut and Paste of 
your exact code, created an Excel Spread Sheet. 

When I ran your code, I got a Open File Dialog box, that says:  "You have 
chosen to open"test.xls" which is a Microsoft Excel Spreadsheet...  What 
should Firefox do ?  Save or Open.-

I chose open, and there it is ! 

I got no output on my Web Browser page at all  ( View source just showe 
 )

Hope this Helps.

Scot L. Diddle, Richmond VA, UPS Freight, 804.231.8407 



From: "Jef Sullivan" <[EMAIL PROTECTED]>
Sent: Monday, October 02, 2006 8:44 PM
To: php-general@lists.php.net
Subject: [PHP] Excel Spreadsheet Writer

Greetings all,



I am having some problems with the Excel Spreadsheet Writer and I am hoping 
that I can get some help from

this group. I am getting garbled text in my spreadsheet when I go to run the 
php file. I created a general file to 

see if I could narrow the problem down. No luck so far…



This is what I am getting in the spreadsheet…



ÐÏࡱá; 


þÿ  


þÿÿÿ[1]
 




 
þÿÿÿ
 l ÉB[1]ä 


[1] 


My first 
worksheet=¼%r8X[1]"[1]1ÈÿArial1ÈÿArial1ÈÿArial1ÈÿArial1ÈÿArial1È
 Arialàõÿ À àõÿ À àõÿ À àõÿ À àõÿ À àõÿ À àõÿ À àõÿ À àõÿ À àõÿ À àõÿ À àõÿ À 
àõÿ À àõÿ À àõÿ À à À à À “[1] 


€ÿ’â8€ÀÀÀ€€€™™ÿ™3fÿÿÌÌÿÿffÿ€€fÌÌÌÿ€ÿÿ€ÿÌÿÌÿÿÌÿÌÿÿ™™Ìÿÿ™ÌÌ™ÿÿÌ™3fÿ3ÌÌ™ÌÿÌÿ™ÿfff™–––3f3™f333™3™3f33™333…?
 


My first worksheet l É[1][1][1]*[1]+[1]€‚[1][1]Á 


¡"d[1]X[1]X[1]à?à?[1] 


[1] 


[1] 


Name 


[1] 


Age 


[1] John Smith 


[1]
>@ 


[1][1]
Johann

RE: [PHP] Rapid application development

2006-10-03 Thread Jesse Castro 



> I need your feedback in this
> 
> What is the best RAD (Rapid application development) do you use for
> PHP to develop an *advance* application in few days or weeks ?
> 
> I like programming but one this that I hate is the first stage of
> programming when you start creating the basic code (db connection,
> interface, insert,update,etc), this is why I'm looking for a good
> RAD tool that can speed up my programming.
>>You can give PHP Code Genie a try. I for one found it quite
interesting 
>>and handy at times:
>>http://www.unitedflyersofsonoma.org/site/coder/genie.php?lang=en&serve
r=1

>>Cheers,
>>Alex

I've been a fan of phpobjectgenerator for a few months now.  It's pretty
nice.  Check it out at http://www.phpobjectgenerator.com/.  Pros are
rapid app-dev and easy structure, plus encoded db entries.  Cons are
database overhead and difficulty in modifying objects once you have
records in the database.  Still if you plan well, it makes things go a
LOT quicker, and gets rid of DB management and CRUD queries as you're
looking for.

Regards,
Jesse R. Castro

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Breaking lines - att. Richard Lynch

2006-10-03 Thread Deckard 
Hi Richard,

Richard Lynch wrote:
> First, you're scaring the [bleep] out of me from a security standpoint
> writing mysql passwords into files...
I'm curious.
What would you do ?

No kidding intended. I'm serious.

Warm Regards,
Deckard

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] file to blob

2006-10-03 Thread Joshua Capy 

Hi,

I am relatively new to php and could use a good pointing in the right  
direction.


I have a soap client in NuSoap that I developed for a webservice that  
I wrote in another language and I need it to be able to send a file  
in a blob.


I can't find an example of how you load a file in its entirety (not  
just the content) into a blob in PHP. I need to be able to do this  
because the webservice that is being called recreates the document  
locally for the user.


Can this be done in PHP?

Thanks Joshua

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Breaking lines - att. Richard Lynch

2006-10-03 Thread Richard Lynch 
It's not the "writing them into files" part...

It's the "I'm not sure you know what you are doing and maybe you're
writing them into files inside the webtree or introducing other gross
insecurities" part...

Hope that helps...

On Tue, October 3, 2006 2:39 pm, Deckard wrote:
> Hi Richard,
>
> Richard Lynch wrote:
>> First, you're scaring the [bleep] out of me from a security
>> standpoint
>> writing mysql passwords into files...
> I'm curious.
> What would you do ?
>
> No kidding intended. I'm serious.
>
> Warm Regards,
> Deckard
>


-- 
Some people have a "gift" link here.
Know what I want?
I want you to buy a CD from some starving artist.
http://cdbaby.com/browse/from/lynch
Yeah, I get a buck. So?

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] file to blob

2006-10-03 Thread Richard Lynch 
On Tue, October 3, 2006 2:38 pm, Joshua Capy wrote:
> I am relatively new to php and could use a good pointing in the right
> direction.
>
> I have a soap client in NuSoap that I developed for a webservice that
> I wrote in another language and I need it to be able to send a file
> in a blob.
>
> I can't find an example of how you load a file in its entirety (not
> just the content) into a blob in PHP. I need to be able to do this
> because the webservice that is being called recreates the document
> locally for the user.

In Un*x, there is nothing in a file other than its content.
$data = file_get_contents($fullpath);

In Windows, some files are "binary" and need special handling for
fopen to get them as binary.  Presumable file_get_contents does that
correctly as binary.  (At least, *I* think it should do that...)

On old old Mac OS on which PHP probably doesn't even run, you had the
file DATA fork and the file RESOURCE fork where your question would,
in theory, make sense...

All told, though, file_get_contents() gets the whole file in RAM.

How you safely encode that for transmission through the mysterious
not-nuSoap medium you didn't bother to tell us is beyond everybody,
other than any clairavoyants (sp?) who happen to be reading. :-)

I'm thinking you maybe just want to send a link to an FTP site where
the file lives...

-- 
Some people have a "gift" link here.
Know what I want?
I want you to buy a CD from some starving artist.
http://cdbaby.com/browse/from/lynch
Yeah, I get a buck. So?

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Breaking lines

2006-10-03 Thread Richard Lynch 
On Tue, October 3, 2006 1:40 pm, Deckard wrote:
> Hi Richard,
>
> Richard Lynch wrote:
>> First, you're scaring the [bleep] out of me from a security
>> standpoint
>> writing mysql passwords into files...
> It's not that unusual.
> It's a matter of securing the web server.

Yes, it *is* unfortunately VERY common for web applications in heavy
distribution/use to have their mysql password in an include file in
the webtree, and that file is readable/writable by the PHP user.

And, worse, moving that file out of the web tree and changing
include_path fails miserably because the so-called architects presume
no PHP user actually knows how to work include_path, so they have some
stupid "work-around" of hard-coding a prefix in an included file,
which then "locks" the include files into their brain-dead layout of
passwords and include files inside the webtree.

And while it's very common, that does not make it Right.

Perhaps that clarifies things?...

-- 
Some people have a "gift" link here.
Know what I want?
I want you to buy a CD from some starving artist.
http://cdbaby.com/browse/from/lynch
Yeah, I get a buck. So?

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Breaking lines - att. Richard Lynch

2006-10-03 Thread Dave Goodchild 

I tend to store passwords in mysql as hashed values (usually md5), and if I
am using scripts to connect to the database name that file (for example)
connect.inc and add an .htaccess file to stop user download of any files
called *.inc. Or store those files outside the web root in the include path.
And treat all user data as tainted, and use mysql_real_escape string before
entering it into the database. Or set ini values locallyusing ini_set or
.htaccess to disabled register_globals etc. There are many security
suggestions for php, like anything it is only as secure as the code you
write. I do agree with previous suggestions - if you are unsure about all
this get someone else to write or audit your code before slinging that stuff
into production. It's a complex subject but there are many best practice
guidelines you can find by browsing php.net, Googling for it or picking up a
good book - PHP Security by O'Reilly being a good choice for starters.

By looking at your code and guessing that you are having problems with php
'basics' like variable interpolation and escaping, I would either follow the
suggestions, or get hold of Programming PHP and read it and reread it.







--
http://www.web-buddha.co.uk

Re: [PHP] Breaking lines

2006-10-03 Thread Richard Lynch 
On Tue, October 3, 2006 1:51 pm, Google Kreme wrote:
> And yeah, a key is better, but I've not gotten that far.

Not really better...

See, whatever you do in that general vein of thought, your PHP script
ends up needing to get the file.

So whatever is in your PHP script, which is readable, just as your
password used to be readable.

So now the Bad Guy only has to read *that* to see/find/use the key,
and...

It's so much not a real barrier, that I propose that it provides more
of a false sense of security than actual security.

Now, you want to talk about putting it in a root-read-only file that
gets loaded by Apache at startup, and you're going somewhere -- Though
you still have the risk that somebody could all too easily expose it
accidentally by dumping out $_ENV...

There are risks any which way you do this, but, imho, a php-writable
and readable file with your mysql password going into it being
authored by somebody who's having trouble writing a simple text file
is a clear indication of likely high-risk...

A php-readable file outside the webtree at least limits risk to users
on the same machine -- and so machine access provides an
authentication barrier.  Not claiming that's insurmountable, mind you,
but it's a real actual barrier of a significantly different nature
than just reading yet another PHP/text file to find the key that reads
the other-other php/text file.

In other words, if they are already reading ONE php file to snarf your
mysql password, reading TWO php files to read your key to read your
mysql password is not exactly a big leap in skill/technology/security.

Breaking into your server *AND* reading your php source to get your
mysql password... Well, hell, if they've already broken into your
webserver, you've got Big Trouble right there that potentially dwarfs
the mysql password issue...

Maybe not.  maybe your webserver has not much on it, but the mysql db
has all kinds of double-secret stuff...

Still, 2 radically different "locks" is better than 2 locks with
essentially the same "key", no matter what it is you are trying to
secure.

-- 
Some people have a "gift" link here.
Know what I want?
I want you to buy a CD from some starving artist.
http://cdbaby.com/browse/from/lynch
Yeah, I get a buck. So?

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Remove Spaces from Middle of String

2006-10-03 Thread Richard Lynch 
On Tue, October 3, 2006 1:47 pm, Richard Lynch wrote:
> If you have this, it's better:
> $data = preg_replace("/  /", $data);

D'oh!

$data = preg_replace("/  /", " ", $data);

Sorry!



-- 
Some people have a "gift" link here.
Know what I want?
I want you to buy a CD from some starving artist.
http://cdbaby.com/browse/from/lynch
Yeah, I get a buck. So?

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] file to blob

2006-10-03 Thread Daniel A. Ramaley 
On Tuesday 03 October 2006 14:58, Richard Lynch wrote:
>On old old Mac OS on which PHP probably doesn't even run, you had the
>file DATA fork and the file RESOURCE fork where your question would,
>in theory, make sense...

Forks are not widely used much these days, but they still exist. HFS 
still supports forks on Mac OS X. Windows NTFS also supports forks, but 
calls them "alternate data streams." Many other systems support forks 
as well; a partial list can be found in the middle of this article: 
http://en.wikipedia.org/wiki/Fork_(filesystem)


Dan RamaleyDial Center 118, Drake University
Network Programmer/Analyst 2407 Carpenter Ave
+1 515 271-4540Des Moines IA 50311 USA

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] RE:[PHP] Client Computer Registration

2006-10-03 Thread Kristen G. Thorson 
> -Original Message-
> From: Richard Lynch [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, October 03, 2006 2:10 PM
> To: Wesley Acheson
> Cc: [EMAIL PROTECTED]; php-general@lists.php.net
> Subject: Re: [PHP] RE:[PHP] Client Computer Registration
> 
> On Tue, October 3, 2006 2:33 am, Wesley Acheson wrote:
> > They could also be doing something like giving the client an SSH key
> > to download, I've heard of this situation in a bank before.
> 
> Is the key tied to my hardware?
> 
> At least that stops the virus/Trojan scenario.
> 
> But not the petty thief who breaks in and takes my computer, and "oh
> look, now I have his bank account too!  Sweet!!!"
> 
> Puhleeze!
> 
> Do you really want to bank with a place that does this?


The registration doesn't replace a login with a username/ID and
password.

https://www.key.com/html/obi_security.html

>From what I understand, I'd be in no more trouble if someone stole my
computer today than if someone stole it after my bank implemented this
registration method.  I'm still required to provide a correct
ID/password combination.  I just can't login from an "unknown" computer
without providing additional information.

Or am I missing something?


kgt

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] need loop help

2006-10-03 Thread Charles Kline 

hi all.

i am trying to modify some old code and struggling a bit with this one:

// returns an array of the names in the form post
$fields = $_SESSION['case']->getComplaintKeys();

// here is the array returned
Array ( [0] => eligibility [1] => payment [2] => service [3] =>  
document [4] => licensing [5] => source [6] => date [7] => contact  
[8] => description [9] => status )


for ($j = 0; $j < count($fields); $j++) {
  if (${$fields[$j]} == 'on') ${$fields[$j]} = 1;
  if (is_null(${$fields[$j]})) ${$fields[$j]} = 0;
  $data[$fields[$j]] = ${$fields[$j]};
}

The problem I am having is that the code is now on a more secure  
server with register_globals off (and I don't want to turn that on).


I am not sure how to get the POST data sorted out using this method.  
Hope it is clear what I mean.


Thanks,
Charles

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Understanding persistent connections with oci8

2006-10-03 Thread Mendonce, Kiran (STSD) 
This is a follow up to the bug (#39029) that I reported earlier which
has been repeatedly closed as bogus.

The oci8.persistent_timeout setting in the php.ini file is documented as
:
"The maximum length of time (in seconds) that a given process is allowed
to maintain an idle persistent connection. Setting this option to -1
means that idle persistent connections will be maintained forever. "

If I do not want the connection to be persist forever, then by using
this setting, I should be able to ensure that a connection is not idle
for longer than what I specified. However, when I set persistent_timeout
to 10 seconds, I find that the connection is not terminated even after
10 seconds have passed. In fact, it doesn't terminate at all. So the
question is what is the purpose of this setting ? And what does an 'idle
connection' mean ? A google query for 'idle timeout' yields enough
results to point that when the timeout occurs, the idle connection is
terminated.

Obviously there is a bug somewhere. Either in the documentation or in
the behavior. Please advise.

Thanks and Regards,
Kiran

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Breaking lines

2006-10-03 Thread Google Kreme 

On 03 Oct 2006, at 14:16 , Richard Lynch wrote:

On Tue, October 3, 2006 1:51 pm, Google Kreme wrote:

And yeah, a key is better, but I've not gotten that far.


See, whatever you do in that general vein of thought, your PHP script
ends up needing to get the file.


Well, yes, but at least with a .ht* file apache will never expose the  
contents of that file. This is WHY I do it as a separate file with a  
require() pointing to it.



A php-readable file outside the webtree at least limits risk to users
on the same machine -- and so machine access provides an
authentication barrier.  Not claiming that's insurmountable, mind you,
but it's a real actual barrier of a significantly different nature
than just reading yet another PHP/text file to find the key that reads
the other-other php/text file.


As I understand it then, the .ht* is no less secure because, for all  
intents and purposes, it is 'outside' the webtree since Apache will  
never display it, and you need some other sort of access to the  
machine (ftp, ssh, etc) to access it.  As I understand it, you can't  
even access .ht* files via webDAV.


Course, I'm still rather new to all of this, so if I'm wrong, flame  
away.


--
But just because you've seen me on your TV
Doesn't mean I'm any more enlightened than you

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Remove Spaces from Middle of String

2006-10-03 Thread Robert Cummings 
On Tue, 2006-10-03 at 15:17 -0500, Richard Lynch wrote:
> On Tue, October 3, 2006 1:47 pm, Richard Lynch wrote:
> > If you have this, it's better:
> > $data = preg_replace("/  /", $data);
> 
> D'oh!
> 
> $data = preg_replace("/  /", " ", $data);

Doesn't work on 3+ spaces in a row ;)

$data = preg_replace("/ +/", " ", $data);

Cheers,
Rob.
-- 
..
| InterJinn Application Framework - http://www.interjinn.com |
::
| An application and templating framework for PHP. Boasting  |
| a powerful, scalable system for accessing system services  |
| such as forms, properties, sessions, and caches. InterJinn |
| also provides an extremely flexible architecture for   |
| creating re-usable components quickly and easily.  |
`'

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Test

2006-10-03 Thread Sheena Mullally 

test

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Remove Spaces from Middle of String

2006-10-03 Thread Kevin Murphy 

Works perfect! Thanks.

--
Kevin Murphy
Webmaster: Information and Marketing Services
Western Nevada Community College
www.wncc.edu
775-445-3326


On Oct 3, 2006, at 3:30 PM, Robert Cummings wrote:


On Tue, 2006-10-03 at 15:17 -0500, Richard Lynch wrote:

On Tue, October 3, 2006 1:47 pm, Richard Lynch wrote:

If you have this, it's better:
$data = preg_replace("/  /", $data);


D'oh!

$data = preg_replace("/  /", " ", $data);


Doesn't work on 3+ spaces in a row ;)

$data = preg_replace("/ +/", " ", $data);

Cheers,
Rob.
--
..
| InterJinn Application Framework - http://www.interjinn.com |
::
| An application and templating framework for PHP. Boasting  |
| a powerful, scalable system for accessing system services  |
| such as forms, properties, sessions, and caches. InterJinn |
| also provides an extremely flexible architecture for   |
| creating re-usable components quickly and easily.  |
`'

Re: [PHP] need loop help

2006-10-03 Thread John Wells 

On 10/3/06, Charles Kline <[EMAIL PROTECTED]> wrote:

hi all.

i am trying to modify some old code and struggling a bit with this one:

// returns an array of the names in the form post
$fields = $_SESSION['case']->getComplaintKeys();


First of all this is news to me, I'm not sure how it is that you're
getting the POST values from here.  But OK...



// here is the array returned
Array ( [0] => eligibility [1] => payment [2] => service [3] =>
document [4] => licensing [5] => source [6] => date [7] => contact
[8] => description [9] => status )

for ($j = 0; $j < count($fields); $j++) {
   if (${$fields[$j]} == 'on') ${$fields[$j]} = 1;
   if (is_null(${$fields[$j]})) ${$fields[$j]} = 0;
   $data[$fields[$j]] = ${$fields[$j]};
}



Well, I'd start off by *not* using this dynamic variable everywhere
(because it's hard to read and easy to introduce a bug), but just set
it to a temp variable and use that, like so:

for ($j = 0; $j < count($fields); $j++) {
 $myField = ${$fields[$j]};
 if($myField == 'on') $myField = 1;
 if(is_null($myField) $myField = 0;
 $data[$fields[$j]] = $myField;
}


The problem I am having is that the code is now on a more secure
server with register_globals off (and I don't want to turn that on).

I am not sure how to get the POST data sorted out using this method.
Hope it is clear what I mean.


Then if you need to explicitly reference the variable name within
POST, just change that line:

for ($j = 0; $j < count($fields); $j++) {
 $myField = $_POST[$fields[$j]];
 if($myField == 'on') $myField = 1;
 if(is_null($myField) $myField = 0;
 $data[$fields[$j]] = $myField;
}

Untested.  Does that work for you?

HTH,
John W



Thanks,
Charles

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php




--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] test

2006-10-03 Thread Brad Chow 

test

Re: [PHP] web based browser...

2006-10-03 Thread Glenn Richmond 
Hi guys.

http://sourceforge.net/projects/filebrowser

This looked like quite a good one. We've been looking at using an
ajax-based file browser ourselves, and this one seemed to be at the top
of the list.

Cheers,

Glenn.

Richard Lynch wrote:
> I've used an "okay" one in the webmasters.com control panel, but am
> always flummoxed that they didn't give me an "ln -s" action...
>
> So consider this a Feature Request to let me make symlinks in yours.
>
> Not that I'll every actually use it, mind you, but *somebody* will
> thank you for it some day.
>
> On Tue, October 3, 2006 12:01 am, bruce wrote:
>   
>> hi...
>>
>> i'm trying to find a good web based (php) browsing app for handling
>> remote
>> file management functions... i've seen a number of open source apps,
>> but
>> haven't come across any that meet my needs.
>>
>> i'm looking for the ability to:
>>  -edit/view/rename/copy/move/delete files
>>  -copy/rename/move/delete folders
>>  -display number of files in a folder
>>  -search for file/folder by name/regex
>>
>> if you know of an app that does the above, or if you've used a browser
>> based
>> file manager kind of app that's really good, let me know.
>>
>> thanks..
>>
>> --
>> PHP General Mailing List (http://www.php.net/)
>> To unsubscribe, visit: http://www.php.net/unsub.php
>>
>>
>> 
>
>
>   

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] set cookie with non-english

2006-10-03 Thread Ahmad Al-Twaijiry 

I already made the application with cookies, it's will be very
defaucalt to go and replace cookies with session,


is it possible to use cookies & session in the same time ? (
session_start() & setcookie in the same page ?)


On 10/3/06, Richard Lynch <[EMAIL PROTECTED]> wrote:

You'll have to read the cookie spec to confirm, but I'm pretty sure it
either specifically disallows other charsets, or at least predates the
globalization/i18n efforts...

IOW, you can't...

You COULD just use session_start() and let them have the PHP cookie,
and then store whatever string you want in $_SESSION['UserName']

On Mon, October 2, 2006 5:15 pm, Ahmad Al-Twaijiry wrote:
> Hi everyone
>
> in my PHP code I use the following command to set a cookie with
> non-english word (UTF-8) :
>
> @setcookie ("UserName",$Check[1]);
>
> and in my html page I get this cookie using javascript :
>
> 
>  
>
> but the result from writing the cookie using javascript is garbage, I
> don't get the right word !!
>
> anyone know how to resolve it ?
>
> BTW:
> * I also tried the php function setrawcookie and I get the same
> problem
> * I use  in my page
>
> --
>
> Ahmad Fahad AlTwaijiry
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>


--
Some people have a "gift" link here.
Know what I want?
I want you to buy a CD from some starving artist.
http://cdbaby.com/browse/from/lynch
Yeah, I get a buck. So?





--

Ahmad Fahad AlTwaijiry

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Rapid application development

2006-10-03 Thread Manuel Lemos 
Hello,

> I need your feedback in this
>
> What is the best RAD (Rapid application development) do you use for
> PHP to develop an *advance* application in few days or weeks ?
>
> I like programming but one this that I hate is the first stage of
> programming when you start creating the basic code (db connection,
> interface, insert,update,etc), this is why I'm looking for a good
> RAD tool that can speed up my programming.

You may want to take a look at Metastorage. It is an ORM
(Object-Relational Mapping) generator tool. It generates classes that
let you store and retrieve your database table rows as objects.

It also takes care of generating classes to install or upgrade your
database schema when your data model is updated.

There would be a lot to say about Metastorage because it is really
powerful and effectively enables rapid development. But I think it is
better for you to take a look at it directly in its site:

http://www.metastorage.net/


-- 

Regards,
Manuel Lemos

Metastorage - Data object relational mapping layer generator
http://www.metastorage.net/

PHP Classes - Free ready to use OOP components written in PHP
http://www.phpclasses.org/

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php