Re: [PHP] Re: RE: Cannot access file on Network Drive (Windows 2003)
On 5/24/07, Rahul Sitaram Johari <[EMAIL PROTECTED]> wrote: You may have something here. Problem is, I don¹t know how to mess with how & under what user Apache is running and no one else here does either so basically I have to figure this one out! I would like to, as you suggested, try and ³get Apache to run as a service under a user that can access the network resource². I definitely agree about using non-mapped addresses and using the actual Server Name addresses. Ok, I don't know a lot of Apache & PHP under Windows, but did you try to run the script through the PHP CLI? If you start your script through the CLI it will run as the user you're currently working in, so make sure you're logged in as Administrator, and then try running it through the CLI. If you don't know how to do that, I believe you should open a command line with start->run type "cmd" (without "") and press enter. Then you should do a few cd commands to go to the actual directory where php.exe is. Then you should type php.exe C:/Full/Path/To/File.php If it runs this way, then you're probably sure it is a permission issue. I would recommend to use the code you posted on May 24, 2007 4:35 PM. Tijnema On 5/24/07 11:24 AM, "Jared Farrish" <[EMAIL PROTECTED]> wrote: > Are you running Apache under a different (non-privileged) account on the Win2003 machine? If Apache is running as a service with a different username (with no extended access to network resources), you will need to get Apache to run as a service under a user that can access the network resource. And I still think you should use non-mapped addresses instead of mapped addresses, since a mapping is just a localized version of a resource name alias. If, after determing that Apache is running with the right permissions for the owned processes to connect to and use a network shared resource, then it's probably an Apache UID conflict (is PHP in safe mode?). -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] setting windows folder to chmod 644
How can I do the equivalent of this in windows or is there a tool I can use? R. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Re: help with multi dimensional arrays
Hello Everyone, I have a problem with GET strings. I use $_SERVER["REDIRECT_QUERY_STRING"] to get the value-pairs in the URL. The problem is that there is a cID variable that keeps amending itself to the string continuously everytime someone clicks on a different category link on the website. For example, instead of this: http://www.someexample.com/admin/index.html?cID=42&somevar=value&somevar2=value2 it keeps amending another cID to it everytime it goes to a different link, like this: http://www.someexample.com/admin/index.html?cID=42&cID=39&cID=44&cID=37&somevar=value&somevar2=value2 I know that this is happening because I'm amending it with the dot (.) but is there a way to just inject a single cID and still have the rest of the values available? Something built into PHP, maybe a different predefined variable I don't know about? Or, do I have to make a complex function to separate each out and then put it back together again like humpty dumpty? Is there an easier way to do this and still have a single cID variable in the GET string? Thanks in advance to anyone that contributes, I really appreciate everyone's effort on this list in the past. Please start a new thread with a more appropriate title. Thanks! -- Jared Farrish Intermediate Web Developer Denton, Tx Abraham Maslow: "If the only tool you have is a hammer, you tend to see every problem as a nail." $$
Re: [PHP] Re: Protecting MySQL Injection from PHP form
check this, check that.
granted the OP posted quite a bit of irrelevant code with regard to
SQL injection protection. BUT his use of parameterized queries should protect
against injection because MySQL knows what to do with the data (i.e. escape it),
which only leaves the question as to whether the character encoding is correctly
setup so that nothing funky can get through (although I believe an article by
Chris Shiftlett pointed out a situation where even if you got everything right
it
was possible to do sql injection in some edge cases by submitting specific
'broken'
strings).
Jared Farrish wrote:
> Also, you should be checking against type (expecting a number? a boolean
> value? a string?) and then checking against expected length requirements
> (such as firstname can only be 80 characters long max, so maybe check for
>
>
> if (strlen($var) > 80) {
>do something;
> }
>
>
> In unit testing, you build your objects first against types and perform
> object checks using type verification and expected element attributes (such
> as length, non-null values, etc...).
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] System wide variable
Richard Lynch wrote: On Wed, May 23, 2007 4:27 am, Darren Whitlen wrote: John Comerford wrote: Not thought about the memory engine actually. Will give that a try and see how it turns out. Let us know. Finaly managed to get it going (uses AJAX which im not to great at..), and the database memory engine seems to be holding up fine. When it was reading/writing frm the file, after a short while I would start getting "file is in use" errors which using mysql now solves. I'd have GUESSED that MySQL would have just cached something that small and oft-used in RAM anyway, so a MySQL memory engine table wouldn't perform any better than the MySQL half of things. Better than the File System, probably, though that also may be getting cached... Think I'll leave the session_id idea then, if it locks it down per-script, the performance will pretty much die. It won't be any better than your own file-system calls, but you could do: And it probably won't be any worse than the locking you presumably already have in your code... WHy is it sometimes MySQL and sometims file system? I'm changing the yShout script (http://yurivish.com/yshout/) so that it reads from a database, rather than the tx file it originaly used. And my bad, it checks the database every 3 seconds, not .5 :) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] convert numerical day of week
What a hoot! When I saw the the number of post to this thread, I figured someone got their shorts in a knot. Only a bunch of geeks could get into this much discussion of what day of the week it is. Aren't we a sad lot? Cheers, tedd -- --- http://sperling.com http://ancientstones.com http://earthstones.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Protecting MySQL Injection from PHP form
On May 25, 2007, at 8:47 AM, Jochem Maas wrote: check this, check that. granted the OP posted quite a bit of irrelevant code with regard to SQL injection protection. BUT his use of parameterized queries should protect against injection because MySQL knows what to do with the data (i.e. escape it), which only leaves the question as to whether the character encoding is correctly setup so that nothing funky can get through (although I believe an article by Chris Shiftlett pointed out a situation where even if you got everything right it was possible to do sql injection in some edge cases by submitting specific 'broken' strings). I apologize for posting the entire add script, but I wasn't sure what was needed to check if I was doing it right or not. I figured in this case it was better to give to much info rather then not enough. My big main goal it to make this bit of software as secure/safe as possible. I will double check the character encoding, which would be done on the database correct? Now if only I could get a check box to show up so I can delete multiple people at one time :) But I'm still learning about that. Thanks for looking! I really appreciate it! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Form Validation Issues
At 8:57 AM -0700 5/23/07, Jim Lucas wrote:
kvigor wrote:
if($value != 'Alabama' || $value!= 'AL' || $value != 'Alaska' ||
$value!= 'AK' || $value !=
-snip-
Ok, here is something that might help you.
$states['AL'] => 'Alabama';
$states['AK'] => 'Alaska';
-snip-
$states['WY'] => 'Wyoming';
now use this like this
if ( !isset($states[$value]) && !in_array($value, $states) ) {
// do something because I can't find the state
}
use something like this so your logical errors will be reduced
--
Jim Lucas
"Some men are born to greatness, some achieve greatness,
and some have greatness thrust upon them."
Unknown
Hi Jim:
You might try the array below and the quote above, I believe, was
Douglas MacArthur of WWII fame.
Cheers,
tedd
$states = array(
'AL' => 'Alabama',
'AK' => 'Alaska',
'AS' => 'American Samoa',
'AZ' => 'Arizona',
'AR' => 'Arkansas',
'CA' => 'California',
'CO' => 'Colorado',
'CT' => 'Connecticut',
'DE' => 'Delaware',
'DC' => 'District Of Columbia',
'FM' => 'Federated States Of Micronesia',
'FL' => 'Florida',
'GA' => 'Georgia',
'GU' => 'Guam',
'HI' => 'Hawaii',
'ID' => 'Idaho',
'IL' => 'Illinois',
'IN' => 'Indiana',
'IA' => 'Iowa',
'KS' => 'Kansas',
'KY' => 'Kentucky',
'LA' => 'Louisiana',
'ME' => 'Maine',
'MH' => 'Marshall Islands',
'MD' => 'Maryland',
'MA' => 'Massachusetts',
'MI' => 'Michigan',
'MN' => 'Minnesota',
'MS' => 'Mississippi',
'MO' => 'Missouri',
'MT' => 'Montana',
'NE' => 'Nebraska',
'NV' => 'Nevada',
'NH' => 'New Hampshire',
'NJ' => 'New Jersey',
'NM' => 'New Mexico',
'NY' => 'New York',
'NC' => 'North Carolina',
'ND' => 'North Dakota',
'MP' => 'Northern Mariana Islands',
'OH' => 'Ohio',
'OK' => 'Oklahoma',
'OR' => 'Oregon',
'PW' => 'Palau',
'PA' => 'Pennsylvania',
'PR' => 'Puerto Rico',
'RI' => 'Rhode Island',
'SC' => 'South Carolina',
'SD' => 'South Dakota',
'TN' => 'Tennessee',
'TX' => 'Texas',
'UT' => 'Utah',
'VT' => 'Vermont',
'VI' => 'Virgin Islands',
'VA' => 'Virginia',
'WA' => 'Washington',
'WV' => 'West Virginia',
'WI' => 'Wisconsin',
'WY' => 'Wyoming'
);
--
---
http://sperling.com http://ancientstones.com http://earthstones.com
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] convert numerical day of week
On Fri, 2007-05-25 at 09:10 -0400, tedd wrote: > What a hoot! > > When I saw the the number of post to this thread, I figured someone > got their shorts in a knot. > > Only a bunch of geeks could get into this much discussion of what day > of the week it is. Aren't we a sad lot? Only if we take criticism personally... I don't think anyone did :) Sometimes it's quite enlightening to see other people's perspectives on simple things like this :B Cheers, Rob. -- .. | InterJinn Application Framework - http://www.interjinn.com | :: | An application and templating framework for PHP. Boasting | | a powerful, scalable system for accessing system services | | such as forms, properties, sessions, and caches. InterJinn | | also provides an extremely flexible architecture for | | creating re-usable components quickly and easily. | `' -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Include file questions
At 1:55 PM -0700 5/23/07, Kevin Murphy wrote: .inc files have a disadvantage in that if you view the file: http://www.yoursite.com/file.inc you can see the php code. I prefer not to use those just on the off chance that someone can see my code and use that as the basis for figuring out a way to exploit it (especially true of password files, etc). -- Kevin Murphy And the other side of that coin is if you have your files ending with .php, then they can be called/run directly and do things you may not want done. That's a good reason to use some sort of token protection in your include php files so that they cannot be run directly. Cheers, tedd -- --- http://sperling.com http://ancientstones.com http://earthstones.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Include???
At 3:28 PM +0100 5/23/07, Richard Davey wrote: if ($_POST['status_code'] == 'C') ^^ Read-up on the if/else structure and comparison operators. You'd never use a single equals sign in this example. Rich: Read up on different font sizes that people use and you'll never use "^^" to show something. :-) Cheers, tedd -- --- http://sperling.com http://ancientstones.com http://earthstones.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re[2]: [PHP] Include???
Hi Tedd, Friday, May 25, 2007, 2:42:34 PM, you wrote: > At 3:28 PM +0100 5/23/07, Richard Davey wrote: >> >> >>if ($_POST['status_code'] == 'C') >> ^^ >> >>Read-up on the if/else structure and comparison operators. You'd never >>use a single equals sign in this example. > Rich: > Read up on different font sizes that people use and you'll never use > "^^" to show something. :-) Font *size* is irrelevant as long as it's monospaced ;) Cheers, Rich -- Zend Certified Engineer http://www.corephp.co.uk "Never trust a computer you can't throw out of a window" -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Cannot access file on Network Drive (Windows 2003)
At this point having gone through all sorts of permissions and running Apache as User and what not - I'm pretty close to giving up myself. Fortunately I do have other alternates to running this particular application - but it would have helped if things worked. On 5/24/07 6:23 PM, "David Giragosian" <[EMAIL PROTECTED]> wrote: > I had a similar problem with a mysqldump file that I was trying to copy > over, via a script, to a networked drive. The networked drive was on > a Novell share, and I could see it and copy just fine using windows explorer > but nothing I did ever allowed me to copy via the script. I even had Apache > installed as a service on the windows box and had all permissions as open as > possible on all directories just to test. I finally gave up and did it from > a Linux server using ncpfs to mount the Novell drive. > > FWIT, > > David -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Include???
On Fri, 2007-05-25 at 09:42 -0400, tedd wrote: > At 3:28 PM +0100 5/23/07, Richard Davey wrote: > > > > > >if ($_POST['status_code'] == 'C') > > ^^ > > > >Read-up on the if/else structure and comparison operators. You'd never > >use a single equals sign in this example. > > Rich: > > Read up on different font sizes that people use and you'll never use > "^^" to show something. :-) Email should be viewed in fixed width, like has been done since the 60s. ;) Cheers, Rob. -- .. | InterJinn Application Framework - http://www.interjinn.com | :: | An application and templating framework for PHP. Boasting | | a powerful, scalable system for accessing system services | | such as forms, properties, sessions, and caches. InterJinn | | also provides an extremely flexible architecture for | | creating re-usable components quickly and easily. | `' -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] setting windows folder to chmod 644
On 5/25/07, blueboy <[EMAIL PROTECTED]> wrote: How can I do the equivalent of this in windows or is there a tool I can use? R. Windows file systems don't have permissions like Unix-bases file systems. For FAT16/FAT32 there are only a few (Read-Only & Hidden), for NTFS file system there are more permissions (user/group based), I have no clue how to set them, except for the RMB->Properties->check boxes at bottom. But I don't even think you need them, default settings are fine, they are at least 644 equivalent I believe. Tijnema -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Include???
At 9:49 AM -0400 5/25/07, Robert Cummings wrote: On Fri, 2007-05-25 at 09:42 -0400, tedd wrote: At 3:28 PM +0100 5/23/07, Richard Davey wrote: > > >if ($_POST['status_code'] == 'C') > ^^ > >Read-up on the if/else structure and comparison operators. You'd never >use a single equals sign in this example. Rich: Read up on different font sizes that people use and you'll never use "^^" to show something. :-) Email should be viewed in fixed width, like has been done since the 60s. ;) Cheers, Rob. Oh, the sixties -- I should have known. That was the decade that started with strict adherence to standards and ended with an explosion of free choice. I agree, we shouldn't deviate from that standard too quickly. :-) Anyone up for some ASCII art? Cheers, tedd -- --- http://sperling.com http://ancientstones.com http://earthstones.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Include file questions
On Fri, 2007-05-25 at 16:17 +0200, Tijnema wrote: > On 5/25/07, Edward Kay <[EMAIL PROTECTED]> wrote: > > Why are your include files in your web root in the first place? Move them > > elsewhere on your filesystem and then it's not even possible to access them > > via the web. > > > > Edward > > > Oh, I don't want my web files all over the filesystem, I want to keep > all files for a single project inside a single folder on my webserver. > So, that if i move them around, I have all files there. I do that, then I run a build script and it migrates all the static content from the CVS to the web tree that can be requested and builds all the pages from the templates to the requestable pages. Everything is in one location from an archival POV, but it all goes into the right slot for visitor consumption :) Cheers, Rob. -- .. | InterJinn Application Framework - http://www.interjinn.com | :: | An application and templating framework for PHP. Boasting | | a powerful, scalable system for accessing system services | | such as forms, properties, sessions, and caches. InterJinn | | also provides an extremely flexible architecture for | | creating re-usable components quickly and easily. | `' -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Include file questions
On 5/25/07, Edward Kay <[EMAIL PROTECTED]> wrote: > -Original Message- > From: Tijnema [mailto:[EMAIL PROTECTED] > Sent: 25 May 2007 15:00 > To: tedd > Cc: Kevin Murphy; Stephen; php > Subject: Re: [PHP] Include file questions > > > On 5/25/07, tedd <[EMAIL PROTECTED]> wrote: > > At 1:55 PM -0700 5/23/07, Kevin Murphy wrote: > > >.inc files have a disadvantage in that if you view the file: > > > > > >http://www.yoursite.com/file.inc > > > > > >you can see the php code. I prefer not to use those just on the off > > >chance that someone can see my code and use that as the basis for > > >figuring out a way to exploit it (especially true of password files, > > >etc). > > > > > >-- > > >Kevin Murphy > > > > And the other side of that coin is if you have your files ending with > > .php, then they can be called/run directly and do things you may not > > want done. > > > > That's a good reason to use some sort of token protection in your > > include php files so that they cannot be run directly. > > > > Cheers, > > > > tedd > > It's just the way you write script, my included files contain only > functions & variables, no executing code. 99% I have a class around > it. > If you write it like that, than there's no problem with execution the > included file directly, as it loads the class but doesn't do anything > with it :) > > Tijnema > Why are your include files in your web root in the first place? Move them elsewhere on your filesystem and then it's not even possible to access them via the web. Edward Oh, I don't want my web files all over the filesystem, I want to keep all files for a single project inside a single folder on my webserver. So, that if i move them around, I have all files there. Tijnema -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Include file questions
On Fri, 2007-05-25 at 16:00 +0200, Tijnema wrote: > On 5/25/07, tedd <[EMAIL PROTECTED]> wrote: > > At 1:55 PM -0700 5/23/07, Kevin Murphy wrote: > > >.inc files have a disadvantage in that if you view the file: > > > > > >http://www.yoursite.com/file.inc > > > > > >you can see the php code. I prefer not to use those just on the off > > >chance that someone can see my code and use that as the basis for > > >figuring out a way to exploit it (especially true of password files, > > >etc). > > > > > >-- > > >Kevin Murphy > > > > And the other side of that coin is if you have your files ending with > > .php, then they can be called/run directly and do things you may not > > want done. > > > > That's a good reason to use some sort of token protection in your > > include php files so that they cannot be run directly. > > > > Cheers, > > > > tedd > > It's just the way you write script, my included files contain only > functions & variables, no executing code. 99% I have a class around > it. > If you write it like that, than there's no problem with execution the > included file directly, as it loads the class but doesn't do anything > with it :) > > Tijnema Yep, same with me. Only runnable code is in the config file that gets run every page anyways and in the pages that get requested themselves. At any rate, anything that shouldn't be requested is outside the web tree. Cheers, Rob. -- .. | InterJinn Application Framework - http://www.interjinn.com | :: | An application and templating framework for PHP. Boasting | | a powerful, scalable system for accessing system services | | such as forms, properties, sessions, and caches. InterJinn | | also provides an extremely flexible architecture for | | creating re-usable components quickly and easily. | `' -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Include file questions
On 5/25/07, tedd <[EMAIL PROTECTED]> wrote: At 1:55 PM -0700 5/23/07, Kevin Murphy wrote: >.inc files have a disadvantage in that if you view the file: > >http://www.yoursite.com/file.inc > >you can see the php code. I prefer not to use those just on the off >chance that someone can see my code and use that as the basis for >figuring out a way to exploit it (especially true of password files, >etc). > >-- >Kevin Murphy And the other side of that coin is if you have your files ending with .php, then they can be called/run directly and do things you may not want done. That's a good reason to use some sort of token protection in your include php files so that they cannot be run directly. Cheers, tedd It's just the way you write script, my included files contain only functions & variables, no executing code. 99% I have a class around it. If you write it like that, than there's no problem with execution the included file directly, as it loads the class but doesn't do anything with it :) Tijnema -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Include file questions
> -Original Message- > From: Tijnema [mailto:[EMAIL PROTECTED] > Sent: 25 May 2007 15:00 > To: tedd > Cc: Kevin Murphy; Stephen; php > Subject: Re: [PHP] Include file questions > > > On 5/25/07, tedd <[EMAIL PROTECTED]> wrote: > > At 1:55 PM -0700 5/23/07, Kevin Murphy wrote: > > >.inc files have a disadvantage in that if you view the file: > > > > > >http://www.yoursite.com/file.inc > > > > > >you can see the php code. I prefer not to use those just on the off > > >chance that someone can see my code and use that as the basis for > > >figuring out a way to exploit it (especially true of password files, > > >etc). > > > > > >-- > > >Kevin Murphy > > > > And the other side of that coin is if you have your files ending with > > .php, then they can be called/run directly and do things you may not > > want done. > > > > That's a good reason to use some sort of token protection in your > > include php files so that they cannot be run directly. > > > > Cheers, > > > > tedd > > It's just the way you write script, my included files contain only > functions & variables, no executing code. 99% I have a class around > it. > If you write it like that, than there's no problem with execution the > included file directly, as it loads the class but doesn't do anything > with it :) > > Tijnema > Why are your include files in your web root in the first place? Move them elsewhere on your filesystem and then it's not even possible to access them via the web. Edward -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Protecting MySQL Injection from PHP form
On 5/25/07, Jason Pruim <[EMAIL PROTECTED]> wrote: I apologize for posting the entire add script, but I wasn't sure what was needed to check if I was doing it right or not. I figured in this case it was better to give to much info rather then not enough. My big main goal it to make this bit of software as secure/safe as possible. No apology necessary. As long as you're not posting 90 lines for a one-line question, you're ok. Regardless of what one person or another thinks, I find that it's often useful to see how other people approach problems and get around them. For instance, checking for character encoding is something I really have never done. I happen to think it's a useful best practice to use unit testing techniques to verify posted data, but some people (obviously) view this as overkill. To each his own. Now if only I could get a check box to show up so I can delete multiple people at one time :) But I'm still learning about that. I sure hope you're testing on test data, and not live data... -- Jared Farrish Intermediate Web Developer Denton, Tx Abraham Maslow: "If the only tool you have is a hammer, you tend to see every problem as a nail." $$
Re[2]: [PHP] Include???
At 2:46 PM +0100 5/25/07, Richard Davey wrote: Hi Tedd, Friday, May 25, 2007, 2:42:34 PM, you wrote: At 3:28 PM +0100 5/23/07, Richard Davey wrote: if ($_POST['status_code'] == 'C') ^^ Read-up on the if/else structure and comparison operators. You'd never use a single equals sign in this example. Rich: Read up on different font sizes that people use and you'll never use "^^" to show something. :-) Font *size* is irrelevant as long as it's monospaced ;) Rich Like Henry Ford said when the model T came out "You can have it in any color you want as long as it's black." Cheers, tedd PS: Yes, I should have said font type or width and instead of size. -- --- http://sperling.com http://ancientstones.com http://earthstones.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Include file questions
> -Original Message- > From: Tijnema [mailto:[EMAIL PROTECTED] > > > > > > It's just the way you write script, my included files contain only > > > functions & variables, no executing code. 99% I have a class around > > > it. > > > If you write it like that, than there's no problem with execution the > > > included file directly, as it loads the class but doesn't do anything > > > with it :) > > > > > > Tijnema > > > > > > > Why are your include files in your web root in the first place? > Move them > > elsewhere on your filesystem and then it's not even possible to > access them > > via the web. > > > > Edward > > > Oh, I don't want my web files all over the filesystem, I want to keep > all files for a single project inside a single folder on my webserver. > So, that if i move them around, I have all files there. > > Tijnema This is exactly what I do - one folder per project. You just have you web-root as a sub folder in this, eg: /project /includes <- nicely protected /public_html <- web root /images index.php ... ... Edward -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Protecting MySQL Injection from PHP form
Jared Farrish wrote: On 5/25/07, Jason Pruim <[EMAIL PROTECTED]> wrote: I apologize for posting the entire add script, but I wasn't sure what was needed to check if I was doing it right or not. I figured in this case it was better to give to much info rather then not enough. My big main goal it to make this bit of software as secure/safe as possible. No apology necessary. As long as you're not posting 90 lines for a one-line question, you're ok. Regardless of what one person or another thinks, I find that it's often useful to see how other people approach problems and get around them. For instance, checking for character encoding is something I really have never done. I happen to think it's a useful best practice to use unit testing techniques to verify posted data, but some people (obviously) view this as overkill. To each his own. Now if only I could get a check box to show up so I can delete multiple people at one time :) But I'm still learning about that. I sure hope you're testing on test data, and not live data... Brings back bad memories :( -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Protecting MySQL Injection from PHP form
On May 25, 2007, at 10:44 AM, Darren Whitlen wrote: Jared Farrish wrote: On 5/25/07, Jason Pruim <[EMAIL PROTECTED]> wrote: I apologize for posting the entire add script, but I wasn't sure what was needed to check if I was doing it right or not. I figured in this case it was better to give to much info rather then not enough. My big main goal it to make this bit of software as secure/safe as possible. No apology necessary. As long as you're not posting 90 lines for a one-line question, you're ok. Regardless of what one person or another thinks, I find that it's often useful to see how other people approach problems and get around them. For instance, checking for character encoding is something I really have never done. I happen to think it's a useful best practice to use unit testing techniques to verify posted data, but some people (obviously) view this as overkill. To each his own. Now if only I could get a check box to show up so I can delete multiple people at one time :) But I'm still learning about that. I sure hope you're testing on test data, and not live data... Brings back bad memories :( No... No live data, just a little web application I'm working on to give my customers another option for their mailing lists. I've done to much on live data before and I don't like it... Too many issues happen :) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Check if Record was Entered Today.
WORKS!!
Thanks.
On 5/24/07 5:34 PM, "Richard Lynch" <[EMAIL PROTECTED]> wrote:
>> $db = dbase_open(try.dbf", 0);
>> if ($db) {
>
> $exists = false;
> $today = false;
>
>> $record_numbers = dbase_numrecords($db);
>> for ($i = 1; $i <= $record_numbers; $i++) {
>> $row = dbase_get_record_with_names($db, $i);
>>
>> $thedate = date(mdY);
>> if(($row['ACC'] == $thekey) && ($row['DATE'] == $thedate))
>> {
> //> echo "The Account Number has already been entered once
> //> today";
> //> echo $row['DATE']." : ".$thedate;
> //> exit;
> $today = true;
>> }
>> else {
> //> echo "The Account Number exists but not entered
> //> today";
> //> echo $row['DATE']." : ".$thedate;
> //> exit;
>
> $exists = true;
>
>> }
>> }
>> }
>
> if ($today) echo "Yes, today.";
> elseif ($exists) echo "Yes, but not today.";
> else echo "No.";
>
> exit; completely halts a script and does NOTHING else.
>
> You maybe thought you wanted 'continue' or 'break' but those wouldn't
> work for this either.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Include file questions
On 5/25/07, Edward Kay <[EMAIL PROTECTED]> wrote: > -Original Message- > From: Tijnema [mailto:[EMAIL PROTECTED] > > > > > > It's just the way you write script, my included files contain only > > > functions & variables, no executing code. 99% I have a class around > > > it. > > > If you write it like that, than there's no problem with execution the > > > included file directly, as it loads the class but doesn't do anything > > > with it :) > > > > > > Tijnema > > > > > > > Why are your include files in your web root in the first place? > Move them > > elsewhere on your filesystem and then it's not even possible to > access them > > via the web. > > > > Edward > > > Oh, I don't want my web files all over the filesystem, I want to keep > all files for a single project inside a single folder on my webserver. > So, that if i move them around, I have all files there. > > Tijnema This is exactly what I do - one folder per project. You just have you web-root as a sub folder in this, eg: /project /includes <- nicely protected /public_html <- web root /images index.php ... ... Edward Hmm, way too complicated :P I like to keep it simple, just like this: / /data /http /project1 /includes config.php << With passwords :P /images /project2 /includes Tijnema -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: PHP Text-To-Speech Function txt2wav()
On 5/25/07, tedd <[EMAIL PROTECTED]> wrote: > If you find >any bugs --- and I'm sure you will --- report them on the SourceForge >project page. And don't mind the cluttered code. It's also in the process >of being revamped. > >Thanks. > >-- >Daniel P. Brown Daniel: Your demo: http://isawit.com/php-vox/ Still doesn't work for me. I still get the Q with a ? in it. Cheers, tedd -- --- http://sperling.com http://ancientstones.com http://earthstones.com It works fine for me on all platforms, but it sounds like it's not working for you with the Quicktime plugin configured to handle all .wav files within the browser. That would actually be a problem with either the PHP streaming or your browser setup. After you generate a file, go to http://www.isawit.com/php-vox/wavs/ and you can listen to the waveform you created (as well as those done by anyone else who's done it). -- Daniel P. Brown [office] (570-) 587-7080 Ext. 272 [mobile] (570-) 766-8107 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] convert numerical day of week
Robert Cummings wrote: > On Fri, 2007-05-25 at 09:10 -0400, tedd wrote: >> What a hoot! >> >> When I saw the the number of post to this thread, I figured someone >> got their shorts in a knot. >> >> Only a bunch of geeks could get into this much discussion of what day >> of the week it is. Aren't we a sad lot? > > Only if we take criticism personally... I don't think anyone did :) > Sometimes it's quite enlightening to see other people's perspectives on > simple things like this :B denial. > > Cheers, > Rob. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Check if Record was Entered Today.
I guess one of the problems is that PHP has a limited number of dbase
functions and I'm not able to run SQL Queries on a dbf database. Basically I
have to make-do with the few dbase() functions I have available in PHP.
But I do get your logic and it's pretty helpful. I did re-write the code
using Boolean (flags) as Richard had also suggested and it works fine now!
Still wish I could run SQL Queries or do more to a dbase database using PHP.
Thanks!
On 5/24/07 4:07 PM, "Jared Farrish" <[EMAIL PROTECTED]> wrote:
>> I believe you need a "while" instead of an "if". The "if" will only run
>> until the first occurance is true. Whereas a "while" will run to find
> all
>> results that are true until it goes thru all of the result rows..
>
> No, I think he's checking to make sure that $db contains a resource id and
> not a boolean false (meaning the file did not load or contains no data).
>
> Maybe a more descriptive way may be to say:
>
>
> if ($db !== false && is_resource($db)) {
> doStuff();
> }
>
>
> To the next problem:
>
>> 'exit' terminates the script. You should not be using exit there.
>
> When you want a loop structure to stop and goto what flows next in the code,
> use break:
>
>
> for ($i = 0; $i < count($items); $i++) {
> if ($items[$i] == $arbitraryCondition) {
> echo 'I do not need to doStuff() anymore.';
> break;
> }
> doStuff();
> }
>
>
> When you want a loop structure to skip over something but still continue to
> loop, use continue:
>
>
> for ($i = 0; $i < count($items); $i++) {
> if ($items[$i] == $arbitraryCondition) {
> echo 'I do not need to doStuff() on this item.';
> continue;
> }
> doStuff();
> }
>
>
> When reading through values in an array or other structure, you can while or
> do/while loop:
>
>
> $db = getDb('location/db.dbf');
> while($row = db_fetch_array($result)) {
> if ($row['AcctActivation'] != $date) {
> continue;
> } elseif ($row['AcctActivation'] == $date) {
> break;
> }
> doStuff();
> }
>
>
> Isn't there a way to search for and select only the rows with the account
> number though? If you're looking for needles in a (potentially large)
> haystack, this sounds like an expensive process for something SQL or other
> could do better/faster.
>
>
>
> Incidentally, does this mean you solved the file access problems from this
> thread:
>
> http://news.php.net/php.general/255542
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] convert numerical day of week
On Fri, 2007-05-25 at 17:26 +0200, Jochem Maas wrote: > Robert Cummings wrote: > > On Fri, 2007-05-25 at 09:10 -0400, tedd wrote: > >> What a hoot! > >> > >> When I saw the the number of post to this thread, I figured someone > >> got their shorts in a knot. > >> > >> Only a bunch of geeks could get into this much discussion of what day > >> of the week it is. Aren't we a sad lot? > > > > Only if we take criticism personally... I don't think anyone did :) > > Sometimes it's quite enlightening to see other people's perspectives on > > simple things like this :B > > denial. It's not just a river in Egypt!! (yeah, yeah, bad pun :) Cheers, Rob. -- .. | InterJinn Application Framework - http://www.interjinn.com | :: | An application and templating framework for PHP. Boasting | | a powerful, scalable system for accessing system services | | such as forms, properties, sessions, and caches. InterJinn | | also provides an extremely flexible architecture for | | creating re-usable components quickly and easily. | `' -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] using mysql_escape_string with implode() !!
2007. 05. 25, péntek keltezéssel 11.32-kor Rahul Sitaram Johari ezt
írta:
> Ave,
>
> I¹m inserting values out of an array into mySQL. There¹s other values
> besides the array values that are being inserted as well. This is my simple
> INSERT code:
>
> $sql = "INSERT INTO db
> (Date,Time,Phone,Account,AccountType,RateClass,VoltLevel,IsoZone,TaxDist,Loa
> dProfile,ServiceName,ServiceAddress,ServiceCity,ServiceState,ServiceZip,Dema
> nd,Kwh,Cost) VALUES ('$dt','$tm','$thephone','".implode("','",
> array_values($var))."')";
>
> $var can contain values that have special characters that I need to escape.
> I¹d like to use mysql_escape_string() but I¹m not sure how to integrate
> mysql_escape_string here with the INSERT statement. I tried it, but it¹s not
> working. Any clues?
you should do the escaping before assembling the INSERT statement
a useful tool for this is array_map():
http://hu.php.net/array_map
then you can use the above method for creating the query string
greets
Zoltán Németh
>
> Thanks.
>
>
> ~~~
> Rahul Sitaram Johari
> CEO, Twenty Four Seventy Nine Inc.
>
> W: http://www.rahulsjohari.com
> E: [EMAIL PROTECTED]
>
> ³I morti non sono piu soli ... The dead are no longer lonely²
>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Check if Record was Entered Today.
On 5/25/07, Rahul Sitaram Johari <[EMAIL PROTECTED]> wrote: I guess one of the problems is that PHP has a limited number of dbase functions and I'm not able to run SQL Queries on a dbf database. Basically I have to make-do with the few dbase() functions I have available in PHP. But I do get your logic and it's pretty helpful. I did re-write the code using Boolean (flags) as Richard had also suggested and it works fine now! Still wish I could run SQL Queries or do more to a dbase database using PHP. Thanks! If you have a database that is unchanging (archived), you can always transribe it into another format (such as an array or object) if the data doesn't change, or store it in an XML file, or insert it into a MySQL database (per table, column names, then loop through each record, copying it over as you go), and then use more robust queries offered by those technologies. I don't know how sophisticated you are with PHP, but the easiest (or at least most well-documented) solution is to move it to a MySQL database if the db is archived (and unchanging). PHP5 supports xQuery, which is also compelling, but the xml classes are alittle dense to figure out, I think, if you've never gone through programmatic XML parsing and searching before. If, though, the database is used by some other software and you're using it as a bridge (meaning the data changes and transcription isn't a viable alternative), you may be stuck using the method you're describing. Although, another alternative may be to configure a command line interpreter on the db host machine to handle a script that pushes the work to another machine (db host), that then returns a plaintext-formatted array that can then be searched using array functions or whatnot, and is then used as an include() file. This way, the data is rebuilt each go around, but the overhead is pushed to another machine, similar to a SOAP service (which is another...). Pass a variable id to the CLI script... -- Jared Farrish Intermediate Web Developer Denton, Tx Abraham Maslow: "If the only tool you have is a hammer, you tend to see every problem as a nail." $$
Re: [PHP] setting windows folder to chmod 644
On 5/25/07, Tijnema <[EMAIL PROTECTED]> wrote: On 5/25/07, blueboy <[EMAIL PROTECTED]> wrote: > How can I do the equivalent of this in windows or is there a tool I can > use? > > R. Windows file systems don't have permissions like Unix-bases file systems. For FAT16/FAT32 there are only a few (Read-Only & Hidden), for NTFS file system there are more permissions (user/group based), I have no clue how to set them, except for the RMB->Properties->check boxes at bottom. But I don't even think you need them, default settings are fine, they are at least 644 equivalent I believe. Tijnema -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php You may want to check out the DOS command 'attrib'. I used to use that on DOS boxes before Windows was really much of anything. I'm sure it's still in the modern Windows versions, too. In fact, I just checked, and it is here's a link from Microsoft: http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/attrib.mspx?mfr=true -- Daniel P. Brown [office] (570-) 587-7080 Ext. 272 [mobile] (570-) 766-8107 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Include file questions
On Fri, 2007-05-25 at 17:07 +0200, Tijnema wrote: > On 5/25/07, Edward Kay <[EMAIL PROTECTED]> wrote: > > > > > -Original Message- > > > From: Tijnema [mailto:[EMAIL PROTECTED] > > > > > > > > > > It's just the way you write script, my included files contain only > > > > > functions & variables, no executing code. 99% I have a class around > > > > > it. > > > > > If you write it like that, than there's no problem with execution the > > > > > included file directly, as it loads the class but doesn't do anything > > > > > with it :) > > > > > > > > > > Tijnema > > > > > > > > > > > > > Why are your include files in your web root in the first place? > > > Move them > > > > elsewhere on your filesystem and then it's not even possible to > > > access them > > > > via the web. > > > > > > > > Edward > > > > > > > Oh, I don't want my web files all over the filesystem, I want to keep > > > all files for a single project inside a single folder on my webserver. > > > So, that if i move them around, I have all files there. > > > > > > Tijnema > > > > This is exactly what I do - one folder per project. You just have you > > web-root as a sub folder in this, eg: > > > > /project > > /includes <- nicely protected > > /public_html <- web root > > /images > > index.php > > ... > > ... > > > > Edward > > > Hmm, way too complicated :P > > I like to keep it simple, just like this: > / > /data > /http > /project1 > /includes > config.php << With passwords :P > /images > /project2 > /includes You won't like mine then :) /wherever /Project /bin /build /source /static /templates patterns.txt /compilers /configs /cron /functions /modules /services /sql buildSite.php* config.interjinn.php@ (link to active config in /configs) Running buildSite.php (which uses patterns.txt) generates the webtree: /wherever /DOC_ROOT Cheers, Rob. -- .. | InterJinn Application Framework - http://www.interjinn.com | :: | An application and templating framework for PHP. Boasting | | a powerful, scalable system for accessing system services | | such as forms, properties, sessions, and caches. InterJinn | | also provides an extremely flexible architecture for | | creating re-usable components quickly and easily. | `' -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] using mysql_escape_string with implode() !!
Ave,
I¹m inserting values out of an array into mySQL. There¹s other values
besides the array values that are being inserted as well. This is my simple
INSERT code:
$sql = "INSERT INTO db
(Date,Time,Phone,Account,AccountType,RateClass,VoltLevel,IsoZone,TaxDist,Loa
dProfile,ServiceName,ServiceAddress,ServiceCity,ServiceState,ServiceZip,Dema
nd,Kwh,Cost) VALUES ('$dt','$tm','$thephone','".implode("','",
array_values($var))."')";
$var can contain values that have special characters that I need to escape.
I¹d like to use mysql_escape_string() but I¹m not sure how to integrate
mysql_escape_string here with the INSERT statement. I tried it, but it¹s not
working. Any clues?
Thanks.
~~~
Rahul Sitaram Johari
CEO, Twenty Four Seventy Nine Inc.
W: http://www.rahulsjohari.com
E: [EMAIL PROTECTED]
³I morti non sono piu soli ... The dead are no longer lonely²
Re: [PHP] Include file questions
On 5/25/07, Robert Cummings <[EMAIL PROTECTED]> wrote: On Fri, 2007-05-25 at 17:07 +0200, Tijnema wrote: > On 5/25/07, Edward Kay <[EMAIL PROTECTED]> wrote: > > > > > -Original Message- > > > From: Tijnema [mailto:[EMAIL PROTECTED] > > > > > > > > > > It's just the way you write script, my included files contain only > > > > > functions & variables, no executing code. 99% I have a class around > > > > > it. > > > > > If you write it like that, than there's no problem with execution the > > > > > included file directly, as it loads the class but doesn't do anything > > > > > with it :) > > > > > > > > > > Tijnema > > > > > > > > > > > > > Why are your include files in your web root in the first place? > > > Move them > > > > elsewhere on your filesystem and then it's not even possible to > > > access them > > > > via the web. > > > > > > > > Edward > > > > > > > Oh, I don't want my web files all over the filesystem, I want to keep > > > all files for a single project inside a single folder on my webserver. > > > So, that if i move them around, I have all files there. > > > > > > Tijnema > > > > This is exactly what I do - one folder per project. You just have you > > web-root as a sub folder in this, eg: > > > > /project > > /includes <- nicely protected > > /public_html <- web root > > /images > > index.php > > ... > > ... > > > > Edward > > > Hmm, way too complicated :P > > I like to keep it simple, just like this: > / > /data > /http > /project1 > /includes > config.php << With passwords :P > /images > /project2 > /includes You won't like mine then :) /wherever /Project /bin /build /source /static /templates patterns.txt /compilers /configs /cron /functions /modules /services /sql buildSite.php* config.interjinn.php@ (link to active config in /configs) Running buildSite.php (which uses patterns.txt) generates the webtree: /wherever /DOC_ROOT Cheers, Rob. Definitely not.! also way too complicated... :P Tijnema -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] setting windows folder to chmod 644
On May 25, 2007, at 10:50 AM, Daniel Brown wrote: On 5/25/07, Tijnema <[EMAIL PROTECTED]> wrote: On 5/25/07, blueboy <[EMAIL PROTECTED]> wrote: > How can I do the equivalent of this in windows or is there a tool I can > use? > > R. Windows file systems don't have permissions like Unix-bases file systems. For FAT16/FAT32 there are only a few (Read-Only & Hidden), for NTFS file system there are more permissions (user/group based), I have no clue how to set them, except for the RMB->Properties->check boxes at bottom. But I don't even think you need them, default settings are fine, they are at least 644 equivalent I believe. Tijnema -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php You may want to check out the DOS command 'attrib'. I used to use that on DOS boxes before Windows was really much of anything. I'm sure it's still in the modern Windows versions, too. In fact, I just checked, and it is here's a link from Microsoft: http://www.microsoft.com/resources/documentation/windows/xp/all/ proddocs/en-us/attrib.mspx?mfr=true I thought windows versions of PHP tried to do the "right thing" for the chmod(), chown() and chgrp(), translating them to the best windows equivalent it can? Can't seem to find it in the manual atm, so I'm not sure where I picked it up. Ed -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Creating an executer
On 5/24/07, Richard Lynch <[EMAIL PROTECTED]> wrote: I only skimmed this, but afaik the only way to get the child PID is to "fork" rather than to "exec". On Thu, May 24, 2007 10:10 am, [EMAIL PROTECTED] wrote: > Hi, > > Summary: > > 1. I execute script1 that will run in the background (daemon) > 2. script1 needs to execute script2 and capture STDERR, STDOUT and > exitcode from script2 if script2 exits before SIGTERM is received. > 3. If I send SIGTERM to script1 it should kill script2, and write to > DB (or log file some information that it was stopped) > > Simple, isn't it? But I cannot seam to get it to work. Anyone with > some example code that does the same thing? > > > = > > More complex description > > I have some scripts (perl, c, php, or anything else) that simple > independent scripts that do some stuff and output STDOUT and STDERR > and exit with an exitcode. There scripts will be kept like this, and > will not change their behavior. > > Now I need to control them and also log their STDOUT, STDERR and > exitcode. Ok, that far I have come, so that I am logging the STDOUT, > STDERR and exitcode. What I am doing is that I have created an > executer that takes care of this and writing it to DB. > > Now I need to add a functionality so that when the executer receives a > SIGTERM signal it should kill the script (that was started with a > exec() call, and then log some information to the DB (that the script > was killed etc). > > I have registered the signal SIGTERM with pcntl_signal(SIGTERM, > "sig_handler"). When I am testing I just write some info to a file > when the signal is received. I created a simple testing script with a > while(true) loop and then send the signal to the script and it > successfully writes the information to the logflie. > > Ok, now I instead of a while(true) loop make an exec() call to a > script (that is running for ever) and send the signal, then it does > not write to the file as it is supposed to. I guess it is because the > script is busy running the exec command. > > I tried to then exec() it in the background. The problem there is that > it becomes a daemon and then I cannot know what that script is doing, > and it will not send any SIGCHLD to the parent, or it does, but to > init. Or actually there will be a SIGCHLD sent, as the exec() will > open its own shell, and then the shell will exit and we get the > SIGCHLD from the shell instead of the executed script. > > Is there any way to get the "child" process PID when you exec() and > send it to the background? But then, how can I capture the exitcode? > The STDERR and STDOUT is fine as I can direct it to a file and get it > from there. > > I have a really ugly workarounds: I could append an dummy variable to > the execution of the script and then do a grep of the ps -ef to get > the PID of that script. > > /Peter > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > -- Some people have a "gift" link here. Know what I want? I want you to buy a CD from some indie artist. http://cdbaby.com/browse/from/lynch Yeah, I get a buck. So? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php If it helps, BASH has the $? and $! session variables that give you the exit code and PID, respectively. -- Daniel P. Brown [office] (570-) 587-7080 Ext. 272 [mobile] (570-) 766-8107 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] zend framework
On May 24, 2007, at 6:15 PM, Jochem Maas wrote: Richard Lynch wrote: On Wed, May 23, 2007 9:58 am, Greg Donald wrote: Has anyone looked at the Zend Framework lately? http://framework.zend.com/manual I've been playing with a few parts of it off and on the past couple of days. It seems really heavy overall and there is no Javascript integration anywhere. Nothing on the roadmap about Javascript either: http://framework.zend.com/roadmap It might be worth using if it actually did something better than my current toolset. Right now it really doesn't. Has anyone driven a Ford lately? http://ford.com I've been test driving a few of them off and on the past couple of days. It seems really heavy overall and... one thing Zend Framework has over your average [american] Ford is the fact that it doesn't come fitted with an earth-destroying, war- inducing 5+ liter power source. sorry, couldn't help myself. Nope, but mine's hooked up to an earth destroying, war-inducing 5,000,000,000,000 plus liter power plant... may be nuclear, but I don't know for sure... sorry, couldn't help myself either... :P Ed -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Include file questions
On 5/25/07, Robert Cummings <[EMAIL PROTECTED]> wrote: On Fri, 2007-05-25 at 18:04 +0200, Tijnema wrote: > On 5/25/07, Robert Cummings <[EMAIL PROTECTED]> wrote: > > On Fri, 2007-05-25 at 17:07 +0200, Tijnema wrote: > > > I like to keep it simple, just like this: > > > / > > > /data > > > /http > > > /project1 > > > /includes > > > config.php << With passwords :P > > > /images > > > /project2 > > > /includes > > > > You won't like mine then :) > > > >/wherever > >/Project > >/bin > >/build > >/source > >/static > >/templates > >patterns.txt > >/compilers > >/configs > >/cron > >/functions > >/modules > >/services > >/sql > >buildSite.php* > >config.interjinn.php@ (link to active config in /configs) > > > > Running buildSite.php (which uses patterns.txt) generates the webtree: > > > >/wherever > >/DOC_ROOT > > > > Cheers, > > Rob. > > Definitely not.! > > also way too complicated... :P > > Tijnema I think the word you're looking for is "organized" ;) Cheers, Rob. -- Do you call your code organized? Tijnema -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Include file questions
On Fri, 2007-05-25 at 18:04 +0200, Tijnema wrote: > On 5/25/07, Robert Cummings <[EMAIL PROTECTED]> wrote: > > On Fri, 2007-05-25 at 17:07 +0200, Tijnema wrote: > > > I like to keep it simple, just like this: > > > / > > > /data > > > /http > > > /project1 > > > /includes > > > config.php << With passwords :P > > > /images > > > /project2 > > > /includes > > > > You won't like mine then :) > > > >/wherever > >/Project > >/bin > >/build > >/source > >/static > >/templates > >patterns.txt > >/compilers > >/configs > >/cron > >/functions > >/modules > >/services > >/sql > >buildSite.php* > >config.interjinn.php@ (link to active config in /configs) > > > > Running buildSite.php (which uses patterns.txt) generates the webtree: > > > >/wherever > >/DOC_ROOT > > > > Cheers, > > Rob. > > Definitely not.! > > also way too complicated... :P > > Tijnema I think the word you're looking for is "organized" ;) Cheers, Rob. -- .. | InterJinn Application Framework - http://www.interjinn.com | :: | An application and templating framework for PHP. Boasting | | a powerful, scalable system for accessing system services | | such as forms, properties, sessions, and caches. InterJinn | | also provides an extremely flexible architecture for | | creating re-usable components quickly and easily. | `' -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Creating an executer
On 5/25/07, Daniel Brown <[EMAIL PROTECTED]> wrote: On 5/24/07, Richard Lynch <[EMAIL PROTECTED]> wrote: > I only skimmed this, but afaik the only way to get the child PID is to > "fork" rather than to "exec". > > On Thu, May 24, 2007 10:10 am, [EMAIL PROTECTED] wrote: > > Hi, > > > > Summary: > > > > 1. I execute script1 that will run in the background (daemon) > > 2. script1 needs to execute script2 and capture STDERR, STDOUT and > > exitcode from script2 if script2 exits before SIGTERM is received. > > 3. If I send SIGTERM to script1 it should kill script2, and write to > > DB (or log file some information that it was stopped) > > > > Simple, isn't it? But I cannot seam to get it to work. Anyone with > > some example code that does the same thing? > > > > > > = > > > > More complex description > > > > I have some scripts (perl, c, php, or anything else) that simple > > independent scripts that do some stuff and output STDOUT and STDERR > > and exit with an exitcode. There scripts will be kept like this, and > > will not change their behavior. > > > > Now I need to control them and also log their STDOUT, STDERR and > > exitcode. Ok, that far I have come, so that I am logging the STDOUT, > > STDERR and exitcode. What I am doing is that I have created an > > executer that takes care of this and writing it to DB. > > > > Now I need to add a functionality so that when the executer receives a > > SIGTERM signal it should kill the script (that was started with a > > exec() call, and then log some information to the DB (that the script > > was killed etc). > > > > I have registered the signal SIGTERM with pcntl_signal(SIGTERM, > > "sig_handler"). When I am testing I just write some info to a file > > when the signal is received. I created a simple testing script with a > > while(true) loop and then send the signal to the script and it > > successfully writes the information to the logflie. > > > > Ok, now I instead of a while(true) loop make an exec() call to a > > script (that is running for ever) and send the signal, then it does > > not write to the file as it is supposed to. I guess it is because the > > script is busy running the exec command. > > > > I tried to then exec() it in the background. The problem there is that > > it becomes a daemon and then I cannot know what that script is doing, > > and it will not send any SIGCHLD to the parent, or it does, but to > > init. Or actually there will be a SIGCHLD sent, as the exec() will > > open its own shell, and then the shell will exit and we get the > > SIGCHLD from the shell instead of the executed script. > > > > Is there any way to get the "child" process PID when you exec() and > > send it to the background? But then, how can I capture the exitcode? > > The STDERR and STDOUT is fine as I can direct it to a file and get it > > from there. > > > > I have a really ugly workarounds: I could append an dummy variable to > > the execution of the script and then do a grep of the ps -ef to get > > the PID of that script. > > > > /Peter > > > > -- > > PHP General Mailing List (http://www.php.net/) > > To unsubscribe, visit: http://www.php.net/unsub.php > > > > > > > -- > Some people have a "gift" link here. > Know what I want? > I want you to buy a CD from some indie artist. > http://cdbaby.com/browse/from/lynch > Yeah, I get a buck. So? > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > If it helps, BASH has the $? and $! session variables that give you the exit code and PID, respectively. -- Daniel P. Brown [office] (570-) 587-7080 Ext. 272 [mobile] (570-) 766-8107 Oh, I also forgot to mention pidof. If you use it with the -x switch, it will give you shell script listing, too. -- Daniel P. Brown [office] (570-) 587-7080 Ext. 272 [mobile] (570-) 766-8107 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] zend framework
On 5/24/07, Richard Lynch <[EMAIL PROTECTED]> wrote: If you don't find anything useful in the Zend stuff, don't use it. Thanks for the useless input captain obvious. -- Greg Donald http://destiney.com/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Include file questions
On Fri, 2007-05-25 at 18:20 +0200, Tijnema wrote: > On 5/25/07, Robert Cummings <[EMAIL PROTECTED]> wrote: > > On Fri, 2007-05-25 at 18:04 +0200, Tijnema wrote: > > > On 5/25/07, Robert Cummings <[EMAIL PROTECTED]> wrote: > > > > On Fri, 2007-05-25 at 17:07 +0200, Tijnema wrote: > > > > > I like to keep it simple, just like this: > > > > > / > > > > > /data > > > > > /http > > > > > /project1 > > > > > /includes > > > > > config.php << With passwords :P > > > > > /images > > > > > /project2 > > > > > /includes > > > > > > > > You won't like mine then :) > > > > > > > >/wherever > > > >/Project > > > >/bin > > > >/build > > > >/source > > > >/static > > > >/templates > > > >patterns.txt > > > >/compilers > > > >/configs > > > >/cron > > > >/functions > > > >/modules > > > >/services > > > >/sql > > > >buildSite.php* > > > >config.interjinn.php@ (link to active config in /configs) > > > > > > > > Running buildSite.php (which uses patterns.txt) generates the webtree: > > > > > > > >/wherever > > > >/DOC_ROOT > > > > > > > > Cheers, > > > > Rob. > > > > > > Definitely not.! > > > > > > also way too complicated... :P > > > > > > Tijnema > > > > I think the word you're looking for is "organized" ;) > > > > Cheers, > > Rob. > > -- > Do you call your code organized? Very. Each directory contains very specific types of code/content. Tracking down where any given function, class, custom tag, behaviour, etc is defined is extremely simple. Cheers, Rob. -- .. | InterJinn Application Framework - http://www.interjinn.com | :: | An application and templating framework for PHP. Boasting | | a powerful, scalable system for accessing system services | | such as forms, properties, sessions, and caches. InterJinn | | also provides an extremely flexible architecture for | | creating re-usable components quickly and easily. | `' -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Include file questions
On 5/25/07, Robert Cummings <[EMAIL PROTECTED]> wrote: On Fri, 2007-05-25 at 18:20 +0200, Tijnema wrote: > On 5/25/07, Robert Cummings <[EMAIL PROTECTED]> wrote: > > On Fri, 2007-05-25 at 18:04 +0200, Tijnema wrote: > > > On 5/25/07, Robert Cummings <[EMAIL PROTECTED]> wrote: > > > > On Fri, 2007-05-25 at 17:07 +0200, Tijnema wrote: > > > > > I like to keep it simple, just like this: > > > > > / > > > > > /data > > > > > /http > > > > > /project1 > > > > > /includes > > > > > config.php << With passwords :P > > > > > /images > > > > > /project2 > > > > > /includes > > > > > > > > You won't like mine then :) > > > > > > > >/wherever > > > >/Project > > > >/bin > > > >/build > > > >/source > > > >/static > > > >/templates > > > >patterns.txt > > > >/compilers > > > >/configs > > > >/cron > > > >/functions > > > >/modules > > > >/services > > > >/sql > > > >buildSite.php* > > > >config.interjinn.php@ (link to active config in /configs) > > > > > > > > Running buildSite.php (which uses patterns.txt) generates the webtree: > > > > > > > >/wherever > > > >/DOC_ROOT > > > > > > > > Cheers, > > > > Rob. > > > > > > Definitely not.! > > > > > > also way too complicated... :P > > > > > > Tijnema > > > > I think the word you're looking for is "organized" ;) > > > > Cheers, > > Rob. > > -- > Do you call your code organized? Very. Each directory contains very specific types of code/content. Tracking down where any given function, class, custom tag, behaviour, etc is defined is extremely simple. Cheers, Rob. I don't agree with you, i have includes in includes dir inside my project, images in images, etc. classes in includes dir start with class. configuration files in includes start with config. etc. But, this is all about personal preference ;) I like the way I do it, you like the way you do it... Tijnema -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re[2]: [PHP] Include file questions
Hi Tijnema, Friday, May 25, 2007, 5:58:46 PM, you wrote: > On 5/25/07, Robert Cummings <[EMAIL PROTECTED]> wrote: >> Very. Each directory contains very specific types of code/content. >> Tracking down where any given function, class, custom tag, behaviour, >> etc is defined is extremely simple. >> >> Cheers, >> Rob. > I don't agree with you, i have includes in includes dir inside my > project, images in images, etc. classes in includes dir start with > class. configuration files in includes start with config. etc. Oh to work on such little sized sites again :) Not that I'm belittling your projects Tijnema, because I'm not - but I've not worked on a site with a structure that could be that simple for a long time now, I kinda miss it actually!! Hell even the 'images folder' had to be split across multiple servers in the code I finished today. A lot of Robert's structure makes complete sense. I never keep libraries inside the webroot that simply don't need to be there. Infact if a script doesn't output anything 'web related' (image, rss, html) or process data from the site, it doesn't need to live in the webroot at all. I use a similar principal for the 'admin' area of the site too, which I'm sure you'd hate ;) but I always code my admin areas so that they can run on an entirely different domain name and/or server if needs be. Only as a last resort do they ever live in /admin, and never will they share libs that the 'public' site uses, they are entirely stand-alone entities. You're right in that it is down to personal preference though :) Cheers, Rich -- Zend Certified Engineer http://www.corephp.co.uk "Never trust a computer you can't throw out of a window" -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] using mysql_escape_string with implode() !!
Ok, I'm not able to use array_map() at all to my benefit, or at least I
can't figure out how to.
I'm trying to generate the string with escape slashes before I put it in the
INSERT statement, but it's not working primarily because values have to be
enclosed in Single Quotes while inserting into mySQL and Single Quote itself
is escape when using mysql_escape_string!!!
On 5/25/07 11:41 AM, "Zoltán Németh" <[EMAIL PROTECTED]> wrote:
>> Ave,
>>
>> I¹m inserting values out of an array into mySQL. There¹s other values
>> besides the array values that are being inserted as well. This is my simple
>> INSERT code:
>>
>> $sql = "INSERT INTO db
>> (Date,Time,Phone,Account,AccountType,RateClass,VoltLevel,IsoZone,TaxDist,Loa
>> dProfile,ServiceName,ServiceAddress,ServiceCity,ServiceState,ServiceZip,Dema
>> nd,Kwh,Cost) VALUES ('$dt','$tm','$thephone','".implode("','",
>> array_values($var))."')";
>>
>> $var can contain values that have special characters that I need to escape.
>> I¹d like to use mysql_escape_string() but I¹m not sure how to integrate
>> mysql_escape_string here with the INSERT statement. I tried it, but it¹s not
>> working. Any clues?
>
> you should do the escaping before assembling the INSERT statement
> a useful tool for this is array_map():
> http://hu.php.net/array_map
>
> then you can use the above method for creating the query string
>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] using mysql_escape_string with implode() - SOLVED!
Ave,
Alright, here's I solved it. Used the array_walk function. This is my code:
function test_alter(&$item1) {
$item1 = mysql_escape_string($item1);
}
array_walk($var, 'test_alter');
$var = implode("','", $var);
$sql = "INSERT INTO
nimo_account(Date,Time,Phone,Account,AccountType,RateClass,VoltLevel,IsoZone
,TaxDist,LoadProfile,ServiceName,ServiceAddress,ServiceCity,ServiceState,Ser
viceZip,Demand,Kwh,Cost) VALUES ('$dt','$tm','$thephone','".$var."')";
$result = mysql_query($sql) or die("Critical Error: ".mysql_error());
And it Works!
All special characters are escaped within the Array's Values itself, and
then I just implode them with ',' and add them to the mySQL Database!!
On 5/25/07 11:32 AM, "Rahul Sitaram Johari" <[EMAIL PROTECTED]>
wrote:
>
> Ave,
>
> I¹m inserting values out of an array into mySQL. There¹s other values besides
> the array values that are being inserted as well. This is my simple INSERT
> code:
>
> $sql = "INSERT INTO db
> (Date,Time,Phone,Account,AccountType,RateClass,VoltLevel,IsoZone,TaxDist,LoadP
> rofile,ServiceName,ServiceAddress,ServiceCity,ServiceState,ServiceZip,Demand,K
> wh,Cost) VALUES ('$dt','$tm','$thephone','".implode("','",
> array_values($var))."')";
>
> $var can contain values that have special characters that I need to escape.
> I¹d like to use mysql_escape_string() but I¹m not sure how to integrate
> mysql_escape_string here with the INSERT statement. I tried it, but it¹s not
> working. Any clues?
>
> Thanks.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: Re[2]: [PHP] Include file questions
On 5/25/07, Richard Davey <[EMAIL PROTECTED]> wrote: Hi Tijnema, Friday, May 25, 2007, 5:58:46 PM, you wrote: > On 5/25/07, Robert Cummings <[EMAIL PROTECTED]> wrote: >> Very. Each directory contains very specific types of code/content. >> Tracking down where any given function, class, custom tag, behaviour, >> etc is defined is extremely simple. >> >> Cheers, >> Rob. > I don't agree with you, i have includes in includes dir inside my > project, images in images, etc. classes in includes dir start with > class. configuration files in includes start with config. etc. Oh to work on such little sized sites again :) Not that I'm belittling your projects Tijnema, because I'm not - but I've not worked on a site with a structure that could be that simple for a long time now, I kinda miss it actually!! Hell even the 'images folder' had to be split across multiple servers in the code I finished today. I have actually very big projects, with hundreds of PHP files in the includes folder. I just give them a logical name and it works for me, so if I have for example about 10 scripts(classes) that all relate to file handling, I name them like this class.file.open.php class.file.close.php class.file.read.php class.file.write.php Of course this is just an example, as you don't need a seperate class for file opening.., but you got the point of my file naming now. With this I don't have any problems having 100s of php files in one directory. A lot of Robert's structure makes complete sense. I never keep libraries inside the webroot that simply don't need to be there. Infact if a script doesn't output anything 'web related' (image, rss, html) or process data from the site, it doesn't need to live in the webroot at all. I use a similar principal for the 'admin' area of the site too, which I'm sure you'd hate ;) but I always code my admin areas so that they can run on an entirely different domain name and/or server if needs be. Only as a last resort do they ever live in /admin, and never will they share libs that the 'public' site uses, they are entirely stand-alone entities. You're right in that it is down to personal preference though :) Cheers, Rich It doesn't need to be there, but I like to have all files for a project in a single folder. And what does make the difference if it doesn't output anything? Tijnema -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP debugger
Miles Thompson wrote: > Suggestions will be most welcome. Also, I'm not married to this, so if > anyone thinks there is a better debugger, please jump in. I'm not going to jump in there ... I almost drown in that quagmire everytime I have to get a debugger setup working ... but ... > > Regards - Miles Thompson > > PS Why are we doing this? Because we are getting tired of debugging > with Javascript alert() boxes. /mt > > PPS And we are using those because of Joomla! Some things are buried > so deeply we cannot use print() or echo(). /mt 2 things: 1. when you have no hair left whatsoever: var_dump($foo); exit; 2. error_log() is your friend tail the log and run the code. just a thought. > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Downloading a file from MySQL
I am trying to download a file from MySQL using the following code,
but it doesn't display a file just a list of files in the database.
Anyone have any suggestions?
Code Begin
Download File From MySQL
";
}
else
{
while(list($id, $name) = mysql_fetch_array($result))
{
?>
Code End
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP debugger
On 5/25/07, Jochem Maas <[EMAIL PROTECTED]> wrote: Miles Thompson wrote: > Suggestions will be most welcome. Also, I'm not married to this, so if > anyone thinks there is a better debugger, please jump in. I'm not going to jump in there ... I almost drown in that quagmire everytime I have to get a debugger setup working ... but ... > > Regards - Miles Thompson > > PS Why are we doing this? Because we are getting tired of debugging > with Javascript alert() boxes. /mt > > PPS And we are using those because of Joomla! Some things are buried > so deeply we cannot use print() or echo(). /mt 2 things: 1. when you have no hair left whatsoever: var_dump($foo); exit; 2. error_log() is your friend tail the log and run the code. just a thought. Hey Jochem, It's been a long slog, and I'm still playing with "test" programs to figure out how things work. It sure isn't like using a desktop debugger, especially as we are doing it all remotely. Thanks for your comments - Miles -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] installing error
Hello does anyone know the correct way to install PHP and APACHE (last versions both of them) on WinXP???, Im doing it with the installers and I cannot even run phpinfo(); script, I see apache's error log and it says that i cant find SAM directory Thank you in advance Rafa
[PHP] Using PHP to retrieve and display file from MySQL database
I am trying to download a file from MySQL and display it using the
following PHP script,
but it isn't displaying the file just a list of files in the database.
Please help.
Code Begin
Download File From MySQL
";
}
else
{
while(list($id, $name) = mysql_fetch_array($result))
{
?>
Code End
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Using PHP to retrieve and display file from MySQL database
Is there a valid $id being passed through a query ($_GET) variable, like so?: http://www.filecircus.com/somewhere/outthere/gimme.php?id=badphoto103 What happens when you click on that? -- Jared Farrish Intermediate Web Developer Denton, Tx Abraham Maslow: "If the only tool you have is a hammer, you tend to see every problem as a nail." $$
