[PHP] Re: help on using 'request_uri' to make a front-end site

[Donn Ingle]

Shawn McKenzie wrote:
> Does seem strange.  Try:
> 
> http://localhost/~donn/blah/index.php"; />
> 
> Then just use /home, /use1 etc...  Might work.
Right, I'll give it a go. It's not much different from wiring-in a php var
naming the base with {$base}/use1 being the form.

The thing that would help here is if I could get a reliable way to extract
the working 'path' (from an http:// pov) from the $_SERVER array somehow.
Each of them gives a result tantalizingly close to the base, but they get
it wrong in various ways.

Well, thanks for your help.

\d


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] preg-replace-callback problem

[Khaled Mamdouh]

In url 
http://www.php.net/manual/en/function.preg-replace-callback.php
 
I read this example:
'.$input[1].'';}return preg_replace_callback($regex, 
'parseTagsRecursive', $input);}$output = parseTagsRecursive($input);echo 
$output;?> 
 
 
example does not work if there are more deep statement in var I mean if 
$input = "plain [indent] deep [indent] deeper [/indent] deep [/indent] plain
 
  plain [indent] deep [indent] deeper [/indent] deep [/indent] plain
";
 
it does not work corectly how can I solve this problem
 
 
 
 
 
_
Express yourself instantly with MSN Messenger! Download today it's FREE!
http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/

Re: [PHP] Re: help on using 'request_uri' to make a front-end site

[Richard Heyes]

The thing that would help here is if I could get a reliable way to extract
the working 'path' (from an http:// pov) from the $_SERVER array somehow.
Each of them gives a result tantalizingly close to the base, but they get
it wrong in various ways.


You can use $_SERVER['PHP_SELF'] which will give you the path to the 
script or $_SERVER['REQUEST_URI'] (you will probably have to remove the 
query string with this), along with either dirname().


--
Richard Heyes
Employ me:
http://www.phpguru.org/cv

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: help on using 'request_uri' to make a front-end site

[Donn]

On Tuesday, 18 March 2008 12:02:14 Richard Heyes wrote:
> You can use $_SERVER['PHP_SELF'] which will give you the path to the
> script or $_SERVER['REQUEST_URI'] (you will probably have to remove the
> query string with this), along with either dirname().

The problem is that the URL does not stay constant, it keeps growing. For 
example after clicking between home and use1 a few times I see these values, 
note how index.php repeats:

'REQUEST_URI':/~donn/template-dev/routertest/index.php/index.php/home
dirname('REQUEST_URI'):/~donn/template-dev/routertest/index.php/index.php

I suppose some kind of htaccess voodoo could help here, but I am in no shape 
to grok those murky waters.

A link  causes 'index.php/use1' to be appended to the 
full url [http://localhost/~donn/template-dev/routertest/] and at first, it's 
fine but after a few clicks, it keeps appending. Amazingly things still work, 
but the URL is out of control!

All I can think to use to enforce correct link behaviour is to employ absolute 
urls.

Thanks for the feedback.
\d

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: help on using 'request_uri' to make a front-end site

[Richard Heyes]

A link  causes 'index.php/use1' to be appended to the 
full url [http://localhost/~donn/template-dev/routertest/] and at first, it's 
fine but after a few clicks, it keeps appending. Amazingly things still work, 
but the URL is out of control!


Links that don't start with a / are taken to be relative to the current 
documents path. You (probably) want this:




The forward slash at the start causes your browser to ignore whatever 
your current path is, albeit remain on the current domain.


--
Richard Heyes
Employ me:
http://www.phpguru.org/cv

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] passing variables values using POST

[Sudhakar]

i am presently passing the value of a variable to a php file using GET
after data has been inserted to the database.

ex=

$firstname = $_POST["firstname"];

if(!$sqlconnection)
{
echo "error message";
}
else
{
header("Location: thankyou.php?firstnameis=$firstname");
}

how can i send the value of $firstname using POST instead of GET as
the value is presently appearing in the address bar. ideally i would
like using POST.

NOTE = please suggest techniques that does NOT involve javascript in
order to pass $firstname using POST method, as i have done the entire
validations using php and i have assumed that user has javascript
turned off.

please advice.

thanks.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] General use of rewrite / redirect

[Aschwin Wesselius]

Hi,

In too many projects / scripts / examples, I see rewrites or redirects 
being done like (pseudocode):


if (good) {
   do something
} else {
   header (location: http://otherpage)
   exit
}

Is this a best practice? What arguments are there to use this kind of 
mechanism?


I've seen form processing being done, when finished it gets a header 
redirect to a 'succes' page.
I've seen URL's with wrong or insufficient parameters being redirected 
this way.
I've seen too many horrible things that actually belongs into a black 
book of webscripting.


What is your opinion about (ab)using rewrites / redirects? Do you use it 
quick and dirty, or is it some elegant way of controlling flow?


Thanks.
--

Aschwin Wesselius

/'What you would like to be done to you, do that to the other'/

Re: [PHP] passing variables values using POST

[Stut]

On 18 Mar 2008, at 10:43, Sudhakar wrote:

i am presently passing the value of a variable to a php file using GET
after data has been inserted to the database.

ex=

$firstname = $_POST["firstname"];

if(!$sqlconnection)
{
echo "error message";
}
else
{
header("Location: thankyou.php?firstnameis=$firstname");
}

how can i send the value of $firstname using POST instead of GET as
the value is presently appearing in the address bar. ideally i would
like using POST.

NOTE = please suggest techniques that does NOT involve javascript in
order to pass $firstname using POST method, as i have done the entire
validations using php and i have assumed that user has javascript
turned off.


In that case it can't be done. You cannot trigger a post on the client- 
side without using Javascript.


Why do you need to redirect? Why can't you display the thankyou.php  
page inline rather than bouncing off the client?


-Stut

--
http://stut.net/

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] passing variables values using POST

[viraj]

On Tue, Mar 18, 2008 at 12:45 PM, Stut <[EMAIL PROTECTED]> wrote:
> On 18 Mar 2008, at 10:43, Sudhakar wrote:
>  > i am presently passing the value of a variable to a php file using GET
>  > after data has been inserted to the database.
>
>  Why do you need to redirect? Why can't you display the thankyou.php
>  page inline rather than bouncing off the client?

or you can register the firstname into a session variable and use it
on the landing page.
but what stut suggests is the best.

~viraj

>
>  -Stut
>
>  --
>  http://stut.net/
>
>
>
>  --
>  PHP General Mailing List (http://www.php.net/)
>  To unsubscribe, visit: http://www.php.net/unsub.php
>
>

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] passing variables values using POST

[Jason Pruim]

On Mar 18, 2008, at 6:43 AM, Sudhakar wrote:


i am presently passing the value of a variable to a php file using GET
after data has been inserted to the database.

ex=

$firstname = $_POST["firstname"];

if(!$sqlconnection)
{
echo "error message";
}
else
{
header("Location: thankyou.php?firstnameis=$firstname");
}

how can i send the value of $firstname using POST instead of GET as
the value is presently appearing in the address bar. ideally i would
like using POST.

NOTE = please suggest techniques that does NOT involve javascript in
order to pass $firstname using POST method, as i have done the entire
validations using php and i have assumed that user has javascript
turned off.



by the looks of it... You already have it setup right... basically you  
would you something like this:


FORM:





mysuperphppage.php:



Of course, all untested, but it should get you the basics...


--

Jason Pruim
Raoset Inc.
Technology Manager
MQC Specialist
3251 132nd ave
Holland, MI, 49424-9337
www.raoset.com
[EMAIL PROTECTED]




--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] question about direct access to url

[Sudhakar]

hi

my question is about displaying a friendly message when someone
directly types a url in the browser.

example i have one file called form.php which processes the
information entered in the form and lets say the next page is
thankyou.php?firstname=david

by seeing the url if someone types thankyou.php?firstname=smith in the
address bar the browser will display smith.

1. so if a user enters a url in the browser directly to a specific
page("thankyou.php") i would like to display a message like =
"Direct access to this file is not allowed"

2. with the above method assuming even if i type thankyou.php in the
browser directly, though i own the file i will also get the message
"Direct access to this file is not allowed". so i would not like to
see this message, i guess for this i need to specify my IP address i
suppose.

please provide answers for 1 and 2 points above.

thanks.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] question about direct access to url

[Stut]

On 18 Mar 2008, at 12:46, Sudhakar wrote:

my question is about displaying a friendly message when someone
directly types a url in the browser.

example i have one file called form.php which processes the
information entered in the form and lets say the next page is
thankyou.php?firstname=david

by seeing the url if someone types thankyou.php?firstname=smith in the
address bar the browser will display smith.

1. so if a user enters a url in the browser directly to a specific
page("thankyou.php") i would like to display a message like =
"Direct access to this file is not allowed"


It is not possible to do this reliably. You can check the HTTP_REFERER  
variable in $_SERVER, but it's not guaranteed to exist and certainly  
not guaranteed to be accurate.


I'm guessing you want to protect access to some restricted resource,  
in which case you need to implement a server-side only check. The most  
common way to do this is to use sessions. If someone hits the page  
without a valid session you know they've not gone through the whole  
process.



2. with the above method assuming even if i type thankyou.php in the
browser directly, though i own the file i will also get the message
"Direct access to this file is not allowed". so i would not like to
see this message, i guess for this i need to specify my IP address i
suppose.


That would be one way to do it, but bear in mind that any way you put  
in to get around security is open to being exploited by other parties.  
Think carefully about whether you actually need to hit that URL  
directly all the time or just during development. If it's just during  
development it would be better to disable any security features you've  
implemented, just make sure you re-enable them before you put it live.


-Stut

--
http://stut.net/

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] General use of rewrite / redirect

[Per Jessen]

Aschwin Wesselius wrote:

> I've seen form processing being done, when finished it gets a header
> redirect to a 'succes' page.

Yes, that's a very typical setup.  When the form is processed, you send
a 303 redirect to the "Thank you" page.  That way, if the user hits
the "back" arrow, he's taken back to the form URL, not the post URL.
(which would then warn him about re-submitting etc.)

> What is your opinion about (ab)using rewrites / redirects? Do you use
> it quick and dirty, or is it some elegant way of controlling flow?

I think there are plenty of perfectly valid reasons for using a
redirect, whether dynamically from php or via an apache config.  
And undoubtedly there equally many poor reason for using redirect and/or
rewrite.  (they're very different things, by the way).



/Per Jessen, Zürich


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: Re: help on using 'request_uri' to make a front-end site

[Donn Ingle]

Richard Heyes wrote:

> The forward slash at the start causes your browser to ignore whatever
> your current path is, albeit remain on the current domain.
Okay, I think I am getting confused by this ~donn/ virtual path thing. I
will try your suggestion it looks good.

Thanks.
\d


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: question about direct access to url

[Donn Ingle]

Use sessions or (not as secure) pass a hidden form field along from form.php
to thankyou.php. You can look for it in thankyou.php and if it's not there
then you know something's wrong.

You'd check the $_POST array for your secret field and value.


\d


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] General use of rewrite / redirect

[Aschwin Wesselius]

Per Jessen wrote:

Yes, that's a very typical setup.  When the form is processed, you send
a 303 redirect to the "Thank you" page.  That way, if the user hits
the "back" arrow, he's taken back to the form URL, not the post URL.
(which would then warn him about re-submitting etc.)
  
Ok, fine. But why do a real redirect when a header with 303 could be 
sufficient? If you model good enough, there would not be a need for 
header(location) redirects. Or am I wrong?

What is your opinion about (ab)using rewrites / redirects? Do you use
it quick and dirty, or is it some elegant way of controlling flow?


I think there are plenty of perfectly valid reasons for using a
redirect, whether dynamically from php or via an apache config.  
And undoubtedly there equally many poor reason for using redirect and/or

rewrite.  (they're very different things, by the way).
I know they're different things. I only want to start a discussion so 
people do understand other techniques instead of just using whatever 
'works' as a solution to their problem with flow. Redirects do solve 
some issues, but they should be avoided whenever possible.


header(location) mechanisms do come with a very huge disadvantage if you 
don't use them with caution. Requests are reinitialised, libraries 
loaded (again), DB connections setup/checked again, session lookups are 
being done, log write for another request etc. That's quite an impact 
for just not knowing what to do with flow. So, if you know what you want 
to handle (control) and what you want the user to see (view), one should 
be able to model it without the use of redirects unless it really is needed.


Or is it OK, to redirect and 'simplify' the flow?
--

Aschwin Wesselius

/'What you would like to be done to you, do that to the other'/

Re: [PHP] General use of rewrite / redirect

[Thijs Lensselink]

Quoting Aschwin Wesselius <[EMAIL PROTECTED]>:


Per Jessen wrote:

Yes, that's a very typical setup.  When the form is processed, you send
a 303 redirect to the "Thank you" page.  That way, if the user hits
the "back" arrow, he's taken back to the form URL, not the post URL.
(which would then warn him about re-submitting etc.)


Ok, fine. But why do a real redirect when a header with 303 could be
sufficient? If you model good enough, there would not be a need for
header(location) redirects. Or am I wrong?

What is your opinion about (ab)using rewrites / redirects? Do you use
it quick and dirty, or is it some elegant way of controlling flow?



I think there are valid reasons for using a header(location) redirect.  
As Per already pointed out. I don't see what using header() has to do  
with a good design. Sometimes you just want to do a redirect 303 or  
not :)



I think there are plenty of perfectly valid reasons for using a
redirect, whether dynamically from php or via an apache config.
And undoubtedly there equally many poor reason for using redirect   
and/or

rewrite.  (they're very different things, by the way).

I know they're different things. I only want to start a discussion so
people do understand other techniques instead of just using whatever
'works' as a solution to their problem with flow. Redirects do solve
some issues, but they should be avoided whenever possible.

header(location) mechanisms do come with a very huge disadvantage if
you don't use them with caution. Requests are reinitialised, libraries
loaded (again), DB connections setup/checked again, session lookups are
being done, log write for another request etc. That's quite an impact
for just not knowing what to do with flow. So, if you know what you
want to handle (control) and what you want the user to see (view), one
should be able to model it without the use of redirects unless it
really is needed.


Not much different from a normal page load.



Or is it OK, to redirect and 'simplify' the flow?


I think it's ok to use. Also think about the fact that not all PHP  
applications are giant OO monsters. There's some simple scripts out  
there also. For wich header would be sufficient.



--

Aschwin Wesselius

/'What you would like to be done to you, do that to the other'/




--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: problem with this regex to remove img tag...

[David Giragosian]

On 3/16/08, Ryan A <[EMAIL PROTECTED]> wrote:
>
> Now that thats over... can anybody recommend a good starting point to learn 
> regex in baby steps?
>
> Cheers!
> R

Mastering Regular Expressions, by Jeffrey Friedl
ISBN 0-596-00289-0

-- 

-David.

When the power of love
overcomes the love of power,
the world will know peace.

-Jimi Hendrix

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] General use of rewrite / redirect

[Børge Holen]

On Tuesday 18 March 2008 14:22:26 Aschwin Wesselius wrote:
> Per Jessen wrote:
> > Yes, that's a very typical setup.  When the form is processed, you send
> > a 303 redirect to the "Thank you" page.  That way, if the user hits
> > the "back" arrow, he's taken back to the form URL, not the post URL.
> > (which would then warn him about re-submitting etc.)
>
> Ok, fine. But why do a real redirect when a header with 303 could be
> sufficient? If you model good enough, there would not be a need for
> header(location) redirects. Or am I wrong?
>
> >> What is your opinion about (ab)using rewrites / redirects? Do you use
> >> it quick and dirty, or is it some elegant way of controlling flow?
> >
> > I think there are plenty of perfectly valid reasons for using a
> > redirect, whether dynamically from php or via an apache config.
> > And undoubtedly there equally many poor reason for using redirect and/or
> > rewrite.  (they're very different things, by the way).
>
> I know they're different things. I only want to start a discussion so
> people do understand other techniques instead of just using whatever
> 'works' as a solution to their problem with flow. Redirects do solve
> some issues, but they should be avoided whenever possible.
>
> header(location) mechanisms do come with a very huge disadvantage if you
> don't use them with caution. Requests are reinitialised, libraries
> loaded (again), DB connections setup/checked again, session lookups are
> being done, log write for another request etc. That's quite an impact
> for just not knowing what to do with flow. So, if you know what you want
> to handle (control) and what you want the user to see (view), one should
> be able to model it without the use of redirects unless it really is
> needed.
>
> Or is it OK, to redirect and 'simplify' the flow?

Are you asking or informing? The way of; I know it all, how do I do it? is 
confusing. All you do is stating the obvious either way, while it all depends 
on the task at hand. You may want to reconnect to a different db, cleaning 
out variables and posts? dunno.
Probably you want the least possible transfer over the network since that is 
more costly than a new computer to a cluster. But with 10.000 users you have 
to do the math yourself, cuz heavy db tasks vs a small increase in traffic...


-- 
---
Børge Holen
http://www.arivene.net

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] General use of rewrite / redirect

[jeffry s]

On Tue, Mar 18, 2008 at 9:22 PM, Aschwin Wesselius <[EMAIL PROTECTED]>
wrote:

> Per Jessen wrote:
> > Yes, that's a very typical setup.  When the form is processed, you send
> > a 303 redirect to the "Thank you" page.  That way, if the user hits
> > the "back" arrow, he's taken back to the form URL, not the post URL.
> > (which would then warn him about re-submitting etc.)
> >
> Ok, fine. But why do a real redirect when a header with 303 could be
> sufficient? If you model good enough, there would not be a need for
> header(location) redirects. Or am I wrong?
> >> What is your opinion about (ab)using rewrites / redirects? Do you use
> >> it quick and dirty, or is it some elegant way of controlling flow?
> >>
> > I think there are plenty of perfectly valid reasons for using a
> > redirect, whether dynamically from php or via an apache config.
> > And undoubtedly there equally many poor reason for using redirect and/or
> > rewrite.  (they're very different things, by the way).
> I know they're different things. I only want to start a discussion so
> people do understand other techniques instead of just using whatever
> 'works' as a solution to their problem with flow. Redirects do solve
> some issues, but they should be avoided whenever possible.
>
> header(location) mechanisms do come with a very huge disadvantage if you
> don't use them with caution. Requests are reinitialised, libraries
> loaded (again), DB connections setup/checked again, session lookups are
> being done, log write for another request etc. That's quite an impact
> for just not knowing what to do with flow. So, if you know what you want
> to handle (control) and what you want the user to see (view), one should
> be able to model it without the use of redirects unless it really is
> needed.
>
> Or is it OK, to redirect and 'simplify' the flow?
> --
>
> Aschwin Wesselius
>
> /'What you would like to be done to you, do that to the other'/
>
>
i am sorry.. but i don't get what u really want to say. honestly, i don't
see any other way
(better alternative) to avoid people to simply refresh the browser to submit
the form
many time.

>Requests are reinitialised, libraries
>loaded (again), DB connections setup/checked again, session lookups are
>being done, log write for another request etc.

i don't see anything wrong with this since that is the way it is. whether
you redirect or
not, the script will do DB connection, session lookup anyway. i simply
called exit;
to stop execution after the header redirect..

sorry.. if i misunderstand your point. but that is just my opinion..

Re: [PHP] General use of rewrite / redirect

[Aschwin Wesselius]

jeffry s wrote:

Requests are reinitialised, libraries
loaded (again), DB connections setup/checked again, session lookups are
being done, log write for another request etc.



i don't see anything wrong with this since that is the way it is. whether
you redirect or
not, the script will do DB connection, session lookup anyway. i simply
called exit;
to stop execution after the header redirect..

sorry.. if i misunderstand your point. but that is just my opinion..

Ok, let me point it out with an example:

include(this);
include(that);

connect(db);

session check

That is what normally could exist on a script for every page hit.

If you have a page that only does this:

if (GET || POST) {

   process form variables
   header (location: thankyou)
   exit
}
else {
   whatever
}

On the thankyou:

echo 'thank you'

What happens is that just for submitting a form (or any process on any 
page), most cases all kind of libraries are included, db connection is 
made, sessions are checked etc. Besides the effect on PHP, the webserver 
does his job too, writing to logs, creating threads etc. Conclusion is 
'load per page'.


So what happens in short looks like this:

- do heavy stuff
- process page
- redirect
- do heavy stuff
- show thank you

Why not:

- do heavy stuff
- process page
- show thank you

That is my question. How do you people think about the trade-off of 
performance against the ease of just redirecting to another URL just to 
be sure a user get's to the right destination?

--

Aschwin Wesselius

/'What you would like to be done to you, do that to the other'/

Re: [PHP] General use of rewrite / redirect

[Per Jessen]

Aschwin Wesselius wrote:

> Per Jessen wrote:
>> Yes, that's a very typical setup.  When the form is processed, you
>> send a 303 redirect to the "Thank you" page.  That way, if the user
>> hits the "back" arrow, he's taken back to the form URL, not the post
>> URL.  (which would then warn him about re-submitting etc.)
>>   
> Ok, fine. But why do a real redirect when a header with 303 could be
> sufficient? If you model good enough, there would not be a need for
> header(location) redirects. Or am I wrong?

What's the difference between a "real redirect" and a header with a 303?  


>> I think there are plenty of perfectly valid reasons for using a
>> redirect, whether dynamically from php or via an apache config.
>> And undoubtedly there equally many poor reason for using redirect
>> and/or rewrite.  (they're very different things, by the way).
> I know they're different things. I only want to start a discussion so
> people do understand other techniques instead of just using whatever
> 'works' as a solution to their problem with flow. Redirects do solve
> some issues, but they should be avoided whenever possible.

But redirect and rewrite are not solutions to the same "problem" - a
rewrite is altering the URL internally, a redirect happens externally.

> header(location) mechanisms do come with a very huge disadvantage if
> you don't use them with caution. Requests are reinitialised, libraries
> loaded (again), DB connections setup/checked again, session lookups
> are being done, log write for another request etc. That's quite an
> impact for just not knowing what to do with flow. 

I'm having difficulties following you - a plain 303 redirect to a "Thank
you" page shouldn't cause all of that.  It's an HTTP reply with the 303
and the new URL, followed by a single URL request from the browser.


/Per Jessen, Zürich


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] General use of rewrite / redirect

[Per Jessen]

Aschwin Wesselius wrote:

> Ok, let me point it out with an example:
> 
> include(this);
> include(that);
> connect(db);
> session check
> 
> That is what normally could exist on a script for every page hit.

Yep, that looks common enough.

> If you have a page that only does this:
> 
> if (GET || POST) {
> process form variables
> header (location: thankyou)
> exit
> }
> else {
> whatever
> }
> 
> On the thankyou:
> 
> echo 'thank you'
> 
> What happens is that just for submitting a form (or any process on any
> page), most cases all kind of libraries are included, db connection is
> made, sessions are checked etc. Besides the effect on PHP, the
> webserver does his job too, writing to logs, creating threads etc.
> Conclusion is 'load per page'.

Well, only if you write it like that.  The typical "Thank you" page does
not include all of that stuff.  It's pretty much static with some
(cached) graphics, a "Thank you" and a link back to the main page (or
whereever).

> That is my question. How do you people think about the trade-off of
> performance against the ease of just redirecting to another URL just
> to be sure a user get's to the right destination?

My typical setup for a form-page probably looks like this:

if ( $_POST )
{
// do POST processing
header(303 thankyou.html).
exit
}
// regular page starts here
// process GET (if any)
// database stuff
// display page.



/Per Jessen, Zürich


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] PHP 5 file_get_contents() problems

[Chris]

I've encountered a situation where under PHP 5 the file_get_contents()
function will not work properly (actually not at all) if the php.ini
Filesystem configuration parameter, allow_url_include is set to OFF.
According to the PHP documentation allow_url_include is intended to
limiting PHP from accessing scripts on other servers.

I have read posts that suggest setting allow_url_include to ON as
a solution. Well that's great if you have the ability to modify your
php.ini. But what if you have an account on a shared hosting system
and the hosting company will NOT make the requested change?

Is there a work around to this or how would one access remote web services 
if allow_url_include is OFF. This looks like a huge problem since many 
services, like PayPal's IPN and Google maps geocoding, rely on communication 
with their servers.

Thanks,
Chris 



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] PHP 5 file_get_contents() problems

[Greg Bowser]

The actual setting is allow_url_fopen.  allow_url_include controls whether
or not you can use a remote URL as an include (however, if allow_url_fopen
is off, then allow_url_include will also be off.)

The short answer to your question is: yes, there is a way. Several ways, in
fact. You could use curl, or you could use an Http client written in php.
The latter involves using either the socket_ or the fsocket functions.


* http://scripts.incutio.com/httpclient/

On Tue, Mar 18, 2008 at 10:11 AM, Chris <[EMAIL PROTECTED]> wrote:

> I've encountered a situation where under PHP 5 the file_get_contents()
> function will not work properly (actually not at all) if the php.ini
> Filesystem configuration parameter, allow_url_include is set to OFF.
> According to the PHP documentation allow_url_include is intended to
> limiting PHP from accessing scripts on other servers.
>
> I have read posts that suggest setting allow_url_include to ON as
> a solution. Well that's great if you have the ability to modify your
> php.ini. But what if you have an account on a shared hosting system
> and the hosting company will NOT make the requested change?
>
> Is there a work around to this or how would one access remote web services
> if allow_url_include is OFF. This looks like a huge problem since many
> services, like PayPal's IPN and Google maps geocoding, rely on
> communication
> with their servers.
>
> Thanks,
> Chris
>
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>

Re: [PHP] PHP 5 file_get_contents() problems

[Thijs Lensselink]

Quoting Chris <[EMAIL PROTECTED]>:


I've encountered a situation where under PHP 5 the file_get_contents()
function will not work properly (actually not at all) if the php.ini
Filesystem configuration parameter, allow_url_include is set to OFF.
According to the PHP documentation allow_url_include is intended to
limiting PHP from accessing scripts on other servers.

I have read posts that suggest setting allow_url_include to ON as
a solution. Well that's great if you have the ability to modify your
php.ini. But what if you have an account on a shared hosting system
and the hosting company will NOT make the requested change?

Is there a work around to this or how would one access remote web services
if allow_url_include is OFF. This looks like a huge problem since many
services, like PayPal's IPN and Google maps geocoding, rely on communication
with their servers.



Try ini_set("allow_url_include", "1"); In your script. (not tested)

If that doesn't help. You can use CURL for this :  
http://php.net/manual/en/ref.curl.php



--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] PHP 5 file_get_contents() problems

[Greg Bowser]

for security reasons, allow_url_include can only be set from the main
php.ini

On Tue, Mar 18, 2008 at 10:22 AM, Thijs Lensselink <[EMAIL PROTECTED]> wrote:

> Quoting Chris <[EMAIL PROTECTED]>:
>
> > I've encountered a situation where under PHP 5 the file_get_contents()
> > function will not work properly (actually not at all) if the php.ini
> > Filesystem configuration parameter, allow_url_include is set to OFF.
> > According to the PHP documentation allow_url_include is intended to
> > limiting PHP from accessing scripts on other servers.
> >
> > I have read posts that suggest setting allow_url_include to ON as
> > a solution. Well that's great if you have the ability to modify your
> > php.ini. But what if you have an account on a shared hosting system
> > and the hosting company will NOT make the requested change?
> >
> > Is there a work around to this or how would one access remote web
> services
> > if allow_url_include is OFF. This looks like a huge problem since many
> > services, like PayPal's IPN and Google maps geocoding, rely on
> communication
> > with their servers.
> >
>
> Try ini_set("allow_url_include", "1"); In your script. (not tested)
>
> If that doesn't help. You can use CURL for this :
> http://php.net/manual/en/ref.curl.php
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>

Re: [PHP] General use of rewrite / redirect

[Per Jessen]

Aschwin Wesselius wrote:
> Per Jessen wrote:
>>
>> I'm having difficulties following you - a plain 303 redirect to a "Thank
>> you" page shouldn't cause all of that.  It's an HTTP reply with the 303
>> and the new URL, followed by a single URL request from the browser.
>>   
> OK. I think I know how other people (like you) think about just
> requesting URL's one after another. If that's not such a performance
> issue for you, fine.

It's not really - serving URLs one after another is what apache is good
at :-)

> A plain 303 redirect mostly isn't just a HTML file, it's another script
> (or the same script with another action falling through a switch
> statement, whatever).

I disagree - unless the 303 directs back to a new form-entry, the
redirect URL is almost always a plain static page.  Well, in my designs
anyway.

> Point is: why hitting you webserver with multiple requests per user,
> just after submitting a form or whatever caused the redirect? If you
> have 2 users per day, that won't hurt. But if you have 30.000 concurrent
> users a minute, that could be 60.000 requests (besides all the images,
> stylesheets, javascripts that are being re-requested). 

Of which a lot will be cached.  But I get your point.
The main question is - what is the alternative to the 303?  Sometimes I
use a method where I set a messages in $_SESSION which will then be
displayed on the next page, but I usually only use that in closed
(=non-public) web-apps.  Even then I still issue the 303 - I don't see
how you can get around that.

Wrt performance - the old adage of "buy a bigger box" is becoming more
and more applicable every day.  It's not always one I agree with, but
sometimes performance problems _are_ best solved by a bigger box.

> Or am I talking nonsense?

You seem to be stuck on the possible performance issues in the
superfluous serving and processing of a "Thank you" page.  Granted, if
your thankyou.html includes all sort of superfluous processing, you've
got a problem, but you solve that by getting rid of all that superfluous
code (in the 303 page).



/Per Jessen

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] PHP 5 file_get_contents() problems

[Thijs Lensselink]

Quoting Greg Bowser <[EMAIL PROTECTED]>:


for security reasons, allow_url_include can only be set from the main
php.ini



I wasn't sure about that one. Thanks for the correction.


On Tue, Mar 18, 2008 at 10:22 AM, Thijs Lensselink <[EMAIL PROTECTED]> wrote:


Quoting Chris <[EMAIL PROTECTED]>:

> I've encountered a situation where under PHP 5 the file_get_contents()
> function will not work properly (actually not at all) if the php.ini
> Filesystem configuration parameter, allow_url_include is set to OFF.
> According to the PHP documentation allow_url_include is intended to
> limiting PHP from accessing scripts on other servers.
>
> I have read posts that suggest setting allow_url_include to ON as
> a solution. Well that's great if you have the ability to modify your
> php.ini. But what if you have an account on a shared hosting system
> and the hosting company will NOT make the requested change?
>
> Is there a work around to this or how would one access remote web
services
> if allow_url_include is OFF. This looks like a huge problem since many
> services, like PayPal's IPN and Google maps geocoding, rely on
communication
> with their servers.
>

Try ini_set("allow_url_include", "1"); In your script. (not tested)

If that doesn't help. You can use CURL for this :
http://php.net/manual/en/ref.curl.php


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php








--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] General use of rewrite / redirect

[Aschwin Wesselius]

Per Jessen wrote:



header(location) mechanisms do come with a very huge disadvantage if
you don't use them with caution. Requests are reinitialised, libraries
loaded (again), DB connections setup/checked again, session lookups
are being done, log write for another request etc. That's quite an
impact for just not knowing what to do with flow. 



I'm having difficulties following you - a plain 303 redirect to a "Thank
you" page shouldn't cause all of that.  It's an HTTP reply with the 303
and the new URL, followed by a single URL request from the browser.
  
OK. I think I know how other people (like you) think about just 
requesting URL's one after another. If that's not such a performance 
issue for you, fine.


A plain 303 redirect mostly isn't just a HTML file, it's another script 
(or the same script with another action falling through a switch 
statement, whatever).


Point is: why hitting you webserver with multiple requests per user, 
just after submitting a form or whatever caused the redirect? If you 
have 2 users per day, that won't hurt. But if you have 30.000 concurrent 
users a minute, that could be 60.000 requests (besides all the images, 
stylesheets, javascripts that are being re-requested). Or am I talking 
nonsense?

--

Aschwin Wesselius

/'What you would like to be done to you, do that to the other'/

Re: [PHP] General use of rewrite / redirect

[Jason Pruim]

On Mar 18, 2008, at 10:11 AM, Per Jessen wrote:


Per Jessen wrote:


My typical setup for a form-page probably looks like this:

if ( $_POST )
{
   // do POST processing
   header(303 thankyou.html).
   exit
}


If I wanted the user back on the same form page, but still with a  
"thank

you" message, I'd still do a 303, but use $_SESSION to indicate that
the user needs a "thank you" message displayed.



Just to play devils advocate and to try and understand things better...

Is there any reason you couldn't do a simple:

$formsubmitted= true;

if($formsubmitted = true){
Thank you for giving the bad guys your credit card number hahahahahah!
}else{
echo <

Re: [PHP] General use of rewrite / redirect

[Per Jessen]

Per Jessen wrote:

> My typical setup for a form-page probably looks like this:
> 
> if ( $_POST )
> {
> // do POST processing
> header(303 thankyou.html).
> exit
> }

If I wanted the user back on the same form page, but still with a "thank
you" message, I'd still do a 303, but use $_SESSION to indicate that
the user needs a "thank you" message displayed.  


/Per Jessen, Zürich


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] General use of rewrite / redirect

[Jason Pruim]

On Mar 18, 2008, at 10:08 AM, Aschwin Wesselius wrote:


Per Jessen wrote:



header(location) mechanisms do come with a very huge disadvantage if
you don't use them with caution. Requests are reinitialised,  
libraries

loaded (again), DB connections setup/checked again, session lookups
are being done, log write for another request etc. That's quite an
impact for just not knowing what to do with flow.


I'm having difficulties following you - a plain 303 redirect to a  
"Thank
you" page shouldn't cause all of that.  It's an HTTP reply with the  
303

and the new URL, followed by a single URL request from the browser.

OK. I think I know how other people (like you) think about just  
requesting URL's one after another. If that's not such a performance  
issue for you, fine.


A plain 303 redirect mostly isn't just a HTML file, it's another  
script (or the same script with another action falling through a  
switch statement, whatever).


Point is: why hitting you webserver with multiple requests per user,  
just after submitting a form or whatever caused the redirect? If you  
have 2 users per day, that won't hurt. But if you have 30.000  
concurrent users a minute, that could be 60.000 requests (besides  
all the images, stylesheets, javascripts that are being re- 
requested). Or am I talking nonsense?


I don't know much about the actual load stuff... but I do know unless  
you specifically set it, the CSS should be cached unless you refresh  
it and the date has changed on the file. I assume the same with the  
images as well.





--

Aschwin Wesselius

/'What you would like to be done to you, do that to the other'/


--

Jason Pruim
Raoset Inc.
Technology Manager
MQC Specialist
3251 132nd ave
Holland, MI, 49424-9337
www.raoset.com
[EMAIL PROTECTED]




--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] General use of rewrite / redirect

[Stut]

On 18 Mar 2008, at 14:08, Aschwin Wesselius wrote:

Per Jessen wrote:



header(location) mechanisms do come with a very huge disadvantage if
you don't use them with caution. Requests are reinitialised,  
libraries

loaded (again), DB connections setup/checked again, session lookups
are being done, log write for another request etc. That's quite an
impact for just not knowing what to do with flow.


I'm having difficulties following you - a plain 303 redirect to a  
"Thank
you" page shouldn't cause all of that.  It's an HTTP reply with the  
303

and the new URL, followed by a single URL request from the browser.

OK. I think I know how other people (like you) think about just  
requesting URL's one after another. If that's not such a performance  
issue for you, fine.


A plain 303 redirect mostly isn't just a HTML file, it's another  
script (or the same script with another action falling through a  
switch statement, whatever).


Point is: why hitting you webserver with multiple requests per user,  
just after submitting a form or whatever caused the redirect? If you  
have 2 users per day, that won't hurt. But if you have 30.000  
concurrent users a minute, that could be 60.000 requests (besides  
all the images, stylesheets, javascripts that are being re- 
requested). Or am I talking nonsense?


What Per is saying is that you should be doing the minimum amount of  
work possible to handle each request. If you have a shedload of code  
that runs for every single page request regardless of what it's going  
to do then your architecture sucks. If that is the case then avoiding  
unnecessary bounces off the client is probably a good idea. If your  
site is well-architected then redirects of this type will probably not  
be a big performance drain.


One minor thing... a 303 redirect is permanent. In this situation you  
want to use a 302 otherwise you could potentially cause problems with  
proxies.


My opinion is that a redirect is the best way to prevent duplicate  
posts. It prevents the user from getting the confusing popup and it  
means you don't need to track whether a form has been posted yet. If  
your application is well-architected you shouldn't need to worry about  
performance.


-Stut

--
http://stut.net/

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: problem with this regex to remove img tag...

[Daniel Brown]

2008/3/17 Jonathan Crawford <[EMAIL PROTECTED]>:
>
>  http://www.regular-expressions.info/php.html

I second http://www.regular-expressions.info/.

-- 

Forensic Services, Senior Unix Engineer
1+ (570-) 362-0283

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] General use of rewrite / redirect

[Stut]

On 18 Mar 2008, at 14:49, Jason Pruim wrote:

On Mar 18, 2008, at 10:11 AM, Per Jessen wrote:

Per Jessen wrote:

My typical setup for a form-page probably looks like this:

if ( $_POST )
{
  // do POST processing
  header(303 thankyou.html).
  exit
}


If I wanted the user back on the same form page, but still with a  
"thank

you" message, I'd still do a 303, but use $_SESSION to indicate that
the user needs a "thank you" message displayed.



Just to play devils advocate and to try and understand things  
better...


Is there any reason you couldn't do a simple:

$formsubmitted= true;

if($formsubmitted = true){
	Thank you for giving the bad guys your credit card number  
hahahahahah!

}else{
echo <

Re: [PHP] General use of rewrite / redirect

[Thijs Lensselink]

Quoting Aschwin Wesselius <[EMAIL PROTECTED]>:


Per Jessen wrote:



header(location) mechanisms do come with a very huge disadvantage if
you don't use them with caution. Requests are reinitialised, libraries
loaded (again), DB connections setup/checked again, session lookups
are being done, log write for another request etc. That's quite an
impact for just not knowing what to do with flow.


I'm having difficulties following you - a plain 303 redirect to a "Thank
you" page shouldn't cause all of that.  It's an HTTP reply with the 303
and the new URL, followed by a single URL request from the browser.


OK. I think I know how other people (like you) think about just
requesting URL's one after another. If that's not such a performance
issue for you, fine.


People like who? Come on we try to help.



A plain 303 redirect mostly isn't just a HTML file, it's another script
(or the same script with another action falling through a switch
statement, whatever).


A 303 is whatever you make of it.



Point is: why hitting you webserver with multiple requests per user,
just after submitting a form or whatever caused the redirect? If you
have 2 users per day, that won't hurt. But if you have 30.000
concurrent users a minute, that could be 60.000 requests (besides all
the images, stylesheets, javascripts that are being re-requested). Or
am I talking nonsense?


True. Why hit your webserver with useless requests.
But if you submit a form. There must be a action behind it .. right?
So you either reload the page, use header() or some other method. The  
next page needs to be loaded. And so will CSS, JS, images.



--

Aschwin Wesselius

/'What you would like to be done to you, do that to the other'/




--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] __halt_compiler()

[Philip Thompson]

On Mar 17, 2008, at 10:34 AM, Mikey wrote:


Shawn McKenzie wrote:

Daniel Brown wrote:
On Sun, Mar 16, 2008 at 4:18 PM, Casey <[EMAIL PROTECTED]>  
wrote:

Hi list!

__halt_compiler(). Does anyone use it?

I've used it obsessively in my past two "projects" to store data
(specifically CSV) in the PHP files. These two "projects"  
consisted of

only one file, and I didn't want to clutter everything and involve
databases and/or XML files.

Your thoughts?

   In my opinion, if you're distributing open source scripts or the
like, and wanted to send out a really simple installer package, that
would be fine.  All-in-all, you want to evaluate the scope of your
code, the knowledge level of your user base, the means by which the
code will be shared, et cetera.  It's really up to your best  
educated

judgment on a per-project basis.

   Now, the world don't move to the beat of just one drum.  What
might be right for you may not be right for some: a man is born,  
he's
a man of means.  Then along come two and they've got nothing but  
their
genes, but they've got Diff'rent Strokes.  It takes Diff'rent  
Strokes.

It takes Diff'rent Strokes to move the world.

   Everybody's got a special kind of story.  Everybody finds their
way to shine.  It don't matter that you got not a lot; so what?
They'll have theirs and you'll have yours and I'll have mine.  And
together, we'll be fine!  'Cause it takes Diff'rent Strokes to move
the world.

   Yes, it does, it takes Diff'rent Strokes to move the world.


What you talk'n about Willis?


(tugs on cheeky cheeks!)



Yeah, I wasn't sure whether I was supposed to raise my lighter or cry...

~Philip

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] General use of rewrite / redirect

[Per Jessen]

Stut wrote:

> One minor thing... a 303 redirect is permanent. In this situation you
> want to use a 302 otherwise you could potentially cause problems with
> proxies.

A redirect following a POST really should be a 303 - RFC 2616 :

10.3.4 303 See Other

The response to the request can be found under a different URI and
SHOULD be retrieved using a GET method on that resource. This method
exists primarily to allow the output of a POST-activated script to
redirect the user agent to a selected resource. 


/Per Jessen, Zürich


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] General use of rewrite / redirect

[Stut]

On 18 Mar 2008, at 15:33, Per Jessen wrote:

Stut wrote:


One minor thing... a 303 redirect is permanent. In this situation you
want to use a 302 otherwise you could potentially cause problems with
proxies.


A redirect following a POST really should be a 303 - RFC 2616 :

10.3.4 303 See Other

The response to the request can be found under a different URI and
SHOULD be retrieved using a GET method on that resource. This method
exists primarily to allow the output of a POST-activated script to
redirect the user agent to a selected resource.


My bad. Confusing a 303 with a 301. It's been a long day. Etc.

-Stut

--
http://stut.net/

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Closures

[Ray Hauge]

I've been reading up on some of the parts of PHP that has been suggested 
could be improved so that I could be more well informed.  One of the 
more "interesting" (for lack of a better word) suggestions is closures. 
 I've used closures primarily in JavaScript, and they are handy in that 
context, but JavaScript handles events and other more dynamic situations 
like that.


I can't really think of any good examples of why I'd want to use a 
closure instead of just calling functions or class methods in PHP. 
Variable functions and call_user_func*() have worked for any of the 
cases where I did need to be a bit more dynamic.


I found a great summary of some discussion on the internals mailing list 
over here: http://devzone.zend.com/node/view/id/2013#Heading1


After reading that article through, I do like Wez's idea of how to 
create anonymous functions.  The point about it causing confusion with 
people coming from other languages definitely applies though.  This 
article also gives me a second idea for this post.  How many people 
would want closures in PHP?


In summary:

Would you want closures in PHP, and why?

--
Ray Hauge
www.primateapplications.com

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Is this the best way?

[TG]

> > Somehow it is getting to this statement and the variable that you  
> > are using just before the ORDER BY part is empty,  Why don't you  
> > show us that statement.
> 
> Requested statement below:
> 
> $query = "SELECT * from ".$linkauth['table']." order by ".$sortOrder;
> 
> The $linkauth['table'] is returned when the authentication is  
> successful. Otherwise it's not written so that you have to log in to  
> see the contents of the database.


Sorry, havn't had a ton of time to go over mailing list messages recently.   
If I recall, you said that the big issue was that this query shouldn't run 
if the user isn't logged in.  So that would point to an issue with your 
logic before you get to this point.  You might see where you're checking 
for the user being logged in or not and make sure everything is within the 
proper "if" grouping.


This specific query and the reason you're getting that MySQL error is 
probably because when a user isn't logged in, your $linkauth['table'] 
variable is empty.  So what you're getting for a SQL statement is:

SELECT * from  order by <$sortOrder if it's populated>



If you fix your "user is/isn't logged in" conditional statement so it doesn't 
get to this SQL query, then you won't have to worry about this error.

You can also check to make sure $linkauth['table'] has something in it before 
running the query.. skip it if it's empty or has an invalid table name.


-TG

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Is this the best way?

[Jochem Maas]

what started out as a simple little reply bloated out into an inpromptu brain
fart ... lots of bla .. enjoy :-)

Jason Pruim schreef:

Hi everyone,

I am attempting to add a little error checking for a very simple login 
system. The info is stored in a MySQL database, and I am using mysqli to 
connect to it. I have it working with the solution provided below, but I 
am wondering if this is the right way to do it or if there is a better way?


at an abstract level you might consider that your function could simply
always return a boolean (true = logged in, false = not logged in) and that the
rest of the application retrieves all the other data via the session
(as opposed to returning half the data and storing half in the session)

if you choose to store everything and only return authentication state you
might also consider to abstract the storage somewhat so that other code doesn't
have to access the session data directly. we call this concept 'loose coupling'.
for instance:

function getUserInfo($key = null)
{
if (!isset($_SESSION['user']['loggedin']))
return null;

if (!$_SESSION['loggedin'])
return null;

$key = trim((string)$key);

if ($key == '')
return $_SESSION['user'];

if (isset($_SESSION['user'][$key]))
return $_SESSION['user'][$key];

return null;
}

this example still requires that the the consumer of getUserInfo() knows
the names of the relevant columns (from multiple tables?) .. this could also
be abstracted, a simple solution would be something like:

// put these in a config file, (CKEY = 'cache key' ... just a thought)
define('CKEY_USER_NAME',  'loginName');
define('CKEY_USER_LEVEL', 'adminLevel');
define('CKEY_USER_TABLE', 'tableName');


$uName  = getUserInfo( CKEY_USER_NAME );
$uLevel = getUserInfo( CKEY_USER_LEVEL );
$uLevel = getUserInfo( CKEY_USER_TABLE );

... you get? ... incidentally your column names seem to be case-sensitive,
I recommend lower or upper (depending on DBMS) case only for sql entity names
for two reasons:

1. you avoid nitpicky irritations due to SQL case-sensitivity related bugs
in your code.

2. if you lowercase all entity names you can write stuff like so:

$sql = "SELECT foo, bar FROM qux WHERE abc = 1 AND def=2";

which is a little more readable than this:

$sql = "SELECT FOO, BAR FROM QUX WHERE ABC = 1 AND DEF=2";

of course it should be more like:

$sql = "SELECT `foo`, `bar` FROM `qux` WHERE `abc`=1 AND `def`=2";

using case to differentiate between SQL and entity names becomes more useful
as the queries become more complex. I also tend to then break then up into 
lines:

$sql = "SELECT
q.`foo', q.`bar`,
na.`foo` AS nafoo, na.`bar` AS nabar,
noo.`foo` AS noofoo, noo.`bar` AS noobar,
FROM
`qux` AS q
LEFT JOIN
`na`  AS na  ON na.`qux_id`  = q.`id`
LEFT JOIN
`noo` AS noo ON noo.`qux_id` = q.`id`
WHERE
(`abc`=? AND `def`=?)
AND
q.`id` IN (SELECT `qux_id` FROM `quxnobbins` WHERE 
`nobbin_id`=?)
AND (
(`start_date` BETWEEN ? AND ?) OR
(`start_date` BETWEEN ? AND ?)
)";





My thinking with this is if more then 1 record is returned from the 
database, then there is a issue... If only  is returned then the 
username/password matched and I can safely show them the info...


$rowcnt = mysqli_num_rows($loginResult);


we'll assume the original sql was suitably prepared (i.e. user values escaped, 
etc).
but why not 'fix' the query and/or table so that it will only ever return one 
row?


if($rowcnt !="1"){


avoid auto-casting!

if ($rowcnt !== 1) { /*...*/ }


echo "Auth failed";
die("Auth failed... Sorry");

   
   
}else{

while($row1 = mysqli_fetch_array($loginResult)) {


this 'while' is completely pointless, you know there is just one row,
no point in looping for a single iteration.

just do:

$row = mysqli_fetch_array($loginResult);
$_SESSION['user'] = $row['loginName'];
// ... etc



$_SESSION['user'] = $row1['loginName'];
$_SESSION['loggedin'] = "YES";


"YES" is not a boolean value, I think $_SESSION['loggedin'] should be
boolean (you got deja vu here also?).

check the following code to see why:

$_SESSION['loggedin'] = "FALSE";
if ($_SESSION['loggedin'])
echo "your logged in!";



$table = $row1['tableName'];
$adminLevel = $row1['adminLevel'];
$authenticated = "TRUE";


again the boolean should be boolean!


echo "authentication complete";


with regard to seperation of responsibilities: the function

Re: [PHP] Is this the best way?

[Jason Pruim]

On Mar 18, 2008, at 3:20 PM, Jochem Maas wrote:

what started out as a simple little reply bloated out into an  
inpromptu brain

fart ... lots of bla .. enjoy :-)

Jason Pruim schreef:

Hi everyone,
I am attempting to add a little error checking for a very simple  
login system. The info is stored in a MySQL database, and I am  
using mysqli to connect to it. I have it working with the solution  
provided below, but I am wondering if this is the right way to do  
it or if there is a better way?


at an abstract level you might consider that your function could  
simply
always return a boolean (true = logged in, false = not logged in)  
and that the

rest of the application retrieves all the other data via the session
(as opposed to returning half the data and storing half in the  
session)


I think this is what I am attempting to do... Just going about it all  
wrong...


I want the pages to check to see if the person is still logged in and  
if they are, then it's pulling live data from the database...  So  
maybe I should edit my authentication function...


function auth($loggedin) {
query database to see if username & Password match;
write certain variables into session (Or maybe into the cache?)
return true if it matches
if not return false which could then redirect back to login page...
}

Is it that simple? Am I trying to make things so much more complicated?



if you choose to store everything and only return authentication  
state you
might also consider to abstract the storage somewhat so that other  
code doesn't
have to access the session data directly. we call this concept  
'loose coupling'.

for instance:

function getUserInfo($key = null)
{
if (!isset($_SESSION['user']['loggedin']))
return null;

if (!$_SESSION['loggedin'])
return null;

$key = trim((string)$key);

if ($key == '')
return $_SESSION['user'];

if (isset($_SESSION['user'][$key]))
return $_SESSION['user'][$key];

return null;
}

this example still requires that the the consumer of getUserInfo()  
knows

the names of the relevant columns (from multiple tables?)


login info is stored on 1 table, while the actual records in the DB  
are stored on another table. After successful login it changes from  
the login table to the data table.



.. this could also
be abstracted, a simple solution would be something like:

// put these in a config file, (CKEY = 'cache key' ... just a thought)
define('CKEY_USER_NAME',  'loginName');
define('CKEY_USER_LEVEL', 'adminLevel');
define('CKEY_USER_TABLE', 'tableName');


$uName  = getUserInfo( CKEY_USER_NAME );
$uLevel = getUserInfo( CKEY_USER_LEVEL );
$uLevel = getUserInfo( CKEY_USER_TABLE );


And then that would hold the info in a cache until the user hit logout  
and then logged back in? I'm going to try that right after sending  
this message That may work perfectly...


Also I'm assuming if I put these into an include file it will work  
just like my other variables where I can call $pass from any page that  
includes the file $pass is defined in?



... you get? ... incidentally your column names seem to be case- 
sensitive,
I recommend lower or upper (depending on DBMS) case only for sql  
entity names

for two reasons:

1. you avoid nitpicky irritations due to SQL case-sensitivity  
related bugs

in your code.

2. if you lowercase all entity names you can write stuff like so:

$sql = "SELECT foo, bar FROM qux WHERE abc = 1 AND def=2";

which is a little more readable than this:

$sql = "SELECT FOO, BAR FROM QUX WHERE ABC = 1 AND DEF=2";

of course it should be more like:

$sql = "SELECT `foo`, `bar` FROM `qux` WHERE `abc`=1 AND `def`=2";

using case to differentiate between SQL and entity names becomes  
more useful
as the queries become more complex. I also tend to then break then  
up into lines:


$sql = "SELECT
q.`foo', q.`bar`,
na.`foo` AS nafoo, na.`bar` AS nabar,
noo.`foo` AS noofoo, noo.`bar` AS noobar,
FROM
`qux` AS q
LEFT JOIN
`na`  AS na  ON na.`qux_id`  = q.`id`
LEFT JOIN
`noo` AS noo ON noo.`qux_id` = q.`id`
WHERE
(`abc`=? AND `def`=?)
AND
q.`id` IN (SELECT `qux_id` FROM `quxnobbins` WHERE 
`nobbin_id`=?)
AND (
(`start_date` BETWEEN ? AND ?) OR
(`start_date` BETWEEN ? AND ?)
)";



My thinking with this is if more then 1 record is returned from the  
database, then there is a issue... If only  is returned then the  
username/password matched and I can safely show them the info...

$rowcnt = mysqli_num_rows($loginResult);


we'll assume the 

Re: [PHP] Is this the best way?

[Jason Pruim]

On Mar 18, 2008, at 12:26 PM, TG wrote:




Somehow it is getting to this statement and the variable that you
are using just before the ORDER BY part is empty,  Why don't you
show us that statement.


Requested statement below:

$query = "SELECT * from ".$linkauth['table']." order by ".$sortOrder;

The $linkauth['table'] is returned when the authentication is
successful. Otherwise it's not written so that you have to log in to
see the contents of the database.



Sorry, havn't had a ton of time to go over mailing list messages  
recently.
If I recall, you said that the big issue was that this query  
shouldn't run
if the user isn't logged in.  So that would point to an issue with  
your
logic before you get to this point.  You might see where you're  
checking
for the user being logged in or not and make sure everything is  
within the

proper "if" grouping.


This specific query and the reason you're getting that MySQL error is
probably because when a user isn't logged in, your $linkauth['table']
variable is empty.  So what you're getting for a SQL statement is:

SELECT * from  order by <$sortOrder if it's populated>


I think you're spot on here... Time to revisit my authentication  
function and see if I can streamline it :)




--

Jason Pruim
Raoset Inc.
Technology Manager
MQC Specialist
3251 132nd ave
Holland, MI, 49424-9337
www.raoset.com
[EMAIL PROTECTED]




--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Problems posting xml file with curl and php

[michaelh613]

I have created a XML string using PHP DOM.  However when I send it to a third
party using curl it shows up as part of an array and cannot be read.  How
should I be using curl to post a xml file.

My code is below
[code]
asXML();
$ch= curl_init();
curl_setopt($ch, CURLOPT_HTTPHEADER, Array("Content-Type: text/xml"));
curl_setopt($ch, CURLOPT_HTTPHEADER, Array("Accept: text/xml"));
curl_setopt($ch, CURLOPT_URL, "http://testurl.com";);
curl_setopt($ch, CURLOPT_POSTFIELDS, $xmlResult);
curl_setopt($ch, CURLOPT_POST,1);
curl_exec($ch);
[/code]

Any help would be appreciated.
-- 
View this message in context: 
http://www.nabble.com/Problems-posting-xml-file-with-curl-and-php-tp16129807p16129807.html
Sent from the PHP - General mailing list archive at Nabble.com.


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Problems posting xml file with curl and php

[Nathan Nobbe]

On Tue, Mar 18, 2008 at 4:26 PM, michaelh613 <
[EMAIL PROTECTED]> wrote:

>
> I have created a XML string using PHP DOM.  However when I send it to a
> third
> party using curl it shows up as part of an array and cannot be read.  How
> should I be using curl to post a xml file.
>
> My code is below
> [code]
>  Require 'createxml.php';
> $Result = simplexml_load_string($result);
> $xmlResult= $Result->asXML();
> $ch= curl_init();
> curl_setopt($ch, CURLOPT_HTTPHEADER, Array("Content-Type: text/xml"));
> curl_setopt($ch, CURLOPT_HTTPHEADER, Array("Accept: text/xml"));
> curl_setopt($ch, CURLOPT_URL, "http://testurl.com";);
> curl_setopt($ch, CURLOPT_POSTFIELDS, $xmlResult);
> curl_setopt($ch, CURLOPT_POST,1);
> curl_exec($ch);
> [/code]


CURLOPT_POSTFIELDS must be specified as an array, therefore you will need to
conjure up some identifier and place it your xml in an array as follows,

curl_setopt($ch, CURLOPT_POSTFIELDS, array('xml' => $xmlResult));

-nathan

Re: [PHP] Problems posting xml file with curl and php

[Michael Horowitz]

I've actually tried that and it didn't work for the server I am sending 
it to.  Is there a way to post just the xml without turning it into an 
array or is this the only way. 





Nathan Nobbe wrote:
On Tue, Mar 18, 2008 at 4:26 PM, michaelh613 
<[EMAIL PROTECTED] 
> wrote:



I have created a XML string using PHP DOM.  However when I send it
to a third
party using curl it shows up as part of an array and cannot be
read.  How
should I be using curl to post a xml file.

My code is below
[code]
asXML();
$ch= curl_init();
curl_setopt($ch, CURLOPT_HTTPHEADER, Array("Content-Type: text/xml"));
curl_setopt($ch, CURLOPT_HTTPHEADER, Array("Accept: text/xml"));
curl_setopt($ch, CURLOPT_URL, "http://testurl.com";);
curl_setopt($ch, CURLOPT_POSTFIELDS, $xmlResult);
curl_setopt($ch, CURLOPT_POST,1);
curl_exec($ch);
[/code]


CURLOPT_POSTFIELDS must be specified as an array, therefore you will 
need to conjure up some identifier and place it your xml in an array 
as follows,


curl_setopt($ch, CURLOPT_POSTFIELDS, array('xml' => $xmlResult));

-nathan



--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Problems posting xml file with curl and php

[Nathan Nobbe]

On Tue, Mar 18, 2008 at 4:37 PM, Michael Horowitz <
[EMAIL PROTECTED]> wrote:

> I've actually tried that and it didn't work for the server I am sending
> it to.  Is there a way to post just the xml without turning it into an
> array or is this the only way.


i dont know how to do it w/ the standard curl functions in php, but you can
do it w/ the http extension via
HttpRequest::addRawPostData()

http://us3.php.net/manual/en/function.HttpRequest-addRawPostData.php

-nathan

Re: [PHP] Problems posting xml file with curl and php

[Michael Horowitz]

Not much documentation there.  How would this function be integrated 
with curl.  my quick google doesn't show much discussion of this function.


Michael Horowitz
Your Computer Consultant
http://yourcomputerconsultant.com
561-394-9079



Nathan Nobbe wrote:
On Tue, Mar 18, 2008 at 4:37 PM, Michael Horowitz 
<[EMAIL PROTECTED] 
> wrote:


I've actually tried that and it didn't work for the server I am
sending
it to.  Is there a way to post just the xml without turning it into an
array or is this the only way.


i dont know how to do it w/ the standard curl functions in php, but 
you can do it w/ the http extension via

HttpRequest::addRawPostData()

http://us3.php.net/manual/en/function.HttpRequest-addRawPostData.php

-nathan


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] SOAP Server in PHP4

[Eric Gorr]

Looks like I will be unable to use PHP5 to do a SOAP server. I believe  
it was possible to do such a thing in PHP4, but perhaps not as  
cleanly.  Unfortunately, I am unable to locate the appropriate  
documentation on php.net for some reason...perhaps I am just blind.


Can anyone point me to it?

This page:

http://us3.php.net/manual/en/ref.soap.php

seems to apply only to PHP5 and beyond.


Thank you.



--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Problems posting xml file with curl and php

[Nathan Nobbe]

On Tue, Mar 18, 2008 at 5:22 PM, Michael Horowitz <
[EMAIL PROTECTED]> wrote:

> Not much documentation there.  How would this function be integrated
> with curl.  my quick google doesn't show much discussion of this function.


i think this should be easier for you, http_post_data(), however its also
part of the http (pecl) extension, so youll have to install the extension to
use it.

http://us.php.net/manual/en/function.http-post-data.php


-nathan

ps.
please dont top-post ;)

Re: [PHP] SOAP Server in PHP4

[Nathan Nobbe]

On Tue, Mar 18, 2008 at 5:28 PM, Eric Gorr <[EMAIL PROTECTED]> wrote:

> Looks like I will be unable to use PHP5 to do a SOAP server. I believe
> it was possible to do such a thing in PHP4, but perhaps not as
> cleanly.


is this because you arent able to use php5 in your current situation,
because php can do soap servers in php5.


> Unfortunately, I am unable to locate the appropriate
> documentation on php.net for some reason...perhaps I am just blind.


there was no native support for soap w/ php4.  i dont even know if nusoap
offered this, and anyway i didnt really like it nor have i ever heard of a
php4 soap server.

-nathan

[PHP] Some Good News

[Daniel Brown]

Hey, folks;

[Skip to the bottom if you just want to get to the point.]

As you may have noticed, I was about ready to stop selling shared
hosting to the public as of yesterday due to the level of fraud and
the costs associated with dealing with such.  Most of it emanates from
phishers using stolen PayPal accounts.

However, thanks to the research of a friend of mine, yesterday I
hooked up with a new company (whose name I'm not going to mention) to
monitor and analyze orders and automatically grade them on a variety
of subjects and calculate the likelihood of the order being fraud.  We
did a good amount of testing, and all looks well.

So to celebrate the fact that there's at least that much stress
off my shoulders, I'm going to extend the 50% off thing if anyone is
interested.  I won't make a profit on selling this even at 100% to
full capacity, it just helps offset my costs for the equipment and
allows me to not spend a fortune on doing research and development for
open source projects and the like.

Now, some even bigger news I *FINALLY* finalized and made
official a new deal with my local datacenter and am once again
publicly-selling dedicated servers and VPS systems.  So now if anyone
needs a dedicated box or VPS, you can buy through someone you know
(and probably save quite a few bucks in the process).

Here are some examples:

Celeron 2.4GHz w/ 60GB Hard Drive, 512MB RAM
$59.99/mo. - No Setup Fee

Intel Dual-Core Pentium D 3.0GHz w/ 250GB SATA Hard Drive, 2GB RAM
$109.95/mo. - $59.99 Setup Fee

 all the way up to

Intel Quad-Core Xeon 2.4GHz w/1066FSB & 2x4MB Cache
250GB SATA or 146GB SCSI Hard Drive
2GB DDR2 RAM
$189.99/mo. - $99.99 Setup Fee

All come with 2TB bandwidth per month on a switched 10/100Mbps
VLAN.  And, as always, I do custom orders as best I can accommodate.
Just ask.

I also have all kinds of other hardware ready, including a couple
of old boxes for a few bucks per month, straight up to some kick-ass
stuff that I wouldn't even be able to justify using myself right now.

All of the servers are managed, too, but not "fully managed."  If
you're interested and don't know what this means, ask.  I do server
administration myself, and have about a dozen others from around the
world that I pay to help me out to make sure it's covered 24/7/365.

THE POINT OF ME MENTIONING IT HERE is not really just for
advertising, believe it or not.  Right now, this is the only place I'm
posting this, and it's because you guys on this list are the ones I
speak with more than I even speak with my fiancee, Debi.  Sad, but
usually true.  And by sad, I mean it's a shame that it's you motley
bunch that I'm stuck with.  ;-P

So since I haven't finished and launched the new website yet, you
have to order by email or phone request through me until I get it
running, then click a PayPal button that I'll send to you via email.

HOWEVER, to light a fire under my ass to make sure I get that done
ASAP, I'm going to give anyone who orders until I get the new site
done 20% off setup and monthly fees on all hardware and bandwidth.
And it won't just stay at that price until I get the site done, I'll
lock you in at that for as long as you keep the box.  And most likely,
if you wanted a second or third, we could probably work out a deal
where it will cost about the same for each.

So all-in-all, it means that if you buy before I get the site done
(hopefully in the next few days), that 2.4GHz server would cost you
$47.99 per month with no setup fee, and the high-end Quad-Xeon
mentioned above would be just $151.99 per month with a $79.99 setup
fee.  And the deal I have with cPanel, for example, is $19.99/mo. for
unlimited domains, or $23.99 for that plus Fantastico unlimited.
Linux and BSD are free, and Windows starts at $19.95 per month.

And on top of that, shared hosting will be 50% off on Developer
and Reseller packages at http://www.pilotpig.net/ if you use the
coupon `stpaddy08` until I get the site done as well.

Any questions, fire me an email.  I'll be out signing papers and
picking up some new hardware to stock up tonight, so if I don't get
back to you tonight, I definitely will tomorrow.

-- 

Forensic Services, Senior Unix Engineer
1+ (570-) 362-0283

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Closures

[Nathan Nobbe]

On Tue, Mar 18, 2008 at 12:07 PM, Ray Hauge <[EMAIL PROTECTED]>
wrote:

> I've been reading up on some of the parts of PHP that has been suggested
> could be improved so that I could be more well informed.  One of the
> more "interesting" (for lack of a better word) suggestions is closures.
>  I've used closures primarily in JavaScript, and they are handy in that
> context, but JavaScript handles events and other more dynamic situations
> like that.
>
> I can't really think of any good examples of why I'd want to use a
> closure instead of just calling functions or class methods in PHP.
> Variable functions and call_user_func*() have worked for any of the
> cases where I did need to be a bit more dynamic.
>
> I found a great summary of some discussion on the internals mailing list
> over here: http://devzone.zend.com/node/view/id/2013#Heading1
>
> After reading that article through, I do like Wez's idea of how to
> create anonymous functions.  The point about it causing confusion with
> people coming from other languages definitely applies though.  This
> article also gives me a second idea for this post.  How many people
> would want closures in PHP?
>
> In summary:
>
> Would you want closures in PHP, and why?


not really.  in my eyes php primarily has taken on the paradigm of the
c-style of programming.  eg. c, c++, java.  one of the main differences i
see compared to java is the allowance of global functions.  php does not
support multiple inheritance, but in php5 there are interfaces, which afford
the multiple inheritance workaround and now i hear talk of these things
called traits.  as if learning traits wont be weird enough i have gotten
quite used to leveraging my experience in the aforementioned languages and
also phps dynamic, loosely typed nature.  there are a few subtleties of php
that bother me but at the end of the day i can live with them.  recently i
have become proficient w/ javascript.  closures, and execution context are
starting to make sense and so is the prototype-based object model.  i quite
like this paradigm and enjoy programming in javascript, but find that many
of the things i already understand how to do w/ the php-like object / scope
model sometimes difficult to mimic in js.  im still learning of course and
one day imagine myself being quite good w/ javascript.   that said, i
believe there are languages that supply 'traditional' oop and the functional
model all under the same hood so to speak.  at least i know python is
essentially that (though i know it lacks ppp) and i think (though dont know
for a fact) ruby is something like that [enter greg].
i dont know, i mean sure, php is like this crazy hybrid of so many things,
but i just want to master something then start banging out code.  the more
features that get added the more i will have to know when i do code reviews
for my developers [gray hairs appearing on chin...].  does the syntax for
create_function() suck, yes..  will just syntactic sugar solve the problem,
no; why because as per the article its really all or nothing.  being able to
pass around the php psuedo type callback is good enough at this point.
in short, functional programming support would have been great in php if it
had been incorporated early on, at this point i can live without it.  if we
were going to see support for anything anonymous that i would welcome it
would be anonymous objects and the ability to create an object on the fly
from an interface as per java 5.  o and inner classes would be nice too, but
maybe traits would address that desire, i dont know.

-nathan

Re: [PHP] General use of rewrite / redirect

[Nathan Nobbe]

im sorry i havent read through all the replies, but i have read through
several of them.  i essentially agree w/ Aschwin here.  redirects have been
the bane of my existence in several source bases ive worked on.  to borrow a
phrase (read in closures article mentioned in another thread) they really
bump up the 'wtf factor'.  and ill tell you whats worse, one of the most
horrible things i have ever seen is this crap

http://wikipedia.org"/>

which is not too dissimilar.  i remember my initial encounter with this
construct, it looked as if the page was morphing in front of me, there were
no header() directives on the server there were no window.location calls in
the javascript, it drove me mad, and then when i discovered what it was i
practically became livid.  what it boils down to, is the most common usage
of header(location:) is a lack of design capabilities by the person writing
the code on the server side *ducks*.  that said, there are plenty of valid
reasons for using them, and i have them in my code in plenty of places, but
plain and simple, if you have a decent sized app, handle routing on the
server side, period.

there is only one caveat i have found that is relevant and that is if GET
parameters in a url from a page submission will incite a change to the
database schema (which is a bad practice anyway) then what can happen is a
page will go to the server, mod the schema, and load up the fresh page
(having been internally routed back to the 'view' code lets say).  so then
you have a problem where the 'layman' user will periodically want to see the
latest data on the page (if the data displayed was updated by someone else
in the system for example). so then what happens when they refresh the page?
(the one w/ the GET params that incite the db schema change) well you get
theoretically undefined or at least undesirable behavior,instead of simply
refreshing the 'view' logic, a database schema mod is invoked.

some situations where i find this mechanism useful, and reasonable are
1. implementing pretty urls
2. preventing access to directories
3. mapping one url or sub-domain to another
4. in pitifully trivial applications (of which i have written a few ;)

im sure there are other uses and also im aware that i dont know as much
about http as i should or at least thats how i feel about it anyway.  im
sure there are additional uses when implementing restful apis for example.

as aschwin has mentioned about the unnecessary use of server resources (and
bandwidth obviously) i cannot agree enough.  what i would say to dissuade
those who view this as a typical page load is, think about the client
experience.
1. unnecessarily long page load time (have to sit through all the mind
numbing redirects)
2. additional, unnecessary full-page reloads
3. awkward transitions in the user interface (morphing described earlier
from previous experience)

this leads to confusion, frustration and in all a degraded experience for
the user.  not to mention the confusion, frustration and degradation of the
programming experience for those who have to cleanup a web of these things
on the server side ;)

/end rant

-nathan

Re: [PHP] Objects as array key names??

[Nathan Nobbe]

another developer brought to my attention the spl method spl_object_hash()
method which afforded a mod in the previously posted class whereby foreach
could be used properly.  also, it allows a more efficient internal
implementation.  however, to my dismay, it appears that implementing
ArrayAccess does not (not just in this scenario, but in any) allow the class
which does so to hook into the global array methods such as array_keys() or
array_key_exists().  in this sense, i see it as being only about halfway as
useful as it could (or should) be.
what i see ArrayAccess in php as, is something quite similar to properties
in vb.net, if anyones familiar w/ that.
http://www.vbdotnetheaven.com/Uploadfile/rajeshvs/PropertiesInVbDotNet04192005060237AM/PropertiesInVbDotNet.aspx

this is the second scenario where i think there could be c code in php
itself that would override standard behavior provided an spl definition in
user space.  sure, the internal code would run a bit slower but imagine
wrapping it in #ifdef directives and mapping those to a configure flag
whereby if spl wasnt enabled that code wasnt included.  i think that would
be adequate and it would allow spl to be even more powerful, giving php
programmers the ability to more dramatically, semantically modify the core
w/o writing a scrap of low-level code.

if anybody cares, im happy to send the code for the revision of ObjectArray
that allows usage of the foreach construct over instances of it.

-nathan

[PHP] mysqli_stmt_bind_result

[Jeremy Mcentire]

If I use mysqli's prepared statements in an object and call  
mysqli_stmt_bind_params, into which scope does mysqli_stmt_fetch()  
place the variables?  Can I control it?  As of yet, I have no idea  
where fetch() stores the results.  It is fetching valid data.  I'd  
really like to use the OO style of MySQLi if possible.  Any help or  
guidance is greatly appreciated.



The offending code is as follows:

class StmtIterator {

private $data = 'test';
private $host = 'localhost';
private $user = 'root';
private $pass = '';

private $db; // Database connection
private $st; // Prepared statement

private $sql = "";

public function __construct ($sql, Array $params){
$this->db = mysqli_init();
		$this->db->real_connect($this->host, $this->user, $this->pass, $this- 
>data);


$this->sql = $sql;

$this->st = $this->db->stmt_init();
$this->st->prepare($this->sql);
$this->st->execute();

call_user_func_array(array($this->st, 'bind_result'), $params);
}

public function fetch (){
$result = $this->st->fetch();
if ($result !== true) echo "No data fetched.";

echo "Name is... ";
echo isset($this->st->name)
? "in this->st->name as {$this->st->name}."
: null;
echo isset($this->db->name)
? "in this->db->name as {$this->db->name}."
: null;
echo isset($this->params['name'])
? "in this->params['name'] as {$this->params['name']}."
 : null;
echo isset($this->name)
? " this->name as {$this->name}."
: null;
echo isset($name)
? "in name as {$name}."
: null;

return $result;
}

public function __destruct (){
$this->st->close();
$this->db->close();
}

}

$sql = "
SELECT `id`, `name`
FROM   `user`
WHERE  1
";

$params = array(
'id',
'name',
);

$user_iterator = new StmtIterator($sql, $params);

while ($user_iterator->fetch()){
echo isset($this->db->name)
? "in the local scope name as {$name}."
: null;
}



Jeremy Mcentire
Ant Farmer
ZooToo LLC



--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] General use of rewrite / redirect

[Larry Garfield]

On Tuesday 18 March 2008, Aschwin Wesselius wrote:

> Point is: why hitting you webserver with multiple requests per user,
> just after submitting a form or whatever caused the redirect? If you
> have 2 users per day, that won't hurt. But if you have 30.000 concurrent
> users a minute, that could be 60.000 requests (besides all the images,
> stylesheets, javascripts that are being re-requested). Or am I talking
> nonsense?

If you send a redirect header, that gets sent before any HTML gets sent so no 
JS or images are sent either.  The payload cost of a redirect is trivial.

The cost of the second bootstrap process may or may not be problematic.  You 
have to trade that off against the code simplification you can get out of 
redirects (or the code complication you can get if you use it stupidly).  

Take for instance Drupal (which I use as an example because I'm a core dev for 
it).  Drupal does a redirect at the end of every form submission.  That 
redirect is controllable; it could go back to the form ("submit to self"), or 
to a thank you page, or the home page, or to a page in the system that you 
just created, or any number of other places.  That flexibility is worth the 
cost of the second bootstrap (and Drupal's bootstrap is admittedly not 
small), especially because the vast majority of Drupal sites and PHP sites in 
general are read-heavy, not write-heavy, so it's not a substantial number of 
additional bootstraps.  It also means that if the user hits reload, they 
don't resubmit the form because they're not "on" the POST-requested page.  

I will say in general you should not ever have more than one redirect chained 
together.  While there may be valid reasons for it conceptually, trying to 
trace and debug that workflow is overshadow any advantage it could otherwise 
offer.  (IMO, YMMV, etc.)

-- 
Larry Garfield  AIM: LOLG42
[EMAIL PROTECTED]   ICQ: 6817012

"If nature has made any one thing less susceptible than all others of 
exclusive property, it is the action of the thinking power called an idea, 
which an individual may exclusively possess as long as he keeps it to 
himself; but the moment it is divulged, it forces itself into the possession 
of every one, and the receiver cannot dispossess himself of it."  -- Thomas 
Jefferson

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] General use of rewrite / redirect

[Larry Garfield]

On Tuesday 18 March 2008, Jason Pruim wrote:

> I don't know much about the actual load stuff... but I do know unless
> you specifically set it, the CSS should be cached unless you refresh
> it and the date has changed on the file. I assume the same with the
> images as well.

True, but bear in mind that the browser has to make a HEAD request for every 
such file in order to determine if it needs to download it again.  That's a 
non-small amount of HTTP traffic if you have a lot of images or CSS files.  
In Drupal (there I go again), we implemented a CSS file aggregator that 
merges all queued CSS files into one and caches it, then sends just the one 
file.  Just switching that aggregator on, I can easily cut page load time in 
half.

-- 
Larry Garfield  AIM: LOLG42
[EMAIL PROTECTED]   ICQ: 6817012

"If nature has made any one thing less susceptible than all others of 
exclusive property, it is the action of the thinking power called an idea, 
which an individual may exclusively possess as long as he keeps it to 
himself; but the moment it is divulged, it forces itself into the possession 
of every one, and the receiver cannot dispossess himself of it."  -- Thomas 
Jefferson

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] General use of rewrite / redirect

[Nathan Nobbe]

On Tue, Mar 18, 2008 at 9:45 PM, Larry Garfield <[EMAIL PROTECTED]>
wrote:

> Take for instance Drupal (which I use as an example because I'm a core dev
> for
> it).


thats pretty cool.


> I will say in general you should not ever have more than one redirect
> chained
> together.  While there may be valid reasons for it conceptually, trying to
> trace and debug that workflow is overshadow any advantage it could
> otherwise
> offer.  (IMO, YMMV, etc.)


this much i agree w/ and i would say to extend upon it that using multiple
redirection mechanisms in a chain is also a bad idea.
eg.
header(location: ) to some page.
that page uses a meta tag to do a redirect to somewhere else.
ive had to deal w/ this stuff and ended up stripping out all of those stupid
meta tag redirects, as well as many of the header redirects on the server.

-nathan

Re: [PHP] Is this the best way?

[Jochem Maas]

Jason Pruim schreef:


On Mar 18, 2008, at 3:20 PM, Jochem Maas wrote:

what started out as a simple little reply bloated out into an 
inpromptu brain

fart ... lots of bla .. enjoy :-)

Jason Pruim schreef:

Hi everyone,
I am attempting to add a little error checking for a very simple 
login system. The info is stored in a MySQL database, and I am using 
mysqli to connect to it. I have it working with the solution provided 
below, but I am wondering if this is the right way to do it or if 
there is a better way?


at an abstract level you might consider that your function could simply
always return a boolean (true = logged in, false = not logged in) and 
that the

rest of the application retrieves all the other data via the session
(as opposed to returning half the data and storing half in the session)


I think this is what I am attempting to do... Just going about it all 
wrong...


start from scratch again?



I want the pages to check to see if the person is still logged in and if 
they are, then it's pulling live data from the database...  So maybe I 
should edit my authentication function...


maybe.
there are two different things being confused:

1. checking logged in state.
2. attempting to login.

function getUserData()
{
if (isAuthenticatedUser())
return $_SESSION['user']['data'];

return null;
}

function isAuthenticatedUser()
{
return (isset($_SESSION['user']['authenticated']) && 
$_SESSION['user']['authenticated']);
}

function authenticateUser($u, $p, $cc = false)
{
if (($iau = isAuthenticatedUser()) && !$cc)
throw Exception('Already logged in!');

$cmd = $iau ? 'verify account' : 'login';

if (!($p = trim($p)) || !($u = trim($u)))
throw Exception('Cannot '.$cmd.' without credentials!');

$p = mysql_real_escape_string($p);
$u = mysql_real_escape_string($u);

if (!($res = mysql_query("SELECT * FROM `users` WHERE 'pwd'='$p' AND 
`usr`='$u'")))
throw Exception('Cannot '.$cmd.', verification system error.');

if (mysql_num_rows($res) != 1)
return false;

if (!($row = mysql_fetch_assoc($res)))
throw Exception('Cannot '.$cmd.', verification system error.');

if ($iau)
return (int)$_SESSION['user']['data']['id'] === (int)$row['id'];

unset($row['pwd']);

$_SESSION['user'] = array(
'authenticated' => true,
'data'  => $row,
);  

return true;
}



function auth($loggedin) {
query database to see if username & Password match;
write certain variables into session (Or maybe into the cache?)





return true if it matches
if not return false which could then redirect back to login page...
}

Is it that simple? Am I trying to make things so much more complicated?



if you choose to store everything and only return authentication state 
you
might also consider to abstract the storage somewhat so that other 
code doesn't
have to access the session data directly. we call this concept 'loose 
coupling'.

for instance:

function getUserInfo($key = null)
{
if (!isset($_SESSION['user']['loggedin']))
return null;

if (!$_SESSION['loggedin'])
return null;

$key = trim((string)$key);

if ($key == '')
return $_SESSION['user'];

if (isset($_SESSION['user'][$key]))
return $_SESSION['user'][$key];

return null;

}

this example still requires that the the consumer of getUserInfo() knows
the names of the relevant columns (from multiple tables?)


login info is stored on 1 table, while the actual records in the DB are 
stored on another table. After successful login it changes from the 
login table to the data table.



.. this could also
be abstracted, a simple solution would be something like:

// put these in a config file, (CKEY = 'cache key' ... just a thought)
define('CKEY_USER_NAME',  'loginName');
define('CKEY_USER_LEVEL', 'adminLevel');
define('CKEY_USER_TABLE', 'tableName');


$uName  = getUserInfo( CKEY_USER_NAME );
$uLevel = getUserInfo( CKEY_USER_LEVEL );
$uLevel = getUserInfo( CKEY_USER_TABLE );


And then that would hold the info in a cache until the user hit logout 
and then logged back in? I'm going to try that right after sending this 
message That may work perfectly...


Also I'm assuming if I put these into an include file it will work just 
like my other variables where I can call $pass from any page that 
includes the file $pass is defined in?



... you get? ... incidentally your column names seem to be 
case-sensitive,
I recommend lower or upper (depending on DBMS) case only for sql 
entity names

for two reasons:

1. you avoid nitpicky irritations due to SQL case-sensitivity related 
bugs

in your code.

2. if you lowercase all entity names you can write stuf

Re: [PHP] Closures

[Ray Hauge]

Nathan Nobbe wrote:
if we were going to see support for anything anonymous that i would 
welcome it would be anonymous objects and the ability to create an 
object on the fly from an interface as per java 5. 


I'm not sure if this would solve your problem (my lack of java knowledge 
is showing), but you can create objects either by creating a new 
stdClass() object, or by using (object)NULL.  Example:


test1 = 1;
$object->test2 = 2;

echo $object->test1 . "\n";

echo $object->test2;

?>

After trying to add a way to call a function from an object variable, I 
have come to the conclusion that it's kinda ugly.


test = 2;
$obj->myTestFunc = "myTestFunc";

function myTestFunc () {
   return "test";
}

echo call_user_func($obj->myTestFunc) . $obj->test;

?>

Does anyone have a link to some documentation about the stdClass?  All I 
could find was a bunch of bug reports and other stuff that wasn't what I 
was looking for.  I would have thought there'd be a page for it in the 
manual, but I didn't find one there either.


--
Ray Hauge
www.primateapplications.com

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Closures

[Nathan Nobbe]

On Tue, Mar 18, 2008 at 10:49 PM, Ray Hauge <[EMAIL PROTECTED]>
wrote:

> Nathan Nobbe wrote:
> > if we were going to see support for anything anonymous that i would
> > welcome it would be anonymous objects and the ability to create an
> > object on the fly from an interface as per java 5.
>
> I'm not sure if this would solve your problem (my lack of java knowledge
> is showing), but you can create objects either by creating a new
> stdClass() object, or by using (object)NULL.  Example:
>

ive messed around w/ stdClass and use it more frequently than most i
imagine, but mostly just as a data transport mechanism.  sometimes i prefer
it over an array, what can i say i like the -> ;)  but seriously, using it
as an anonymous object doesnt really work.  there are some posts on
php.netabout this actually (search for anonymous object)
http://www.php.net/zend-engine-2.php


> 
> $object = (object) NULL;
>
> $object->test1 = 1;
> $object->test2 = 2;
>
> echo $object->test1 . "\n";
>
> echo $object->test2;
>
> ?>
>
> After trying to add a way to call a function from an object variable, I
> have come to the conclusion that it's kinda ugly.
>
> 
> $obj = (object) NULL;
>
> $obj->test = 2;
> $obj->myTestFunc = "myTestFunc";
>
> function myTestFunc () {
>return "test";
> }
>
> echo call_user_func($obj->myTestFunc) . $obj->test;
>
> ?>


ive tried experimenting w/ making php more functional, attempting to attach
methods in one way or another to an object, but alas, my attempts have all
been quite fleeting :(


> Does anyone have a link to some documentation about the stdClass?  All I
> could find was a bunch of bug reports and other stuff that wasn't what I
> was looking for.  I would have thought there'd be a page for it in the
> manual, but I didn't find one there either.


php --rc stdClass

thats about all there is :)  but it is nice for usage in conjunction w/
json_encode().

and just to give you an idea what you can do in java (note nothing like
javascript which is why i think its applicable to php [because its already
similar to java])
suppose you have a class,

class N {
  function b() { echo 'b'; }
}

you can create an anonymous sub class like this (added twisted php notation
to give good visual of what could be possible)

$n = new N() {
  function b() { echo "b's been overriden"; }
};

and you can do the same w/ an interface as well, just swap class by
interface in the definition of N above.  you can even do this when supplying
an actual parameter to a method call, something like

function callBOnN(N $n) { $n->b(); }

now suppose you dont have an implementation of N, suppose its an interface
or you dont like the base N class (if it were a class) or you like it you
just dont have an instance of it or whatever, you could do this,

callBOnN(new N() {
  function b() { echo 'defined this b on the fly!'; }
});

thats some cool stuff and personally i would much rather see php take this
route than mess around w/ closures.  it seems much more natural to me (as
far as the future direction of php).  but then again i feel like im way more
into oop than most people on the list let alone the php community as a whole
so likely im hopelessly outnumbered.

-nathan

[PHP] Fastest way to get table records' number

[Shelley]

Hi all,

What do you think is the FASTEST sql to get the total number of a table 
with millions of records?


--
Regards,
Shelley (http://phparch.cn)

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Fastest way to get table records' number

[Nathan Nobbe]

On Tue, Mar 18, 2008 at 11:43 PM, Shelley <[EMAIL PROTECTED]> wrote:

> Hi all,
>
> What do you think is the FASTEST sql to get the total number of a table
> with millions of records?


when you say 'total number' do you mean the total number of records?  in
that case assuming the table has a field 'id' then i think
select count(id) from some_table;

-nathan

[PHP] Re: Closures

[Shawn McKenzie]

Ray Hauge wrote:
> I've been reading up on some of the parts of PHP that has been suggested
> could be improved so that I could be more well informed.  One of the
> more "interesting" (for lack of a better word) suggestions is closures.
>  I've used closures primarily in JavaScript, and they are handy in that
> context, but JavaScript handles events and other more dynamic situations
> like that.
> 
> I can't really think of any good examples of why I'd want to use a
> closure instead of just calling functions or class methods in PHP.
> Variable functions and call_user_func*() have worked for any of the
> cases where I did need to be a bit more dynamic.
> 
> I found a great summary of some discussion on the internals mailing list
> over here: http://devzone.zend.com/node/view/id/2013#Heading1
> 
> After reading that article through, I do like Wez's idea of how to
> create anonymous functions.  The point about it causing confusion with
> people coming from other languages definitely applies though.  This
> article also gives me a second idea for this post.  How many people
> would want closures in PHP?
> 
> In summary:
> 
> Would you want closures in PHP, and why?
> 
O.K. so I check wikipedia and read what a closure was :-)  But what in a
simple sentence or two would is the benefit of a closure compared to how
you would get the same functionality in PHP now?

-Shawn

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Is this the best way?

[Shawn McKenzie]

Why is Jason schreefing again?

Jochem Maas wrote:
> Jason Pruim schreef:
>>
>> On Mar 18, 2008, at 3:20 PM, Jochem Maas wrote:
>>
>>> what started out as a simple little reply bloated out into an
>>> inpromptu brain
>>> fart ... lots of bla .. enjoy :-)
>>>
>>> Jason Pruim schreef:
 Hi everyone,
 I am attempting to add a little error checking for a very simple
 login system. The info is stored in a MySQL database, and I am using
 mysqli to connect to it. I have it working with the solution
 provided below, but I am wondering if this is the right way to do it
 or if there is a better way?
>>>
>>> at an abstract level you might consider that your function could simply
>>> always return a boolean (true = logged in, false = not logged in) and
>>> that the
>>> rest of the application retrieves all the other data via the session
>>> (as opposed to returning half the data and storing half in the session)
>>
>> I think this is what I am attempting to do... Just going about it all
>> wrong...
> 
> start from scratch again?
> 
>>
>> I want the pages to check to see if the person is still logged in and
>> if they are, then it's pulling live data from the database...  So
>> maybe I should edit my authentication function...
> 
> maybe.
> there are two different things being confused:
> 
> 1. checking logged in state.
> 2. attempting to login.
> 
> function getUserData()
> {
> if (isAuthenticatedUser())
> return $_SESSION['user']['data'];
> 
> return null;
> }
> 
> function isAuthenticatedUser()
> {
> return (isset($_SESSION['user']['authenticated']) &&
> $_SESSION['user']['authenticated']);
> }
> 
> function authenticateUser($u, $p, $cc = false)
> {
> if (($iau = isAuthenticatedUser()) && !$cc)
> throw Exception('Already logged in!');
> 
> $cmd = $iau ? 'verify account' : 'login';
> 
> if (!($p = trim($p)) || !($u = trim($u)))
> throw Exception('Cannot '.$cmd.' without credentials!');
> 
> $p = mysql_real_escape_string($p);
> $u = mysql_real_escape_string($u);
> 
> if (!($res = mysql_query("SELECT * FROM `users` WHERE 'pwd'='$p' AND
> `usr`='$u'")))
> throw Exception('Cannot '.$cmd.', verification system error.');
> 
> if (mysql_num_rows($res) != 1)
> return false;
>
> if (!($row = mysql_fetch_assoc($res)))
> throw Exception('Cannot '.$cmd.', verification system error.');
>
> if ($iau)
> return (int)$_SESSION['user']['data']['id'] === (int)$row['id'];
>
> unset($row['pwd']);
> 
> $_SESSION['user'] = array(
> 'authenticated' => true,
> 'data'=> $row,
> );   
> 
> return true;
> }
> 
>>
>> function auth($loggedin) {
>> query database to see if username & Password match;
>> write certain variables into session (Or maybe into the cache?)
> 
> 
> 
>> return true if it matches
>> if not return false which could then redirect back to login page...
>> }
>>
>> Is it that simple? Am I trying to make things so much more complicated?
>>>
>>>
>>> if you choose to store everything and only return authentication
>>> state you
>>> might also consider to abstract the storage somewhat so that other
>>> code doesn't
>>> have to access the session data directly. we call this concept 'loose
>>> coupling'.
>>> for instance:
>>>
>>> function getUserInfo($key = null)
>>> {
>>> if (!isset($_SESSION['user']['loggedin']))
>>> return null;
>>>
>>> if (!$_SESSION['loggedin'])
>>> return null;
>>>
>>> $key = trim((string)$key);
>>>
>>> if ($key == '')
>>> return $_SESSION['user'];
>>>
>>> if (isset($_SESSION['user'][$key]))
>>> return $_SESSION['user'][$key];
>>> return null;
>>> }
>>>
>>> this example still requires that the the consumer of getUserInfo() knows
>>> the names of the relevant columns (from multiple tables?)
>>
>> login info is stored on 1 table, while the actual records in the DB
>> are stored on another table. After successful login it changes from
>> the login table to the data table.
>>
>>> .. this could also
>>> be abstracted, a simple solution would be something like:
>>>
>>> // put these in a config file, (CKEY = 'cache key' ... just a thought)
>>> define('CKEY_USER_NAME',  'loginName');
>>> define('CKEY_USER_LEVEL', 'adminLevel');
>>> define('CKEY_USER_TABLE', 'tableName');
>>>
>>>
>>> $uName  = getUserInfo( CKEY_USER_NAME );
>>> $uLevel = getUserInfo( CKEY_USER_LEVEL );
>>> $uLevel = getUserInfo( CKEY_USER_TABLE );
>>
>> And then that would hold the info in a cache until the user hit logout
>> and then logged back in? I'm going to try that right after sending
>> this message That may work perfectly...
>>
>> Also I'm assuming if I put these into an include file it will work
>> just like my other variables where I can call $pass from any page that
>> includes the file $pass is defined in?
>>>
>>>
>>> ... you get? ... incidentally your column na

Re: [PHP] Re: Closures

[Robert Cummings]

On Tue, 2008-03-18 at 22:56 -0500, Shawn McKenzie wrote:
> Ray Hauge wrote:
> > I've been reading up on some of the parts of PHP that has been suggested
> > could be improved so that I could be more well informed.  One of the
> > more "interesting" (for lack of a better word) suggestions is closures.
> >  I've used closures primarily in JavaScript, and they are handy in that
> > context, but JavaScript handles events and other more dynamic situations
> > like that.
> > 
> > I can't really think of any good examples of why I'd want to use a
> > closure instead of just calling functions or class methods in PHP.
> > Variable functions and call_user_func*() have worked for any of the
> > cases where I did need to be a bit more dynamic.
> > 
> > I found a great summary of some discussion on the internals mailing list
> > over here: http://devzone.zend.com/node/view/id/2013#Heading1
> > 
> > After reading that article through, I do like Wez's idea of how to
> > create anonymous functions.  The point about it causing confusion with
> > people coming from other languages definitely applies though.  This
> > article also gives me a second idea for this post.  How many people
> > would want closures in PHP?
> > 
> > In summary:
> > 
> > Would you want closures in PHP, and why?
> > 
> O.K. so I check wikipedia and read what a closure was :-)  But what in a
> simple sentence or two would is the benefit of a closure compared to how
> you would get the same functionality in PHP now?

I'm pro closures. Closures allow you to create anonymous functions that
inherit the contextual environment (variables) without the need to
specifically pass the environment (variables). That means within a class
method context I don't need to pass the object to the function, nor do I
need to pass any other variables that have been defined in the method.
The closure can just use them as thought hey had been declared directly
within it's own block. The same thing would happen within a function.
This is very convenient. It goes beyond this though, if I create an
anonymous function and assign it to a variable for later use, it still
inherits the environment. Essentially this enables the environment to
live on beyond the life of the original function in which the closure
was created. This means I can specifically create an environment for
functions/methods, then save off the closures to be run at a later point
and they will retain all the information that was defined in the caller.
Additionally, and unlike using an object instance, the environment is
shared between all functions instantiated within the scope. One might
argue that the same can be done with a singleton... and one would be
correct. Similarly it can be done by pasing around a "singleton" array.
The diffeence is that with a closure the data need not be passed around,
it is part of the function's environment AND the environment is
perfectly hidden from anyone receiving the function (it can't be probed
(not normally anyways)).

Cheers,
Rob.
-- 
http://www.interjinn.com
Application and Templating Framework for PHP


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] question about php with sql database

[Sudhakar]

instead of using mysql database which is conventionally used as database
with php, if sql server database is used with php are there any major
differences to keep in mind.

1.
are the connection statements ex = $conn = mysql_connect($hostname, $user,
$dbpassword); etc does these remain the same or are they different.

2.
unlike in mysql with phpmyadmin which is browser based to access databases
and tables how to access sql server for the same functionality

3.
can anyone provide a link about a manual for using sql database with php

thanks.

Re: [PHP] question about php with sql database

[Chris]

Sudhakar wrote:

instead of using mysql database which is conventionally used as database
with php, if sql server database is used with php are there any major
differences to keep in mind.


In syntax or what? Yes there are differences between the two as far as 
sql syntax goes.



1.
are the connection statements ex = $conn = mysql_connect($hostname, $user,
$dbpassword); etc does these remain the same or are they different.


Of course they are different. Why would mysql_connect (note the "MYSQL" 
part of that) connect to anything but a mysql database?



2.
unlike in mysql with phpmyadmin which is browser based to access databases
and tables how to access sql server for the same functionality


I think mssql has something like phpmyadmin built into the server itself.


3.
can anyone provide a link about a manual for using sql database with php


http://php.net/mssql

--
Postgresql & php tutorials
http://www.designmagick.com/

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] question about php with sql database

[Brady Mitchell]

On Mar 18, 2008, at 1008PM, Sudhakar wrote:
1. are the connection statements ex = $conn =  
mysql_connect($hostname, $user,

$dbpassword); etc does these remain the same or are they different.


http://php.net/mssql

2. unlike in mysql with phpmyadmin which is browser based to access  
databases

and tables how to access sql server for the same functionality


http://www.mylittleadmin.com/en/welcome.aspx

3. can anyone provide a link about a manual for using sql database  
with php


http://php.net/mssql



--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php