Re: [PHP] Re: hello

[Jason Pruim]

On Jan 9, 2009, at 1:55 AM, Robert Cummings wrote:


On Thu, 2009-01-08 at 22:38 +, Nathan Rixham wrote:

Skip Evans wrote:

Nathan Rixham wrote:



yup.. all OS's are equally insecure; each OS is as insecure as the
next; no
one OS is more insecure than any other



Wrong, and there is experimental data to prove it. Read the first  
URL

I posted that documents the creation of Linux viruses and the
experiments conducted to see how they propagate compared to Windows
viruses.



think about it for a minute; an OS can either be secure (0
vulnerabilities) or insecure (1 or more vulnerabilities); as all OS's
have 1 or more vulnerabilities they are all equally insecure; because
they are all insecure.

the only way to change the balance is to make or find an OS with 0
vunerabilities; thus making it secure and no longer equal.

my worlds boolean.


You've just given the description for whether a machine has an exploit
or not. Not whether said exploit can realistically be executed. By  
your

definition there is no such thing as security since as time approaches
infinity all passwords can be found via brute force and thus all  
systems

are exploitable. That's not a reasonable answer given the time and
resources necessary to achieve the desired outcome.


Maybe the proper way to say it, is the OS is as secure as the idiot  
who runs it? :) For someone who knows what they are doing... I  
believe you can lock down windows relatively easy after you go  
through the 50 pop-ups it takes to move an icon off the desktop :)


Although as far as virii goes... You really don't hear anything and  
any virus' for *Nix based systems, including Apple's OS X... Not that  
it can't be done... I just think it's harder :)




--
Jason Pruim
japr...@raoset.com
616.399.2355

Re: [PHP] Re: hello - thread on topic or not?

[Jason Pruim]

On Jan 9, 2009, at 2:06 AM, Robert Cummings wrote:


On Thu, 2009-01-08 at 16:21 -0800, Mattias Thorslund wrote:

I thought this was the PHP list, not the OS vs. OS list?

Is this type of discussion now considered OK here? I recall people
getting flamed for borderline off-topic posts even, just a few  
years ago.


This is PHP general... we talk about PHP and, quite often, generally
related topics. Security is generally related.


And it has been a very interesting read :) For someone with no formal  
training on computers in general, or computer security, it's nice to  
see a discussion that isn't based off of OS Wars :)




--
Jason Pruim
japr...@raoset.com
616.399.2355

Re: [PHP] First steps towards unix and php

[Daniel Brown]

On Fri, Jan 9, 2009 at 02:12, Robert Cummings  wrote:
>
> I'll take apt over yum ANY day. But as yum system go... CentOS isn't
> bad :)

I'd take SMART or urpmi over yum as well, for the record.

-- 

daniel.br...@parasane.net || danbr...@php.net
http://www.parasane.net/ || http://www.pilotpig.net/
Unadvertised dedicated server deals, too low to print - email me to find out!

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] First steps towards unix and php

[Paul Scott]

On Fri, 2009-01-09 at 07:50 -0500, Daniel Brown wrote:
> I'd take SMART or urpmi over yum as well, for the record.

First choice is ./configure && make && make install, second choice is
apt

-- Paul

All Email originating from UWC is covered by disclaimer 
http://www.uwc.ac.za/portal/public/portal_services/disclaimer.htm 

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: hello - thread on topic or not?

[Nathan Rixham]

Daniel Brown wrote:

On Thu, Jan 8, 2009 at 19:21, Mattias Thorslund  wrote:

I thought this was the PHP list, not the OS vs. OS list?

Is this type of discussion now considered OK here? I recall people getting
flamed for borderline off-topic posts even, just a few years ago.


You're right, Mattias.  Not only should every one of those folks
be ashamed of themselves for being involved in that thread - they are
also going to hell for it.

By comparison, sending a message - especially starting a new
thread - to ask if something is on- or off-topic is worse.



rob cummings started it

:D

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] First steps towards unix and php

[Paul Scott]

On Fri, 2009-01-09 at 14:53 +0200, Paul Scott wrote:
> First choice is ./configure && make && make install, second choice is
> apt
> 

Even better, of course, is the:

"Yo sysadmin intern! Install  for me please and don't screw it
up"

-- Paul

All Email originating from UWC is covered by disclaimer 
http://www.uwc.ac.za/portal/public/portal_services/disclaimer.htm 

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: hello - thread on topic or not?

[Eric Butera]

On Thu, Jan 8, 2009 at 7:21 PM, Mattias Thorslund  wrote:
> I thought this was the PHP list, not the OS vs. OS list?
>
> Is this type of discussion now considered OK here? I recall people getting
> flamed for borderline off-topic posts even, just a few years ago.
>
> Mattias

:(

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Enabling tls negotiation in a socket

[Jehan Pagès]

Hi,

I have a question about opening a normal socket, then negotiating a TLS
layer in PHP (through another protocol, which is XMPP in my case, in plain
text at the beginning). I am currently using a socket created by
"socket_create ()". But there seems not to be any way of switching to TLS
negotiation with this, is there?

Then I see the stream_socket_client () which can then switch to TLS with
stream_socket_enable_crypto (). But this is only above PHP 5.1.0. Can anyone
confirm me this is the right solution, and also only solution? (I mean
"already made" one, I am not going to implement TLS myself! :p)

How would you do such a thing otherwise? And is it possible to use
stream_socket_enable_crypto () on the socket created by socket_create?
Thanks all.

Jehan

Re: [PHP] Re: First steps towards unix and php

[Eric Butera]

On Thu, Jan 8, 2009 at 6:14 PM, Ross McKay  wrote:
> On Thu, 8 Jan 2009 11:44:48 -0500, Frank Stanovcak wrote:
>
>>I've been a microshaft punk for some time now, and am just getting ready to
>>try to step over to unix on one of my own boxes.
>>
>>Does anyone have any suggestions on which flavor would be a good idea to
>>start with?  I'm looking mostly for compatibility with php, mysql, and other
>>web based programming languages.
>
> What Nathan said, test each candidate in a VM like VirtualBox to see
> which you might be comfortable in. Then pick Fedora :)
>
> Seriously, any of the major distros (or their derivatives) would be
> good, as they take care of the build dependencies for you via packaging
> systems. Check them out here:
>
> http://distrowatch.com/dwres.php?resource=major
>
> Picking a desktop is harder, especially coming from a Windows world.
> Linux has a great many desktops, each with advantages and disadvantages.
> Many distros allow you to easily switch between at least KDE and GNOME,
> maybe even XFCE. A tiny distro called DSL-N (damned small linux NOT)
> allows you to boot up in several of the lighter desktops to check them
> out. Realise that you can pick a GNOME or KDE desktop and still run apps
> made to suit one of the others, with maybe just some minor integration
> glitches; I run GNOME and use a number of KDE programs just fine.
>
> You should also check out editors and IDEs - STFW for previous posts
> made to this and other groups. Then pick Geany ;)
>
> And don't forget to add a revision control system, e.g. Subversion.
> --
> Ross McKay, Toronto, NSW Australia
> "Let the laddie play wi the knife - he'll learn"
> - The Wee Book of Calvin
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>

I've tried Fedora & Suse before.  Fedora was a pain for me because it
didn't auto mount my windows partition.  It also did not come with any
easy way to do so or to play media.  I know Ubuntu doesn't come with
the ability to play mp3's out of the box, but it was quite easier to
get going.  But my experience has been anything but Ubuntu gave me a
lot of fight, and that isn't what I need when I'm supposed to be
working. ;)

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Editing in a text area field

[Stephen]

I have a form to accept free text in a textarea field. The entry is 
stored in a database.


If the user enters:

abc
def
ghi

I want it to finally display like that.

If they enter

abc

def

ghi

I want it to display with the line gaps.

I use CSS so in the first case I would store as abcdefghi

In the second abcdefghi

I also have an edit form, that takes the data out of the database, and 
allows the user to change it, then update the database.


Preparing the existing data before an edit is proving difficult. I have 
to strip the html and make it format properly in the form.


Then put back html before saving again. I keep ending up with stray 
characters


Has anyone done this? Is there a tutorial on the web somewhere?

Thanks
Stephen



--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Editing in a text area field

[Daniel Brown]

On Fri, Jan 9, 2009 at 08:12, Stephen  wrote:
> I have a form to accept free text in a textarea field. The entry is stored
> in a database.
>
> If the user enters:
>
> abc
> def
> ghi
>
> I want it to finally display like that.
>
> If they enter
>
> abc
>
> def
>
> ghi
>
> I want it to display with the line gaps.

Why not store it as plain text in the database, then run it
through nl2br() when you SELECT it from the database for display?

-- 

daniel.br...@parasane.net || danbr...@php.net
http://www.parasane.net/ || http://www.pilotpig.net/
Unadvertised dedicated server deals, too low to print - email me to find out!

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: hello - thread on topic or not?

[Daniel Brown]

On Thu, Jan 8, 2009 at 19:21, Mattias Thorslund  wrote:
> I thought this was the PHP list, not the OS vs. OS list?
>
> Is this type of discussion now considered OK here? I recall people getting
> flamed for borderline off-topic posts even, just a few years ago.

You're right, Mattias.  Not only should every one of those folks
be ashamed of themselves for being involved in that thread - they are
also going to hell for it.

By comparison, sending a message - especially starting a new
thread - to ask if something is on- or off-topic is worse.

-- 

daniel.br...@parasane.net || danbr...@php.net
http://www.parasane.net/ || http://www.pilotpig.net/
Unadvertised dedicated server deals, too low to print - email me to find out!

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: Enabling tls negotiation in a socket

[Nathan Rixham]

Jehan Pagès wrote:

Hi,

I have a question about opening a normal socket, then negotiating a TLS
layer in PHP (through another protocol, which is XMPP in my case, in plain
text at the beginning). I am currently using a socket created by
"socket_create ()". But there seems not to be any way of switching to TLS
negotiation with this, is there?


first off; great to see somebody else using XMPP with php :D (there's a 
great xmpp lib for AS3 from ignite realitime that makes openfire) but no 
nice ones for php yet as far as I know - was always one of those 
projects I really wanted to do but couldn't justify without getting a 
client to part fund :p



Then I see the stream_socket_client () which can then switch to TLS with
stream_socket_enable_crypto (). But this is only above PHP 5.1.0. Can anyone
confirm me this is the right solution, and also only solution? (I mean
"already made" one, I am not going to implement TLS myself! :p)



IMHO this is the best way; using sockets gives you far more control 
which you'll be needing later.


you can also simply stream_socket_client("tls://whatever.com:6548", 

see: http://uk3.php.net/manual/en/transports.inet.php for all available 
transports




How would you do such a thing otherwise? And is it possible to use
stream_socket_enable_crypto () on the socket created by socket_create?


surely socket_create is the other way around (ie opens a server socket 
not a client connection)? are you trying to create an XMPP server in php? :o



Thanks all.

Jehan




--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: redoing website after 7 years

[Andrew Ballard]

On Fri, Jan 9, 2009 at 2:09 AM, Robert Cummings  wrote:
> On Fri, 2009-01-09 at 15:17 +1100, Chris wrote:
>> > I know many people will grin at me for this solution but may be faster way
>> > to overcome this problem to do a find for $ and replace with $_REQUEST. 
>> > even
>> > this will help you if you dealt with $_POST, $_GET, $_COOKIE.
>>
>> Please don't.
>>
>> $connection = mysql_connect(...)
>>
>> becomes
>>
>> $_REQUEST[$connection] (or something)
>
> How did you get those braces when you did search and replace?
>
> ;)
>
> Cheers,
> Rob.

Doesn't your search and replace tool support regular expression
matching and replacement?

Andrew

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: Editing in a text area field

[Nathan Rixham]

Stephen wrote:
I have a form to accept free text in a textarea field. The entry is 
stored in a database.


If the user enters:

abc
def
ghi

I want it to finally display like that.

If they enter

abc

def

ghi

I want it to display with the line gaps.

I use CSS so in the first case I would store as abcdef/>ghi


In the second abcdefghi

I also have an edit form, that takes the data out of the database, and 
allows the user to change it, then update the database.


Preparing the existing data before an edit is proving difficult. I have 
to strip the html and make it format properly in the form.


Then put back html before saving again. I keep ending up with stray 
characters


Has anyone done this? Is there a tutorial on the web somewhere?

Thanks
Stephen




you could always just use YUI rich text editor or tinymce on the client side

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: hello - thread on topic or not?

[Robert Cummings]

On Fri, 2009-01-09 at 12:59 +, Nathan Rixham wrote:
> Daniel Brown wrote:
> > On Thu, Jan 8, 2009 at 19:21, Mattias Thorslund  
> > wrote:
> >> I thought this was the PHP list, not the OS vs. OS list?
> >>
> >> Is this type of discussion now considered OK here? I recall people getting
> >> flamed for borderline off-topic posts even, just a few years ago.
> > 
> > You're right, Mattias.  Not only should every one of those folks
> > be ashamed of themselves for being involved in that thread - they are
> > also going to hell for it.
> > 
> > By comparison, sending a message - especially starting a new
> > thread - to ask if something is on- or off-topic is worse.
> > 
> 
> rob cummings started it
> :D

"Not I", said the fly!
"Maybe you", spoke the poo.

Cheers,
Rob.
-- 
http://www.interjinn.com
Application and Templating Framework for PHP


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: redoing website after 7 years

[Robert Cummings]

On Fri, 2009-01-09 at 08:56 -0500, Andrew Ballard wrote:
> On Fri, Jan 9, 2009 at 2:09 AM, Robert Cummings  wrote:
> > On Fri, 2009-01-09 at 15:17 +1100, Chris wrote:
> >> > I know many people will grin at me for this solution but may be faster 
> >> > way
> >> > to overcome this problem to do a find for $ and replace with $_REQUEST. 
> >> > even
> >> > this will help you if you dealt with $_POST, $_GET, $_COOKIE.
> >>
> >> Please don't.
> >>
> >> $connection = mysql_connect(...)
> >>
> >> becomes
> >>
> >> $_REQUEST[$connection] (or something)
> >
> > How did you get those braces when you did search and replace?
> >
> > ;)
> >
> > Cheers,
> > Rob.
> 
> Doesn't your search and replace tool support regular expression
> matching and replacement?

Well yes, but the instrutions didn't indicate using a regex ;)

Cheers,
Rob.
-- 
http://www.interjinn.com
Application and Templating Framework for PHP


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Editing in a text area field

[tedd]

At 8:12 AM -0500 1/9/09, Stephen wrote:
I have a form to accept free text in a textarea field. The entry is 
stored in a database.


If the user enters:

abc
def
ghi

I want it to finally display like that.

If they enter

abc

def

ghi

I want it to display with the line gaps.

I use CSS so in the first case I would store as abcdefghi

In the second abcdefghi

I also have an edit form, that takes the data out of the database, 
and allows the user to change it, then update the database.


Preparing the existing data before an edit is proving difficult. I 
have to strip the html and make it format properly in the form.


Then put back html before saving again. I keep ending up with stray characters

Has anyone done this? Is there a tutorial on the web somewhere?

Thanks
Stephen


Stephen:

Just store data in a dB, not data AND html.

Besides, things change. You never know how the client will want the 
data displayed.


Cheers,

tedd


--
---
http://sperling.com  http://ancientstones.com  http://earthstones.com

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: Enabling tls negotiation in a socket

[Jehan Pagès]

Hi,

first off; great to see somebody else using XMPP with php :D (there's a
> great xmpp lib for AS3 from ignite realitime that makes openfire) but no
> nice ones for php yet as far as I know - was always one of those projects I
> really wanted to do but couldn't justify without getting a client to part
> fund :p
>

that's just a small program which I do. It is a plugin for the wordpress
publication system which publishes tickets on a pubsub node (replacing RSS
by pubsub through XMPP for realtime notification so! :-).

I don't use any external XMPP-specific library for this. Fortunately you
have many stuffs in PHP and it is really easy to implement XMPP. I think my
small program does already quite enough for me (I can connect, using SRV
Records when possible, encrypt Digest-MD5/CramMD5/PLAIN, I create container
nodes and leaf nodes, add and remove items in them, and soon so I will have
TLS support... :p I don't need to be able to do more for my program's
purpose :-).



>
>
>  Then I see the stream_socket_client () which can then switch to TLS with
>> stream_socket_enable_crypto (). But this is only above PHP 5.1.0. Can
>> anyone
>> confirm me this is the right solution, and also only solution? (I mean
>> "already made" one, I am not going to implement TLS myself! :p)
>>
>>
> IMHO this is the best way; using sockets gives you far more control which
> you'll be needing later.
>
> you can also simply stream_socket_client("tls://whatever.com:6548", 
>


But in XMPP, the new way of doing stuff with TLS is to open a normal socket,
then switch to TLS with the  at authentication time (answered
into  by the server). Opening directly an encrypted channel was
the old way of doing encryption stuff and is now deprecated (this is why now
we use only one port, 5222, which can switch into TLS before authentication,
whereas the old time were using another port, 5223, dedicated to SSL).
I am not very used to this function, but if I understand well what you
propose here, it is to open directly a socket with ssl encryption, hence it
is the old way. I was thinking about using stream_socket_enable_crypto (),
because it looks to be more like what I want, which is a socket which is
plain text at the beginning, then which I can switch to TLS after.
Is it it, or am I wrong? And then I would be happy to learn what your
proposition is doing.


> surely socket_create is the other way around (ie opens a server socket not
> a client connection)? are you trying to create an XMPP server in php? :o
>

No as I said, I am making a client. ;-) But socket_create works also as a
client socket. I am sure of it, because in my current (and working!) version
of the plugin, I already use a socket this way. :p
Anyway I was more especially hoping to find a way to switch a socket to TLS
without forcing users to use the lattest php version (> 5.1) and also
without having to change too much stuffs in my code (I think it won't be too
difficult because I already encapsulated the socket creation in a personal
class. But I am lazy and it is easier to make the less possible changes to
avoid unexpected bugs! :-D )
Thanks.

Jehan

Re: [PHP] Re: hello

[tedd]

At 1:39 PM -0500 1/8/09, Robert Cummings wrote:

On Thu, 2009-01-08 at 13:13 -0500, tedd wrote:

 > It's always a safe bet to move towards the center of the herd.

Bah, sheeple! I like to stay away from the herd.

Cheers,
Rob.


I'm sure the feeling is mutual.

A better mouthwash perhaps. :-)

Cheers,

tedd

--
---
http://sperling.com  http://ancientstones.com  http://earthstones.com

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: hello

[tedd]

At 1:03 PM -0600 1/8/09, Skip Evans wrote:
Incidentally, I think building their OS on FreeBSD was about the 
smartest thing the Apple/Mac people ever did.


Skip


There are bright people at Apple, like Jobs -- exceptional individual.

Compare Job's presentations to Gates' and you have examples of "what 
to do" and "what not to do". There's even a book called "Presentation 
Zen" that makes that comparison.




Exceptional book, BTW.

Cheers,

tedd
--
---
http://sperling.com  http://ancientstones.com  http://earthstones.com

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: redoing website after 7 years

[Lamp Lists]

From: Al 
To: php-general@lists.php.net
Sent: Thursday, January 8, 2009 11:50:26 AM
Subject: [PHP] Re: redoing website after 7 years



Lamp Lists wrote:
> hi guys,
> I did php/mysql based website for one my client 7 years ago, in time when 
> register_globals was on by default.
> hosting company upgraded server to php5/mysql5 and turned globals off. the 
> site is doesn't work any more.
> I can define globals on again in .htaccess but rather not because it could be 
> a big risk.
> to work again I have to spend a lot of hours to modify the code. boring job. 
> but, I'm more concern does client has to pay the changes/upgrade or it's 
> still "my obligation"?
> anybody had similar experience?
> 
> thanks for any help.
> 
> ll
> 
> 
> 
> 
>  

> What's the magnitude of the problem?  Are there a handful of files that need 
> fixing or hundreds?

i think there is 10-15 hrs of work. at least.


  

Re: [PHP] Re: hello

[tedd]

At 7:18 PM + 1/8/09, Nathan Rixham wrote:
if it's a computer thats on, with an os, a keyboard and a network 
card connected to the internet it's insecure.


It doesn't even have to be connected to the Internet to be insecure.

Cheers,

tedd

--
---
http://sperling.com  http://ancientstones.com  http://earthstones.com

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] redoing website after 7 years

[Lamp Lists]

I think I did code well (everybody can say the code is 100% proof - until get 
hacked ;-)) and never, for these 7 years had problems. And I'm sure the site 
will be just ok if I switch register_globals back to On through .htaccess. 
Actually, I offered the client 3 options: 1. redo the website (after 7 years, 
it's really time to do that :-)); 2. fix the code but keep the site the same; 
3. change .htaccess. the site will work just fine;

though, I also think, if you built your code with register_globals on several 
years ago, you are still in a danger. Big or small, depends on your code, but 
still in risky group. right?

anyway, the client was really understandable and we are going most likely to 
build new website.

thanks for opinions and help.

ll





From: Jim Lucas 
To: Robert Cummings 
Cc: Nathan Rixham ; Richard Heyes ; 
lamp.li...@yahoo.com; "php-general@lists.php.net" 
Sent: Thursday, January 8, 2009 10:51:32 AM
Subject: Re: [PHP] redoing website after 7 years

Robert Cummings wrote:
> On Wed, 2009-01-07 at 16:16 -0800, Jim Lucas wrote:
>> Nathan Rixham wrote:
>>> Richard Heyes wrote:
> but, I'm more concern does client has to pay the changes/upgrade or 
> it's still "my obligation"?
 Of course you charge him. Christ if I was expected to maintain stuff
 gratis that I wrote 7 years ago I'd be mullahed.

>>> concurred, personally I'd be tempted to offer to find or indeed resetup 
>>> on an old server if they could find one for free, but as for upgrading 
>>> certainly quote/charge.
>>>
>> If one was to go this route, then why not just use a .htaccess file and turn 
>> on register_globals and 
>> call it good?
>>
>> I mean really, the customer would be in no greater risk then what they had 
>> been for the last 7 years.
>>
>> Reason being, nothing else has changed about the script.  If their is an 
>> exploit in the script now, 
>> then their was an exploit in the past.
>>
>> I realize that I am going against what I preach here.  But really, the ISP 
>> isn't going to pay for 
>> it.  The own isn't going to want to pay for it.  Can't squeeze blood from a 
>> turnip...
> 
> What if the turnip is the programmer?
> 

In this case, it wouldn't be.

>> If the programmer designed an insecure web site 7 years ago then the 
>> programmer should be 
>> responsible for making the application secure.  That was part of his/her job 
>> in the beginning.
> 
> Nobody said it's insecure... only that register globals was used as a
> feature, a feature at one point touted as useful to the PHP language. As
> has been mentioned previously, register globals is not real culprit of
> insecurity in this context, the real culprit is poor programming while
> using register globals... unfortunately such programming was common thus
> requiring a strong antidote... namely the downstream removal of support
> for the feature.
> 

I didn't mean to imply that the programmer did build an insecure app.  I said 
"if the programmer designed and insecure web site".

If the designer didn't build an insecure app, then it wont hurt a thing to turn 
on register_globals and just go back to the way it was before the ISP
upgraded.

>> I mean, sure when I first started designing/building web sites I thought I 
>> was doing the right thing 
>> most of the time.  If two years down the road I had a moment of clarity and 
>> I realized that I had 
>> been doing something wrong or in-secure for the past two years (which I've 
>> done) then I would go 
>> back and tell the customer that I did something wrong or in-secure and I 
>> would fix it for free. 
> 
> Ahhh... but this presumes the programmer did something wrong. That has
> not yet been determined. All we know is that globals were used, not that
> they were necessarily used incorrectly.
> 

I didn't say that, nor did I mean to imply that.  I was talking about my 
experiences.

>> Thia is part of my responsibility as a designer
>>
>> With that said, I would image that over the past 7 years, if the site has 
>> not been exploited, then I 
>> would think that by turning register_globals back on would be of no concern.
>>
>> To me, all the above sounds logical.  If I am missing something, please 
>> point it out.
> 
> Duly pointed out ;)
> 
> Cheers,
> Rob.

So, here is how I would summarize all the above.

Whether or not the programmer used the feature register_globals isn't of 
concern.

Whether the programmer designed and insecure app is the concern.





-- 
Jim Lucas

   "Some men are born to greatness, some achieve greatness,
   and some have greatness thrust upon them."

Twelfth Night, Act II, Scene V
by William Shakespeare

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


  

Re: [PHP] redoing website after 7 years

[Lamp Lists]

From: Jim Lucas 
To: Robert Cummings 
Cc: Nathan Rixham ; Richard Heyes ; 
lamp.li...@yahoo.com; "php-general@lists.php.net" 
Sent: Thursday, January 8, 2009 10:51:32 AM
Subject: Re: [PHP] redoing website after 7 years

Robert Cummings wrote:
> On Wed, 2009-01-07 at 16:16 -0800, Jim Lucas wrote:
>> Nathan Rixham wrote:
>>> Richard Heyes wrote:
> but, I'm more concern does client has to pay the changes/upgrade or 
> it's still "my obligation"?
 Of course you charge him. Christ if I was expected to maintain stuff
 gratis that I wrote 7 years ago I'd be mullahed.

>>> concurred, personally I'd be tempted to offer to find or indeed resetup 
>>> on an old server if they could find one for free, but as for upgrading 
>>> certainly quote/charge.
>>>
>> If one was to go this route, then why not just use a .htaccess file and turn 
>> on register_globals and 
>> call it good?
>>
>> I mean really, the customer would be in no greater risk then what they had 
>> been for the last 7 years.
>>
>> Reason being, nothing else has changed about the script.  If their is an 
>> exploit in the script now, 
>> then their was an exploit in the past.
>>
>> I realize that I am going against what I preach here.  But really, the ISP 
>> isn't going to pay for 
>> it.  The own isn't going to want to pay for it.  Can't squeeze blood from a 
>> turnip...
> 
> What if the turnip is the programmer?
> 

In this case, it wouldn't be.

>> If the programmer designed an insecure web site 7 years ago then the 
>> programmer should be 
>> responsible for making the application secure.  That was part of his/her job 
>> in the beginning.
> 
> Nobody said it's insecure... only that register globals was used as a
> feature, a feature at one point touted as useful to the PHP language. As
> has been mentioned previously, register globals is not real culprit of
> insecurity in this context, the real culprit is poor programming while
> using register globals... unfortunately such programming was common thus
> requiring a strong antidote... namely the downstream removal of support
> for the feature.
> 

I didn't mean to imply that the programmer did build an insecure app.  I said 
"if the programmer designed and insecure web site".

If the designer didn't build an insecure app, then it wont hurt a thing to turn 
on register_globals and just go back to the way it was before the ISP
upgraded.

>> I mean, sure when I first started designing/building web sites I thought I 
>> was doing the right thing 
>> most of the time.  If two years down the road I had a moment of clarity and 
>> I realized that I had 
>> been doing something wrong or in-secure for the past two years (which I've 
>> done) then I would go 
>> back and tell the customer that I did something wrong or in-secure and I 
>> would fix it for free. 
> 
> Ahhh... but this presumes the programmer did something wrong. That has
> not yet been determined. All we know is that globals were used, not that
> they were necessarily used incorrectly.
> 

I didn't say that, nor did I mean to imply that.  I was talking about my 
experiences.

>> Thia is part of my responsibility as a designer
>>
>> With that said, I would image that over the past 7 years, if the site has 
>> not been exploited, then I 
>> would think that by turning register_globals back on would be of no concern.
>>
>> To me, all the above sounds logical.  If I am missing something, please 
>> point it out.
> 
> Duly pointed out ;)
> 
> Cheers,
> Rob.

So, here is how I would summarize all the above.

Whether or not the programmer used the feature register_globals isn't of 
concern.

Whether the programmer designed and insecure app is the concern.





-- 
Jim Lucas

   "Some men are born to greatness, some achieve greatness,
   and some have greatness thrust upon them."

Twelfth Night, Act II, Scene V
by William Shakespeare

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php



sorry for top-posting in my previous email. errarer humanum est!
:-)

ll 



  

Re: [PHP] Re: hello

[Andrew Ballard]

On Fri, Jan 9, 2009 at 9:54 AM, tedd  wrote:
> At 7:18 PM + 1/8/09, Nathan Rixham wrote:
>>
>> if it's a computer thats on, with an os, a keyboard and a network card
>> connected to the internet it's insecure.
>
> It doesn't even have to be connected to the Internet to be insecure.
>
> Cheers,
>
> tedd
>

Nope. It just has to accept instructions.

Andrew

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] How can a script tell if there's a MySQL problem?

[Brian Dunning]

I have one server that's pretty busy and runs into "Too many  
connections" from MySQL from time to time, and needs to have MySQL  
restarted to clear it up.


I've tried everything I can think of to have PHP take note of this  
error but continue executing with other stuff, but no matter what I  
try the PHP script stops whenever it encounters this and just displays  
"Too many connections."


Anyone know if there's a way for PHP to gracefully detect this and  
resume operation without choking?


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] imagejpeg, imagecreatefromjpeg both choke

[Brian Dunning]

I'm trying a stripped down test just to try to get this work. I have a  
valid jpeg on disk:


3.jpg<- 3316x2220, 3.6 MB

And am trying either of the following:

// This does nothing at all
imagejpeg('3.jpg');

// This displays "failed"
$im = imagecreatefromjpeg('3.jpg');
if(!$im) echo 'failed';

phpinfo() shows GD enabled, JPEG functions enabled, memory_limit at  
256M, permissions on the file and the enclosing folder are 777. Any  
suggestions what else I can try to debug this?


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: hello - thread on topic or not?

[Robert Cummings]

On Fri, 2009-01-09 at 07:29 -0800, Mattias Thorslund wrote:
> Daniel Brown wrote:
> >> You're right, Mattias.  Not only should every one of those folks
> >> be ashamed of themselves for being involved in that thread - they are
> >> also going to hell for it.
> >>
> >> By comparison, sending a message - especially starting a new
> >> thread - to ask if something is on- or off-topic is worse.
> 
> I was simply wondering. I took my reply to Robert off-list because I 
> felt that the question didn't need to be further discussed on the list. 
> Here's the exchange:
> 
> Robert Cummings wrote:
> > On Fri, 2009-01-09 at 02:28 -0800, Mattias Thorslund wrote:
> >   
> >> Robert Cummings wrote:
> >> 
> >>> On Thu, 2009-01-08 at 16:21 -0800, Mattias Thorslund wrote:
> >>>   
> >>>   
>  I thought this was the PHP list, not the OS vs. OS list?
> 
>  Is this type of discussion now considered OK here? I recall people 
>  getting flamed for borderline off-topic posts even, just a few years ago.
>  
>  
> >>> This is PHP general... we talk about PHP and, quite often, generally
> >>> related topics. Security is generally related.
> >>>
> >>> Cheers,
> >>> Rob.
> >>>   
> >>>   
> >> OK, I'm happy with that. Was just wondering :-)
> >> 
> >
> > It used to be more strict, but over time, I believe that a fairly common
> > concensus formed that it wasn't necessary to always make the distinction
> > because so many technologies come into focus while developing in PHP. As
> > a result topics often veer into less than straight PHP discussions but
> > many readers are happy to broaden their knowledge via such sidetracks.
> > Since the off-topic question comes up quite seldom, I imagine most
> > readers are happy with the current status quo.
> >
> > Cheers,
> > Rob.
> >   
> 
> I hope that settles the issue for everyone concerned.
> 
> Cheers,
> 
> Mattias
> 
> PS. Note this is off-list as well, just to keep this chatter from the 
> list. I don't mind any of it being shared on the list, if anyone thinks 
> it is interesting...I don't.

Lol, I didn't realize it was off-list or I would have posted it back so
that others could throw in their opinions or speak their mind if they
disagreed.

Cheers,
Rob.
-- 
http://www.interjinn.com
Application and Templating Framework for PHP


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] imagejpeg, imagecreatefromjpeg both choke

[Zechim]

try,

   header('Content-type: image/jpeg');
   $image   = imagecreatefromjpeg($your_file);
   imagejpeg($image,"", 100);
   imagedestroy($image);

zechim

Brian Dunning escreveu:
I'm trying a stripped down test just to try to get this work. I have a 
valid jpeg on disk:


3.jpg<- 3316x2220, 3.6 MB

And am trying either of the following:

// This does nothing at all
imagejpeg('3.jpg');

// This displays "failed"
$im = imagecreatefromjpeg('3.jpg');
if(!$im) echo 'failed';

phpinfo() shows GD enabled, JPEG functions enabled, memory_limit at 
256M, permissions on the file and the enclosing folder are 777. Any 
suggestions what else I can try to debug this?





--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] First steps towards unix and php

[Frank Stanovcak]

*bangs head on wall*

Great...just what I need.  More acronyms.  :P


Frank
"Paul Scott"  wrote in message 
news:1231506224.7389.7.ca...@paul-laptop...
>
> On Fri, 2009-01-09 at 14:53 +0200, Paul Scott wrote:
>> First choice is ./configure && make && make install, second choice is
>> apt
>>
>
> Even better, of course, is the:
>
> "Yo sysadmin intern! Install  for me please and don't screw it
> up"
>
> -- Paul
>
>





> All Email originating from UWC is covered by disclaimer
> http://www.uwc.ac.za/portal/public/portal_services/disclaimer.htm
> 



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] How can a script tell if there's a MySQL problem?

[Marc Steinert]

Brian Dunning schrieb:
I have one server that's pretty busy and runs into "Too many 
connections" from MySQL from time to time, and needs to have MySQL 
restarted to clear it up.


I've tried everything I can think of to have PHP take note of this 
error but continue executing with other stuff, but no matter what I 
try the PHP script stops whenever it encounters this and just displays 
"Too many connections."


Anyone know if there's a way for PHP to gracefully detect this and 
resume operation without choking?



Take a look at http://php.net/mysql_ping

--
http://bithub.net/
Synchronize and share your files over the web for free


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] How can a script tell if there's a MySQL problem?

[Per Jessen]

Brian Dunning wrote:

> I have one server that's pretty busy and runs into "Too many
> connections" from MySQL from time to time, and needs to have MySQL
> restarted to clear it up.

You need to restart MySQL just because of too many connections??  

> I've tried everything I can think of to have PHP take note of this
> error but continue executing with other stuff, but no matter what I
> try the PHP script stops whenever it encounters this and just displays
> "Too many connections."

Isn't that error returned by mysql_connect()?  Just write your code to
work without the database connection. 


/Per Jessen, Zürich


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Editing in a text area field

[Stephen]

Daniel Brown wrote:

I want it to display with the line gaps.



Why not store it as plain text in the database, then run it
through nl2br() when you SELECT it from the database for display?
  

Thank you! That is the way I will do this.

I may want to change  to  but that should be easy.

Cheers
Stephen

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: hello

[Nathan Rixham]

tedd wrote:

At 7:18 PM + 1/8/09, Nathan Rixham wrote:
if it's a computer thats on, with an os, a keyboard and a network card 
connected to the internet it's insecure.


It doesn't even have to be connected to the Internet to be insecure.

Cheers,

tedd



hence the mention of a keyboard :p

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: How can a script tell if there's a MySQL problem?

[Nathan Rixham]

Brian Dunning wrote:
I have one server that's pretty busy and runs into "Too many 
connections" from MySQL from time to time, and needs to have MySQL 
restarted to clear it up.


I've tried everything I can think of to have PHP take note of this error 
but continue executing with other stuff, but no matter what I try the 
PHP script stops whenever it encounters this and just displays "Too many 
connections."


Anyone know if there's a way for PHP to gracefully detect this and 
resume operation without choking?


why not simply increase the max_connections mysql variable to something 
a bit higher :)


http://dev.mysql.com/doc/refman/5.1/en/too-many-connections.html

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] How can a script tell if there's a MySQL problem?

[Bastien Koert]

On Fri, Jan 9, 2009 at 11:07 AM, Per Jessen  wrote:

> Brian Dunning wrote:
>
> > I have one server that's pretty busy and runs into "Too many
> > connections" from MySQL from time to time, and needs to have MySQL
> > restarted to clear it up.
>
> You need to restart MySQL just because of too many connections??
>
> > I've tried everything I can think of to have PHP take note of this
> > error but continue executing with other stuff, but no matter what I
> > try the PHP script stops whenever it encounters this and just displays
> > "Too many connections."
>
> Isn't that error returned by mysql_connect()?  Just write your code to
> work without the database connection.
>
>
> /Per Jessen, Zürich
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
1. Make sure you are freeing up all resources as soon as you can ->
mysql_close();

2. Change the my.cnf file connection number to a larger amount -> *
max_connections*

3. cache what you can (memcache, apc, filesystem, etc)

-- 

Bastien

Cat, the other other white meat

[PHP] Create image from HTML

[Christoph Boget]

Does anyone know if it's possible, using PHP, to take HTML (either as
an input or from a URL) and generate an image (essentially, create a
screenshot) of that HTML/page?  I've looked around but was unable to
find anything and I'm just not sure if it's that there really is
nothing like this out there or if I'm just looking in the wrong
places.

Any advice/suggestions would be greatly appreciated!

thnx,
Christoph

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: hello

[Daniel Brown]

On Fri, Jan 9, 2009 at 11:17, Nathan Rixham  wrote:
> tedd wrote:
>>
>> At 7:18 PM + 1/8/09, Nathan Rixham wrote:
>>>
>>> if it's a computer thats on, with an os, a keyboard and a network card
>>> connected to the internet it's insecure.
>>
>> It doesn't even have to be connected to the Internet to be insecure.
>>
>
> hence the mention of a keyboard :p

 and his response to your use of 'and' in your statement.  ;-P

-- 

daniel.br...@parasane.net || danbr...@php.net
http://www.parasane.net/ || http://www.pilotpig.net/
Unadvertised dedicated server deals, too low to print - email me to find out!

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: Create image from HTML

[Nathan Rixham]

Christoph Boget wrote:

Does anyone know if it's possible, using PHP, to take HTML (either as
an input or from a URL) and generate an image (essentially, create a
screenshot) of that HTML/page?  I've looked around but was unable to
find anything and I'm just not sure if it's that there really is
nothing like this out there or if I'm just looking in the wrong
places.

Any advice/suggestions would be greatly appreciated!

thnx,
Christoph


only way would be if you had php running on a server with a GUI, a 
program for grabbing screenshots, and some form of API to control from 
php (and recieve output)


there is a class for windows on php classes 
http://www.phpclasses.org/browse/package/4608.html and I'm sure theres a 
couple of perl scripts for nix boxes on the net you could interface with


regards

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: hello

[Nathan Rixham]

Daniel Brown wrote:

On Fri, Jan 9, 2009 at 11:17, Nathan Rixham  wrote:

tedd wrote:

At 7:18 PM + 1/8/09, Nathan Rixham wrote:

if it's a computer thats on, with an os, a keyboard and a network card
connected to the internet it's insecure.

It doesn't even have to be connected to the Internet to be insecure.


hence the mention of a keyboard :p


 and his response to your use of 'and' in your statement.  ;-P



this thread is immense, and in reality i think the whole thing has been 
about peoples use of language, as that's all that's been debated (?) :p


i hereby withdraw my and from this thread; oh and my use of equally 
yesterday.


a few years ago when I first met my rach (we met online), we'd have 
random conversations stretching several pages on various forums and 
social site profiles we had - i'd find it massively amusing to then go 
in and delete all of my replies so the whole thing just looked like her 
on a mad one - wish i could do that with this list sometimes :p



--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Editing in a text area field

[Daniel Brown]

On Fri, Jan 9, 2009 at 11:15, Stephen  wrote:
>
> Thank you! That is the way I will do this.
>
> I may want to change  to  but that should be easy.


(\r)?(\n)?/Ui","$1$2",$str);
return $str;
}

$str = "This is an example of the use of this function.It
should replace only double  tags.";

echo br2p($str)."\n";

$str =<<, , , ,
, , , or even 
tags side-by-side, they should be replaced with .  In
addition, if there is a newline
character in *NIX, Windows, or old-style Mac/Amiga, this will
be carried over in the translation.

This will ensure preservation of all but the  tags.

HTML;

echo br2p(nl2br($str));
?>



-- 

daniel.br...@parasane.net || danbr...@php.net
http://www.parasane.net/ || http://www.pilotpig.net/
Unadvertised dedicated server deals, too low to print - email me to find out!

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: hello

[Daniel Brown]

On Fri, Jan 9, 2009 at 11:56, Nathan Rixham  wrote:
>
> a few years ago when I first met my rach (we met online), we'd have random
> conversations stretching several pages on various forums and social site
> profiles we had - i'd find it massively amusing to then go in and delete all
> of my replies so the whole thing just looked like her on a mad one - wish i
> could do that with this list sometimes :p

You can.



Or, on Windows, drop to a command line and type:

del TheInternet

(On older Windows systems, you'll have to type `del TheInt~1`)

-- 

daniel.br...@parasane.net || danbr...@php.net
http://www.parasane.net/ || http://www.pilotpig.net/
Unadvertised dedicated server deals, too low to print - email me to find out!

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] How can a script tell if there's a MySQL problem?

[Nathan Rixham]

Bastien Koert wrote:

1. Make sure you are freeing up all resources as soon as you can ->
mysql_close();



little thing I've done for some time that's stuck with; (php5+ only)

on all of my database connection classes, I have the db close function 
in the destructor just to make sure


dbHandle)) {
  mysql_close($this->dbHandle);
}
  }

}

?>

just 'cos it's one less thing to worry about.

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: hello - thread on topic or not?

[Daniel Brown]

On Fri, Jan 9, 2009 at 10:40, Robert Cummings  wrote:
>
> Lol, I didn't realize it was off-list or I would have posted it back so
> that others could throw in their opinions or speak their mind if they
> disagreed.

Indeed.  I think, especially with the "regulars" that have been
here for years, that list responses are more timely and productive,
thanks, in part, to the (virtual) atmosphere and somewhat unrestricted
nature of the list.

-- 

daniel.br...@parasane.net || danbr...@php.net
http://www.parasane.net/ || http://www.pilotpig.net/
Unadvertised dedicated server deals, too low to print - email me to find out!

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: hello

[Nathan Rixham]

Daniel Brown wrote:

On Fri, Jan 9, 2009 at 11:56, Nathan Rixham  wrote:
  

a few years ago when I first met my rach (we met online), we'd have random
conversations stretching several pages on various forums and social site
profiles we had - i'd find it massively amusing to then go in and delete all
of my replies so the whole thing just looked like her on a mad one - wish i
could do that with this list sometimes :p



You can.



  
turns out the official word from php itself is that this list doesn't 
exist *oh nos*


Warning:  unlink(php-general@lists.php.net) [href='function.unlink'>function.unlink]: No such file or directory


(or did i run it twice by accident..)


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Adding extension to an existing PHP install

[Tim Donnelly]

Hello list,

 

I have a PHP (5.2.1) installation on an openSUSE 10.1 server.  PHP was
initially compiled from source and I have the original config.nice file,
so I know what options were used.  l need to add an extension to this
running installation, specifically I need to add LDAP support.

 

How is the best way to do this?  I know I can recompile and reinstall,
but I am worried that some extensions may have been added after the
initial install and my new installation would overwrite those.  

 

I've looked at PECL and PEAR.  Using PEAR I added the AUTH package, but
that didn't seem to fix anything, I think that is more for developing an
LDAP enabled app, rather than allowing an existing one to utilize LDAP
functionality.  PECL didn't seem to have anything LDAP related, unless I
missed it.

 

Thank you

 

[PHP] Couple of beginner questions

[Gary]

I've done a number of sites in html and am now venturing into php.

Can I create a page in html and insert php code that will work? (for 
example, take an existing page and insert a date command)

Can I create a page with the php extension that contains only contains html 
and no php?  If so are there advantages/disadvantages?

Can I mix and match file formats (php/html) in a single site?

Thanks for any input.

Gary 



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Couple of beginner questions

[Wolf]

 Gary  wrote: 
> I've done a number of sites in html and am now venturing into php.
> 
> Can I create a page in html and insert php code that will work? (for 
> example, take an existing page and insert a date command)
Yup

 
> Can I create a page with the php extension that contains only contains html 
> and no php?  If so are there advantages/disadvantages?
Yujp
 
> Can I mix and match file formats (php/html) in a single site?
Yup

> Thanks for any input.
> 
> Gary 
> 
> 
> 
> -- 
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
> 


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] imagejpeg, imagecreatefromjpeg both choke

[Brian Dunning]

Same thing, no output at all. I can access the image directly in my  
browser and it's fine.


On Jan 9, 2009, at 7:52 AM, Zechim wrote:


try,

  header('Content-type: image/jpeg');
  $image   = imagecreatefromjpeg($your_file);
  imagejpeg($image,"", 100);
  imagedestroy($image);

zechim



--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: Adding extension to an existing PHP install

[Nathan Rixham]

Tim Donnelly wrote:

Hello list,

 


I have a PHP (5.2.1) installation on an openSUSE 10.1 server.  PHP was
initially compiled from source and I have the original config.nice file,
so I know what options were used.  l need to add an extension to this
running installation, specifically I need to add LDAP support.

 


How is the best way to do this?  I know I can recompile and reinstall,
but I am worried that some extensions may have been added after the
initial install and my new installation would overwrite those.  

 


I've looked at PECL and PEAR.  Using PEAR I added the AUTH package, but
that didn't seem to fix anything, I think that is more for developing an
LDAP enabled app, rather than allowing an existing one to utilize LDAP
functionality.  PECL didn't seem to have anything LDAP related, unless I
missed it.

 


Thank you

 





I always just do a phpinfo on the box I'm upgrading, grab the .configure 
line and re-use it adding in or changing what I need; that way it's sure 
to be the same?


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: hello

[Andrew Ballard]

On Fri, Jan 9, 2009 at 12:08 PM, Nathan Rixham  wrote:
> Daniel Brown wrote:
>>
>> On Fri, Jan 9, 2009 at 11:56, Nathan Rixham  wrote:
>>
>>>
>>> a few years ago when I first met my rach (we met online), we'd have
>>> random
>>> conversations stretching several pages on various forums and social site
>>> profiles we had - i'd find it massively amusing to then go in and delete
>>> all
>>> of my replies so the whole thing just looked like her on a mad one - wish
>>> i
>>> could do that with this list sometimes :p
>>>
>>
>>You can.
>>
>> 
>>
>>
>
> turns out the official word from php itself is that this list doesn't exist
> *oh nos*
> 
> Warning:  unlink(php-general@lists.php.net) [ href='function.unlink'>function.unlink]: No such file or directory
>
> (or did i run it twice by accident..)
>
>

Now... you'd have really freaked out if that had actually worked!  LOL

Andrew

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: hello

[Daniel Brown]

On Fri, Jan 9, 2009 at 12:08, Nathan Rixham  wrote:
>
> turns out the official word from php itself is that this list doesn't exist
> *oh nos*
> 
> Warning:  unlink(php-general@lists.php.net) [ href='function.unlink'>function.unlink]: No such file or directory
>
> (or did i run it twice by accident..)

Yeah, coincidentally, I was going to use error suppression, but I
didn't want to hear complaints about how it's bad form.



I think I'm going to print up a T-shirt that says just that.

-- 

daniel.br...@parasane.net || danbr...@php.net
http://www.parasane.net/ || http://www.pilotpig.net/
Unadvertised dedicated server deals, too low to print - email me to find out!

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: hello

[Daniel Brown]

On Fri, Jan 9, 2009 at 12:34, Andrew Ballard  wrote:
>
> Now... you'd have really freaked out if that had actually worked!  LOL

Hey, good point, Andrew.

Nate, you do know that was only pseudo-code, right?  Don't run
that in production!

-- 

daniel.br...@parasane.net || danbr...@php.net
http://www.parasane.net/ || http://www.pilotpig.net/
Unadvertised dedicated server deals, too low to print - email me to find out!

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Couple of beginner questions

[Gary]

Thanks for your input wolf, so would I be correct that the only advantage to 
having a page with a php extension is that you can use a testing server?

Thanks again.

gary
"Wolf"  wrote in message 
news:20090109172254.7y5r1.75233.r...@cdptpa-web07-z01...
>
>  Gary  wrote:
>> I've done a number of sites in html and am now venturing into php.
>>
>> Can I create a page in html and insert php code that will work? (for
>> example, take an existing page and insert a date command)
> Yup
>
>
>> Can I create a page with the php extension that contains only contains 
>> html
>> and no php?  If so are there advantages/disadvantages?
> Yujp
>
>> Can I mix and match file formats (php/html) in a single site?
> Yup
>
>> Thanks for any input.
>>
>> Gary
>>
>>
>>
>> -- 
>> PHP General Mailing List (http://www.php.net/)
>> To unsubscribe, visit: http://www.php.net/unsub.php
>>
> 



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: hello

[Andrew Ballard]

On Fri, Jan 9, 2009 at 12:35 PM, Daniel Brown  wrote:
> On Fri, Jan 9, 2009 at 12:34, Andrew Ballard  wrote:
>>
>> Now... you'd have really freaked out if that had actually worked!  LOL
>
>Hey, good point, Andrew.
>
>Nate, you do know that was only pseudo-code, right?  Don't run
> that in production!
>
> --
> 

Maybe he only ran it in a virtual machine.   ;-)

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: Couple of beginner questions

[Nathan Rixham]

Gary wrote:

I've done a number of sites in html and am now venturing into php.

Can I create a page in html and insert php code that will work? (for 
example, take an existing page and insert a date command)


if it has the file extension .php then it will be passed through php and 
compiled; otherwise the php source code you insert will just show up in 
the html source.




Can I create a page with the php extension that contains only contains html 
and no php?  If so are there advantages/disadvantages?


yep; advantage is if you later add in some php to the page it'll compile 
(see above)




Can I mix and match file formats (php/html) in a single site?


yep, every file is a different file



Thanks for any input.

Gary 





np; you may get some comments about being able to configure you're 
server so that php parses files with different extensions (such as 
.html); but this would require some customisation of the web server 
config files and probably best avoided for now.


note: sometimes it is worth always having each script/html page in it's 
own directory with the default file name; that way you can upgrade chop 
and change without changing the page urls - ie:


if you make /contact/index.html or /contact/index.php
then the url /contact/ will show the default index page, allowing you to 
swap and change


whereas if you have /contact.html then you'll need to rename the file to 
contact.php and thus you're urls will change unnessacerily.


ps: wd for choosing php :)

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Couple of beginner questions

[Eric Butera]

On Fri, Jan 9, 2009 at 12:22 PM, Wolf  wrote:
>
>  Gary  wrote:
>> I've done a number of sites in html and am now venturing into php.
>>
>> Can I create a page in html and insert php code that will work? (for
>> example, take an existing page and insert a date command)
> Yup

Um... if the file ext is .html and php isn't set to run that then nope.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Couple of beginner questions

[Andrew Ballard]

On Fri, Jan 9, 2009 at 12:18 PM, Gary  wrote:
> I've done a number of sites in html and am now venturing into php.
>
> Can I create a page in html and insert php code that will work? (for
> example, take an existing page and insert a date command)

Not unless you configure your web server to parse all .html documents
with PHP first.

> Can I create a page with the php extension that contains only contains html
> and no php?  If so are there advantages/disadvantages?

Absolutely. The only real disadvantage I know of is the small overhead
from causing PHP to process a file that could otherwise be served
directly. That, and you'll possibly blow the use of client-side
caching of what is essentially static content.

> Can I mix and match file formats (php/html) in a single site?

Again, absolutely.

> Thanks for any input.

You're welcome.

> Gary

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Couple of beginner questions

[Wolf]

 Eric Butera  wrote: 
> On Fri, Jan 9, 2009 at 12:22 PM, Wolf  wrote:
> >
> >  Gary  wrote:
> >> I've done a number of sites in html and am now venturing into php.
> >>
> >> Can I create a page in html and insert php code that will work? (for
> >> example, take an existing page and insert a date command)
> > Yup
> 
> Um... if the file ext is .html and php isn't set to run that then nope.

That's a very good point  Getting PHP up and running will require the OP to 
read and follow the documentation.

But after that, you can mix and mingle at will, however good programming 
practices dictate that you become smart about your coding instead of dumping 
things in the original HTML and just playing.

Gotta be smart about things.

Wolf

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: hello

[Nathan Rixham]

Andrew Ballard wrote:

On Fri, Jan 9, 2009 at 12:35 PM, Daniel Brown  wrote:

On Fri, Jan 9, 2009 at 12:34, Andrew Ballard  wrote:

Now... you'd have really freaked out if that had actually worked!  LOL

   Hey, good point, Andrew.

   Nate, you do know that was only pseudo-code, right?  Don't run
that in production!

--



Maybe he only ran it in a virtual machine.   ;-)


actually i ran it in a debugger, in an ide, in a virtual machine :p

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] How can a script tell if there's a MySQL problem?

[Per Jessen]

Nathan Rixham wrote:

> Bastien Koert wrote:
>> 1. Make sure you are freeing up all resources as soon as you can ->
>> mysql_close();
>> 
> 
> little thing I've done for some time that's stuck with; (php5+ only)
> 
> on all of my database connection classes, I have the db close function
> in the destructor just to make sure

I guess it depends on the type of application - for a web-transaction
running on a web-server, why bother? It'll clean up after itself
anyway. 


/Per Jessen, Zürich


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Couple of beginner questions

[Jason Pruim]

On Jan 9, 2009, at 12:18 PM, Gary wrote:


I've done a number of sites in html and am now venturing into php.

Can I create a page in html and insert php code that will work? (for
example, take an existing page and insert a date command)


Yes you can 



Can I create a page with the php extension that contains only  
contains html

and no php?  If so are there advantages/disadvantages?
Yes, Look at heredoc syntax on the php.net site. Works really well  
for a few pages that I use.




Can I mix and match file formats (php/html) in a single site?


Yes. You can easily mix and match, in fact... if you go one step  
further... You can remove the extension's all together from the files  
so that you can change it as needed and not screw up any links that  
you have already created.



--
Jason Pruim
japr...@raoset.com
616.399.2355

Re: [PHP] Couple of beginner questions

[Eric Butera]

On Fri, Jan 9, 2009 at 12:18 PM, Gary  wrote:
> Can I create a page with the php extension that contains only contains html
> and no php?  If so are there advantages/disadvantages?
>
> Can I mix and match file formats (php/html) in a single site?

If it were me, I'd make sure all the files were .php.  If you have a
page right now that is static, but needs to become dynamic, then
you're in for some hurt.  Never create 404's.  You can of course do a
301 redirect to indicate the html has moved to php, but that is really
annoying.  The best solution though is to not have any file extensions
on your urls to begin with.  That is out of the scope of this email
though.

You can force php to run .html files, but then you've just really
killed the performance of your web host.  Servers are really fast at
serving static files, but the second you load php, even to just do a
 you've slashed your maximum requests per
second significantly.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: hello

[Daniel Brown]

On Fri, Jan 9, 2009 at 12:43, Nathan Rixham  wrote:
>
> actually i ran it in a debugger, in an ide, in a virtual machine :p

 in Siberia.

-- 

daniel.br...@parasane.net || danbr...@php.net
http://www.parasane.net/ || http://www.pilotpig.net/
Unadvertised dedicated server deals, too low to print - email me to find out!

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: hello

[Nathan Rixham]

Daniel Brown wrote:

On Fri, Jan 9, 2009 at 12:43, Nathan Rixham  wrote:

actually i ran it in a debugger, in an ide, in a virtual machine :p


 in Siberia.



scotland in winter; same thing really

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] How can a script tell if there's a MySQL problem?

[Per Jessen]

Per Jessen wrote:

> Nathan Rixham wrote:
> 
>> Bastien Koert wrote:
>>> 1. Make sure you are freeing up all resources as soon as you can ->
>>> mysql_close();
>>> 
>> 
>> little thing I've done for some time that's stuck with; (php5+ only)
>> 
>> on all of my database connection classes, I have the db close
>> function in the destructor just to make sure
> 
> I guess it depends on the type of application - for a web-transaction
> running on a web-server, why bother? It'll clean up after itself
> anyway.

Actually, for reusable code intended for others to use, it might just be
a safe precaution. 


/Per Jessen, Zürich


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: Create image from HTML

[Daniel Brown]

On Fri, Jan 9, 2009 at 11:51, Nathan Rixham  wrote:
>
> only way would be if you had php running on a server with a GUI, a program
> for grabbing screenshots, and some form of API to control from php (and
> recieve output)

That's not entirely correct (though it's the most widely-accepted
solution, I think).

I had built an extension some time ago, but it needed a lot of
work, and I just wound up trashing it.  You can use xvfb (X Virtual
Frame Buffer) on *NIX systems without running X itself, a stripped
down Mozilla navigate to and display the page, and then snap a
"screen" shot of the buffer.  Not very economical, but it would work.

-- 

daniel.br...@parasane.net || danbr...@php.net
http://www.parasane.net/ || http://www.pilotpig.net/
Unadvertised dedicated server deals, too low to print - email me to find out!

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Couple of beginner questions

[Dan Shirah]

> "so would I be correct that the only advantage to
> having a page with a php extension is that you can use a testing server?"


There are FAR more benefits!

1) PHP is FREE!  So you save money from the get go
2) PHP is open source!  So it is constantly being updated and improved by
users/devs.
3) PHP is processed on the SERVER.  This frees up CPU usage on the user's
workstation.
4)PHP can retieve data from a centralized database which makes dynamic
content easier to use.
5) Since PHP is server side, you are not reliant on the end users to have
specialized plugins/software to view your pages.
6) PHP is easy. IMO one of the easier languages ot learn.
7) PHP has a great community. (See peopel on this list)

And many many more reasons you will learn as you go! :)

Re: [PHP] First steps towards unix and php

[Daniel Brown]

On Fri, Jan 9, 2009 at 10:59, Frank Stanovcak  wrote:
> *bangs head on wall*
>
> Great...just what I need.  More acronyms.  :P

Acronyms?  You mean the package managers we were discussing?

yum   Yellowdog Updater Modified - an automated RPM
management utility (works on all RH-based systems)
urpmi An RPM installation and management utility used by
Mandrake and Mandriva
smart Another cross-RH-distro RPM management utility
apt Advanced Packaging Tool - an automated .deb
manager originally written for dpkg (can work with RPM's, too)
up2date  RedHat's original RPM and system update utility
dpkg  The Debian PacKaGe system

And the packages themselves:

debDebian pre-compiled software package
rpmRedhat Package Manager - a pre-compiled software
package for RedHat (and RH-based systems)

There are a bunch more, those are just what's been mentioned so
far in this thread.

So with that, you should be able to make the association when
reading about `apt-get` installation instructions, and be able to
figure out the intent of tools such as `deb2rpm` and `apt-rpm`.

-- 

daniel.br...@parasane.net || danbr...@php.net
http://www.parasane.net/ || http://www.pilotpig.net/
Unadvertised dedicated server deals, too low to print - email me to find out!

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Couple of beginner questions

[Gary]

Dan

I think you misunderstood the question. The question was not is there an 
advantage of php over html, but the advantage of having a file with the 
extension of php over an extension of html.


""Dan Shirah""  wrote in message 
news:a16da1ff0901091019m3d513ebeyf341b2d39c669...@mail.gmail.com...
>> "so would I be correct that the only advantage to
>> having a page with a php extension is that you can use a testing server?"
>
>
> There are FAR more benefits!
>
> 1) PHP is FREE!  So you save money from the get go
> 2) PHP is open source!  So it is constantly being updated and improved by
> users/devs.
> 3) PHP is processed on the SERVER.  This frees up CPU usage on the user's
> workstation.
> 4)PHP can retieve data from a centralized database which makes dynamic
> content easier to use.
> 5) Since PHP is server side, you are not reliant on the end users to have
> specialized plugins/software to view your pages.
> 6) PHP is easy. IMO one of the easier languages ot learn.
> 7) PHP has a great community. (See peopel on this list)
>
> And many many more reasons you will learn as you go! :)
> 



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Been staring at the code for too long...

[Jason Pruim]

Okay... So I know this is a stupid question... But I've been staring  
at my code for far too long and now it's still not working so I  
thought I would show it to all of you and see if you can tell me  
where I'm being stupid :)


this is dbmysqliconnect.php:
function dbmysqliconnect($server, $username, $password,  
$database, $link) {

$link = mysqli_init();
mysqli_real_connect($link, $server, $username,  
$password, $database) or die('could not connect:  
'.mysqli_connect_error());



if (mysqli_connect_errno($link)) {
printf("Connect failed: %s\n",  
mysqli_connect_error($link));

exit();
}

return $link;
}
?>

this is a snipet of my index.php file:

$link = dbmysqliconnect($server, $username, $password,  
$database, $link);





//Do NOT insert or update sales rep database through this  
method... Only included to be supplied to the notify_email function. JP

$salesRepID = $_POST['salesRepID'];

$stmt = mysqli_stmt_init($link);

//Create the statement

mysqli_stmt_prepare($stmt, "UPDATE database.table (
FName, LName,   
email, phone, url, record,
subscribed, date,   
IPAddress,  Business,
Address1,  City,   
State,  Zip,
Coffee,  Meeting,   
areaPlans)
VALUES  
(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?)");


// Error checking. JP

echo "Print of post:";
print_R($_POST);
echo "dump of the statement:";
var_dump($stmt);



mysqli_stmt_bind_param($stmt, 's',
   $_POST 
['txtFName'], $_POST['txtLName'], _POST['txtEmail'], $_POST 
['txtPhone'], $_POST['txturl'], $_POST['record'],
   $_POST 
['subscribed'], $date,  $_SERVER['REMOTE_ADDR'],  $_POST['txtBusiness'],
   $_POST 
['txtAddress1'], $_POST['txtCity'],  $_POST['txtState'],  _POST 
['txtZip'],
   $_POST 
['rdoCoffee'],  $_POST['rdoTime'],  $_POST['areaPlans'])

or 
die(mysqli_error($link)); 

The error that I am getting is:

Warning: mysqli_stmt_bind_param() [function.mysqli-stmt-bind-param]:  
invalid object or resource mysqli_stmt in /public_html/purl/ 
purlprocess.php on line 67
You have an error in your SQL syntax; check the manual that  
corresponds to your MySQL server version for the right syntax to use  
near '( FName, LName, email, phone, url, recor' at line 1


Am I just going crazy or is there something really wrong?

Okay.. I'm done... First stupid question of the year... Only  
3,349,587 more to go for the year! :P




--
Jason Pruim
japr...@raoset.com
616.399.2355

[PHP] Re: Been staring at the code for too long...

[Jay Moore]

Jason Pruim wrote:
Okay... So I know this is a stupid question... But I've been staring at 
my code for far too long and now it's still not working so I thought I 
would show it to all of you and see if you can tell me where I'm being 
stupid :)


this is dbmysqliconnect.php:
function dbmysqliconnect($server, $username, $password, 
$database, $link) {

$link = mysqli_init();
mysqli_real_connect($link, $server, $username, 
$password, $database) or die('could not connect: '.mysqli_connect_error());



if (mysqli_connect_errno($link)) {
printf("Connect failed: %s\n", 
mysqli_connect_error($link));

exit();
}

return $link;
}
?>

this is a snipet of my index.php file:

$link = dbmysqliconnect($server, $username, $password, 
$database, $link);





//Do NOT insert or update sales rep database through this 
method... Only included to be supplied to the notify_email function. JP

$salesRepID = $_POST['salesRepID'];

$stmt = mysqli_stmt_init($link);

//Create the statement

mysqli_stmt_prepare($stmt, "UPDATE database.table (
FName, LName,  email, 
phone, url, record,
subscribed, date,  
IPAddress,  Business,
Address1,  City,  
State,  Zip,
Coffee,  Meeting,  
areaPlans)
VALUES 
(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?)");


// Error checking. JP

echo "Print of post:";
print_R($_POST);
echo "dump of the statement:";
var_dump($stmt);



mysqli_stmt_bind_param($stmt, 's',
   $_POST['txtFName'], 
$_POST['txtLName'], _POST['txtEmail'], $_POST['txtPhone'], 
$_POST['txturl'], $_POST['record'],
   $_POST['subscribed'], 
$date,  $_SERVER['REMOTE_ADDR'],  $_POST['txtBusiness'],
   
$_POST['txtAddress1'], $_POST['txtCity'],  $_POST['txtState'],  
_POST['txtZip'],
   $_POST['rdoCoffee'],  
$_POST['rdoTime'],  $_POST['areaPlans'])

or die(mysqli_error($link)); 

The error that I am getting is:

Warning: mysqli_stmt_bind_param() [function.mysqli-stmt-bind-param]: 
invalid object or resource mysqli_stmt in 
/public_html/purl/purlprocess.php on line 67
You have an error in your SQL syntax; check the manual that corresponds 
to your MySQL server version for the right syntax to use near '( FName, 
LName, email, phone, url, recor' at line 1


Am I just going crazy or is there something really wrong?

Okay.. I'm done... First stupid question of the year... Only 3,349,587 
more to go for the year! :P




--
Jason Pruim
japr...@raoset.com
616.399.2355






Maybe try enclosing your field names in backticks?

Jay

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: Been staring at the code for too long...

[Nathan Rixham]

Jason Pruim wrote:

mysqli_stmt_prepare($stmt, "UPDATE database.table (


UPDATE database.table SET (

think that should fix it

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Been staring at the code for too long...

[Dan Shirah]

>
>mysqli_stmt_prepare($stmt, "UPDATE database.table (
>FName, LName,  email, phone,
> url, record,
>subscribed, date,
>  IPAddress,  Business,
>Address1,  City,  State,
>  Zip,
>Coffee,  Meeting,
>  areaPlans)
>VALUES
> (?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?)");
>
>
> Warning: mysqli_stmt_bind_param() [function.mysqli-stmt-bind-param]:
> invalid object or resource mysqli_stmt in /public_html/purl/purlprocess.php
> on line 67
> You have an error in your SQL syntax; check the manual that corresponds to
> your MySQL server version for the right syntax to use near '( FName, LName,
> email, phone, url, recor' at line 1
>
> Am I just going crazy or is there something really wrong?
>
> Okay.. I'm done... First stupid question of the year... Only 3,349,587 more
> to go for the year! :P


I don't work with MySQL, but shouldn't the UPDATE syntax be something like
this:

mysqli_stmt_prepare($stmt, "UPDATE database.table SET
FName = ?,
LName = ?,
email = ?,
phone = ?
WHERE id = ?");

Re: [PHP] Re: Been staring at the code for too long...

[Kyle Terry]

On Fri, Jan 9, 2009 at 11:05 AM, Nathan Rixham  wrote:

> Jason Pruim wrote:
>
>>mysqli_stmt_prepare($stmt, "UPDATE database.table (
>>
>
> UPDATE database.table SET (
>
> think that should fix it
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
Unless his database is named database and his table is named table. ;)

-- 
Kyle Terry | www.kyleterry.com

Re: [PHP] Adressing XML Objects

[ceo]

Try it with just one "/" at the start of the xpath.

"/anbieter/immobilie/..."



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] on Mapserver and php5_MapScript

[Eduardo Arévalo]

 As I write this line is highlighted in black php5_MapScript


code in mapfile
LAYER
NAMEPeru_dep
DATA"departamentos.shp"
STATUS  ON
TYPEPOLYGON
CLASSITEM   NOMB_DEP

  CLASS
NAME"LIMA"
*EXPRESSION  /LIMA/*
STYLE
COLOR   200 150 2
OUTLINECOLOR0 0 0
  END
END
y los quiero pasar a PHP
version php


coce
// Creamos un Layer dentro de nuestro MapObj y seteamos sus propiedades
 $jLayer = ms_newLayerObj($jMap);
 $jLayer->set( "name", "Peru_dep");
 $jLayer->set( "type", MS_LAYER_POLYGON);
 $jLayer->set( "status", MS_ON);
 $jLayer->set( "data", "departamentos.shp");
 $jLayer->set( "classitem", "NOMB_DEP");

 //Creamos un classObj dentro del LayerObj
 $jClass = ms_newClassObj($jLayer);
 $jClass->set( "name", "LIMA");
 *$jClass->set( "Expression", "/LIMA/");*

 //Creamos un styleObj dentro del classObj
 $jStyle = ms_newStyleObj($jClass);
 $jStyle->color->setRGB(200, 150, 2);
 $jStyle->outlinecolor->setRGB(200, 200, 200);

Re: [PHP] Couple of beginner questions

[Andrew Ballard]

On Fri, Jan 9, 2009 at 12:47 PM, Jason Pruim  wrote:
>
> On Jan 9, 2009, at 12:18 PM, Gary wrote:
>
>> Can I create a page with the php extension that contains only contains
>> html
>> and no php?  If so are there advantages/disadvantages?
>
> Yes, Look at heredoc syntax on the php.net site. Works really well for a few
> pages that I use.

You don't need heredoc for a page that doesn't have any PHP code in it.

file: HelloWorld.php



Hello World




This is a prefectly valid PHP page.


>> Can I mix and match file formats (php/html) in a single site?
>
> Yes. You can easily mix and match, in fact... if you go one step further...
> You can remove the extension's all together from the files so that you can
> change it as needed and not screw up any links that you have already
> created.

How would you do that? The options I can think of involve:

1) You have to either configure the web server to serve everything
(including images, flash content, javascript, CSS, etc.) through PHP
-- or at least anything without a handled mime-type.

2) You have to configure the web server to use something like
mod_rewrite to point URLs to the correct script.

3) You create a folder for every unique page in the entire site and
each folder contains exactly one file named either index.php or
index.html (or whatever the default document name is for your web
server).

Andrew

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] on Mapserver and php5_MapScript

[Paul Scott]

On Fri, 2009-01-09 at 14:15 -0500, Eduardo Arévalo wrote:
> As I write this line is highlighted in black php5_MapScript
> 

You should probably ask this on the UMN Mapserver lists at
mapserver-us...@lists.osgeo.org but...
> ;
>  $jStyle->outlinecolor->setRGB(200, 200, 200);

You are setting an outline colour, but the style you are using does not
allow it to be displayed. Basically all you are getting is the outline
and not the fill.

I suggest you read the excellent mapfile docs or ask on another list.

-- Paul

All Email originating from UWC is covered by disclaimer 
http://www.uwc.ac.za/portal/public/portal_services/disclaimer.htm 

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Couple of beginner questions

[VamVan]

Hey Gary,

I've done a number of sites in html and am now venturing into php.

Can I create a page in html and insert php code that will work? (for
example, take an existing page and insert a date command)

--- Of course you can do that. But it is not advised. Becoming better in PHP
in few months you will understand that its almost necessary to separate
business logic from presentation logic. But as a beginner you can do that.
So basically have  tags around the php code that you write. better
to rename your files to .php extension.

Can I create a page with the php extension that contains only contains html
and no php?  If so are there advantages/disadvantages?

-- Yes you can do that but if you have  it better to wrap your html
in quotes and also escape them and print it on the screen using echo command
or print command. echo is better though. or else if you dont want to open
 tags then you can have plain html without any hassle.

-- Remember as you re still a beginner try to avoid using ?> at the end of
complete PHP code page. or else if you have empty lines at the end of the
file "then you wont see blank page of death in PHP".

Can I mix and match file formats (php/html) in a single site?

-- Every wesbite in this world not only in PHP or anywhere is a combination
of html (presenation layer) and PHP (Logic). So the asnwer is yes.

Thanks,
V

Re: [PHP] Editing in a text area field

[ceo]

Rule #1.

Never, ever, ever, alter the user's input, EXCEPT for sanitizing/filtering.

Specifically, do NOT add  tags in place of newlines.

Store the newlines.



Upon OUTPUT, you can use nl2br() to get  tags.

Or str_replace if you want  instead.



This is crucial as a habit, down the road, when you later want to put their 
stuff out as non-HTML such as RSS or PDF or other output mechanisms.



Consider their input as sacrosanct (except for dangerous/evil input).



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Editing in a text area field

[Eric Butera]

On Fri, Jan 9, 2009 at 2:38 PM,   wrote:
> Rule #1.
> Never, ever, ever, alter the user's input, EXCEPT for sanitizing/filtering.

Probably shouldn't recommend sanitizing then.  Only validate & reject. :P

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] imagejpeg, imagecreatefromjpeg both choke

[ceo]

Do other images work?



Open and re-save the image.

Strip out comments and EXIF data while you are at it -- Some versions of GD had 
problems with EXIF/comments as I recall.



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Create image from HTML

[ceo]

I know there was an OSS package that took any URL and made a screenshot of it...



Thumbnailer or somesuch?...



Commercial folks do it.

http://browsercam.com/



Compare cost to dev costs for roll your own...



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Editing in a text area field

[VamVan]

Rule #1.
Never, ever, ever, alter the user's input, EXCEPT for sanitizing/filtering.
Specifically, do NOT add  tags in place of newlines.
Store the newlines.


100% I agree. Thats called the act of defensive programming. We have no
right over altering user input but yes we have right to display what we want
user see on the site.


Thanks,
V

Re: [PHP] Couple of beginner questions

[ceo]

The slowdown of just running raw HTML through PHP was once benchmarked as about 
5 to 10 %.



You could, in theory, use .htaccess and  to ForceType specific .html 
files as PHP, while leaving the rest of your .html files as static.



I am not recommending this, just being pedantic. :-)



Definitely better to either do them all and take performance hit, which is 
probably irrelevant to a beginner, or plan better now and strip .xyz from the 
URLs.



ymmv.



Personally, I've been quite happy for over a decade running all .html through 
PHP, on 99% of the sites I work on.



If it's big enough to *need* static content, they usually have already gone the 
route of CDN and have static HTML off on those nodes anyway, in my limited 
experience.



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] imagejpeg, imagecreatefromjpeg both choke

[ceo]

The browser cheerfully rendering a badly-broken JPEG is quite common, if it can 
figure out what the JPEG was supposed to have been.

(Think bad HTML and quirks mode.)



So you really want to validate it with something more strict than a browser.



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Editing in a text area field

[ceo]

>> Rule #1.

>> Never, ever, ever, alter the user's input, EXCEPT for

>> sanitizing/filtering.

>

>Probably shouldn't recommend sanitizing then.  Only validate & reject. :P



mea culpa



I meant ESCAPING, of course.



If it doesn't pass sanitizing/filtering, it's probably better to just "reject" 
and force re-entry by the user.



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: hello

[Robert Cummings]

On Fri, 2009-01-09 at 18:09 +, Nathan Rixham wrote:
> Daniel Brown wrote:
> > On Fri, Jan 9, 2009 at 12:43, Nathan Rixham  wrote:
> >> actually i ran it in a debugger, in an ide, in a virtual machine :p
> > 
> >  in Siberia.
> > 
> 
> scotland in winter; same thing really

I lived in Scotland for many years... Scottish winters pale in
comparison to northern Canadian winters, and these in turn pale in
comparison to Siberian winters.

Cheers,
Rob.
-- 
http://www.interjinn.com
Application and Templating Framework for PHP


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Couple of beginner questions

[Eric Butera]

On Fri, Jan 9, 2009 at 3:22 PM,   wrote:
>
> The slowdown of just running raw HTML through PHP was once benchmarked as 
> about 5 to 10 %.
>
> You could, in theory, use .htaccess and  to ForceType specific .html 
> files as PHP, while leaving the rest of your .html files as static.
>
> I am not recommending this, just being pedantic. :-)
>
> Definitely better to either do them all and take performance hit, which is 
> probably irrelevant to a beginner, or plan better now and strip .xyz from the 
> URLs.
>
> ymmv.
>
> Personally, I've been quite happy for over a decade running all .html through 
> PHP, on 99% of the sites I work on.
>
> If it's big enough to *need* static content, they usually have already gone 
> the route of CDN and have static HTML off on those nodes anyway, in my 
> limited experience.

I was just talking myself.  I use objects and such so I'm really not
as worried about performance either.  But it was a "downside" that I
knew about from some css/js stuff I'd done a while ago.  I still had 2
files on my box from some framework stuff I'd been messing with.  Here
were some results from my local testing (from the Yii framework).


-- index.html --
$ cat index.html
hello world

$ ab -t 30 -c 50 http://localhost/benchmarks/baseline/index.html
Requests per second:631.07 [#/sec] (mean)
Time per request:   79.23 [ms] (mean)
Time per request:   1.58 [ms] (mean, across all concurrent requests)


-- index.php --
$ cat index.php


$ ab -t 30 -c 50 http://localhost/benchmarks/baseline/index.php
Requests per second:358.21 [#/sec] (mean)
Time per request:   139.58 [ms] (mean)
Time per request:   2.79 [ms] (mean, across all concurrent requests)

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Editing in a text area field

[Daniel Brown]

On Fri, Jan 9, 2009 at 14:43, VamVan  wrote:
>
> 100% I agree. Thats called the act of defensive programming. We have no
> right over altering user input but yes we have right to display what we want
> user see on the site.

Well, of course you have the _right_ to do it --- as long as it's
legal, and it's not something that *requires* the data to remain
unaltered, you have the right to do manipulate it however you want.
The question comes down to ethics and in predicting the preferences of
the user.

I know what you mean, though.  In most cases, you should have
neither the need nor desire to alter user input upon INSERT/UPDATE.

-- 

daniel.br...@parasane.net || danbr...@php.net
http://www.parasane.net/ || http://www.pilotpig.net/
Unadvertised dedicated server deals, too low to print - email me to find out!

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: hello

[Daniel Brown]

On Fri, Jan 9, 2009 at 15:31, Robert Cummings  wrote:
>
> I lived in Scotland for many years... Scottish winters pale in
> comparison to northern Canadian winters, and these in turn pale in
> comparison to Siberian winters.

Yeah, and from the sounds of it, Rob, you guys are about to have a
hell of a deep-freeze.  We're getting down to the single-digits for
the high in a few days here in Pennsylvania.  It's the cold front
that's been hovering over Alaska they've had twenty straight days
with an ambient temperature - not windchill, actual air temperature -
of between -20F and -65F (-29C and -54C).

 but don't worry.  They're getting a heat wave by Monday:
highs will be about -2F (-19C).

http://www.google.com/search?q=Fairbanks%2C+Alaska+weather

-- 

daniel.br...@parasane.net || danbr...@php.net
http://www.parasane.net/ || http://www.pilotpig.net/
Unadvertised dedicated server deals, too low to print - email me to find out!

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: Create image from HTML

[Al]

Christoph Boget wrote:

Does anyone know if it's possible, using PHP, to take HTML (either as
an input or from a URL) and generate an image (essentially, create a
screenshot) of that HTML/page?  I've looked around but was unable to
find anything and I'm just not sure if it's that there really is
nothing like this out there or if I'm just looking in the wrong
places.

Any advice/suggestions would be greatly appreciated!

thnx,
Christoph


I vaguely recall ImageMagick will do it. Don't fuss at me if my memory is 
faulty.

Use the Imagick wrapper.  It's now a std php extension.

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Couple of beginner questions

[Daniel Brown]

On Fri, Jan 9, 2009 at 15:36, Eric Butera  wrote:
>
> I was just talking myself.  I use objects and such so I'm really not
> as worried about performance either.  But it was a "downside" that I
> knew about from some css/js stuff I'd done a while ago.  I still had 2
> files on my box from some framework stuff I'd been messing with.  Here
> were some results from my local testing (from the Yii framework).

Great benchmarks, Eric.

Another very, very important point is to consider the number of
extensions and core build of your local PHP engine.  The more options
that are compiled in, the larger the memory footprint, and the greater
amount of time it will take to load, parse, process, and return to the
HTTP server.  It may be negligible to the end-user for a single
request, but high-traffic sites could create a noticeable slowdown on
some servers.

-- 

daniel.br...@parasane.net || danbr...@php.net
http://www.parasane.net/ || http://www.pilotpig.net/
Unadvertised dedicated server deals, too low to print - email me to find out!

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: hello

[Robert Cummings]

On Fri, 2009-01-09 at 15:47 -0500, Daniel Brown wrote:
> On Fri, Jan 9, 2009 at 15:31, Robert Cummings  wrote:
> >
> > I lived in Scotland for many years... Scottish winters pale in
> > comparison to northern Canadian winters, and these in turn pale in
> > comparison to Siberian winters.
> 
> Yeah, and from the sounds of it, Rob, you guys are about to have a
> hell of a deep-freeze.  We're getting down to the single-digits for
> the high in a few days here in Pennsylvania.  It's the cold front
> that's been hovering over Alaska they've had twenty straight days
> with an ambient temperature - not windchill, actual air temperature -
> of between -20F and -65F (-29C and -54C).
> 
>  but don't worry.  They're getting a heat wave by Monday:
> highs will be about -2F (-19C).

We're at -13C right now without windchill and this is in Ottawa which is
a lot further south than I've lived in the past (Timmins, Sudbury).

Cheers,
Rob.
-- 
http://www.interjinn.com
Application and Templating Framework for PHP


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: hello

[Daniel Brown]

On Fri, Jan 9, 2009 at 16:16, Robert Cummings  wrote:
>
> We're at -13C right now without windchill and this is in Ottawa which is
> a lot further south than I've lived in the past (Timmins, Sudbury).

Yeah, no offense, my friend, but you can keep it.  We're a balmy
22F (-5C) right now in Scranton.

Anyway, back to the whole OS discussion:

http://xkcd.com/528/

-- 

daniel.br...@parasane.net || danbr...@php.net
http://www.parasane.net/ || http://www.pilotpig.net/
Unadvertised dedicated server deals, too low to print - email me to find out!

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Been staring at the code for too long...

[Daniel Brown]

On Fri, Jan 9, 2009 at 13:38, Jason Pruim  wrote:
> Okay... So I know this is a stupid question...

It sure is.

-- 

daniel.br...@parasane.net || danbr...@php.net
http://www.parasane.net/ || http://www.pilotpig.net/
Unadvertised dedicated server deals, too low to print - email me to find out!

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Couple of beginner questions

[Frank Stanovcak]

"VamVan"  wrote in message 
news:12eb8b030901091135u4e17f1f3p24698dbc8f5a2...@mail.gmail.com...

> -- Remember as you re still a beginner try to avoid using ?> at the end of
> complete PHP code page. or else if you have empty lines at the end of the
> file "then you wont see blank page of death in PHP".
>

I never knew this.  Could this be why I get 401 errors if a page throws an 
error with out a successful run first?

as in if I load up the page and there is an error I get 401, but if I upload 
a blank file with the same name, load that, then upload the errant code and 
refresh I can suddenly see an error?

Frank 



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Couple of beginner questions

[ceo]

With all due respect, Eric, you're not testing what we're discussing.



A "real" CLI test would be more like:



time cat foo.html

time php -q foo.html



I.E., how long does PHP take to read/write foo.html without breaking into PHP 
"mode" for static HTML.



Of course, it's still a lousy benchmark with CLI instead of Apache wrapper, but 
you get my point, I trust.



Q: How much slower is it to force all static .html files through PHP wrapper of 
Apache?

A: About 5 to 10 % (as of a couple years ago...)



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php