Re: [PHP] How to work with Webservices (.asmx) server

2009-03-11 Thread Thijs Lensselink 
Hoi Anton,

Great job on the Dutch part :) But please keep the thread on list.

You have set the server location when you create a SOAP client instance.
Take a look at : http://php.net/manual/en/soapclient.soapclient.php

So when instantiating the SOAP client object you pass as a second
parameter. An array with as minimal settings the location and uri.

I guess in your case it would be something like this:

$client = new SoapClient(null, array(
'location' =>  "http://localhost/WebService/GetData.asmx";,
'uri'  => "http://localhost/WebService/";)
);

And if your webservice provides a WSDL file you can replace the null
parameter for that one.

Anton Heuschen wrote:
> Dag.
> 
> Dank U well.
> 
> Lol and thats where my Dutch is going to end...
> 
> 
> Thank you for the info, just one question that had me confused also and
> that is to do with this
> 
> the URL you actually are talking to with your SOAP client is
> http://localhost/WebService/
> 
> 
> 
> Ive seen that in material on the net too ... but I wondered so how does
> your SOAP request know where to connect to ? should I not have the
> target server URL (or is this also pointing to the Web Services Servers
> WSDL not setup correctly and will my client only work if I run it from
> the same PC? ) This is what confuses me so .
> 
> 
> Regards
> 
> 2009/3/10 Thijs Lensselink mailto:p...@addmissions.nl>>
> 
> Anton Heuschen wrote:
> > I am confused with XML-RPC / SOAP and WSDL ...
> >
> > If you have a server with a script/file like test.asmx and some web
> > services ...below example of service format :
> >
> > SOAP 1.2
> >
> > The following is a sample SOAP 1.2 request and response. The
> > placeholders shown need to be replaced with actual values.
> >
> > -  SAMPLE OF Web Service from the
> > server below :
> >
> > SOAP 1.2
> >
> > The following is a sample SOAP 1.2 request and response.  The
> > placeholders shown need to be replaced with actual values.
> >
> >
> >
> >
> > POST /webservice/GetData.asmx HTTP/1.1
> > Host: www.theserver.com 
> > Content-Type: application/soap+xml; charset=utf-8
> > Content-Length: length
> >
> > 
> > http://www.w3.org/2001/XMLSchema-instance";
> > xmlns:xsd="http://www.w3.org/2001/XMLSchema";
> > xmlns:soap12="http://www.w3.org/2003/05/soap-envelope";>
> >   
> > http://localhost/WebService/";>
> >   string
> > 
> >   
> > 
> >
> >
> >
> > HTTP/1.1 200 OK
> > Content-Type: application/soap+xml; charset=utf-8
> > Content-Length: length
> >
> > 
> > http://www.w3.org/2001/XMLSchema-instance";
> > xmlns:xsd="http://www.w3.org/2001/XMLSchema";
> > xmlns:soap12="http://www.w3.org/2003/05/soap-envelope";>
> >   
> > http://localhost/WebService/";>
> >   string
> > 
> >   
> > 
> >
> >
> >
> >  END OF SAMPLE
> >
> >
> >
> >
> > I spend about most of my time looking at SOAP, XML-RPC and the PHP
> > SOAP extension, like from here:
> >
> >
> http://tutorial.jcwcn.com/Web-Design/PHP/XML-and-PHP/2008-08-15/10160.html
> >
> >
> > Most of these talk about request to the server and a script with .wsdl
> > extension ... but from the example SOAP 1.2 "framework" above
> > and the fact that the url to the web service is not a .wsdl file but
> > in fact a .asmx file, how on earth to you
> 
> It doesn't have to be a .wsdl extension to offer that functionality. The
> WSDL output is nothing more then what the webservice has to offer.
> Requests are not send to the .wsdl but to the webservice endpoint.
> 
> >
> > 1) post a request to the example above.
> > 2) What do you use here now actually ? SOAP/XML-RPC/WSDL ? or is this
> > something else ? Its extremely confusing since this does
> > not seem to fit in with any of the examples, material on the net.
> >
> 
> The examples above show requests en responses in the SOAP format. You
> could target this webservice in multiple ways. But building a SOAP
> client would probably be the best option.
> 
> > I basically need to call the service and pass "string" to the Input
> > parameter and get the response field.
> >
> >
> > Some examples using the PHP Soap class talk about setting the URI, the
> > host and the NS and I don't know from the example SOAP 1.2 fields
> > provided where this should be taken from.
> >
> 
> the URL you actually are talking to with your SOAP client is
> http://localhost/WebService/
> 
> >
> > Some guidelines to good documentation/howto or tutorials and/or some
> > examples and functions/class would be
> > appreciated immensely
> 
> http://wso2.

RE: [PHP] More PHP Includes

2009-03-11 Thread Mayer, Jonathan 


-Original Message-
From: Gary [mailto:gwp...@ptd.net] 
Sent: 11 March 2009 00:17
To: php-general@lists.php.net
Subject: Re: [PHP] More PHP Includes

>Jochem
>
>Thanks for your reply, the project seven and DW was just for a point of

>information, same as if you have an issue with a computer you generally
find 
>it a good idea to list your operating system and other pertinent facts.

>I had coded the scripts and files by hand.

>The file was not on the server and it did not point back to my hard
drive, 
>it was hand coded and not uploaded to the server, which is why it was 
>curious.


The way I sometimes go about making a website is to fully code up the
entire first page with a design I would like.
Menus/headers/footers/layout and all. Then, when I'm happy with it, I
cut it up into componant parts which I then include back in.

This way there is no chance of having repeated tags, and everything is
neatly organised. By the time you've cut it up, your index.php file will
likely have nothing more than a bunch of includes and possibly the text
specific to the index page.

Don't think that each included file needs to work on its own. It doesn't
matter if the included file doesn't open a tag if the page calling it
has opened the tag already (such as ). I've had an include that
formed part of a table, with the table created by a different included
file, and closed by yet another.



"Jochem Maas"  wrote in message 
news:49b6fddd.20...@iamjochem.com...
> Gary schreef:
>> I'm sorry you were not able to understand the questions, but thank
you 
>> for
>> trying.
>
> a few tips:
>
> 1. don't assume people know what 'projectseven PMM'
> 2. it's doubtful anyone worth their salt on this list uses or
> knows much about a mind-bending, soul-destroyer like DreamWeaver.
> 3. try your hand at building a page by hand using a simple text editor
> and copious ammounts of searching/reading about HTML structure ...
doing
> it this way will help you to understand what goes wrong and why, when
> DW tries to 'help you'.
>
>
>
>> The path to the include is not an absolute path.
>
> then it is on the server, somewhere on your php include_path.
>
>> "Jochem Maas"  wrote in message
>> news:49b6b6d8.7050...@iamjochem.com...
>>> Gary schreef:
 Thanks again for all the help.

 I created a simple page of all includes (header, menu, 3 columns).
I
 mixed
 the file types up. The menu (projectseven PMM) I saved as a library

 item,
 works fine.  Had an HTML file in there, but I am guessing that
having 2
 page
 declarations along with an extra set of  and  tags was
 playing
 havoc with the code, so I removed them. Same thing when I created a
php
 page
 and saved it as filename.inc.php, so I removed all the declarations
and
 tags, again seems to work fine. Also included a simple .txt file.

 I did get some strange results in that all of the  were 
 highlighted
 after the menu, and I had to remove and insert again to correct.

 So is this the best way, to create a php page, remove all of the
html
 tags
 and page declarations and name it filename.inc.php? (I'm using DW
CS3)
>>> I'm quite sure I don't understand any of that ... so I'd hazard a
guess
>>> and so "no it's not the best way"
>>>
 Also, something I do not understand, I included a small txt file in
a
 page
 of a customer and it shows fine, however this file is not on the
 server...is
 this normal?

>>> it's probably pointing to a file on your machine, e.g.
>>> file://C:/path/to/file.txt,
>>> that's something you see quite often with DW/FrontPage/>> WYSIWYG-PITA-editor here>.
>>>

>>
>>
>>
> 



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php




--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] More PHP Includes

2009-03-11 Thread 9el 
On Wed, Mar 11, 2009 at 6:16 AM, Gary  wrote:

> Jochem
>
> Thanks for your reply, the project seven and DW was just for a point of
> information, same as if you have an issue with a computer you generally
> find
> it a good idea to list your operating system and other pertinent facts.


What Jochem told is true, IDEs like DW is good for mainly designers but
could be a feeder for a matured man (coder).
For IDE I support using something like Netbeans PDT.


>
> I had coded the scripts and files by hand.



The way you asked about the files you included reflects you have some basic
lack of understanding of the way they should look like /organized(not
intended any slightest offense). But this discussion would open your eyes.
The file where your include other files is rendered as a single HTML file
so, think in that way, it would be just easy to understand.

>
>
> The file was not on the server and it did not point back to my hard drive,
> it was hand coded and not uploaded to the server, which is why it was
> curious.



Yes this curiosity is really helpful. As I mentioned about the intrusion
probability this way. Try collecting the ZCE exam Guide and you can study
the 'Security'  Chapter there.

>
>
> "Jochem Maas"  wrote in message
> news:49b6fddd.20...@iamjochem.com...
> > Gary schreef:
> >> I'm sorry you were not able to understand the questions, but thank you
> >> for
> >> trying.
> >
> > a few tips:
> >
> > 1. don't assume people know what 'projectseven PMM'
> > 2. it's doubtful anyone worth their salt on this list uses or
> > knows much about a mind-bending, soul-destroyer like DreamWeaver.
> > 3. try your hand at building a page by hand using a simple text editor
> > and copious ammounts of searching/reading about HTML structure ... doing
> > it this way will help you to understand what goes wrong and why, when
> > DW tries to 'help you'.
> >
> >
> >
> >> The path to the include is not an absolute path.
> >
> > then it is on the server, somewhere on your php include_path.
> >
> >> "Jochem Maas"  wrote in message
> >> news:49b6b6d8.7050...@iamjochem.com...
> >>> Gary schreef:
>  Thanks again for all the help.
> 
>  I created a simple page of all includes (header, menu, 3 columns).  I
>  mixed
>  the file types up. The menu (projectseven PMM) I saved as a library
>  item,
>  works fine.  Had an HTML file in there, but I am guessing that having
> 2
>  page
>  declarations along with an extra set of  and  tags was
>  playing
>  havoc with the code, so I removed them. Same thing when I created a
> php
>  page
>  and saved it as filename.inc.php, so I removed all the declarations
> and
>  tags, again seems to work fine. Also included a simple .txt file.
> 
>  I did get some strange results in that all of the  were
>  highlighted
>  after the menu, and I had to remove and insert again to correct.
> 
>  So is this the best way, to create a php page, remove all of the html
>  tags
>  and page declarations and name it filename.inc.php? (I'm using DW CS3)
> >>> I'm quite sure I don't understand any of that ... so I'd hazard a guess
> >>> and so "no it's not the best way"
> >>>
>  Also, something I do not understand, I included a small txt file in a
>  page
>  of a customer and it shows fine, however this file is not on the
>  server...is
>  this normal?
> 
> >>> it's probably pointing to a file on your machine, e.g.
> >>> file://C:/path/to/file.txt,
> >>> that's something you see quite often with DW/FrontPage/ >>> WYSIWYG-PITA-editor here>.
> >>>
> 
> >>
> >>
> >>
> >
>
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>

Re: [PHP] How to work with Webservices (.asmx) server

2009-03-11 Thread Anton Heuschen 
Thanks Thijs.

My Father is from the Netherlands, but I wont try it all in Dutch myself...

Ok slowly but surely and with your advice I start making sense of this, I am
still playing around with some tests and reading up. It should be real clear
and obvious once you get a working example I guess.

Thanks for your assistance and advice so far.

Regards


Now of to make myself a nice Hagelslag botterham to soothe my nerves ;-)

Anton

2009/3/11 Thijs Lensselink 

> Hoi Anton,
>
> Great job on the Dutch part :) But please keep the thread on list.
>
> You have set the server location when you create a SOAP client instance.
> Take a look at : http://php.net/manual/en/soapclient.soapclient.php
>
> So when instantiating the SOAP client object you pass as a second
> parameter. An array with as minimal settings the location and uri.
>
> I guess in your case it would be something like this:
>
> $client = new SoapClient(null, array(
>'location' =>  "http://localhost/WebService/GetData.asmx";,
>'uri'  => "http://localhost/WebService/";)
> );
>
> And if your webservice provides a WSDL file you can replace the null
> parameter for that one.
>
> Anton Heuschen wrote:
> > Dag.
> >
> > Dank U well.
> >
> > Lol and thats where my Dutch is going to end...
> >
> >
> > Thank you for the info, just one question that had me confused also and
> > that is to do with this
> >
> > the URL you actually are talking to with your SOAP client is
> > http://localhost/WebService/
> >
> >
> >
> > Ive seen that in material on the net too ... but I wondered so how does
> > your SOAP request know where to connect to ? should I not have the
> > target server URL (or is this also pointing to the Web Services Servers
> > WSDL not setup correctly and will my client only work if I run it from
> > the same PC? ) This is what confuses me so .
> >
> >
> > Regards
> >
> > 2009/3/10 Thijs Lensselink  p...@addmissions.nl>>
> >
> > Anton Heuschen wrote:
> > > I am confused with XML-RPC / SOAP and WSDL ...
> > >
> > > If you have a server with a script/file like test.asmx and some web
> > > services ...below example of service format :
> > >
> > > SOAP 1.2
> > >
> > > The following is a sample SOAP 1.2 request and response. The
> > > placeholders shown need to be replaced with actual values.
> > >
> > > -  SAMPLE OF Web Service from
> the
> > > server below :
> > >
> > > SOAP 1.2
> > >
> > > The following is a sample SOAP 1.2 request and response.  The
> > > placeholders shown need to be replaced with actual values.
> > >
> > >
> > >
> > >
> > > POST /webservice/GetData.asmx HTTP/1.1
> > > Host: www.theserver.com 
> > > Content-Type: application/soap+xml; charset=utf-8
> > > Content-Length: length
> > >
> > > 
> > > http://www.w3.org/2001/XMLSchema-instance";
> > > xmlns:xsd="http://www.w3.org/2001/XMLSchema";
> > > xmlns:soap12="http://www.w3.org/2003/05/soap-envelope";>
> > >   
> > > http://localhost/WebService/";>
> > >   string
> > > 
> > >   
> > > 
> > >
> > >
> > >
> > > HTTP/1.1 200 OK
> > > Content-Type: application/soap+xml; charset=utf-8
> > > Content-Length: length
> > >
> > > 
> > > http://www.w3.org/2001/XMLSchema-instance";
> > > xmlns:xsd="http://www.w3.org/2001/XMLSchema";
> > > xmlns:soap12="http://www.w3.org/2003/05/soap-envelope";>
> > >   
> > > http://localhost/WebService/";>
> > >   string
> > > 
> > >   
> > > 
> > >
> > >
> > >
> > >  END OF SAMPLE
> > >
> > >
> > >
> > >
> > > I spend about most of my time looking at SOAP, XML-RPC and the PHP
> > > SOAP extension, like from here:
> > >
> > >
> >
> http://tutorial.jcwcn.com/Web-Design/PHP/XML-and-PHP/2008-08-15/10160.html
> > >
> > >
> > > Most of these talk about request to the server and a script with
> .wsdl
> > > extension ... but from the example SOAP 1.2 "framework" above
> > > and the fact that the url to the web service is not a .wsdl file
> but
> > > in fact a .asmx file, how on earth to you
> >
> > It doesn't have to be a .wsdl extension to offer that functionality.
> The
> > WSDL output is nothing more then what the webservice has to offer.
> > Requests are not send to the .wsdl but to the webservice endpoint.
> >
> > >
> > > 1) post a request to the example above.
> > > 2) What do you use here now actually ? SOAP/XML-RPC/WSDL ? or is
> this
> > > something else ? Its extremely confusing since this does
> > > not seem to fit in with any of the examples, material on the net.
> > >
> >
> > The examples above show requests en responses in the SOAP format. You
> > could target this webservice in multiple ways

Re: [PHP] Spam on the list?

2009-03-11 Thread Stuart 
2009/3/10 9el 

>
> 2009/3/11 דניאל דנון 
>
> > From time to time, I usually get a message of "earn money from home" or
> > things like that, and in the bottom, it says,
> >
> > "This email has been written and proved to be in compliance with the
> > recently established can-spam act law in US. We are not provoking or
> > forcing
> > any person in any way to participate in our programs. To participate is
> > your
> > own decision and you carry the responsibility of taking further part in
> > this
> > promotion. Anyway, if you don't want to receive more good offers from us,
> > you can simply Unsubscribe by sending us a notification email to
> > out_of_the_l...@yahoo.com with a mail-subject and text "Unsubscribe me",
> > and
> > we will get your email out of our list within 10 days.
>
>
> Mailiing list / group does it immediately, but here it takes 10 human days
> to do so. out_of_the_list < name is not identical to the format yahoo has
> for their groups. So, its a fooling way to get users mail in there and it
> will add the mailer's address to their permanent spam DB :P
>
> >
> >
> > This message is STRICTLY CONFIDENTIAL and is solely for the individual or
> > organisation to whom it is addressed. It may contain PRIVILEGED and
> > CONFIDENTIAL information. If you are not the intended recipient, you are
> > hereby notified that any dissemination, distribution or copying of this
> > communication and its contents is strictly prohibited. If you are not
> > interested in the offered promotions, please just don't answer. If you
> > think
> > you have received this message and its contents in error, please delete
> it
> > from your computer, or follow the unsubscribing procedure shown above."
> >
> > Can anyone explain, first,
> > Why doesn't the usual PHP-MailingList-Footer appears?
>
> H, either they hack through the code to hide it or... what?


When you send an email to this list your address becomes public. I'm sure
there are many address collectors subscribed to every mailing list on the
planet with the sole purpose of building huge lists they can then sell. When
they then send you an email directly it won't include the PHP footer because
it never goes near the PHP list server.

-Stuart

-- 
http://stut.net/

Re: [PHP] Opendir on site root directory?

2009-03-11 Thread Stuart 
2009/3/11 Clancy 

> On Tue, 10 Mar 2009 15:12:57 +, stut...@gmail.com (Stuart) wrote:
>
> >Please keep the discussion on-list.
> >
> >2009/3/10 Clancy 
> >
> >> Hi,
> >>
> >> After I posted my message to the group today I realised that my program
> >> achieves its
> >> almost infinite flexibility by loading different include files in
> different
> >> circumstances,
> >> and from many different parts of the program.  The program always
> specifies
> >> the location
> >> of the include file by the relative path from the root directory.   If
> the
> >> uncertainty
> >> about the current working directory you worry about were really a
> problem
> >> this would never
> >> work, but I have been doing this for well over a year, and had never had
> >> any problems.
> >>
> >
> >Just because you haven't experienced a problem with the way you do things
> >yet it certainly doesn't mean the problem isn't there. You're not
> specifying
> >the location of an include file relative to the home directory, it's
> >relative to the current working directory which is not necessarily the
> >directory you expect it to be.
>
> The only circumstances in which my assumption could fail would be if I
> changed to a new
> provider with a different operating system. In the unlikely event of this
> happening all I
> would need to do would be to determine the actual directory, and chdir to
> the desired one.
> This would require at most half a dozen lines of code at the start of the
> program, so it
> would not be a significant hassle.


Like I said it's up to you what you decide to care about. One of the many
things I choose to care about is writing portable code, an important aspect
of which is not relying on absolute file locations or server configuration
as far as possible.

-Stuart

-- 
http://stut.net/

Re: [PHP] Handling (very) large files with PHP

2009-03-11 Thread Stuart 
2009/3/11 דניאל דנון 

> *Handling (very) large files with PHP*
>
> Hello, I am planning a project in PHP, and I have few unsolved issues that
> I'd like you to help me...
>
> The project will start by loading a file of about 50GB.
> The file has a many objects with a pattern, for example,
>
>
> Name: Joe
> Joe likes to eat
> ---
> Name: Daniel
> Daniel likes to ask question on the PHP Mailing List
>
>
> Anyway, so, I am going to convert it into a database, and I insist on using
> PHP for this.
>
> So the questions are,
> How would I open the file? will fopen fread($file, 1024) will work? if
> then,
> how would I find the seperator, "--", without taking too
> many resources?


I see no problem with this. I have nightly cron jobs written in PHP that
process 10's of GB's of log files each night without any problems. I would
use fgets rather than fread to get each line one at a time.


> I'll have a dedicated server for this project so I could use exec, so I am
> wondering if I should use exec to split the file?


Why? PHP can easily handle a file this big so long as you don't try to load
it all in at once.

How many hours or days do you think it will take me to insert all of the
> data, if I have about 8,000,000,000 (8 billion/milliard) entries (objects)?


The only way to know this is to try it. Assuming you're on a Linux machine
use head to slice a chunk off the top of the file and process that. Then
multiply by however many of those chunks there are in 50GB. That, with a
reasonable margin of error, will be how long it will take to process the
full file.

After I insert all the data, I'll have to start working with it as well -
> for example, having a list of all people and what comes after the word
> "likes" in their entry.


I would approach this by organising the data into lookup tables while you
read the file. It will make processing it a lot quicker. Doing something
like that is way beyond the scope of this list but Google will be able to
point you at the data structures and algorithms you'll need.

What do you suggest? I am concerened I might not be able to fully acomplish
> both high speed with working (example above) and both high speed when
> watching the data and adding more "works" (as stated above) with PHP. What
> do you think?
> Since inserting to the database, after considering it, will probably be
> with
> C. But if I wish to work with it - will PHP be good?


PHP will be slower than C, but by how much is difficult to say. If you can
code in C and are happy using the C API for whatever DB you decide to use
that would be far better, but you have to weight that against the additional
development time. If you have a meaty server I'd say you can sacrifice
runtime speed for development speed.

What database should I use for so much info?


It really doesn't matter, so long as you set up the right indexes before you
import the file. Without the right indexes Oracle is just as slow as MySQL
which is just as slow as Postgres.

If you want an opinion I'd probably use Postgres for a dataset that big, but
MySQL shouldn't have a problem with it.

-Stuart

-- 
http://stut.net/

Re: [PHP] How to work with Webservices (.asmx) server

2009-03-11 Thread Thijs Lensselink 
Anton Heuschen wrote:
> Thanks Thijs.
> 
> My Father is from the Netherlands, but I wont try it all in Dutch myself...
> 
> Ok slowly but surely and with your advice I start making sense of this, I am
> still playing around with some tests and reading up. It should be real clear
> and obvious once you get a working example I guess.
> 
> Thanks for your assistance and advice so far.

If you have more questions. The whole list is at your disposal.

> 
> Regards
> 
> 
> Now of to make myself a nice Hagelslag botterham to soothe my nerves ;-)

Now that sounds tasty. Always thought we Dutch are the only ones crazy
enough to eat this stuff :)

> 
> Anton
> 
> 2009/3/11 Thijs Lensselink 
> 
>> Hoi Anton,
>>
>> Great job on the Dutch part :) But please keep the thread on list.
>>
>> You have set the server location when you create a SOAP client instance.
>> Take a look at : http://php.net/manual/en/soapclient.soapclient.php
>>
>> So when instantiating the SOAP client object you pass as a second
>> parameter. An array with as minimal settings the location and uri.
>>
>> I guess in your case it would be something like this:
>>
>> $client = new SoapClient(null, array(
>>'location' =>  "http://localhost/WebService/GetData.asmx";,
>>'uri'  => "http://localhost/WebService/";)
>> );
>>
>> And if your webservice provides a WSDL file you can replace the null
>> parameter for that one.
>>
>> Anton Heuschen wrote:
>>> Dag.
>>>
>>> Dank U well.
>>>
>>> Lol and thats where my Dutch is going to end...
>>>
>>>
>>> Thank you for the info, just one question that had me confused also and
>>> that is to do with this
>>>
>>> the URL you actually are talking to with your SOAP client is
>>> http://localhost/WebService/
>>>
>>>
>>>
>>> Ive seen that in material on the net too ... but I wondered so how does
>>> your SOAP request know where to connect to ? should I not have the
>>> target server URL (or is this also pointing to the Web Services Servers
>>> WSDL not setup correctly and will my client only work if I run it from
>>> the same PC? ) This is what confuses me so .
>>>
>>>
>>> Regards
>>>
>>> 2009/3/10 Thijs Lensselink > p...@addmissions.nl>>
>>> Anton Heuschen wrote:
>>> > I am confused with XML-RPC / SOAP and WSDL ...
>>> >
>>> > If you have a server with a script/file like test.asmx and some web
>>> > services ...below example of service format :
>>> >
>>> > SOAP 1.2
>>> >
>>> > The following is a sample SOAP 1.2 request and response. The
>>> > placeholders shown need to be replaced with actual values.
>>> >
>>> > -  SAMPLE OF Web Service from
>> the
>>> > server below :
>>> >
>>> > SOAP 1.2
>>> >
>>> > The following is a sample SOAP 1.2 request and response.  The
>>> > placeholders shown need to be replaced with actual values.
>>> >
>>> >
>>> >
>>> >
>>> > POST /webservice/GetData.asmx HTTP/1.1
>>> > Host: www.theserver.com 
>>> > Content-Type: application/soap+xml; charset=utf-8
>>> > Content-Length: length
>>> >
>>> > 
>>> > http://www.w3.org/2001/XMLSchema-instance";
>>> > xmlns:xsd="http://www.w3.org/2001/XMLSchema";
>>> > xmlns:soap12="http://www.w3.org/2003/05/soap-envelope";>
>>> >   
>>> > http://localhost/WebService/";>
>>> >   string
>>> > 
>>> >   
>>> > 
>>> >
>>> >
>>> >
>>> > HTTP/1.1 200 OK
>>> > Content-Type: application/soap+xml; charset=utf-8
>>> > Content-Length: length
>>> >
>>> > 
>>> > http://www.w3.org/2001/XMLSchema-instance";
>>> > xmlns:xsd="http://www.w3.org/2001/XMLSchema";
>>> > xmlns:soap12="http://www.w3.org/2003/05/soap-envelope";>
>>> >   
>>> > http://localhost/WebService/";>
>>> >   string
>>> > 
>>> >   
>>> > 
>>> >
>>> >
>>> >
>>> >  END OF SAMPLE
>>> >
>>> >
>>> >
>>> >
>>> > I spend about most of my time looking at SOAP, XML-RPC and the PHP
>>> > SOAP extension, like from here:
>>> >
>>> >
>>>
>> http://tutorial.jcwcn.com/Web-Design/PHP/XML-and-PHP/2008-08-15/10160.html
>>> >
>>> >
>>> > Most of these talk about request to the server and a script with
>> .wsdl
>>> > extension ... but from the example SOAP 1.2 "framework" above
>>> > and the fact that the url to the web service is not a .wsdl file
>> but
>>> > in fact a .asmx file, how on earth to you
>>>
>>> It doesn't have to be a .wsdl extension to offer that functionality.
>> The
>>> WSDL output is nothing more then what the webservice has to offer.
>>> Requests are not send to the .wsdl but to the webservice endpoint.
>>>
>>> >
>>> > 1) post a request to the example above.
>>> > 2) What do you use here now actually ? SOAP/XML-RPC/WSDL ? or is
>> this
>>> > something else ? Its extrem

Re: [PHP] Handling (very) large files with PHP

2009-03-11 Thread דניאל דנון 
Hello all and thank for the answers.
Just to clarify I don't know C yet, so I hope I wont have to learn C to do
it.
But about the insertions - Yes, I'll probably use Perl if you say its
fastest.

Since the insertion will probably happen once or once a month, I don't mind
if it will take even a week.

Since I am more familiar with MySQL I think I rather use it.

About what I'll do after that - I'll probably use several regex queries and
things like that.

And you got a point - I don't know all the queries I'll run yet, but I'll
probably do them with Perl.

And although PHP can handle files that large, shouldn't I split them anyway
- in case of some error or debugging, its better to do it before then after,
no?

I've read a bit about working with large databases,
But since I haven't used REGEX too much on MySQL queries, I would like to
know how long do you think it will take me to do a simple regex search
(likes?) on the database? and it will probably appears in most of the
entries...
I know I can do a test-search by trying it on a simple and multiply it by
the number of entries (or something similar),
but lets say I do it in PHP,
This can change alot because I recieved a very small data-example which
weights about 1MB. Multiply it by so much? It could be very very inaccuarate
even if I loop and handle the file several times,
Because, a regex search on table with 10 entries and a regex search on a
table with 9 billion entries that is a problem...

Is anyone familiar with working with such a large databases?

[PHP] numerically named member variables and objects

2009-03-11 Thread Dan Field 
As far as I was aware, member variable and object names had to start  
with a non integer chracter, however I am utilising a JSON lib which  
is providing me with the following resultset. As you can see a member  
class member is numerically named and I am unable to address it in the  
usual way. Is there a way around this?



Here's a snippet from a print_r() of the object

[highlighting] => stdClass Object
(
[12192] => stdClass Object
(
[t_text] => Array
(
[0] =>
[advert]
PRIORY PRESS LIMITED
THE FRIARY - CARDIFF

TELEPHONE 3578

)

)

[12193] => stdClass Object
(
[t_text] => Array
(
[0] =>  Religion.
Low Performing Fees
THE BOOK - 1/6
From the Publishers―
PRIORY PRESS LIMITED
The Friary - Cardiff

)

)

echo $this->results->highlighting->12192->t_text[0];


results in

[Wed Mar 11 11:32:57 2009] [error] [client xx.xx.xx.xx] PHP Parse  
error:  syntax error, unexpected T_LNUMBER, expecting T_STRING or  
T_VARIABLE or '{' or '$' in /var/www/ccymod/application/views/scripts/ 
browse/search.phtml on line 62


I'm stumped. Any ideas?

--
Dan FieldFfôn/Tel. +44 1970 632  
582

Peiriannydd Meddalwedd  Senior Software Engineer
Llyfrgell Genedlaethol Cymru   National Library of Wales

Re: [PHP] How to work with Webservices (.asmx) server

2009-03-11 Thread Phpster 

If you're not Dutch you're not much! Holland rocks!

From a fellow dutchie,

Bastien

Sent from my iPod

On Mar 11, 2009, at 4:47, Anton Heuschen  wrote:


Thanks Thijs.

My Father is from the Netherlands, but I wont try it all in Dutch  
myself...


Ok slowly but surely and with your advice I start making sense of  
this, I am
still playing around with some tests and reading up. It should be  
real clear

and obvious once you get a working example I guess.

Thanks for your assistance and advice so far.

Regards


Now of to make myself a nice Hagelslag botterham to soothe my  
nerves ;-)


Anton

2009/3/11 Thijs Lensselink 


Hoi Anton,

Great job on the Dutch part :) But please keep the thread on list.

You have set the server location when you create a SOAP client  
instance.

Take a look at : http://php.net/manual/en/soapclient.soapclient.php

So when instantiating the SOAP client object you pass as a second
parameter. An array with as minimal settings the location and uri.

I guess in your case it would be something like this:

$client = new SoapClient(null, array(
  'location' =>  "http://localhost/WebService/GetData.asmx";,
  'uri'  => "http://localhost/WebService/";)
);

And if your webservice provides a WSDL file you can replace the null
parameter for that one.

Anton Heuschen wrote:

Dag.

Dank U well.

Lol and thats where my Dutch is going to end...


Thank you for the info, just one question that had me confused  
also and

that is to do with this

the URL you actually are talking to with your SOAP client is
http://localhost/WebService/



Ive seen that in material on the net too ... but I wondered so how  
does

your SOAP request know where to connect to ? should I not have the
target server URL (or is this also pointing to the Web Services  
Servers
WSDL not setup correctly and will my client only work if I run it  
from

the same PC? ) This is what confuses me so .


Regards

2009/3/10 Thijs Lensselink 
p...@addmissions.nl>>


   Anton Heuschen wrote:

I am confused with XML-RPC / SOAP and WSDL ...

If you have a server with a script/file like test.asmx and some web
services ...below example of service format :

SOAP 1.2

The following is a sample SOAP 1.2 request and response. The
placeholders shown need to be replaced with actual values.

-  SAMPLE OF Web Service from

the

server below :

SOAP 1.2

The following is a sample SOAP 1.2 request and response.  The
placeholders shown need to be replaced with actual values.




POST /webservice/GetData.asmx HTTP/1.1
Host: www.theserver.com 
Content-Type: application/soap+xml; charset=utf-8
Content-Length: length



http://www.w3.org/2001/XMLSchema-instance";

xmlns:xsd="http://www.w3.org/2001/XMLSchema";
xmlns:soap12="http://www.w3.org/2003/05/soap-envelope";>
 
   http://localhost/WebService/";>
 string
   
 




HTTP/1.1 200 OK
Content-Type: application/soap+xml; charset=utf-8
Content-Length: length



http://www.w3.org/2001/XMLSchema-instance";

xmlns:xsd="http://www.w3.org/2001/XMLSchema";
xmlns:soap12="http://www.w3.org/2003/05/soap-envelope";>
 
   http://localhost/WebService/";>
 string
   
 




 END OF SAMPLE




I spend about most of my time looking at SOAP, XML-RPC and the PHP
SOAP extension, like from here:





http://tutorial.jcwcn.com/Web-Design/PHP/XML-and-PHP/2008-08-15/10160.html



Most of these talk about request to the server and a script with

.wsdl

extension ... but from the example SOAP 1.2 "framework" above
and the fact that the url to the web service is not a .wsdl file

but

in fact a .asmx file, how on earth to you


   It doesn't have to be a .wsdl extension to offer that  
functionality.

The
   WSDL output is nothing more then what the webservice has to  
offer.
   Requests are not send to the .wsdl but to the webservice  
endpoint.




1) post a request to the example above.
2) What do you use here now actually ? SOAP/XML-RPC/WSDL ? or is

this

something else ? Its extremely confusing since this does
not seem to fit in with any of the examples, material on the net.



   The examples above show requests en responses in the SOAP  
format. You
   could target this webservice in multiple ways. But building a  
SOAP

   client would probably be the best option.


I basically need to call the service and pass "string" to the Input
parameter and get the response field.


Some examples using the PHP Soap class talk about setting the URI,

the

host and the NS and I don't know from the example SOAP 1.2 fields
provided where this should be taken from.



   the URL you actually are talking to with your SOAP client is
   http://localhost/WebService/



Some guidelines to good documentation/howto or tutorials and/or

some

examples and functions/class would be
appreciated immensely


   http://wso2.org/library/1060



Regards









--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit:

Re: [PHP] Working directory of PHP pages?

2009-03-11 Thread Per Jessen 
Clancy wrote:

> It is my understanding that when you open a page the PHP server looks
> for index.php in the site root directory, and loads it. 

A typical Apache configuration will have 'DirectoryIndex index' and will
look for 'index' when there is no specific file given.  It looks in
whichever directory the URL indicates.  With Multiviews enabled, Apache
will look for anything matching 'index.*' and decided which file is the
best match and then serve that. 


/Per

-- 
Per Jessen, Zürich (5.8°C)


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] numerically named member variables and objects

2009-03-11 Thread Dan Field 


On 11 Mar 2009, at 11:42, Dan Field wrote:

As far as I was aware, member variable and object names had to start  
with a non integer chracter, however I am utilising a JSON lib which  
is providing me with the following resultset. As you can see a  
member class member is numerically named and I am unable to address  
it in the usual way. Is there a way around this?



echo $this->results->highlighting->12192->t_text[0];



And to answer my own question, the answer is to use the following  
notation:


echo $this->results->highlighting->{'12192'}->t_text[0];

--
Dan FieldFfôn/Tel. +44 1970 632 582
Peiriannydd Meddalwedd  Senior Software Engineer
Llyfrgell Genedlaethol Cymru   National Library of Wales

RE: [PHP] Include File Errors with Comments

2009-03-11 Thread Bob McConnell 
From: Patrick Moloney
> 
> I have a simple web site with a simple page that all works well, 
> although I have had a similar problem a couple of times that seems to
be 
> caused by Comment Lines in the included files. I wonder if I have it 
> entirely right.
> All my files are .php files, but almost all the code is HTML.
> The file for my Web page is a complete HTML document, the file is
.php. 
> The web page file "Includes" a few other files by putting the Include 
> statement in PHP tags, all by itself. The problem file contains the
menu 
> as the include. I made a change to the menu, that works, but I added a

> line with a comment at the top, which causes problems. The menu is
read 
> like text.
> The first few lines in my menu file, menu.php, are comments using HTML

> syntax. The menu file has on UL and LI tags for the menu items - no 
> HTML, BODY etc. So I have a line of PHP in my web page file calling a 
> .php file where the first 2 lines are HTML comments. It was working
with 
> 2 comment lines, the failed with 3 lines. Even when it fails the 
> remainder of the page displays ok although it is down lower because of

> the menu being displayed as text. I remove the comment it works.
> 
> Does PHP preprocess the file but treat the comments as text because I 
> never said it was HTML? Would PHP comments have to be inside PHP tags?
> Am I correct in having just a fragment of HTML in the included file 
> without the entire HTML organization? I'd like to have comments in the
file.

This is one detail that I have not seen a good explanation for. When PHP
opens an included file, it defaults back to HTML mode. You must have the
PHP tags to force it into PHP mode. This is true no matter what file
extension you have on them. So if you want to use PHP style comments,
you must wrap them with the proper tags.

Bob McConnell

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Silly question - include vs. eval

2009-03-11 Thread HostWare Kft. 
Hi,

I wondering what is the difference between include(), and eval(' 
?>'.file_get_content().'

Re: [PHP] How to work with Webservices (.asmx) server

2009-03-11 Thread Anton Heuschen 
Who else eat Chocolate or (sugar even) on bread and eat liquorice sweets
full of salt ... having Dutch family and living with the culture gets lots
of frowns from South Africans here ...when you sit down and start sprinkling
sugar on your bread (if the budget is tight and you cant afford the good
stuff like choc-spreads and Hagel)...  The Zoute-drop is always a cool trick
here in South Africa ...people expect it to be sweet liquorice sweets ...its
the best to watch their faces once they realize the salty taste ...then you
look how long it takes them to spit it out.

Well thanks to all the help thus far ... now I feel depressed all of a suden
...miss the vibe -  Holland rocks

2009/3/7 Phpster 

> If you're not Dutch you're not much! Holland rocks!
>
> From a fellow dutchie,
>
> Bastien
>
> Sent from my iPod
>
>
> On Mar 11, 2009, at 4:47, Anton Heuschen  wrote:
>
>  Thanks Thijs.
>>
>> My Father is from the Netherlands, but I wont try it all in Dutch
>> myself...
>>
>> Ok slowly but surely and with your advice I start making sense of this, I
>> am
>> still playing around with some tests and reading up. It should be real
>> clear
>> and obvious once you get a working example I guess.
>>
>> Thanks for your assistance and advice so far.
>>
>> Regards
>>
>>
>> Now of to make myself a nice Hagelslag botterham to soothe my nerves ;-)
>>
>> Anton
>>
>> 2009/3/11 Thijs Lensselink 
>>
>>  Hoi Anton,
>>>
>>> Great job on the Dutch part :) But please keep the thread on list.
>>>
>>> You have set the server location when you create a SOAP client instance.
>>> Take a look at : http://php.net/manual/en/soapclient.soapclient.php
>>>
>>> So when instantiating the SOAP client object you pass as a second
>>> parameter. An array with as minimal settings the location and uri.
>>>
>>> I guess in your case it would be something like this:
>>>
>>> $client = new SoapClient(null, array(
>>>  'location' =>  "http://localhost/WebService/GetData.asmx";,
>>>  'uri'  => "http://localhost/WebService/";)
>>> );
>>>
>>> And if your webservice provides a WSDL file you can replace the null
>>> parameter for that one.
>>>
>>> Anton Heuschen wrote:
>>>
 Dag.

 Dank U well.

 Lol and thats where my Dutch is going to end...


 Thank you for the info, just one question that had me confused also and
 that is to do with this

 the URL you actually are talking to with your SOAP client is
 http://localhost/WebService/



 Ive seen that in material on the net too ... but I wondered so how does
 your SOAP request know where to connect to ? should I not have the
 target server URL (or is this also pointing to the Web Services Servers
 WSDL not setup correctly and will my client only work if I run it from
 the same PC? ) This is what confuses me so .


 Regards

 2009/3/10 Thijs Lensselink >>>
>>> p...@addmissions.nl>>
>>>

   Anton Heuschen wrote:

> I am confused with XML-RPC / SOAP and WSDL ...
>
> If you have a server with a script/file like test.asmx and some web
> services ...below example of service format :
>
> SOAP 1.2
>
> The following is a sample SOAP 1.2 request and response. The
> placeholders shown need to be replaced with actual values.
>
> -  SAMPLE OF Web Service from
>
 the
>>>
 server below :
>
> SOAP 1.2
>
> The following is a sample SOAP 1.2 request and response.  The
> placeholders shown need to be replaced with actual values.
>
>
>
>
> POST /webservice/GetData.asmx HTTP/1.1
> Host: www.theserver.com 
> Content-Type: application/soap+xml; charset=utf-8
> Content-Length: length
>
> 
> http://www.w3.org/2001/XMLSchema-instance";
>>>
 xmlns:xsd="http://www.w3.org/2001/XMLSchema";
> xmlns:soap12="http://www.w3.org/2003/05/soap-envelope";>
>  
>   http://localhost/WebService/";>
> string
>   
>  
> 
>
>
>
> HTTP/1.1 200 OK
> Content-Type: application/soap+xml; charset=utf-8
> Content-Length: length
>
> 
> http://www.w3.org/2001/XMLSchema-instance";
>>>
 xmlns:xsd="http://www.w3.org/2001/XMLSchema";
> xmlns:soap12="http://www.w3.org/2003/05/soap-envelope";>
>  
>   http://localhost/WebService/";>
> string
>   
>  
> 
>
>
>
>  END OF SAMPLE
>
>
>
>
> I spend about most of my time looking at SOAP, XML-RPC and the PHP
> SOAP extension, like from here:
>
>
>

>>> http://tutorial.jcwcn.com/Web-Design/PHP/XML-and-PHP/2008-08-15/10160.html
>>>

>
> Most of these talk about request to the server and a script with
>
 .wsdl
>>>
 extension ... but from the example SOAP 1.2 "framework" above
> and the fact that the url to

[PHP] This code using _GET exploitable

2009-03-11 Thread filtered 
Hi,

we have script containing

 

and

http://example.com"";  />';
}
   ?>

Is this code prone to XSS attacks or for attacking the local webserver
and if so, how?

$cam isn't used anywhere else.

-a

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Silly question - include vs. eval

2009-03-11 Thread Robert Cummings 
On Wed, 2009-03-11 at 13:07 +0100, Sándor Tamás (HostWare Kft.) wrote:
> Hi,
> 
> I wondering what is the difference between include(), and eval(' 
> ?>'.file_get_content().'  
> If there is something I should be aware, please, let me know.

Use include since it allows a cache like eAccelerator or APC to work.
Eval never gets cached. Also, include let's the engine do the opening,
reading, closing of the file while also parsing and running the contents
in one fell function call (yes I know it's not a function). What you
have above, using eval, is a bastardization of cleanliness and
succinctness of code.

Cheers,
Rob.
-- 
http://www.interjinn.com
Application and Templating Framework for PHP


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Handling (very) large files with PHP

2009-03-11 Thread Virgilio Quilario 
> *Handling (very) large files with PHP*
>
> Hello, I am planning a project in PHP, and I have few unsolved issues that
> I'd like you to help me...
>
> The project will start by loading a file of about 50GB.
> The file has a many objects with a pattern, for example,
>
>
> Name: Joe
> Joe likes to eat
> ---
> Name: Daniel
> Daniel likes to ask question on the PHP Mailing List
>
>
> Anyway, so, I am going to convert it into a database, and I insist on using
> PHP for this.
>
> So the questions are,
> How would I open the file? will fopen fread($file, 1024) will work? if then,
> how would I find the seperator, "--", without taking too
> many resources?
> I'll have a dedicated server for this project so I could use exec, so I am
> wondering if I should use exec to split the file?
> How many hours or days do you think it will take me to insert all of the
> data, if I have about 8,000,000,000 (8 billion/milliard) entries (objects)?
>
> After I insert all the data, I'll have to start working with it as well -
> for example, having a list of all people and what comes after the word
> "likes" in their entry.
>
> What do you suggest? I am concerened I might not be able to fully acomplish
> both high speed with working (example above) and both high speed when
> watching the data and adding more "works" (as stated above) with PHP. What
> do you think?
> Since inserting to the database, after considering it, will probably be with
> C. But if I wish to work with it - will PHP be good?
>
> What database should I use for so much info?
>
>
> Thanks, Daniel
>

hi Daniel,

Interesting task you got there.
The code below should solve your problem.

$fh = fopen('data.txt', 'r');
$row = array();
while (($line = fgets($fh, 1024)) !== false) {
  if ($line === '---') {
// save $row into database
$row = array();
continue;
  }
  if (strpos($line,'Name: ') !== false) {
$row['name'] = str_replace('Name: ', '', $line);
continue;
  }
  $row['likes'] = str_replace($row['name'] . ' likes ', '', $line);
}
fclose($fh);
your database fields should include
id --> autoincrement, primary
name --> varchar(64)
likes --> text

now you should be able to do simple select query that pulls a list of
names with likes not empty.
please clock it for me.
i would like to know how long it takes but the code should be fast.
thanks and good luck.

Virgil
http://www.jampmark.com

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] This code using _GET exploitable

2009-03-11 Thread Stuart 
2009/3/11 filtered 

> Hi,
>
> we have script containing
>
>  
>
> and
>
>$cam = $_GET['cam'];
>
>if ($cam == '1') {
>echo 'http://example.com"";  />';
>}
>   ?>
>
> Is this code prone to XSS attacks or for attacking the local webserver
> and if so, how?
>
> $cam isn't used anywhere else.


$_GET['cam'] looks fine. $_GET['studio'] is not.

I could build a URL that would output a javascript tag to do anything I want
from the security context of a page on your site. This is not good.

Check out http://php.net/htmlentities and associated functions.

-Stuart

-- 
http://stut.net/

Re: [PHP] This code using _GET exploitable

2009-03-11 Thread Jochem Maas 
filtered schreef:
> Hi,
> 
> we have script containing
> 
>  

let say I do:

example.com/yourscript.php?studio=alert('I am an 
evil haxor');

excusing the fact that the query is not urlencoded, what happens on your site
(replace domain and script name to match your site/script)


> 
> and
> 
>  $cam = $_GET['cam'];
> 
> if ($cam == '1') {
> echo 'http://example.com"";  />';
> }


if ($_GET['cam'] === '1')
echo 'http://example.com"; />';

no need to create the $cam var, and a little better to check for the exact 
value+type (===)

>?>
> 
> Is this code prone to XSS attacks or for attacking the local webserver
> and if so, how?
> 
> $cam isn't used anywhere else.
> 
> -a
> 


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Silly question - include vs. eval

2009-03-11 Thread Robert Cummings 
On Wed, 2009-03-11 at 08:33 -0400, Robert Cummings wrote:
> On Wed, 2009-03-11 at 13:07 +0100, Sándor Tamás (HostWare Kft.) wrote:
> > Hi,
> > 
> > I wondering what is the difference between include(), and eval(' 
> > ?>'.file_get_content().'  > 
> > If there is something I should be aware, please, let me know.
> 
> Use include since it allows a cache like eAccelerator or APC to work.
> Eval never gets cached. Also, include let's the engine do the opening,

Before someone mentions it... yes I know there shouldn't be an
apostrophe in the above "let's"... sometimes my fingers make executive
decisions all by themselves :)

Cheers,
Rob.
-- 
http://www.interjinn.com
Application and Templating Framework for PHP


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] This code using _GET exploitable

2009-03-11 Thread Michael A. Peters 

filtered wrote:

Hi,

we have script containing

 

and

http://example.com"";  />';
}
   ?>

Is this code prone to XSS attacks or for attacking the local webserver
and if so, how?

$cam isn't used anywhere else.

-a



It certainly is XSS vulnerable through a reflective XSS attack.
clean your input before displaying it.

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] This code using _GET exploitable

2009-03-11 Thread filtered 
On Wed, Mar 11, 2009 at 13:44, Jochem Maas  wrote:
> filtered schreef:
>> Hi,
>>
>> we have script containing
>>
>>  
>
> let say I do:
>
> example.com/yourscript.php?studio=alert('I am 
> an evil haxor');
>
> excusing the fact that the query is not urlencoded, what happens on your site
> (replace domain and script name to match your site/script)
>


Ok, but I don't see how this code could be used to attack the local
php/web-server in order
for intruding the system or e.g. for installing a root-kit. Right?

Andreas

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Silly question - include vs. eval

2009-03-11 Thread Virgilio Quilario 
>> Hi,
>>
>> I wondering what is the difference between include(), and eval(' 
>> ?>'.file_get_content().' >
>> If there is something I should be aware, please, let me know.
>
> Use include since it allows a cache like eAccelerator or APC to work.
> Eval never gets cached. Also, include let's the engine do the opening,
> reading, closing of the file while also parsing and running the contents
> in one fell function call (yes I know it's not a function). What you
> have above, using eval, is a bastardization of cleanliness and
> succinctness of code.
>
> Cheers,
> Rob.

hi,

eval is useful when your php code is stored in database.
read here http://www.php.net/manual/en/function.eval.php for details.

Virgil
http://www.jampmark.com
Free tips, tutorials, innovative tools and techniques for building and
improving web sites

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] This code using _GET exploitable

2009-03-11 Thread Michael A. Peters 

filtered wrote:

Hi,

we have script containing

 


http://www.yourwebsite.org/yourpage.php?studio=alert('xss');



and

http://example.com"";  />';
}
   ?>


That I don't think is exploitable since you are not doing anything with 
cam directly but are only acting if it is a string matching '1'.


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] This code using _GET exploitable

2009-03-11 Thread Stuart 
Please include the list when replying unless you're looking to hire me!

2009/3/11 filtered 

> On Wed, Mar 11, 2009 at 13:41, Stuart  wrote:
> > 2009/3/11 filtered 
>
> >
> > $_GET['cam'] looks fine. $_GET['studio'] is not.
> > I could build a URL that would output a javascript tag to do anything I
> want
> > from the security context of a page on your site. This is not good.
> > Check out http://php.net/htmlentities and associated functions.
>
> More detailed question: is this code prone for attacking the local
> web/php-server? I agree that it is weak with respect to XSS.


Not on the face of it, but we would need a lot more of your code to decide
that for certain, something which goes way beyond the scope of this list.

But I would ask the question why it matters? It's bad so fix it. If you
really have code like this anywhere in your site, escape it.

Escape stuff coming in and escape stuff going out. There are no exceptions.
Ever.

-Stuart

-- 
http://stut.net/

Re: [PHP] Silly question - include vs. eval

2009-03-11 Thread Robert Cummings 
On Wed, 2009-03-11 at 20:49 +0800, Virgilio Quilario wrote:
> >> Hi,
> >>
> >> I wondering what is the difference between include(), and eval(' 
> >> ?>'.file_get_content().'  >>
> >> If there is something I should be aware, please, let me know.
> >
> > Use include since it allows a cache like eAccelerator or APC to work.
> > Eval never gets cached. Also, include let's the engine do the opening,
> > reading, closing of the file while also parsing and running the contents
> > in one fell function call (yes I know it's not a function). What you
> > have above, using eval, is a bastardization of cleanliness and
> > succinctness of code.
> >
> > Cheers,
> > Rob.
> 
> hi,
> 
> eval is useful when your php code is stored in database.
> read here http://www.php.net/manual/en/function.eval.php for details.

I'm going to go out on a limb here... it would probably make your
application faster if you used a file based cache for content to be
eval'd and then included the cached file instead. Then whatever
accelerator is in play can do it's thing on the code.

But the poster didn't ask about content in general, he asked about the
difference between include and eval'ing content acquired from a file.

Cheers,
Rob.
-- 
http://www.interjinn.com
Application and Templating Framework for PHP


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] This code using _GET exploitable

2009-03-11 Thread Virgilio Quilario 
> filtered schreef:
>> Hi,
>>
>> we have script containing
>>
>>  
>
> let say I do:
>
> example.com/yourscript.php?studio=alert('I am 
> an evil haxor');
>
> excusing the fact that the query is not urlencoded, what happens on your site
> (replace domain and script name to match your site/script)
>
>
>>
>> and
>>
>>     >         $cam = $_GET['cam'];
>>
>>         if ($cam == '1') {
>>             echo 'http://example.com"";  />';
>>         }
>
>
> if ($_GET['cam'] === '1')
>        echo 'http://example.com"; />';
>
> no need to create the $cam var, and a little better to check for the exact 
> value+type (===)
>
>>    ?>
>>
>> Is this code prone to XSS attacks or for attacking the local webserver
>> and if so, how?
>>
>> $cam isn't used anywhere else.

use htmlentities() to display $_GET['studio']
like below.



Virgil
http://www.jampmark.com
Free tips, tutorials, innovative tools and techniques for building and
improving web sites.

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] This code using _GET exploitable

2009-03-11 Thread Michael A. Peters 

filtered wrote:

On Wed, Mar 11, 2009 at 13:44, Jochem Maas  wrote:

filtered schreef:

Hi,

we have script containing

 

let say I do:

example.com/yourscript.php?studio=alert('I am an evil 
haxor');

excusing the fact that the query is not urlencoded, what happens on your site
(replace domain and script name to match your site/script)




Ok, but I don't see how this code could be used to attack the local
php/web-server 


reflected attack.
Someone puts that as the image source on some website they trick a 
legitimate user in going to (IE - click here to see latest brittany 
spears scandal !!!) - their browser tries to load the image, instead 
calling your page with the XSS attack thus allowing the cracker to read 
any cookies the user has from your domain which can then allow the 
cracker to impersonate the user via session ID.


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Silly question - include vs. eval

2009-03-11 Thread HostWare Kft. 
Yes, Rob is right. My original question is about the difference between the 
processing of a file-based site with include() OR eval(). In that case, if I 
understood it correctly, the results are the same.


But! If the included pages contain functions, classes, etc. With eval(), can 
I use them? With include(), I know I should be able to use them. But in some 
mysterious cases I don't have access to a function. If I cut out from the 
included file, and put in on the file which includes that, just before (or 
after) the includ(), I don't have any problem with it.


The next step, that if I include a file in a function, can I use the 
functions wrote in the included file?
As I know, include just makes a copy-paste, so if I use it IN a function, 
then all function will be in function scope, am I right?


SanTa

- Original Message - 
From: "Robert Cummings" 

To: "Virgilio Quilario" 
Cc: "Sándor Tamás (HostWare Kft.)" ; 


Sent: Wednesday, March 11, 2009 1:55 PM
Subject: Re: [PHP] Silly question - include vs. eval



On Wed, 2009-03-11 at 20:49 +0800, Virgilio Quilario wrote:

>> Hi,
>>
>> I wondering what is the difference between include(), and eval(' 
>> ?>'.file_get_content().' 
>>
>> If there is something I should be aware, please, let me know.
>
> Use include since it allows a cache like eAccelerator or APC to work.
> Eval never gets cached. Also, include let's the engine do the opening,
> reading, closing of the file while also parsing and running the 
> contents

> in one fell function call (yes I know it's not a function). What you
> have above, using eval, is a bastardization of cleanliness and
> succinctness of code.
>
> Cheers,
> Rob.

hi,

eval is useful when your php code is stored in database.
read here http://www.php.net/manual/en/function.eval.php for details.


I'm going to go out on a limb here... it would probably make your
application faster if you used a file based cache for content to be
eval'd and then included the cached file instead. Then whatever
accelerator is in play can do it's thing on the code.

But the poster didn't ask about content in general, he asked about the
difference between include and eval'ing content acquired from a file.

Cheers,
Rob.
--
http://www.interjinn.com
Application and Templating Framework for PHP




--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] PHP/Apache: script unexpectedly invoked multiple times in parallel every 30 secs.

2009-03-11 Thread Virgilio Quilario 
> Hi all,
>
> I wrote a PHP script running in Apache which takes more than 30 seconds to
> complete. It uses set_time_limit() to extend the time it is allowed to run.
> The script generates thumbnails from a list of images. Upon completion, the
> script redirects the browser to another page using HTTP headers.
>
> On my local machine (Windows + EasyPHP), the script runs as expected and
> completes after a few minutes.
>
> I observe an unexpected behavior on my production web server:
> - The script runs as expected for the first 30 seconds.
> - After 30 seconds, the same script with the same parameters starts again in
> a new thread/process. The initial thread/process is *not* interrupted, so 2
> threads/processes run in parallel, executing the same sequence of operations
> with a 30 time shift.
> - The same scenario happens every 30 seconds (i.e.: at 0"30, 1"00, 1"30, and
> so on), multiplying the parallel threads/processes.
> - The browser keeps on loading while the above happens.
> - After some time, the browser displays a blank page and all the
> threads/processes stop. I assume this is due to resources exhaustion, but I
> have no means to check this assumption.
>
> I deduced the above reading a text file in which I log the sequence of
> called functions.
>
> Unfortunately I have no access *at all* to my production web server
> configuration (shared hosting, no documentation). I cannot even read the
> configuration settings. While I'm considering moving to another host, I'd be
> extremely pleased to have an explanation of the observed behavior.
>
> I have browsed the mailing list archives and looked for an explanation in
> other forums to no avail. This thread may deal with the same issue but does
> not include any explanation or solution:
> http://www.networkedmediatank.com/showthread.php?tid=17140
>
> Thanks for reading, and please do not hesitate to ask for further
> explanations if what I'm trying to achieve was not clear!
>
> Cheers,
> Marc.
>

hi Marc,

probably your php file on your production server is index.php.
and you must have generated a image tag with empty src like below:


with src being empty, browsers will load your index.php as if it was
an image url so loading in parallel.
hope this explains your case.

Virgil
http://www.jampmark.com
Free tips, tutorials, innovative tools and techniques for building and
improving web sites.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Silly question - include vs. eval

2009-03-11 Thread Robert Cummings 
On Wed, 2009-03-11 at 14:03 +0100, Sándor Tamás (HostWare Kft.) wrote:
> Yes, Rob is right. My original question is about the difference between the 
> processing of a file-based site with include() OR eval(). In that case, if I 
> understood it correctly, the results are the same.
> 
> But! If the included pages contain functions, classes, etc. With eval(), can 
> I use them? With include(), I know I should be able to use them. But in some 
> mysterious cases I don't have access to a function. If I cut out from the 
> included file, and put in on the file which includes that, just before (or 
> after) the includ(), I don't have any problem with it.
> 
> The next step, that if I include a file in a function, can I use the 
> functions wrote in the included file?
> As I know, include just makes a copy-paste, so if I use it IN a function, 
> then all function will be in function scope, am I right?

You should be able to use any functions you declare in the external
source from within the including context... but only after the include.
This is true whether you include or eval the content.

It's interesting your mention a mysterious case... I remember a couple
of years ago an include issue where the functions were not available as
they should have been... I resolved it by doing an eval on the contents
of the file instead. I think it was probably some bug in PHP and it
eventually resolved itself and it had worked before an upgrade. I never
bothered with a bug report though because I couldn't distill it down to
a simple use case.

What version are you using?

Cheers,
Rob.
-- 
http://www.interjinn.com
Application and Templating Framework for PHP


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] This code using _GET exploitable

2009-03-11 Thread haliphax 
On Wed, Mar 11, 2009 at 7:56 AM, Michael A. Peters  wrote:
> filtered wrote:
>>
>> On Wed, Mar 11, 2009 at 13:44, Jochem Maas  wrote:
>>>
>>> filtered schreef:

 Hi,

 we have script containing

  
>>>
>>> let say I do:
>>>
>>> example.com/yourscript.php?studio=alert('I
>>> am an evil haxor');
>>>
>>> excusing the fact that the query is not urlencoded, what happens on your
>>> site
>>> (replace domain and script name to match your site/script)
>>>
>>
>>
>> Ok, but I don't see how this code could be used to attack the local
>> php/web-server
>
> reflected attack.
> Someone puts that as the image source on some website they trick a
> legitimate user in going to (IE - click here to see latest brittany spears
> scandal !!!) - their browser tries to load the image, instead calling your
> page with the XSS attack thus allowing the cracker to read any cookies the
> user has from your domain which can then allow the cracker to impersonate
> the user via session ID.

...this and many other bad things can happen to YOU!


http://www.cgisecurity.com/xss-faq.html


-- 
// Todd

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] non static function called as static one

2009-03-11 Thread Olivier Doucet 
Hello everyone,
I'm wondering if the following behaviour is a bug or a feature. The case is
quite complex, so let me explain my point of view.
here is the source :

test(); //output: "MySecondTest"

?>

Let me explain :
In this case, $this is MySecondTest, which is relevant as it is the last
object context. But to my mind, this code should not work like this.

Imagine you are the developer of function MyTest. You want your code to
interact with other classes and being bugproof. 'MyTest' class here seems
OK: $this is expected to be 'MyTest' because function myfunc() is expected
to be called in a non-static context.

Programmer of the second function created this bug and this unattended
behaviour.

Maybe this can be done :
1/ Forbid calling the function in static context (How can I test this ?
$this is not NULL there !).
2/ (or/and) Raise a warning or an error if a non static function is called
as a static one
3/ Create two functions with the same name, one static and the other one
not. Unfortunately, this can't be done (yet ?).


What do you think ? What's your point of view on this ? I want your
feedbacks before opening a bug ticket, as it is not strictly a "bug"...


Olivier

Re: [PHP] More PHP Includes

2009-03-11 Thread tedd 

At 9:59 AM -0400 3/10/09, Gary wrote:

Thanks again for all the help.

I created a simple page of all includes (header, menu, 3 columns).  I mixed
the file types up. The menu (projectseven PMM) I saved as a library item,
works fine.  Had an HTML file in there, but I am guessing that having 2 page
declarations along with an extra set of  and  tags was playing
havoc with the code, so I removed them. Same thing when I created a php page
and saved it as filename.inc.php, so I removed all the declarations and
tags, again seems to work fine. Also included a simple .txt file.

I did get some strange results in that all of the  were highlighted
after the menu, and I had to remove and insert again to correct.

So is this the best way, to create a php page, remove all of the html tags
and page declarations and name it filename.inc.php? (I'm using DW CS3)

Also, something I do not understand, I included a small txt file in a page
of a customer and it shows fine, however this file is not on the server...is
this normal?



Gary:

If you want to see how this all plays out in a demo, try this:

http://sperling.com/examples/include-demo/

Go through the complete demo and you'll see how the 
header/footer/menu include things work.


Cheers,

tedd

--
---
http://sperling.com  http://ancientstones.com  http://earthstones.com

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] non static function called as static one

2009-03-11 Thread Jochem Maas 
Olivier Doucet schreef:
> Hello everyone,
> I'm wondering if the following behaviour is a bug or a feature. The case is
> quite complex, so let me explain my point of view.
> here is the source :
> 
>  
> class MyTest {
> public function myfunc() {
> echo get_class($this);
> }
> }
> class MySecondTest {
> public function test() {
> MyTest::myfunc();
> }
> }
> 
> $test = new MySecondTest();
> $test->test(); //output: "MySecondTest"
> 
> ?>
> 
> Let me explain :
> In this case, $this is MySecondTest, which is relevant as it is the last
> object context. But to my mind, this code should not work like this.
> 
> Imagine you are the developer of function MyTest. You want your code to
> interact with other classes and being bugproof. 'MyTest' class here seems
> OK: $this is expected to be 'MyTest' because function myfunc() is expected
> to be called in a non-static context.
> 
> Programmer of the second function created this bug and this unattended
> behaviour.
> 
> Maybe this can be done :
> 1/ Forbid calling the function in static context (How can I test this ?
> $this is not NULL there !).

actually I thought that the engine died in situations like this. I don't
see any change to the behaviour in 5.3 either.

> 2/ (or/and) Raise a warning or an error if a non static function is called
> as a static one

develop with error_reporting set to E_ALL | E_STRICT, then you'll get a big fat
warning about it

> 3/ Create two functions with the same name, one static and the other one
> not. Unfortunately, this can't be done (yet ?).
>

will never happen (where 'never' = 'very very very long time, at the very least'

> 
> What do you think ? What's your point of view on this ? I want your
> feedbacks before opening a bug ticket, as it is not strictly a "bug"...

I think it's inconsistent implementation. I would classify it as a bug,
especially given the general trend to strict/pure OO concepts in php.

there maybe underlying technical issue with the engine that means
this can't be easily fixed.

I would suggest asking on internals to see what their opinion is.

the pragmatic solution is to not call non-static functions using
static syntax.

> 
> Olivier
> 


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] PHP/Apache: script unexpectedly invoked multiple times in parallel every 30 secs.

2009-03-11 Thread Marc Venturini 
Thanks for your contribution Virgil. Unfortunately my file is not index.php
(nor anything else declared in a DirectoryIndex directive).

I'm planning to fix the issue using a lock to test that the script is not
already running before starting it again, but I would like to find out the
explanation for this unexpected behavior!

Cheers,
Marc.


On Wed, Mar 11, 2009 at 1:08 PM, Virgilio Quilario <
virgilio.quila...@gmail.com> wrote:

> > Hi all,
> >
> > I wrote a PHP script running in Apache which takes more than 30 seconds
> to
> > complete. It uses set_time_limit() to extend the time it is allowed to
> run.
> > The script generates thumbnails from a list of images. Upon completion,
> the
> > script redirects the browser to another page using HTTP headers.
> >
> > On my local machine (Windows + EasyPHP), the script runs as expected and
> > completes after a few minutes.
> >
> > I observe an unexpected behavior on my production web server:
> > - The script runs as expected for the first 30 seconds.
> > - After 30 seconds, the same script with the same parameters starts again
> in
> > a new thread/process. The initial thread/process is *not* interrupted, so
> 2
> > threads/processes run in parallel, executing the same sequence of
> operations
> > with a 30 time shift.
> > - The same scenario happens every 30 seconds (i.e.: at 0"30, 1"00, 1"30,
> and
> > so on), multiplying the parallel threads/processes.
> > - The browser keeps on loading while the above happens.
> > - After some time, the browser displays a blank page and all the
> > threads/processes stop. I assume this is due to resources exhaustion, but
> I
> > have no means to check this assumption.
> >
> > I deduced the above reading a text file in which I log the sequence of
> > called functions.
> >
> > Unfortunately I have no access *at all* to my production web server
> > configuration (shared hosting, no documentation). I cannot even read the
> > configuration settings. While I'm considering moving to another host, I'd
> be
> > extremely pleased to have an explanation of the observed behavior.
> >
> > I have browsed the mailing list archives and looked for an explanation in
> > other forums to no avail. This thread may deal with the same issue but
> does
> > not include any explanation or solution:
> > http://www.networkedmediatank.com/showthread.php?tid=17140
> >
> > Thanks for reading, and please do not hesitate to ask for further
> > explanations if what I'm trying to achieve was not clear!
> >
> > Cheers,
> > Marc.
> >
>
> hi Marc,
>
> probably your php file on your production server is index.php.
> and you must have generated a image tag with empty src like below:
> 
>
> with src being empty, browsers will load your index.php as if it was
> an image url so loading in parallel.
> hope this explains your case.
>
> Virgil
> http://www.jampmark.com
> Free tips, tutorials, innovative tools and techniques for building and
> improving web sites.
>

Re: [PHP] This code using _GET exploitable

2009-03-11 Thread Jochem Maas 
Stuart schreef:
> Please include the list when replying unless you're looking to hire me!
> 
> 2009/3/11 filtered 
> 
>> On Wed, Mar 11, 2009 at 13:41, Stuart  wrote:
>>> 2009/3/11 filtered 
>>> $_GET['cam'] looks fine. $_GET['studio'] is not.
>>> I could build a URL that would output a javascript tag to do anything I
>> want
>>> from the security context of a page on your site. This is not good.
>>> Check out http://php.net/htmlentities and associated functions.
>> More detailed question: is this code prone for attacking the local
>> web/php-server? I agree that it is weak with respect to XSS.
> 
> 
> Not on the face of it, but we would need a lot more of your code to decide
> that for certain, something which goes way beyond the scope of this list.
> 
> But I would ask the question why it matters? It's bad so fix it. If you
> really have code like this anywhere in your site, escape it.
> 
> Escape stuff coming in and escape stuff going out. There are no exceptions.


actually that should be: filter stuff coming in, escape stuff going out.

where 'coming in' really means any input vector (reading from db, from a file,
request input, etc) and 'going out' really means any output vector (writing to 
db,
writing to file, outputting to browser, etc).

note that the filtering & escaping that you should be doing depends on the
context/vector in question (you escape data differently when writing to the db 
as
compared to outputting data.)

welcome to the web: where everyday we take the golden rule of keeping data, code
and presentation seperate ... and stick it in a blender (along with the data, 
the code
and the presentation)

... successfully filtering/escaping data out here means making sense of the
goop in the blender and 'doing the right thing' with it ... have fun with that,
I know I don't :-)

> Ever.
> -Stuart
> 


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] non static function called as static one

2009-03-11 Thread Olivier Doucet 
Hi Jochem,


> > 2/ (or/and) Raise a warning or an error if a non static function is
> called
> > as a static one
>
> develop with error_reporting set to E_ALL | E_STRICT, then you'll get a big
> fat
> warning about it


Yes, that's what I'm using right now. Although, that's not the highlighted
problem.


>
> [...]
>
> the pragmatic solution is to not call non-static functions using
> static syntax.


Well, this is the answer I didn't want :)

Thank you for your feedback !

Olivier

[PHP] Re: Include File Errors with Comments

2009-03-11 Thread Patrick Moloney 

Thanks for all the replies.
As I said in my original post the comments are on the first lines of the 
included file and are HTML comments. I'll have to look closer at comment 
syntax - I see there are "empty comments" and issues with pairs of 
double hyphens.


My overall code worked well with 2 comment lines, then had issues with 
the third. I eventually removed my third comment (no problem) then 
copied my 2nd comment as the 3rd (problem returns).

I had some double hyphens "--" which seemed to cause problems sometimes.
I'm also thinking that it is seeing pairs of "--" that are causing 
issues in odd numbers (half-pairs) only.


I'll have to look closer.

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] non static function called as static one

2009-03-11 Thread Jochem Maas 
Olivier Doucet schreef:
> Hi Jochem,
> 
> 
>>> 2/ (or/and) Raise a warning or an error if a non static function is
>> called
>>> as a static one
>> develop with error_reporting set to E_ALL | E_STRICT, then you'll get a big
>> fat
>> warning about it
> 
> 
> Yes, that's what I'm using right now. Although, that's not the highlighted
> problem.

if your not gettting a 'Strict Warning' when calling a non-static method 
statically
then error_reporting doesn't include E_STRICT. I tested this with your example 
code on
the cmdline to make sure.

>> [...]
>>
>> the pragmatic solution is to not call non-static functions using
>> static syntax.
> 
> 
> Well, this is the answer I didn't want :)

I here that alot :-)

> Thank you for your feedback !
> 
> Olivier
> 


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: PHP/Apache: script unexpectedly invoked multiple times in parallel every 30 secs.

2009-03-11 Thread Martin Zvarík 

Marc Venturini napsal(a):

Hi all,

I wrote a PHP script running in Apache which takes more than 30 seconds to
complete. It uses set_time_limit() to extend the time it is allowed to run.
The script generates thumbnails from a list of images. Upon completion, the
script redirects the browser to another page using HTTP headers.


If you die() at the end of the script and don't redirect does it 
continue this auto-30-seconds execution?




On my local machine (Windows + EasyPHP), the script runs as expected and
completes after a few minutes.

I observe an unexpected behavior on my production web server:
- The script runs as expected for the first 30 seconds.
- After 30 seconds, the same script with the same parameters starts again in
a new thread/process. The initial thread/process is *not* interrupted, so 2
threads/processes run in parallel, executing the same sequence of operations
with a 30 time shift.
- The same scenario happens every 30 seconds (i.e.: at 0"30, 1"00, 1"30, and
so on), multiplying the parallel threads/processes.



- The browser keeps on loading while the above happens.



- After some time, the browser displays a blank page and all the
threads/processes stop. I assume this is due to resources exhaustion, but I
have no means to check this assumption.

I deduced the above reading a text file in which I log the sequence of
called functions.


It all seems as a redirection / unclosed loop problem.



Unfortunately I have no access *at all* to my production web server
configuration (shared hosting, no documentation). I cannot even read the
configuration settings. While I'm considering moving to another host, I'd be
extremely pleased to have an explanation of the observed behavior.

I have browsed the mailing list archives and looked for an explanation in
other forums to no avail. This thread may deal with the same issue but does
not include any explanation or solution:
http://www.networkedmediatank.com/showthread.php?tid=17140

Thanks for reading, and please do not hesitate to ask for further
explanations if what I'm trying to achieve was not clear!


Why it works on your local server is probably caused by different 
versions/settings, but I bet there's an error somewhere in your script.


Consider sending it here, I'll take a look.



Cheers,
Marc.



Martin

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] built-in objects APC or serialization‏

2009-03-11 Thread Andrea Giammarchi 







Hi everybody,

I am a Certified Zend Engineer with almost 10 years of PHP development
experience but for some reason I've never asked question to this ML.

As subject says, I would like to know if there a generic extension/3rd
parts/solution to save the state of a built-in PHP object.

I perfectly know that __sleep and __wakeup or ... implements
Serializable { ... } could allow me to store and retrieve serialized
data but what I did not expect is that APC just behaves as serialize
and "nothing more" than that.

Here there is a quick explanation:



$xsltp = new XSLTProcessor;

$xsltp->importStylesheet(

DomDocument::load('random.xsl')

);



// no way to store the variable here with its live state

// without re-importing stylesheet on __wakeup or unserialize



echo$xsltp->transformToXML(

DomDocument::load('random.xml')

);



I agree that this built-in stuff could be consider a weird case but I
cannot believe that with all these new classes there is no solution to
truly hibernate instances state.



As summary, I wonder if any of you knows a solution or, if any, when (and if) 
are you planning to add this feature.



Best Regards
_
News, entertainment and everything you care about at Live.com. Get it now!
http://www.live.com/getstarted.aspx

[PHP] DOM - change a tag name ??

2009-03-11 Thread Michael A. Peters 

If I'm manipulating a dom object, is there a way to change the tag name?
I know you manipulate just about everything else in a node - but is the 
tagName really off limits?


from the documentation for DOMElement -

/* Properties */
readonly public bool $schemaTypeInfo ;
readonly public string $tagName ;

so if I really needed to change it, I'd have to create a virgin node 
with the new name, identical attributes and children, and replace the 
existing node with the new one?


Is there any other way to alter the tagName without doing all that?

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Header - Redirect Command Not Working

2009-03-11 Thread Jan G.B. 
Hi Dave (?)

2009/3/11 revDAVE :
> Hi Bastien - Stuart & Daniel
>
> Thanks for your help!
>
>
> On 3/10/2009 12:16 PM, "Bastien Koert"  wrote:
>
>> Are you getting an error? What does 'not working' mean?
>
> No errors the page just stayed on the
> header('Location: show.php'); page - never went to: show.php
>

One more thing to mention: The HTTP Protocoll requires you to give a
full URL on "Location" Headers. That means that this is wrong:
"Location: file.txt"
and this is correct
"Location: http://www.x.x/file.txt";

Not all clients behave like yours and accept the wrong header.



>
> Q: I might have learned something Does the: header('Location: xxx.php');
> command need to be in the first php block? On some pages when I make multi
> php blocks into 1 big one and put the header command inside it - it seems to
> work better - is this true?
>
All HTTP headers must be send before your script generates *any* output.
Output means echo's, PHP Notices, etc.
If you *must* output stuff before sending an header, you can use
output buffering, see http://php.net/ob_start


> Q: Also, is it possible that extra whitespace inside the php block can cause
> the header command to not work? (I might have that happening also - looking
> into it)
>

Yes, *any* output - no matter if you output " " or "x" or even ":-)".


>
>>
>>     Well, if the above is in fact the case (and yes, different
>> versions and installations have been known to respond differently),
>> then you can use a browser-based meta refresh, which will work for all
>> browsers anyway:


unless disabled by the user.

>>
>> > //  your code
>> header('Location: show.php');
>> echo '';


erm   should be in a html document inside the , not *anywhere*.

>
>
> I tried refresh Daniel - and it worked great!
>
> I even added a GET var to it - worked also
>
> echo '';


Very, very, very bad idea. You just opened a cross site scripting bug.

Imagine someone opens this URL
host/yourfile?id=">alert(document.cookie)

You must always escape any input you take.
see http://php.net/security


>
> Thanks again folks!
>


You're welcome.

Byebye

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: PHP/Apache: script unexpectedly invoked multiple times in parallel every 30 secs.

2009-03-11 Thread haliphax 
On Wed, Mar 11, 2009 at 10:30 AM, Martin Zvarík  wrote:
> Marc Venturini napsal(a):
>>
>> Hi all,
>>
>> I wrote a PHP script running in Apache which takes more than 30 seconds to
>> complete. It uses set_time_limit() to extend the time it is allowed to
>> run.
>> The script generates thumbnails from a list of images. Upon completion,
>> the
>> script redirects the browser to another page using HTTP headers.
>
> If you die() at the end of the script and don't redirect does it continue
> this auto-30-seconds execution?
>
>>
>> On my local machine (Windows + EasyPHP), the script runs as expected and
>> completes after a few minutes.
>>
>> I observe an unexpected behavior on my production web server:
>> - The script runs as expected for the first 30 seconds.
>> - After 30 seconds, the same script with the same parameters starts again
>> in
>> a new thread/process. The initial thread/process is *not* interrupted, so
>> 2
>> threads/processes run in parallel, executing the same sequence of
>> operations
>> with a 30 time shift.
>> - The same scenario happens every 30 seconds (i.e.: at 0"30, 1"00, 1"30,
>> and
>> so on), multiplying the parallel threads/processes.
>
>> - The browser keeps on loading while the above happens.
>
>> - After some time, the browser displays a blank page and all the
>> threads/processes stop. I assume this is due to resources exhaustion, but
>> I
>> have no means to check this assumption.
>>
>> I deduced the above reading a text file in which I log the sequence of
>> called functions.
>
> It all seems as a redirection / unclosed loop problem.
>
>>
>> Unfortunately I have no access *at all* to my production web server
>> configuration (shared hosting, no documentation). I cannot even read the
>> configuration settings. While I'm considering moving to another host, I'd
>> be
>> extremely pleased to have an explanation of the observed behavior.
>>
>> I have browsed the mailing list archives and looked for an explanation in
>> other forums to no avail. This thread may deal with the same issue but
>> does
>> not include any explanation or solution:
>> http://www.networkedmediatank.com/showthread.php?tid=17140
>>
>> Thanks for reading, and please do not hesitate to ask for further
>> explanations if what I'm trying to achieve was not clear!
>
> Why it works on your local server is probably caused by different
> versions/settings, but I bet there's an error somewhere in your script.
>
> Consider sending it here, I'll take a look.

A blank URL does not redirect to the directory index, IIRC... it
refreshes the current page (such as a FORM tag with ACTION=""). This
may very well still be your problem.

My 2c,


-- 
// Todd

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] php fop (XSLFO)

2009-03-11 Thread Jan G.B. 
2009/3/9 Tom Sparks :
>
> is there a php Fop (XSLFO)?
> if not are there any that are not java based and can be run o a website that 
> has php support only?
>
>
> tom_a_sparks

Hi tom,

I do it the easy way:
   system(sprintf('/usr/local/bin/fop -bleh %s', $param));

be sure to escape any shell operators and alike.

byebye

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] This code using _GET exploitable

2009-03-11 Thread Stuart 
2009/3/11 Jochem Maas 

> Stuart schreef:
> > Escape stuff coming in and escape stuff going out. There are no
> exceptions.
>
>
> actually that should be: filter stuff coming in, escape stuff going out.
>

Good schreef! Erm, I mean, quite right to.

Top o' the morning. Etc.

-Stuart

-- 
http://stut.net/

Re: [PHP] Silly question - include vs. eval

2009-03-11 Thread Shawn McKenzie 
Sándor Tamás (HostWare Kft . ) wrote:
> Yes, Rob is right. My original question is about the difference between
> the processing of a file-based site with include() OR eval(). In that
> case, if I understood it correctly, the results are the same.
> 
> But! If the included pages contain functions, classes, etc. With eval(),
> can I use them? With include(), I know I should be able to use them. But
> in some mysterious cases I don't have access to a function. If I cut out
> from the included file, and put in on the file which includes that, just
> before (or after) the includ(), I don't have any problem with it.
> 
> The next step, that if I include a file in a function, can I use the
> functions wrote in the included file?
> As I know, include just makes a copy-paste, so if I use it IN a
> function, then all function will be in function scope, am I right?

Yes, if you use an include inside a function, then any functions / non
global vars in the included file will only be available inside the
including function.


-- 
Thanks!
-Shawn
http://www.spidean.com

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Header - Redirect Command Not Working

2009-03-11 Thread Daniel Brown 
On Wed, Mar 11, 2009 at 12:38, Jan G.B.  wrote:
>
> One more thing to mention: The HTTP Protocoll requires you to give a
> full URL on "Location" Headers. That means that this is wrong:
> "Location: file.txt"
> and this is correct
> "Location: http://www.x.x/file.txt";
>
> Not all clients behave like yours and accept the wrong header.

The *protocol* does not, but the HTTP/1.1 specification does.
However, it should be noted that *all* modern browsers accept relative
URI's vs. the requirement of absolute URI's.  Thus, the header is
"non-standard," but is not "wrong."  Your point is accurate, though:
it should include the full resource.

> erm   should be in a html document inside the , not 
> *anywhere*.

That's the recommended order, but it's not required.  Not even in
1982 when the spec was written.  In fact, the placement in HEAD is so
that, with the original specifications, a server would be permitted
(though again, not required) to read the META tags within HEAD to form
and send its own headers via HTTP in conjunction with the plain-text
data from the document.

> Very, very, very bad idea. You just opened a cross site scripting bug.
>
> Imagine someone opens this URL
> host/yourfile?id=">alert(document.cookie)
>
> You must always escape any input you take.
> see http://php.net/security

This is always true of any user-side input being sent to a script
(though the example may seem a little humorous because, if a person is
that desperate to see their cookie data, their browser truly sucks).

Once again, for anyone who hasn't been paying attention or who
doesn't yet have the acquired knowledge from their own painful
experiences, *never* copy and paste code from this list or any other
medium.  Always evaluate it yourself first.  This list is meant for
assistance and those on it provide "pseudocode," not production-worthy
code.  The rest is, as has always been, at your own risk.

-- 

daniel.br...@parasane.net || danbr...@php.net
http://www.parasane.net/ || http://www.pilotpig.net/
50% Off All Shared Hosting Plans at PilotPig: Use Coupon DOW1

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] DOM - change a tag name ??

2009-03-11 Thread Michael A. Peters 

Michael A. Peters wrote:

If I'm manipulating a dom object, is there a way to change the tag name?
I know you manipulate just about everything else in a node - but is the 
tagName really off limits?


from the documentation for DOMElement -

/* Properties */
readonly public bool $schemaTypeInfo ;
readonly public string $tagName ;

so if I really needed to change it, I'd have to create a virgin node 
with the new name, identical attributes and children, and replace the 
existing node with the new one?


Is there any other way to alter the tagName without doing all that?



I've not actually tried this (IE may be errors) - I will in a little 
bit, but is something like this really the only way to change a tag name?


function changeNodeElement($document,$node,$elementTag) {
   $newNode = $document->createElement($elementTag);
   // get all attributes from old node
   $attributes = $node->attributes;
   foreach ($attributes as $attribute) {
  $name = $attribute->name;
  $value = $attribute->value;
  $newNode->setAttribute($name,$value);
  }
   // get all children from old node
   $children = $node->childNodes();
   foreach ($children as $child) {
  // clone node and add it to newNode
  $newChild = $child->cloneNode(true);
  $newNode->appendChild($newChild);
  }
   // replace the old node with the newNode
   $node->parent->replaceChild($newNode,$node);
   }

It seems that changing the tag name should be a little easier. I don't 
expect s/oldtag/newtag/ but am I just missing something obvious?




--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Silly question - include vs. eval

2009-03-11 Thread Kyle Terry 
On Wed, Mar 11, 2009 at 10:19 AM, Shawn McKenzie wrote:

> Sándor Tamás (HostWare Kft . ) wrote:
> > Yes, Rob is right. My original question is about the difference between
> > the processing of a file-based site with include() OR eval(). In that
> > case, if I understood it correctly, the results are the same.
> >
> > But! If the included pages contain functions, classes, etc. With eval(),
> > can I use them? With include(), I know I should be able to use them. But
> > in some mysterious cases I don't have access to a function. If I cut out
> > from the included file, and put in on the file which includes that, just
> > before (or after) the includ(), I don't have any problem with it.
> >
> > The next step, that if I include a file in a function, can I use the
> > functions wrote in the included file?
> > As I know, include just makes a copy-paste, so if I use it IN a
> > function, then all function will be in function scope, am I right?
>
> Yes, if you use an include inside a function, then any functions / non
> global vars in the included file will only be available inside the
> including function.
>
>
> --
> Thanks!
> -Shawn
> http://www.spidean.com
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
Evals make my head hurt. I still opt for evil() being a native alias of
eval().

[PHP] Re: Working directory of PHP pages?

2009-03-11 Thread Shawn McKenzie 
Clancy wrote:
> It is my understanding that when you open a page the PHP server looks for 
> index.php in the
> site root directory, and loads it. As a result the working directory of the 
> page will be
> the root directory of the site.  I have always worked on this assumption, and 
> it has
> always been correct.  On the other hand Stewart thinks that I cannot rely 
> this, and am
> likely to get into trouble as a result.
> 
> Are there any systems in which my assumption will not be correct?
> 

In many frameworks this assumption is not correct.  I am using the
default CakePHP layout as an example.

Depending on your terminology, your DocumentRoot is /var/www/ and in
this case is also the filesystem path of your site's root dir, however
the sites root dir in a URL is /.

Consider the CakePHP structure:

/var/www/
  .htaccess
  index.php
/var/www/webroot
  index.php

If you browse to http://example.com/ (in most cases), one of 2 things
happens:

1. The webserver opens the /var/www/.htaccess and according to the
rewrite rules there it rewrites to /var/www/webroot/.  So any getcwd()
would be /var/www/webroot/

2. If not using modrewrite, the web server looks for index.html and then
index.php in /var/www/ which has a require for webroot/index.php.  So
any getcwd() would be /var/www/.

Consequently, CakePHP and the other frameworks that I've seen use
basename() and dirname() in conjunction with __FILE__ to define the
paths/relative dirs within the app.

-- 
Thanks!
-Shawn
http://www.spidean.com

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: Include File Errors with Comments

2009-03-11 Thread Shawn McKenzie 
Patrick Moloney wrote:
> Thanks for all the replies.
> As I said in my original post the comments are on the first lines of the
> included file and are HTML comments. I'll have to look closer at comment
> syntax - I see there are "empty comments" and issues with pairs of
> double hyphens.
> 
> My overall code worked well with 2 comment lines, then had issues with
> the third. I eventually removed my third comment (no problem) then
> copied my 2nd comment as the 3rd (problem returns).
> I had some double hyphens "--" which seemed to cause problems sometimes.
> I'm also thinking that it is seeing pairs of "--" that are causing
> issues in odd numbers (half-pairs) only.
> 
> I'll have to look closer.

By definition, A comment declaration starts with . A comment starts and ends with "--", and
does not contain any occurrence of "--".

This being said, depending on how you do it, some browsers will get it
wrong, so to keep it simple:

An HTML comment begins with "" and does not contain
"--" or ">" anywhere in the comment.

-- 
Thanks!
-Shawn
http://www.spidean.com

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] RE: non-auto increment question

2009-03-11 Thread PJ 
Ashley Sheridan wrote:
> On Thu, 2009-02-26 at 11:27 -0500, PJ wrote:
>> Jerry Schwartz wrote:
>>
 Being rather new to all this, I understood from the MySql manual that
 the auto_increment is to b e used immediately after an insertion not
 intermittently. My application is for administrators (the site owner &
 designates) to update the database from and administration directory,
 accessed by user/password login... so there's really very little
 possibility of 2 people accessing at the same time.
 By using MAX + 1 I keep the id number in the $idIn and can reuse it in
 other INSERTS

>>> [JS] Are you looking for something like LAST_INSERT_ID()? If you
>>> INSERT a
>>> record that has an auto-increment field, you can retrieve the value
>>> that got
>>> inserted with "SELECT LAST_INSERT_ID()". It is connection-specific, so
>>> you'll always have your "own" value. You can then save it to reuse,
>>> either
>>> as a session variable or (more easily) as a hidden field on your form.
>>>
>> Thanks, Jerry,
>>
>>
>> You hit the nail on the head.:)
>>
>> To refine my problem (and reduce my ignorance),here's what is happening
>> on the form page:
>>
>> There is a series of INSERTs. The first inserts all the columns of
>> "book" table except for the id, which I do not specify as it if
>> auto-insert.
>>
>> In subsequent tables I have to reference the book.id (for transitional
>> tables like "book_author"(refers authors to book) etc.
>>
>> If I understand it correctly, I must retrieve ("SELECT
>> LAST_INSERT_ID()") after the first INSERT and before the following
>> insert; and save the id as a string ($id)...e.g. $sql = "SELECT
>> LAST_INSERT_ID() AS $id"
>> I need clarification on the "AS $id" - should this be simply id(does
>> this have to be turned into a value into $id or does $id contain the
>> value? And how do I retrieve it to use the returned value for the next
>> $sql = "INSERT ... - in other words, is the id or $id available for the
>> next directive or do I have to do something like $id = id?
>> I'm trying to figure this out with some trials but my insert does not
>> work from a php file - but it works from command-line... that's another
>> post.
>>
> Here's how I mostly do it (albeit simplified):
>
> $query = "INSERT INTO `sometable`(`title`,`content`)
> VALUES('$title','$content')";
> $result = mysql_query($query);
> $autoId = mysql_insert_id($result);
>
> $query = "INSERT INTO `another_table`(`link_id`,`value`)
> VALUES($autoId,'$value');
> $result = mysql_query($query);
>
> No need to call another query to retrieve the last inserted id, as it is
> tied to the last query executed within this session.
>
>
> Ash
> www.ashleysheridan.co.uk
For some reason or other $autoId = mysql_insert_id($result); just does
not work for me... Yet some of the data is inserted correctly...
I did find that it does not work on tables that are empty... so you
can't start with an empty table. I entered data & it still did not work.
I tried on another duplicate database... doesn't work.
I have checked & double checked the database, I have added checks to see
what is returned and the returns are 0 or null - as I get different
responses for slightly different functions.
sessions is on
mysql is 5.1.28
php5

here's what is parsed:
else { $sql1 = "INSERT INTO book
( title, sub_title, descr, comment, bk_cover,
copyright, ISBN, language, sellers )
VALUES
('$titleIN', '$sub_titleIN', '$descrIN',
'$commentIN', '$bk_coverIN', '$copyrightIN',
'$ISBNIN', '$languageIN', '$sellersIN')";
$result1 = mysql_query($sql1, $db);
$autoid = mysql_insert_id($result1);
$sql2 = "INSERT INTO author (first_name, last_name) VALUES
('$first_nameIN', '$last_nameIN')";
$result2 = mysql_query($sql2, $db);
$authorID = mysql_insert_id($result2);
$sql2a = "INSERT INTO book_author (authID, bookID, ordinal)
VALUES ( '$authorID', '$autoid', '1')";
$result2a = mysql_query($sql2a, $db);
$sql2b = "INSERT INTO author (first_name, last_name) VALUES
('$first_name2IN', '$last_name2IN')";
$result2b = mysql_query($sql2b, $db);
$author2ID = mysql_insert_id($result2b);
$sql2c = "INSERT INTO book_author (authID, bookID, ordinal)
VALUES ( '$author2ID', '$autoid', '2')";
$result2c = mysql_query($sql2c, $db);
$sql3 = "INSERT INTO publishers (publisher) VALUES
('$publisherIN')";
$result3 = mysql_query($sql3, $db);
$publisherID = mysql_insert_id($result3);
$sql3a = "INSERT INTO book_publisher (bookID, publishers_id)
VALUES ( '$autoid', '$publisherID' )";
$result3a = mysql_query($sql3a, $db);
foreach($_POST['categoriesIN'] as $category){
$sql4 = "INSERT INTO book_categories (book_id, categories_id)
VALUES ($autoid, $category)";
$result4 = mysql_query($sql4,$db);
}
echo $

Re: [PHP] Re: Working directory of PHP pages?

2009-03-11 Thread haliphax 
On Wed, Mar 11, 2009 at 12:44 PM, Shawn McKenzie  wrote:
> Clancy wrote:
>> It is my understanding that when you open a page the PHP server looks for 
>> index.php in the
>> site root directory, and loads it. As a result the working directory of the 
>> page will be
>> the root directory of the site.  I have always worked on this assumption, 
>> and it has
>> always been correct.  On the other hand Stewart thinks that I cannot rely 
>> this, and am
>> likely to get into trouble as a result.
>>
>> Are there any systems in which my assumption will not be correct?
>>
>
> In many frameworks this assumption is not correct.  I am using the
> default CakePHP layout as an example.
>
> Depending on your terminology, your DocumentRoot is /var/www/ and in
> this case is also the filesystem path of your site's root dir, however
> the sites root dir in a URL is /.
>
> Consider the CakePHP structure:
>
> /var/www/
>  .htaccess
>  index.php
> /var/www/webroot
>  index.php
>
> If you browse to http://example.com/ (in most cases), one of 2 things
> happens:
>
> 1. The webserver opens the /var/www/.htaccess and according to the
> rewrite rules there it rewrites to /var/www/webroot/.  So any getcwd()
> would be /var/www/webroot/
>
> 2. If not using modrewrite, the web server looks for index.html and then
> index.php in /var/www/ which has a require for webroot/index.php.  So
> any getcwd() would be /var/www/.
>
> Consequently, CakePHP and the other frameworks that I've seen use
> basename() and dirname() in conjunction with __FILE__ to define the
> paths/relative dirs within the app.

Come to think of it, this may very well be true for all MVC frameworks
(unless the models, views, and controllers are all in the same
directory as the launch script). I can at least vouch for the fact
that CodeIgniter, like CakePHP, will fudge your directory estimation
if you're expecting getcwd() to be right.


--
// Todd

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Handling (very) large files with PHP

2009-03-11 Thread Mattias Thorslund 

דניאל דנון wrote:

And you got a point - I don't know all the queries I'll run yet, but I'll
probably do them with Perl.
  


From what you described, it doesn't sound overly complicated to do in 
PHP either. If you are more familiar with PHP, it will probably take you 
less time to code it that way. Definitely process the file line-by-line, 
or a few lines at the time.



And although PHP can handle files that large, shouldn't I split them anyway
- in case of some error or debugging, its better to do it before then after,
no?
  


You can use chunks of the file to test the process (and speed up the 
development cycle not having to wait as long for the job to finish).


BTW, do invoke the script via the command-line, i.e. PHP-CLI. That way, 
there is no timeout, so that won't bite you.



I've read a bit about working with large databases,
But since I haven't used REGEX too much on MySQL queries, I would like to
know how long do you think it will take me to do a simple regex search
(likes?) on the database? and it will probably appears in most of the
entries...
  


Regex searches on billions of records will be SLW. Ordinary indexes 
won't be able to help you much there, though you can experiment with 
full-text search.  It might be the solution you are looking for.


Otherwise, process your data more as you import/prepare it, and use more 
specific fields, and proper indexes on those fields. How far you can 
take it will depend a bit on the quality and consistency of your data.


Cheers,

Mattias


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] DOM - change a tag name ??

2009-03-11 Thread Marc Christopher Hall 
Unfortunately, you are correct. This is the only way to do it at the moment.
tagName/nodeName are readonly in the DOM and are set when created. I know
this is possible in the .NET world and I am still beside myself as to which
is the better way.


-Original Message-
From: Michael A. Peters [mailto:mpet...@mac.com] 
Sent: Wednesday, March 11, 2009 1:40 PM
To: php-general@lists.php.net
Subject: Re: [PHP] DOM - change a tag name ??

Michael A. Peters wrote:
> If I'm manipulating a dom object, is there a way to change the tag name?
> I know you manipulate just about everything else in a node - but is the 
> tagName really off limits?
> 
> from the documentation for DOMElement -
> 
> /* Properties */
> readonly public bool $schemaTypeInfo ;
> readonly public string $tagName ;
> 
> so if I really needed to change it, I'd have to create a virgin node 
> with the new name, identical attributes and children, and replace the 
> existing node with the new one?
> 
> Is there any other way to alter the tagName without doing all that?
> 

I've not actually tried this (IE may be errors) - I will in a little 
bit, but is something like this really the only way to change a tag name?

function changeNodeElement($document,$node,$elementTag) {
$newNode = $document->createElement($elementTag);
// get all attributes from old node
$attributes = $node->attributes;
foreach ($attributes as $attribute) {
   $name = $attribute->name;
   $value = $attribute->value;
   $newNode->setAttribute($name,$value);
   }
// get all children from old node
$children = $node->childNodes();
foreach ($children as $child) {
   // clone node and add it to newNode
   $newChild = $child->cloneNode(true);
   $newNode->appendChild($newChild);
   }
// replace the old node with the newNode
$node->parent->replaceChild($newNode,$node);
}

It seems that changing the tag name should be a little easier. I don't 
expect s/oldtag/newtag/ but am I just missing something obvious?



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


__ Information from ESET Smart Security, version of virus signature
database 3927 (20090311) __

The message was checked by ESET Smart Security.

http://www.eset.com


 

__ Information from ESET Smart Security, version of virus signature
database 3927 (20090311) __

The message was checked by ESET Smart Security.

http://www.eset.com
 


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Silly question - include vs. eval

2009-03-11 Thread Robert Cummings 
On Wed, 2009-03-11 at 12:19 -0500, Shawn McKenzie wrote:
> Sándor Tamás (HostWare Kft . ) wrote:
> > Yes, Rob is right. My original question is about the difference between
> > the processing of a file-based site with include() OR eval(). In that
> > case, if I understood it correctly, the results are the same.
> > 
> > But! If the included pages contain functions, classes, etc. With eval(),
> > can I use them? With include(), I know I should be able to use them. But
> > in some mysterious cases I don't have access to a function. If I cut out
> > from the included file, and put in on the file which includes that, just
> > before (or after) the includ(), I don't have any problem with it.
> > 
> > The next step, that if I include a file in a function, can I use the
> > functions wrote in the included file?
> > As I know, include just makes a copy-paste, so if I use it IN a
> > function, then all function will be in function scope, am I right?
> 
> Yes, if you use an include inside a function, then any functions / non
> global vars in the included file will only be available inside the
> including function.

This is NOT, I repeat, NOT true for functions. Functions are ALWAYS
global.

Cheers,
Rob.
-- 
http://www.interjinn.com
Application and Templating Framework for PHP


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Header - Redirect Command Not Working

2009-03-11 Thread Shawn McKenzie 
Daniel Brown wrote:
> On Wed, Mar 11, 2009 at 12:38, Jan G.B.  wrote:
>> One more thing to mention: The HTTP Protocoll requires you to give a
>> full URL on "Location" Headers. That means that this is wrong:
>> "Location: file.txt"
>> and this is correct
>> "Location: http://www.x.x/file.txt";
>>
>> Not all clients behave like yours and accept the wrong header.
> 
> The *protocol* does not, but the HTTP/1.1 specification does.
> However, it should be noted that *all* modern browsers accept relative
> URI's vs. the requirement of absolute URI's.  Thus, the header is
> "non-standard," but is not "wrong."  Your point is accurate, though:
> it should include the full resource.
> 
>> erm   should be in a html document inside the , not 
>> *anywhere*.
> 
> That's the recommended order, but it's not required.  Not even in
> 1982 when the spec was written.  In fact, the placement in HEAD is so
> that, with the original specifications, a server would be permitted
> (though again, not required) to read the META tags within HEAD to form
> and send its own headers via HTTP in conjunction with the plain-text
> data from the document.

Though the w3c HTML/XHTML standards do show the META tag inside the
head, hence the validation errors
(http://validator.w3.org/#validate_by_input):

http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd";>
http://www.w3.org/1999/xhtml"; xml:lang="en" lang="en">

page






Line 7, Column 35: document type does not allow element "meta" here.





page






Line 6, Column 33: document type does not allow element "META" here.



-- 
Thanks!
-Shawn
http://www.spidean.com

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] validation & inserts not working

2009-03-11 Thread PJ 
Lex Braun wrote:
> PJ,
>
> On Tue, Mar 10, 2009 at 3:46 PM, PJ  > wrote:
>
> 
> $sql1 = "INSERT INTO book ( title, sub_title, descr,
>comment, bk_cover, copyright, ISBN, language, sellers )
> VALUES ('$titleIN', '$sub_titleIN', '$descrIN', '$commentIN',
>'$bk_coverIN', '$copyrightIN', '$ISBNIN', '$languageIN',
>'$sellersIN')";
>$result1 = mysql_query($sql1, $db);
>$autoid = mysql_insert_id($result1);
>}/* <--- IF THIS LIKE IS DELETED, THE PAGE DOES NOT DISPLAY
> So, if I select insert on the page, only the first query is executed
> since the rest is commented out. Thus, I get onle the book table
> inserted but not other tables, like author, book_author, or
> publishers,
> book_publisher or categories, book_categories...
> Is there something wrong with what follows immediately...
> like, do I have the brackets right? I've tried about every
> combination possible with no change.
>
> //Check if Author is entered & exists
> if( (strlen($_POST["first_nameIN"]) > 0) &&
> (strlen($_POST["last_nameIN"]) > 0) ) {
>  $sql2 = "SELECT (first_name, last_name)
>  FROM author WHERE (first_name LIKE '$first_nameIN'
>  && last_name LIKE '$last_nameIN)'";
>
>
> LIKE is going to do full-text search, which isn't what you want when
> searching for a specific author. You can have the query return the ID
> for that specific author (to use in your $sql2a query).
> $sql2 = "SELECT id FROM author WHERE first_name = '$first_nameIN' AND
> last_name = '$last_nameIN' ";
>
> $result2 = mysql_query($sql2);
> if (mysql_num_rows($result2) > 0) {
>
>$row = mysql_fetch_assoc($result2); // gives you the row
> return from $sql2
>
>
>$sql2a = "INSERT INTO book_author (authID, bookID, ordinal)
>VALUES (author.id  WHERE
> (first_name LIKE '$first_nameIN'
> && last_name LIKE '$last_nameIN'),
> book.ID WHERE book.title LIKE '$titleIN'), '1'";
>
> With the change in $sql2 and the fact that the bookID is stored in
> $autoid, this becomes:
> $sql2a = "INSERT INTO book_author (authID, bookID, ordinal) VALUES ("
> . $row['id'] . ", " . $autoid . ", '1')";
>
>
> $result2a = mysql_query($sql2a, $db);
>}
>  elseif (mysql_num_rows($result2) = 0) {
>  $sql2b = "INSERT INTO author (first_name, last_name)
>VALUES ('$first_nameIN', '$last_nameIN')";
> $result2b = mysql_query($sql2b, $db); 
>
> $authorID = mysql_insert_id($result2b); // gives you
> the id of the newly inserted author for use in your book_author table
>
>
>  $sql2c = "INSERT INTO book_author (authID, bookID, ordinal)
>VALUES (author.id  WHERE
> (first_name LIKE '$first_nameIN'
>&& last_name LIKE '$last_nameIN'), book.ID
>WHERE book.title LIKE '$titleIN'), '1'";
>
> With the addition of $authorID and the fact that bookID is stored in
> $autoid, your $sql2c should now be:
> $sql2c = "INSERT INTO book_author (authID, bookID, ordinal) VALUES ("
> . $authorID . ", " . $autoid . ", '1')";
>
>
> $result2c = mysql_query($sql2c, $db);
>}
>}
>
>
> - Lex
>
Thanks for your suggestions. They helped me solve several errors and
explained some things like LIKE that were not clear.
It takes me some time to ferret out some of the problems on this
particular php page and I try to do what I can with limited knowledge
and experience but I am learning. :-)
For some reason I cannot understand, the $autoid and the $authorID =
mysql_insert_id ($result) do not work.
What I do not understand is when a query is successful and I seen in the
database that the data has been inserted and the id field has been
auto-inserted, the myssql_insert_id() returns what appears to be null
since nothing is echoed.

Here is some code:

snip ...
else { $sql1 = "INSERT INTO book
( title, sub_title, descr, comment, bk_cover,
copyright, ISBN, language, sellers )
VALUES
('$titleIN', '$sub_titleIN', '$descrIN',
'$commentIN', '$bk_coverIN', '$copyrightIN',
'$ISBNIN', '$languageIN', '$sellersIN')";
$result1 = mysql_query($sql1, $db);
$autoid = mysql_insert_id($result1);
$sql2 = "INSERT INTO author (first_name, last_name) VALUES
('$first_nameIN', '$last_nameIN')";
$result2 = mysql_query($sql2, $db);
$authorID = mysql_insert_id($result2);
$sql2a = "INSERT INTO book_author (authID, bookID, ordinal)
VALUES ( '$authorID', '$autoid', '1')";
$result2a = mysql_query($sql2a, $db);
$sql2b = "INSERT INTO author (first_name, last_name) VALUES
('$first_name2IN', '$last_name2IN')

Re: [PHP] Header - Redirect Command Not Working

2009-03-11 Thread Daniel Brown 
On Wed, Mar 11, 2009 at 14:12, Shawn McKenzie  wrote:
>
> Though the w3c HTML/XHTML standards do show the META tag inside the
> head, hence the validation errors
> (http://validator.w3.org/#validate_by_input):

Right, which should be no surprise.  Validation follows the
recommended guidelines (unlike 90% of the spaghetti-coded websites
with which I'm sure we all deal on a daily basis).

-- 

daniel.br...@parasane.net || danbr...@php.net
http://www.parasane.net/ || http://www.pilotpig.net/
50% Off All Shared Hosting Plans at PilotPig: Use Coupon DOW1

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] RE: non-auto increment question

2009-03-11 Thread PJ 
am resending as this was erroneously ccd to mysql. sorry!

Ashley Sheridan wrote:
> On Thu, 2009-02-26 at 11:27 -0500, PJ wrote:
>> Jerry Schwartz wrote:
>>
 Being rather new to all this, I understood from the MySql manual that
 the auto_increment is to b e used immediately after an insertion not
 intermittently. My application is for administrators (the site owner &
 designates) to update the database from and administration directory,
 accessed by user/password login... so there's really very little
 possibility of 2 people accessing at the same time.
 By using MAX + 1 I keep the id number in the $idIn and can reuse it in
 other INSERTS

>>> [JS] Are you looking for something like LAST_INSERT_ID()? If you
>>> INSERT a
>>> record that has an auto-increment field, you can retrieve the value
>>> that got
>>> inserted with "SELECT LAST_INSERT_ID()". It is connection-specific, so
>>> you'll always have your "own" value. You can then save it to reuse,
>>> either
>>> as a session variable or (more easily) as a hidden field on your form.
>>>
>> Thanks, Jerry,
>>
>>
>> You hit the nail on the head.:)
>>
>> To refine my problem (and reduce my ignorance),here's what is happening
>> on the form page:
>>
>> There is a series of INSERTs. The first inserts all the columns of
>> "book" table except for the id, which I do not specify as it if
>> auto-insert.
>>
>> In subsequent tables I have to reference the book.id (for transitional
>> tables like "book_author"(refers authors to book) etc.
>>
>> If I understand it correctly, I must retrieve ("SELECT
>> LAST_INSERT_ID()") after the first INSERT and before the following
>> insert; and save the id as a string ($id)...e.g. $sql = "SELECT
>> LAST_INSERT_ID() AS $id"
>> I need clarification on the "AS $id" - should this be simply id(does
>> this have to be turned into a value into $id or does $id contain the
>> value? And how do I retrieve it to use the returned value for the next
>> $sql = "INSERT ... - in other words, is the id or $id available for the
>> next directive or do I have to do something like $id = id?
>> I'm trying to figure this out with some trials but my insert does not
>> work from a php file - but it works from command-line... that's another
>> post.
>>
> Here's how I mostly do it (albeit simplified):
>
> $query = "INSERT INTO `sometable`(`title`,`content`)
> VALUES('$title','$content')";
> $result = mysql_query($query);
> $autoId = mysql_insert_id($result);
>
> $query = "INSERT INTO `another_table`(`link_id`,`value`)
> VALUES($autoId,'$value');
> $result = mysql_query($query);
>
> No need to call another query to retrieve the last inserted id, as it is
> tied to the last query executed within this session.
>
>
> Ash
> www.ashleysheridan.co.uk
For some reason or other $autoId = mysql_insert_id($result); just does
not work for me... Yet some of the data is inserted correctly...
I did find that it does not work on tables that are empty... so you
can't start with an empty table. I entered data & it still did not work.
I tried on another duplicate database... doesn't work.
I have checked & double checked the database, I have added checks to see
what is returned and the returns are 0 or null - as I get different
responses for slightly different functions.
sessions is on
mysql is 5.1.28
php5

here's what is parsed:
else { $sql1 = "INSERT INTO book
( title, sub_title, descr, comment, bk_cover,
copyright, ISBN, language, sellers )
VALUES
('$titleIN', '$sub_titleIN', '$descrIN',
'$commentIN', '$bk_coverIN', '$copyrightIN',
'$ISBNIN', '$languageIN', '$sellersIN')";
$result1 = mysql_query($sql1, $db);
$autoid = mysql_insert_id($result1);
$sql2 = "INSERT INTO author (first_name, last_name) VALUES
('$first_nameIN', '$last_nameIN')";
$result2 = mysql_query($sql2, $db);
$authorID = mysql_insert_id($result2);
$sql2a = "INSERT INTO book_author (authID, bookID, ordinal)
VALUES ( '$authorID', '$autoid', '1')";
$result2a = mysql_query($sql2a, $db);
$sql2b = "INSERT INTO author (first_name, last_name) VALUES
('$first_name2IN', '$last_name2IN')";
$result2b = mysql_query($sql2b, $db);
$author2ID = mysql_insert_id($result2b);
$sql2c = "INSERT INTO book_author (authID, bookID, ordinal)
VALUES ( '$author2ID', '$autoid', '2')";
$result2c = mysql_query($sql2c, $db);
$sql3 = "INSERT INTO publishers (publisher) VALUES
('$publisherIN')";
$result3 = mysql_query($sql3, $db);
$publisherID = mysql_insert_id($result3);
$sql3a = "INSERT INTO book_publisher (bookID, publishers_id)
VALUES ( '$autoid', '$publisherID' )";
$result3a = mysql_query($sql3a, $db);
foreach($_POST['categoriesIN'] as $category){
$sql4 = "INSERT INTO book_categories (book_id, categories_id)
VALUES ($autoid, $category)";
$res

Re: [PHP] DOM - change a tag name ??

2009-03-11 Thread Andrew Ballard 
On Wed, Mar 11, 2009 at 11:52 AM, Michael A. Peters  wrote:
> If I'm manipulating a dom object, is there a way to change the tag name?
> I know you manipulate just about everything else in a node - but is the
> tagName really off limits?
>
> from the documentation for DOMElement -
>
> /* Properties */
> readonly public bool $schemaTypeInfo ;
> readonly public string $tagName ;
>
> so if I really needed to change it, I'd have to create a virgin node with
> the new name, identical attributes and children, and replace the existing
> node with the new one?
>
> Is there any other way to alter the tagName without doing all that?
>

If this is related to your earlier post about attributes, is XSLT not
an option? I hate to sound like a broken record, but PHP has support
for XSL transformations and it sounds like that is exactly what you
are trying to do.

Andrew

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Silly question - include vs. eval

2009-03-11 Thread Shawn McKenzie 
Robert Cummings wrote:
> On Wed, 2009-03-11 at 12:19 -0500, Shawn McKenzie wrote:
>> Sándor Tamás (HostWare Kft . ) wrote:
>>> Yes, Rob is right. My original question is about the difference between
>>> the processing of a file-based site with include() OR eval(). In that
>>> case, if I understood it correctly, the results are the same.
>>>
>>> But! If the included pages contain functions, classes, etc. With eval(),
>>> can I use them? With include(), I know I should be able to use them. But
>>> in some mysterious cases I don't have access to a function. If I cut out
>>> from the included file, and put in on the file which includes that, just
>>> before (or after) the includ(), I don't have any problem with it.
>>>
>>> The next step, that if I include a file in a function, can I use the
>>> functions wrote in the included file?
>>> As I know, include just makes a copy-paste, so if I use it IN a
>>> function, then all function will be in function scope, am I right?
>> Yes, if you use an include inside a function, then any functions / non
>> global vars in the included file will only be available inside the
>> including function.
> 
> This is NOT, I repeat, NOT true for functions. Functions are ALWAYS
> global.
> 
> Cheers,
> Rob.

Yes, I was too hasty.  The nested function will only be defined once the
nesting function has been called.  Then it will be available globally.

-- 
Thanks!
-Shawn
http://www.spidean.com

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Silly question - include vs. eval

2009-03-11 Thread Robert Cummings 
On Wed, 2009-03-11 at 13:20 -0500, Shawn McKenzie wrote:
> Robert Cummings wrote:
> > On Wed, 2009-03-11 at 12:19 -0500, Shawn McKenzie wrote:
> >> Sándor Tamás (HostWare Kft . ) wrote:
> >>> Yes, Rob is right. My original question is about the difference between
> >>> the processing of a file-based site with include() OR eval(). In that
> >>> case, if I understood it correctly, the results are the same.
> >>>
> >>> But! If the included pages contain functions, classes, etc. With eval(),
> >>> can I use them? With include(), I know I should be able to use them. But
> >>> in some mysterious cases I don't have access to a function. If I cut out
> >>> from the included file, and put in on the file which includes that, just
> >>> before (or after) the includ(), I don't have any problem with it.
> >>>
> >>> The next step, that if I include a file in a function, can I use the
> >>> functions wrote in the included file?
> >>> As I know, include just makes a copy-paste, so if I use it IN a
> >>> function, then all function will be in function scope, am I right?
> >> Yes, if you use an include inside a function, then any functions / non
> >> global vars in the included file will only be available inside the
> >> including function.
> > 
> > This is NOT, I repeat, NOT true for functions. Functions are ALWAYS
> > global.
> > 
> > Cheers,
> > Rob.
> 
> Yes, I was too hasty.  The nested function will only be defined once the
> nesting function has been called.  Then it will be available globally.

Actually, you're wrong again. The nested function, AKA function defined
in the included source, will be defined as soon as the source is
included and is available to the function in which the source was
included. In fact it is even available to the code within the included
source that can be run during the include process and before the
function performing the inclusion regains control.

Cheers,
Rob.
-- 
http://www.interjinn.com
Application and Templating Framework for PHP


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] DOM - change a tag name ??

2009-03-11 Thread Michael A. Peters 

Andrew Ballard wrote:

On Wed, Mar 11, 2009 at 11:52 AM, Michael A. Peters  wrote:

If I'm manipulating a dom object, is there a way to change the tag name?
I know you manipulate just about everything else in a node - but is the
tagName really off limits?

from the documentation for DOMElement -

/* Properties */
readonly public bool $schemaTypeInfo ;
readonly public string $tagName ;

so if I really needed to change it, I'd have to create a virgin node with
the new name, identical attributes and children, and replace the existing
node with the new one?

Is there any other way to alter the tagName without doing all that?



If this is related to your earlier post about attributes, is XSLT not
an option? I hate to sound like a broken record, but PHP has support
for XSL transformations and it sounds like that is exactly what you
are trying to do.

Andrew



No.
XSLT is certainly one of the technologies I'm going to look into, but 
right now I'm building a filter that (hopefully) will fully implement 
the Mozilla developer Content Security Policy server side before the 
document gets sent to the browser - by removing what would violate the 
specified CSP before it is sent.


My primary interest in changing tag names is to ensure all tags are 
lower case so I can then run the rest of the filter. They are all lower 
case if you use loadHTML() but I don't want my class to assume it has a 
properly created DOMDocument to start with, so I want to walk the DOM 
and change bad tags/attribute names before I apply the CSP filtering.


That might be something where XSLT is better but I believe I need to 
install some libraries and recompile php before I can use XSLT as it 
appears my current build doesn't support it (according to phpinfo()) so 
playing with XSLT is for another day.


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] ltrim behavior.

2009-03-11 Thread Peter van der Does 
This might be old for some of you but I never encountered it until
today and I would like to know why this is happening.

Here's the situation:
php > $a='data[options][name]';
php > echo ltrim($a,'data[');
options][name]

Just as I expected.

Next one:
php > $a='options[options][name]';
php > echo ltrim($a,'options[');
][name]

UH, what?
Not exactly what I expected.

This works:
php > $a='options[options][name]';
php > echo ltrim(ltrim($a,'options'),'[');
options][name]

Can somebody explain the second behavior? Is this a known bug in PHP,
I'm running PHP 5.2.6 on Ubuntu.

-- 
Peter van der Does

GPG key: E77E8E98

WordPress Plugin Developer
http://blog.avirtualhome.com

GetDeb Package Builder/GetDeb Site Coder
http://www.getdeb.net - Software you want for Ubuntu

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] DOM - change a tag name ??

2009-03-11 Thread Andrew Ballard 
On Wed, Mar 11, 2009 at 3:06 PM, Michael A. Peters  wrote:
> Andrew Ballard wrote:
>>
>> On Wed, Mar 11, 2009 at 11:52 AM, Michael A. Peters 
>> wrote:
>>>
>>> If I'm manipulating a dom object, is there a way to change the tag name?
>>> I know you manipulate just about everything else in a node - but is the
>>> tagName really off limits?
>>>
>>> from the documentation for DOMElement -
>>>
>>> /* Properties */
>>> readonly public bool $schemaTypeInfo ;
>>> readonly public string $tagName ;
>>>
>>> so if I really needed to change it, I'd have to create a virgin node with
>>> the new name, identical attributes and children, and replace the existing
>>> node with the new one?
>>>
>>> Is there any other way to alter the tagName without doing all that?
>>>
>>
>> If this is related to your earlier post about attributes, is XSLT not
>> an option? I hate to sound like a broken record, but PHP has support
>> for XSL transformations and it sounds like that is exactly what you
>> are trying to do.
>>
>> Andrew
>>
>
> No.
> XSLT is certainly one of the technologies I'm going to look into, but right
> now I'm building a filter that (hopefully) will fully implement the Mozilla
> developer Content Security Policy server side before the document gets sent
> to the browser - by removing what would violate the specified CSP before it
> is sent.
>
> My primary interest in changing tag names is to ensure all tags are lower
> case so I can then run the rest of the filter. They are all lower case if
> you use loadHTML() but I don't want my class to assume it has a properly
> created DOMDocument to start with, so I want to walk the DOM and change bad
> tags/attribute names before I apply the CSP filtering.


How are you traversing the DOM if it is not already properly formed?
Every time I've ever tried to load a DOMDocument with xml that
wouldn't validate, it blew up and the DOMDocument was left empty. I
usually find loadHTML() to be more forgiving.


> That might be something where XSLT is better but I believe I need to install
> some libraries and recompile php before I can use XSLT as it appears my
> current build doesn't support it (according to phpinfo()) so playing with
> XSLT is for another day.
>

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] ltrim behavior.

2009-03-11 Thread Paul M Foster 
On Wed, Mar 11, 2009 at 03:07:18PM -0400, Peter van der Does wrote:

> This might be old for some of you but I never encountered it until
> today and I would like to know why this is happening.
> 
> Here's the situation:
> php > $a='data[options][name]';
> php > echo ltrim($a,'data[');
> options][name]
> 
> Just as I expected.
> 
> Next one:
> php > $a='options[options][name]';
> php > echo ltrim($a,'options[');
> ][name]
> 
> UH, what?
> Not exactly what I expected.
> 
> This works:
> php > $a='options[options][name]';
> php > echo ltrim(ltrim($a,'options'),'[');
> options][name]
> 
> Can somebody explain the second behavior? Is this a known bug in PHP,
> I'm running PHP 5.2.6 on Ubuntu.

Take a look at the documentation for ltrim():

http://us2.php.net/manual/en/function.ltrim.php

The string you're including as the second parameter to ltrim() is the
*characters* you want to trim on, not the *character pattern*. If you
think about it that way, it will make sense. Also one of the examples on
the referenced documentation page does something similar to what you've
cited. Work through that example, and you'll see.

Paul

-- 
Paul M. Foster

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] validation & inserts not working

2009-03-11 Thread Lex Braun 
PJ,

> 
> > $sql1 = "INSERT INTO book ( title, sub_title, descr,
> >comment, bk_cover, copyright, ISBN, language, sellers )
> > VALUES ('$titleIN', '$sub_titleIN', '$descrIN', '$commentIN',
> >'$bk_coverIN', '$copyrightIN', '$ISBNIN', '$languageIN',
> >'$sellersIN')";
> >$result1 = mysql_query($sql1, $db);
> >$autoid = mysql_insert_id($result1);
>

You're actually sending mysql_insert_id() the wrong parameter. It should be:
$autoid = mysql_insert_id($db); // you send the resource of your MySQL
connection (http://ca3.php.net/manual/en/function.mysql-insert-id.php)
This should be corrected in everywhere you call mysql_insert_id()

-Lex

Re: [PHP] ltrim behavior.

2009-03-11 Thread Robert Cummings 
On Wed, 2009-03-11 at 15:07 -0400, Peter van der Does wrote:
> php > $a='data[options][name]';
> php > echo ltrim($a,'data[');
> options][name]
> 
> Just as I expected.
> 
> Next one:
> php > $a='options[options][name]';
> php > echo ltrim($a,'options[');
> ][name]
> 
> UH, what?
> Not exactly what I expected.
> 
> This works:
> php > $a='options[options][name]';
> php > echo ltrim(ltrim($a,'options'),'[');
> options][name]

It doesn't trim strings, it trims characters. The second argument is a
list of characters. I'm surprised this has worked for you up till now. I
think most people would use the following to do what you want:



Or they would do test and strip:



Or maybe:



Cheers,
Rob.
-- 
http://www.interjinn.com
Application and Templating Framework for PHP


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] ltrim behavior.

2009-03-11 Thread Robert Cummings 
On Wed, 2009-03-11 at 15:34 -0400, Robert Cummings wrote:
> On Wed, 2009-03-11 at 15:07 -0400, Peter van der Does wrote:
> > php > $a='data[options][name]';
> > php > echo ltrim($a,'data[');
> > options][name]
> > 
> > Just as I expected.
> > 
> > Next one:
> > php > $a='options[options][name]';
> > php > echo ltrim($a,'options[');
> > ][name]
> > 
> > UH, what?
> > Not exactly what I expected.
> > 
> > This works:
> > php > $a='options[options][name]';
> > php > echo ltrim(ltrim($a,'options'),'[');
> > options][name]
> 
> It doesn't trim strings, it trims characters. The second argument is a
> list of characters. I'm surprised this has worked for you up till now. I
> think most people would use the following to do what you want:
> 
>  
> echo preg_replace( '#^options\[#', '', $a )
> 
> ?>
> 
> Or they would do test and strip:
> 
>  
> if( substr( $a, 0, 8 ) === 'options[' )
> {
> echo substr( $a, 8 );
> }
> 
> ?>
> 
> Or maybe:
> 
>  
> if( preg_match( '#^options\[#', $a ) )
> {
> echo substr( $a, 8 );
> }
> 
> ?>

Just because I'm a nice guy... :) here's the generic strip:



Cheers,
Rob.
-- 
http://www.interjinn.com
Application and Templating Framework for PHP


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] DOM - change a tag name ??

2009-03-11 Thread Michael A. Peters 

Andrew Ballard wrote:

On Wed, Mar 11, 2009 at 3:06 PM, Michael A. Peters  wrote:

Andrew Ballard wrote:

On Wed, Mar 11, 2009 at 11:52 AM, Michael A. Peters 
wrote:

If I'm manipulating a dom object, is there a way to change the tag name?
I know you manipulate just about everything else in a node - but is the
tagName really off limits?

from the documentation for DOMElement -

/* Properties */
readonly public bool $schemaTypeInfo ;
readonly public string $tagName ;

so if I really needed to change it, I'd have to create a virgin node with
the new name, identical attributes and children, and replace the existing
node with the new one?

Is there any other way to alter the tagName without doing all that?


If this is related to your earlier post about attributes, is XSLT not
an option? I hate to sound like a broken record, but PHP has support
for XSL transformations and it sounds like that is exactly what you
are trying to do.

Andrew


No.
XSLT is certainly one of the technologies I'm going to look into, but right
now I'm building a filter that (hopefully) will fully implement the Mozilla
developer Content Security Policy server side before the document gets sent
to the browser - by removing what would violate the specified CSP before it
is sent.

My primary interest in changing tag names is to ensure all tags are lower
case so I can then run the rest of the filter. They are all lower case if
you use loadHTML() but I don't want my class to assume it has a properly
created DOMDocument to start with, so I want to walk the DOM and change bad
tags/attribute names before I apply the CSP filtering.



How are you traversing the DOM if it is not already properly formed?
Every time I've ever tried to load a DOMDocument with xml that
wouldn't validate, it blew up and the DOMDocument was left empty. I
usually find loadHTML() to be more forgiving.


The problem isn't with xml that doesn't validate, the problem is that 
HTML is not case sensitive.  and  are 
both legal xml but are different tags to xml. In xhtml the first is a 
script element, the second has no meaning and is discarded by the 
browser. However when sending the document as html (necessary for IE 
users, for example) - html is not case sensitive, the second is valid 
script tag. So if the content security policy says no scripts are 
allowed on the page, I need to catch both the second and the first.


I was actually doing it with regex by saving the document to a buffer 
first but to avoid altering content, I had to make sure I was operating 
inside tags etc. and then it dawned on me - it's structured data, use a 
tool designed to work with structured data.


If the class was just for me it wouldn't matter, but if I put the class 
out in the wild - $doc->createElement("SCriPt"); is legal and even can 
be used to produce legal validating HTML 4.01 upon saveHTML() but it 
would dodge how my class locates and checks for script elements. There 
doesn't seem to be a case insensitive way to find tags/elements in the 
php xml tools, so before my class does the filtering it needs to first 
make sure the tags/attributes are all lower case.


How the potential users (if there ever are any) of my class get their 
page into DOMDocument is up to them, not me. They can loadHTML() or 
create it from scratch or import it from some other xml format.


If their source is an html file (or buffer), I will recommend they run 
it through tidy first - tidy does wonders - but it's still up to them, 
not me, so my class can't assume the tags are lower case.


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] validation & inserts not working

2009-03-11 Thread PJ 
Lex Braun wrote:
> PJ,
>
>   
>> 
>> 
>>> $sql1 = "INSERT INTO book ( title, sub_title, descr,
>>>comment, bk_cover, copyright, ISBN, language, sellers )
>>> VALUES ('$titleIN', '$sub_titleIN', '$descrIN', '$commentIN',
>>>'$bk_coverIN', '$copyrightIN', '$ISBNIN', '$languageIN',
>>>'$sellersIN')";
>>>$result1 = mysql_query($sql1, $db);
>>>$autoid = mysql_insert_id($result1);
>>>   
>
> You're actually sending mysql_insert_id() the wrong parameter. It should be:
> $autoid = mysql_insert_id($db); // you send the resource of your MySQL
> connection (http://ca3.php.net/manual/en/function.mysql-insert-id.php)
> This should be corrected in everywhere you call mysql_insert_id()
>
> -Lex
>
>   
I tried this (from the link above)
$result1 = mysql_query($sql1, $db);
$autoid = mysql_insert_id();
echo $autoid;
works...

but now, I have another problem... I am trying to debug this thing by
going 1 query at a time ( I comment out the rest): every time I do an
INSERT INTO book... the insert works fine but the ID is increased not
from the highest id value but from the last id inserted. So my highest
at the moment is 11; I insert test data and it goes in as id = 15; I
delete this field and redo an insert and it goes in as id = 16. How can
I change this so the auto_increment continues from the 11 ?

-- 
unheralded genius: "A clean desk is the sign of a dull mind. "
-
Phil Jourdan --- p...@ptahhotep.com
   http://www.ptahhotep.com
   http://www.chiccantine.com/andypantry.php


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] validation & inserts not working

2009-03-11 Thread haliphax 
On Wed, Mar 11, 2009 at 4:29 PM, PJ  wrote:
> Lex Braun wrote:
>> PJ,
>>
>>
>>>     
>>>
     $sql1 = "INSERT INTO book ( title, sub_title, descr,
                comment, bk_cover, copyright, ISBN, language, sellers )
             VALUES ('$titleIN', '$sub_titleIN', '$descrIN', '$commentIN',
                '$bk_coverIN', '$copyrightIN', '$ISBNIN', '$languageIN',
                '$sellersIN')";
        $result1 = mysql_query($sql1, $db);
        $autoid = mysql_insert_id($result1);

>>
>> You're actually sending mysql_insert_id() the wrong parameter. It should be:
>> $autoid = mysql_insert_id($db); // you send the resource of your MySQL
>> connection (http://ca3.php.net/manual/en/function.mysql-insert-id.php)
>> This should be corrected in everywhere you call mysql_insert_id()
>>
>> -Lex
>>
>>
> I tried this (from the link above)
> $result1 = mysql_query($sql1, $db);
>    $autoid = mysql_insert_id();
>    echo $autoid;
> works...
>
> but now, I have another problem... I am trying to debug this thing by
> going 1 query at a time ( I comment out the rest): every time I do an
> INSERT INTO book... the insert works fine but the ID is increased not
> from the highest id value but from the last id inserted. So my highest
> at the moment is 11; I insert test data and it goes in as id = 15; I
> delete this field and redo an insert and it goes in as id = 16. How can
> I change this so the auto_increment continues from the 11 ?

In MySQL,

ALTER TABLE [tablename] AUTO_INCREMENT = [value];

HTH,


-- 
// Todd

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] validation & inserts not working

2009-03-11 Thread PJ 
haliphax wrote:
> On Wed, Mar 11, 2009 at 4:29 PM, PJ  wrote:
>   
>> Lex Braun wrote:
>> 
>>> PJ,
>>>
>>>
>>>   
 Â  Â  

 
> Â  Â  $sql1 = "INSERT INTO book ( title, sub_title, descr,
> Â  Â  Â  Â  Â  Â  Â  Â comment, bk_cover, copyright, ISBN, language, 
> sellers )
> Â  Â  Â  Â  Â  Â  VALUES ('$titleIN', '$sub_titleIN', '$descrIN', 
> '$commentIN',
> Â  Â  Â  Â  Â  Â  Â  Â '$bk_coverIN', '$copyrightIN', '$ISBNIN', 
> '$languageIN',
> Â  Â  Â  Â  Â  Â  Â  Â '$sellersIN')";
> Â  Â  Â  Â $result1 = mysql_query($sql1, $db);
> Â  Â  Â  Â $autoid = mysql_insert_id($result1);
>
>   
>>> You're actually sending mysql_insert_id() the wrong parameter. It should be:
>>> $autoid = mysql_insert_id($db); // you send the resource of your MySQL
>>> connection (http://ca3.php.net/manual/en/function.mysql-insert-id.php)
>>> This should be corrected in everywhere you call mysql_insert_id()
>>>
>>> -Lex
>>>
>>>
>>>   
>> I tried this (from the link above)
>> $result1 = mysql_query($sql1, $db);
>> Â  Â $autoid = mysql_insert_id();
>> Â  Â echo $autoid;
>> works...
>>
>> but now, I have another problem... I am trying to debug this thing by
>> going 1 query at a time ( I comment out the rest): every time I do an
>> INSERT INTO book... the insert works fine but the ID is increased not
>> from the highest id value but from the last id inserted. So my highest
>> at the moment is 11; I insert test data and it goes in as id = 15; I
>> delete this field and redo an insert and it goes in as id = 16. How can
>> I change this so the auto_increment continues from the 11 ?
>> 
>
> In MySQL,
>
> ALTER TABLE [tablename] AUTO_INCREMENT = [value];
>
> HTH,
>   
Ok, but why is it doing that? I like to "understand" - I must have asked
too many questions when I was a kid... it stuck. :-)

-- 
unheralded genius: "A clean desk is the sign of a dull mind. "
-
Phil Jourdan --- p...@ptahhotep.com
   http://www.ptahhotep.com
   http://www.chiccantine.com/andypantry.php


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] validation & inserts not working

2009-03-11 Thread Lex Braun 
On Wed, Mar 11, 2009 at 5:44 PM, PJ  wrote:

> haliphax wrote:
> > On Wed, Mar 11, 2009 at 4:29 PM, PJ  wrote:
> >
> >> Lex Braun wrote:
> >>
> >>> PJ,
> >>>
> >>>
> >>>
>  Â  Â  
> 
> 
> > Â  Â  $sql1 = "INSERT INTO book ( title, sub_title, descr,
> > Â  Â  Â  Â  Â  Â  Â  Â comment, bk_cover, copyright, ISBN, language,
> sellers )
> > Â  Â  Â  Â  Â  Â  VALUES ('$titleIN', '$sub_titleIN', '$descrIN',
> '$commentIN',
> > Â  Â  Â  Â  Â  Â  Â  Â '$bk_coverIN', '$copyrightIN', '$ISBNIN',
> '$languageIN',
> > Â  Â  Â  Â  Â  Â  Â  Â '$sellersIN')";
> > Â  Â  Â  Â $result1 = mysql_query($sql1, $db);
> > Â  Â  Â  Â $autoid = mysql_insert_id($result1);
> >
> >
> >>> You're actually sending mysql_insert_id() the wrong parameter. It
> should be:
> >>> $autoid = mysql_insert_id($db); // you send the resource of your MySQL
> >>> connection (http://ca3.php.net/manual/en/function.mysql-insert-id.php)
> >>> This should be corrected in everywhere you call mysql_insert_id()
> >>>
> >>> -Lex
> >>>
> >>>
> >>>
> >> I tried this (from the link above)
> >> $result1 = mysql_query($sql1, $db);
> >> Â  Â $autoid = mysql_insert_id();
> >> Â  Â echo $autoid;
> >> works...
> >>
> >> but now, I have another problem... I am trying to debug this thing by
> >> going 1 query at a time ( I comment out the rest): every time I do an
> >> INSERT INTO book... the insert works fine but the ID is increased not
> >> from the highest id value but from the last id inserted. So my highest
> >> at the moment is 11; I insert test data and it goes in as id = 15; I
> >> delete this field and redo an insert and it goes in as id = 16. How can
> >> I change this so the auto_increment continues from the 11 ?
> >>
> >
> > In MySQL,
> >
> > ALTER TABLE [tablename] AUTO_INCREMENT = [value];
> >
> > HTH,
> >
> Ok, but why is it doing that? I like to "understand" - I must have asked
> too many questions when I was a kid... it stuck. :-)
>

It's doing that because an auto-incrementing column keeps incrementing with
each insertion. Thus, say you insert an entry into ID #10 and delete it
before another entry is made.  MySQL will still have the auto_increment set
to 11 (one more than the last insertion) rather than subtracting one because
you deleted #10.  It's the database method of ensuring you aren't
over-writing pre-existing auto_increment values.

NOTE: This doesn't take into account someone entering their own value into
the ID field greater than the current auto_increment value.

Re: [PHP] ltrim behavior.

2009-03-11 Thread Peter van der Does 
On Wed, 11 Mar 2009 15:28:04 -0400
Paul M Foster  wrote:

> On Wed, Mar 11, 2009 at 03:07:18PM -0400, Peter van der Does wrote:
> 
> > This might be old for some of you but I never encountered it until
> > today and I would like to know why this is happening.
> > 
> > Here's the situation:
> > php > $a='data[options][name]';
> > php > echo ltrim($a,'data[');
> > options][name]
> > 
> > Just as I expected.
> > 
> > Next one:
> > php > $a='options[options][name]';
> > php > echo ltrim($a,'options[');
> > ][name]
> > 
> > UH, what?
> > Not exactly what I expected.
> > 
> > This works:
> > php > $a='options[options][name]';
> > php > echo ltrim(ltrim($a,'options'),'[');
> > options][name]
> > 
> > Can somebody explain the second behavior? Is this a known bug in
> > PHP, I'm running PHP 5.2.6 on Ubuntu.
> 
> Take a look at the documentation for ltrim():
> 
> http://us2.php.net/manual/en/function.ltrim.php
> 
> The string you're including as the second parameter to ltrim() is the
> *characters* you want to trim on, not the *character pattern*. If you
> think about it that way, it will make sense. Also one of the examples
> on the referenced documentation page does something similar to what
> you've cited. Work through that example, and you'll see.
> 
> Paul
> 
OK, the light bulb went on now. I did see it was characters, and not a
string, but for some reason it didn't get in my brain what the
consequence was.
Thanks and I apologize for the "stupid" question.


-- 
Peter van der Does

GPG key: E77E8E98
IRC: Ganseki on irc.freenode.net
Blog: http://blog.avirtualhome.com
Forums: http://forums.avirtualhome.com
Jabber ID: pvanderd...@gmail.com

GetDeb Package Builder
http://www.getdeb.net - Software you want for Ubuntu

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Silly question - include vs. eval

2009-03-11 Thread Shawn McKenzie 
Robert Cummings wrote:
> On Wed, 2009-03-11 at 13:20 -0500, Shawn McKenzie wrote:
>> Robert Cummings wrote:
>>> On Wed, 2009-03-11 at 12:19 -0500, Shawn McKenzie wrote:
 Sándor Tamás (HostWare Kft . ) wrote:
> Yes, Rob is right. My original question is about the difference between
> the processing of a file-based site with include() OR eval(). In that
> case, if I understood it correctly, the results are the same.
>
> But! If the included pages contain functions, classes, etc. With eval(),
> can I use them? With include(), I know I should be able to use them. But
> in some mysterious cases I don't have access to a function. If I cut out
> from the included file, and put in on the file which includes that, just
> before (or after) the includ(), I don't have any problem with it.
>
> The next step, that if I include a file in a function, can I use the
> functions wrote in the included file?
> As I know, include just makes a copy-paste, so if I use it IN a
> function, then all function will be in function scope, am I right?
 Yes, if you use an include inside a function, then any functions / non
 global vars in the included file will only be available inside the
 including function.
>>> This is NOT, I repeat, NOT true for functions. Functions are ALWAYS
>>> global.
>>>
>>> Cheers,
>>> Rob.
>> Yes, I was too hasty.  The nested function will only be defined once the
>> nesting function has been called.  Then it will be available globally.
> 
> Actually, you're wrong again. The nested function, AKA function defined
> in the included source, will be defined as soon as the source is
> included and is available to the function in which the source was
> included. In fact it is even available to the code within the included
> source that can be run during the include process and before the
> function performing the inclusion regains control.
> 
> Cheers,
> Rob.

Well I used the word defined, however what I meant was the included
function would only be available globally after the including function
has been called.  But yes, it will be available to the including function.

-- 
Thanks!
-Shawn
http://www.spidean.com

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Silly question - include vs. eval

2009-03-11 Thread Shawn McKenzie 
Shawn McKenzie wrote:
> Robert Cummings wrote:
>> On Wed, 2009-03-11 at 13:20 -0500, Shawn McKenzie wrote:
>>> Robert Cummings wrote:
 On Wed, 2009-03-11 at 12:19 -0500, Shawn McKenzie wrote:
> Sándor Tamás (HostWare Kft . ) wrote:
>> Yes, Rob is right. My original question is about the difference between
>> the processing of a file-based site with include() OR eval(). In that
>> case, if I understood it correctly, the results are the same.
>>
>> But! If the included pages contain functions, classes, etc. With eval(),
>> can I use them? With include(), I know I should be able to use them. But
>> in some mysterious cases I don't have access to a function. If I cut out
>> from the included file, and put in on the file which includes that, just
>> before (or after) the includ(), I don't have any problem with it.
>>
>> The next step, that if I include a file in a function, can I use the
>> functions wrote in the included file?
>> As I know, include just makes a copy-paste, so if I use it IN a
>> function, then all function will be in function scope, am I right?
> Yes, if you use an include inside a function, then any functions / non
> global vars in the included file will only be available inside the
> including function.
 This is NOT, I repeat, NOT true for functions. Functions are ALWAYS
 global.

 Cheers,
 Rob.
>>> Yes, I was too hasty.  The nested function will only be defined once the
>>> nesting function has been called.  Then it will be available globally.
>> Actually, you're wrong again. The nested function, AKA function defined
>> in the included source, will be defined as soon as the source is
>> included and is available to the function in which the source was
>> included. In fact it is even available to the code within the included
>> source that can be run during the include process and before the
>> function performing the inclusion regains control.
>>
>> Cheers,
>> Rob.
> 
> Well I used the word defined, however what I meant was the included
> function would only be available globally after the including function
> has been called.  But yes, it will be available to the including function.
> 

Actually, which would mean that the including function had been called
if it was attempting to use any of the vars/functions in the included
file :-)

-- 
Thanks!
-Shawn
http://www.spidean.com

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] validation & inserts not working

2009-03-11 Thread Michael A. Peters 

PJ wrote:

Lex Braun wrote:

PJ,

  




$sql1 = "INSERT INTO book ( title, sub_title, descr,
   comment, bk_cover, copyright, ISBN, language, sellers )
VALUES ('$titleIN', '$sub_titleIN', '$descrIN', '$commentIN',
   '$bk_coverIN', '$copyrightIN', '$ISBNIN', '$languageIN',
   '$sellersIN')";
   $result1 = mysql_query($sql1, $db);
   $autoid = mysql_insert_id($result1);
  

You're actually sending mysql_insert_id() the wrong parameter. It should be:
$autoid = mysql_insert_id($db); // you send the resource of your MySQL
connection (http://ca3.php.net/manual/en/function.mysql-insert-id.php)
This should be corrected in everywhere you call mysql_insert_id()

-Lex

  

I tried this (from the link above)
$result1 = mysql_query($sql1, $db);
$autoid = mysql_insert_id();
echo $autoid;
works...

but now, I have another problem... I am trying to debug this thing by
going 1 query at a time ( I comment out the rest): every time I do an
INSERT INTO book... the insert works fine but the ID is increased not
from the highest id value but from the last id inserted. So my highest
at the moment is 11; I insert test data and it goes in as id = 15; I
delete this field and redo an insert and it goes in as id = 16. How can
I change this so the auto_increment continues from the 11 ?



I'm not sure you can, and for good reason. MySQL keeps track of last id 
in an autoincrement even if you deleted the record. You don't want ID 
clashes even with records that have been deleted. What if they were 
accidentally deleted and need to be restored from backup? Now you will 
have an ID conflict because an old record and new record will have same 
ID. That's why mysql will not use a record id in autoincrement that has 
been used before, even if it appears to be available.


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] non static function called as static one

2009-03-11 Thread Nathan Rixham 

Jochem Maas wrote:

Olivier Doucet schreef:

Hi Jochem,



2/ (or/and) Raise a warning or an error if a non static function is

called

as a static one

develop with error_reporting set to E_ALL | E_STRICT, then you'll get a big
fat
warning about it


Yes, that's what I'm using right now. Although, that's not the highlighted
problem.


if your not gettting a 'Strict Warning' when calling a non-static method 
statically
then error_reporting doesn't include E_STRICT. I tested this with your example 
code on
the cmdline to make sure.


[...]

the pragmatic solution is to not call non-static functions using
static syntax.


Well, this is the answer I didn't want :)


I here that alot :-)


Thank you for your feedback !

Olivier





poor internal developers, they do have a tough job

the message is pretty clear:
"Strict Standards: Non-static method MyTest::myfunc() should not be 
called statically, assuming $this from incompatible context in.."


but the functionality is pretty weird, took me a while to get my head 
around.. until i came up with the scenario:

"what if this 'error' halted the compiler and threw a proper error"
then I imagined the massive outcry from the developers of millions of 
poorly coded scripts


then I remembered php 4 and ran this:

test(); //output: "MySecondTest"
?>

and it all became clear

mental though, part of me wishes they'd forked php at 4 to save all the 
lame syntax and weirdness.


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] non static function called as static one

2009-03-11 Thread Nathan Rixham 

Nathan Rixham wrote:

Jochem Maas wrote:

Olivier Doucet schreef:


mental though, part of me wishes they'd forked php at 4 to save all the 
lame syntax and weirdness.




after thought.. I wish they'd forked it to OO and procedural, then us OO 
guys could have phpoo and be happy, and the procedural guys could have 
php and be happy because the oo one contained the word poo.


:)

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] non static function called as static one

2009-03-11 Thread Jochem Maas 
Nathan Rixham schreef:
> Nathan Rixham wrote:
>> Jochem Maas wrote:
>>> Olivier Doucet schreef:
> 
>> mental though, part of me wishes they'd forked php at 4 to save all
>> the lame syntax and weirdness.
>>
> 
> after thought.. I wish they'd forked it to OO and procedural, then us OO
> guys could have phpoo and be happy, and the procedural guys could have
> php and be happy because the oo one contained the word poo.
> 

lol, and to think we'd be neck deep in it every day :-P

> :)
> 


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: Include File Errors with Comments

2009-03-11 Thread Patrick Moloney 
OK, I think I've got the problem. I had to go back further than where 
the problem appeared to be. The 1st error was the comment code on the 
div line before the menu is Included. It had the "--" in the comment.
Oddly, it interacts with the same error in the comment in the mainmenu 
file. I saw some suggestion that these work in pairs but fail in odd 
numbers. So, I have many pages that work like this.
Adding another bad comment to the mainmenu, causes it to fail (3 bad 
lines). Or, without a third line, fixing the only bad line in the 
mainmenu also fails! Now, correcting the bad line in the web page fixes 
that -- (whoops) - but causes all the other similar web site pages to 
start failing.

I'll have to fix them all, but at least I know the problem.
No wonder nobody comments code!


mainmenu.php



Functional Menu code
...


webpage.php
...

 


...

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Silly question - include vs. eval

2009-03-11 Thread Robert Cummings 
On Wed, 2009-03-11 at 16:16 -0500, Shawn McKenzie wrote:
> Shawn McKenzie wrote:
> > Robert Cummings wrote:
> >> On Wed, 2009-03-11 at 13:20 -0500, Shawn McKenzie wrote:
> >>> Robert Cummings wrote:
>  On Wed, 2009-03-11 at 12:19 -0500, Shawn McKenzie wrote:
> > Sándor Tamás (HostWare Kft . ) wrote:
> >> Yes, Rob is right. My original question is about the difference between
> >> the processing of a file-based site with include() OR eval(). In that
> >> case, if I understood it correctly, the results are the same.
> >>
> >> But! If the included pages contain functions, classes, etc. With 
> >> eval(),
> >> can I use them? With include(), I know I should be able to use them. 
> >> But
> >> in some mysterious cases I don't have access to a function. If I cut 
> >> out
> >> from the included file, and put in on the file which includes that, 
> >> just
> >> before (or after) the includ(), I don't have any problem with it.
> >>
> >> The next step, that if I include a file in a function, can I use the
> >> functions wrote in the included file?
> >> As I know, include just makes a copy-paste, so if I use it IN a
> >> function, then all function will be in function scope, am I right?
> > Yes, if you use an include inside a function, then any functions / non
> > global vars in the included file will only be available inside the
> > including function.
>  This is NOT, I repeat, NOT true for functions. Functions are ALWAYS
>  global.
> 
>  Cheers,
>  Rob.
> >>> Yes, I was too hasty.  The nested function will only be defined once the
> >>> nesting function has been called.  Then it will be available globally.
> >>
> >> Actually, you're wrong again. The nested function, AKA function defined
> >> in the included source, will be defined as soon as the source is
> >> included and is available to the function in which the source was
> >> included. In fact it is even available to the code within the included
> >> source that can be run during the include process and before the
> >> function performing the inclusion regains control.
> >>
> >> Cheers,
> >> Rob.
> > 
> > Well I used the word defined, however what I meant was the included
> > function would only be available globally after the including function
> > has been called.  But yes, it will be available to the including function.
> > 
> 
> Actually, which would mean that the including function had been called
> if it was attempting to use any of the vars/functions in the included
> file :-)

You need to work on your use of verb tenses :)

Cheers,
Rob.
-- 
http://www.interjinn.com
Application and Templating Framework for PHP


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: Setting Up A Web Subscription Service

2009-03-11 Thread revDAVE 
Thanks HallMarc & Nathan for the recommendations!

--
Thanks - RevDave
Cool @ hosting4days . com
[db-lists 09]




-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Silly question - include vs. eval

2009-03-11 Thread Shawn McKenzie 
Robert Cummings wrote:
> On Wed, 2009-03-11 at 16:16 -0500, Shawn McKenzie wrote:
>> Shawn McKenzie wrote:
>>> Robert Cummings wrote:
 On Wed, 2009-03-11 at 13:20 -0500, Shawn McKenzie wrote:
> Robert Cummings wrote:
>> On Wed, 2009-03-11 at 12:19 -0500, Shawn McKenzie wrote:
>>> Sándor Tamás (HostWare Kft . ) wrote:
 Yes, Rob is right. My original question is about the difference between
 the processing of a file-based site with include() OR eval(). In that
 case, if I understood it correctly, the results are the same.

 But! If the included pages contain functions, classes, etc. With 
 eval(),
 can I use them? With include(), I know I should be able to use them. 
 But
 in some mysterious cases I don't have access to a function. If I cut 
 out
 from the included file, and put in on the file which includes that, 
 just
 before (or after) the includ(), I don't have any problem with it.

 The next step, that if I include a file in a function, can I use the
 functions wrote in the included file?
 As I know, include just makes a copy-paste, so if I use it IN a
 function, then all function will be in function scope, am I right?
>>> Yes, if you use an include inside a function, then any functions / non
>>> global vars in the included file will only be available inside the
>>> including function.
>> This is NOT, I repeat, NOT true for functions. Functions are ALWAYS
>> global.
>>
>> Cheers,
>> Rob.
> Yes, I was too hasty.  The nested function will only be defined once the
> nesting function has been called.  Then it will be available globally.
 Actually, you're wrong again. The nested function, AKA function defined
 in the included source, will be defined as soon as the source is
 included and is available to the function in which the source was
 included. In fact it is even available to the code within the included
 source that can be run during the include process and before the
 function performing the inclusion regains control.

 Cheers,
 Rob.
>>> Well I used the word defined, however what I meant was the included
>>> function would only be available globally after the including function
>>> has been called.  But yes, it will be available to the including function.
>>>
>> Actually, which would mean that the including function had been called
>> if it was attempting to use any of the vars/functions in the included
>> file :-)
> 
> You need to work on your use of verb tenses :)
> 
> Cheers,
> Rob.

What?  I didn't know you flamed people whose native language wasn't
English!  How can we get a break on this list?

I speak Texan (sorta), and apologize for my poor English.  :-(

-- 
Thanks!
-Shawn
http://www.spidean.com

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: PHP/Apache: script unexpectedly invoked multiple times in parallel every 30 secs.

2009-03-11 Thread Marc Venturini 
Hi all,

Thank you all very much for your contributions.

I tried to monitor the network with Wireshark: there is only one request
from my browser to the server, and not any answer (redirect or otherwise).
This means the problem is definitely not with unexpected browser requests.

Calling die() at the end of the script and removing the redirect did not
change the behavior in any way.

I like to think my code is good, and that the server calls the script in an
unexpected way. The main reason for this belief is that I do not use
multithreading at all, while the logs report the script is running several
times in parallel and the network monitor reports a single browser request.
I could not find in the docs any server configuration parameter which would
re-invoke a script without killing its currently running instance.

Unfortunately I cannot post the code here, as everything is spread in
several files. If stuck with this issue for too long, I'll consider reducing
the script to the root cause of the problem and posting it, but it's toomuch
overhead at this stage...

Cheers,
Marc.


On Wed, Mar 11, 2009 at 4:40 PM, haliphax  wrote:

> On Wed, Mar 11, 2009 at 10:30 AM, Martin Zvarík  wrote:
> > Marc Venturini napsal(a):
> >>
> >> Hi all,
> >>
> >> I wrote a PHP script running in Apache which takes more than 30 seconds
> to
> >> complete. It uses set_time_limit() to extend the time it is allowed to
> >> run.
> >> The script generates thumbnails from a list of images. Upon completion,
> >> the
> >> script redirects the browser to another page using HTTP headers.
> >
> > If you die() at the end of the script and don't redirect does it continue
> > this auto-30-seconds execution?
> >
> >>
> >> On my local machine (Windows + EasyPHP), the script runs as expected and
> >> completes after a few minutes.
> >>
> >> I observe an unexpected behavior on my production web server:
> >> - The script runs as expected for the first 30 seconds.
> >> - After 30 seconds, the same script with the same parameters starts
> again
> >> in
> >> a new thread/process. The initial thread/process is *not* interrupted,
> so
> >> 2
> >> threads/processes run in parallel, executing the same sequence of
> >> operations
> >> with a 30 time shift.
> >> - The same scenario happens every 30 seconds (i.e.: at 0"30, 1"00, 1"30,
> >> and
> >> so on), multiplying the parallel threads/processes.
> >
> >> - The browser keeps on loading while the above happens.
> >
> >> - After some time, the browser displays a blank page and all the
> >> threads/processes stop. I assume this is due to resources exhaustion,
> but
> >> I
> >> have no means to check this assumption.
> >>
> >> I deduced the above reading a text file in which I log the sequence of
> >> called functions.
> >
> > It all seems as a redirection / unclosed loop problem.
> >
> >>
> >> Unfortunately I have no access *at all* to my production web server
> >> configuration (shared hosting, no documentation). I cannot even read the
> >> configuration settings. While I'm considering moving to another host,
> I'd
> >> be
> >> extremely pleased to have an explanation of the observed behavior.
> >>
> >> I have browsed the mailing list archives and looked for an explanation
> in
> >> other forums to no avail. This thread may deal with the same issue but
> >> does
> >> not include any explanation or solution:
> >> http://www.networkedmediatank.com/showthread.php?tid=17140
> >>
> >> Thanks for reading, and please do not hesitate to ask for further
> >> explanations if what I'm trying to achieve was not clear!
> >
> > Why it works on your local server is probably caused by different
> > versions/settings, but I bet there's an error somewhere in your script.
> >
> > Consider sending it here, I'll take a look.
>
> A blank URL does not redirect to the directory index, IIRC... it
> refreshes the current page (such as a FORM tag with ACTION=""). This
> may very well still be your problem.
>
> My 2c,
>
>
> --
> // Todd
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>

Re: [PHP] Re: PHP/Apache: script unexpectedly invoked multiple times in parallel every 30 secs.

2009-03-11 Thread Nathan Rixham 

Marc Venturini wrote:

Hi all,

Thank you all very much for your contributions.

I tried to monitor the network with Wireshark: there is only one request
from my browser to the server, and not any answer (redirect or otherwise).
This means the problem is definitely not with unexpected browser requests.

Calling die() at the end of the script and removing the redirect did not
change the behavior in any way.

I like to think my code is good, and that the server calls the script in an
unexpected way. The main reason for this belief is that I do not use
multithreading at all, while the logs report the script is running several
times in parallel and the network monitor reports a single browser request.
I could not find in the docs any server configuration parameter which would
re-invoke a script without killing its currently running instance.



are you forking the script at all? if so you can't unless on the cli

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: PHP/Apache: script unexpectedly invoked multiple times in parallel every 30 secs.

2009-03-11 Thread Michael A. Peters 

Nathan Rixham wrote:

Marc Venturini wrote:

Hi all,

Thank you all very much for your contributions.

I tried to monitor the network with Wireshark: there is only one request
from my browser to the server, and not any answer (redirect or 
otherwise).
This means the problem is definitely not with unexpected browser 
requests.


Calling die() at the end of the script and removing the redirect did not
change the behavior in any way.

I like to think my code is good, and that the server calls the script 
in an

unexpected way. The main reason for this belief is that I do not use
multithreading at all, while the logs report the script is running 
several
times in parallel and the network monitor reports a single browser 
request.
I could not find in the docs any server configuration parameter which 
would

re-invoke a script without killing its currently running instance.



are you forking the script at all? if so you can't unless on the cli



I don't know what is causing it, but is the site live? If so, could it 
be a proxy somewhere re-requesting the data when it thinks your server 
has timed out? I guess you ruled that out with the wireshark.


If it really takes over 30 seconds to process the images, would it 
better to just have your script cue the images and exit, with 
ImageMagick running on the server to do the actual hard work?


Write a shell script that cron runs every 5 minutes.
The script wgets a shell script from your server with the cue of what 
needs to be processed and then processes it.


I don't know for sure, but I suspect using ImageMagick in a shell script 
is going to be less resource intensive than the web server doing it. 
Doing it that way lets your script exit much sooner and would avoid 
impatient user reloads, which could be a problem even when you do figure 
out this issue.


I almost wonder if Apache has some directive that tries to serve the 
data again if it thinks there was a backend problem with it's first request.


What happens when you try to request your page with wget or lynx?
They won't try to load any images, so if there is a image src problem 
that should make it obvious.


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: Working directory of PHP pages?

2009-03-11 Thread Clancy 
On Wed, 11 Mar 2009 13:03:19 -0500, halip...@gmail.com (haliphax) wrote:

>On Wed, Mar 11, 2009 at 12:44 PM, Shawn McKenzie  wrote:
>> Clancy wrote:
>>> It is my understanding that when you open a page the PHP server looks for 
>>> index.php in the
>>> site root directory, and loads it. As a result the working directory of the 
>>> page will be
>>> the root directory of the site.  I have always worked on this assumption, 
>>> and it has
>>> always been correct.  On the other hand Stewart thinks that I cannot rely 
>>> this, and am
>>> likely to get into trouble as a result.
>>>
>>> Are there any systems in which my assumption will not be correct?
>>>
>>
>> In many frameworks this assumption is not correct.  I am using the
>> default CakePHP layout as an example.
>>
>> Depending on your terminology, your DocumentRoot is /var/www/ and in
>> this case is also the filesystem path of your site's root dir, however
>> the sites root dir in a URL is /.
>>
>> Consider the CakePHP structure:
>>
>> /var/www/
>>  .htaccess
>>  index.php
>> /var/www/webroot
>>  index.php
>>
>> If you browse to http://example.com/ (in most cases), one of 2 things
>> happens:
>>
>> 1. The webserver opens the /var/www/.htaccess and according to the
>> rewrite rules there it rewrites to /var/www/webroot/.  So any getcwd()
>> would be /var/www/webroot/
>>
>> 2. If not using modrewrite, the web server looks for index.html and then
>> index.php in /var/www/ which has a require for webroot/index.php.  So
>> any getcwd() would be /var/www/.
>>
>> Consequently, CakePHP and the other frameworks that I've seen use
>> basename() and dirname() in conjunction with __FILE__ to define the
>> paths/relative dirs within the app.
>
>Come to think of it, this may very well be true for all MVC frameworks
>(unless the models, views, and controllers are all in the same
>directory as the launch script). I can at least vouch for the fact
>that CodeIgniter, like CakePHP, will fudge your directory estimation
>if you're expecting getcwd() to be right.

Something Stewart said the other day made me realise that there was a 
fundamental error in
the way I was thinking about this question. I had been thinking that opendir 
(.) opened
the root directory, and that paths such as Joe/Nurg.com were relative to the 
root
directory, but I now realise that they are relative to the current directory, 
whatever
that might be. (Yes; I should have known better, but there is an awful swamp of 
burnt out
brain cells at the bottom of my brain.)

So the question I should have asked was "When a web page is loaded, can I rely 
on the CWD
being the directory containing index.php (or whichever file is actually 
loaded)?"

Thank you all for your assistance.


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: Working directory of PHP pages?

2009-03-11 Thread 9el 
On Thu, Mar 12, 2009 at 11:47 AM, Clancy  wrote:

>
> Something Stewart said the other day made me realise that there was a
> fundamental error in
> the way I was thinking about this question. I had been thinking that
> opendir (.) opened
> the root directory, and that paths such as Joe/Nurg.com were relative to
> the root
> directory, but I now realise that they are relative to the current
> directory, whatever
> that might be. (Yes; I should have known better, but there is an awful
> swamp of burnt out
> brain cells at the bottom of my brain.)


a dot (.) denotes a current directory and double dot (..)  denotes parent
directory of the current in DOS/Windows/*nix  File System.

>
>
> So the question I should have asked was "When a web page is loaded, can I
> rely on the CWD
> being the directory containing index.php (or whichever file is actually
> loaded)?"
>
> Thank you all for your assistance.
>
>
>