Re: [PHP] Progressbar

2009-06-24 Thread Nitsan Bin-Nun 
You can use either perl uploading with ajax or flash uploader.

For the perl - google 'uber uploader'
For the flash - google 'flash uploader site:de' and get into the first it
should pop up something with fancy I think..

Good luck mate!

On Wed, Jun 24, 2009 at 8:20 AM, Tom Sparks wrote:

>
> have you looked at http://postlet.com/ ?
>
> tom_a_sparks
>
> Please avoid sending me Word or PowerPoint attachments.
> but instead use OpenDocument File Formats or
> use OpenOffice
> http://en.wikipedia.org/wiki/OpenDocument
> http://en.wikipedia.org/wiki/OpenOffice.org
> http://www.gnu.org/philosophy/no-word-attachments.html
>
>
> --- On Wed, 24/6/09, Teun Lassche  wrote:
>
> > From: Teun Lassche 
> > Subject: [PHP] Progressbar
> > To: php-general@lists.php.net
> > Received: Wednesday, 24 June, 2009, 3:55 PM
> > I'm making an upload script with PHP,
> > is there a way I can show a
> > progressbar while uploading?
> >
> > --
> > Teun Lassche
> > Bill Cosby  >
> > -
> > "A word to the wise ain't necessary - it's the stupid ones
> > that need the
> > advice."
> >
>
>
>   Access Yahoo!7 Mail on your mobile. Anytime. Anywhere.
> Show me how: http://au.mobile.yahoo.com/mail
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>

Re: [PHP] I've some doubts if I should go with 5.2 or go already with 5.3 (for a course)

2009-06-24 Thread Robert Cummings 



Michael A. Peters wrote:

Robert Cummings wrote:

Michael A. Peters wrote:

Manuel Aude wrote:
I'm giving a PHP course next semester (3 hours all saturdays for 22 
weeks)
and I just realized that PHP 5.3 is coming very soon (2 days now!). 
So, my
plans of teaching PHP 5.2 are starting to change, and I think it's a 
good

idea to teach them 5.3 already.

While the majority of the students use Windows, I'm aware that a vast 
amount

will be using Ubuntu/Debian (and some use Gentoo, Fedora and Arch)
distributions of Linux, so I'm hoping there won't be too many 
problems on

installation. I don't want to waste the entire first class fixing
installation problems, because that kills the student's motivation.

The course starts on August, but I'm preparing it during the last two 
weeks
of July. You think that installation packages will be bulletproof by 
then?
Or should I just teach 5.2 and wait for another semester before 
starting on
5.3? I mean, most hosts will remain with PHP 5.2 for the rest of the 
year,

so I'm a bit confused on what I should do.

I'm just a university student that wants to spread PHP, for I've been 
using

it for many years now =)

Thanks for the advices,
Mamsaac


Many hosts are still on php 5.1.x (IE RHEL based hosts).
I would be worried that many popular classes and apps might be quirky 
under 5.3.


I've not played with it at all, and probably won't for some time, but 
I've been bitten by that more than once.


Nice thing about 5.2.x as far as linux goes anyway, installing it is 
cake from the package repositories. Using package repositories for php 
installs is suggested as security fixes can be updated with ease.


As someone running a newer version of php (5.2.9) than what my distro 
ships with, here are some of the issues:


A) I needed to create packages so that I could RPM install various 
stuff, like Squirelmail, etc. - and get the security updates for them 
from my OS vendor (CentOS or EPEL repods). So to do that, I used the 
Fedora src.rpm.


B) When building php rpm's on my system, the %check portion of the 
spec file (runs make test I believe) fails sometimes if there is an 
existing php install. To solve that, you have to build it in mock.


C) Mock needs a lot of disk space and will download a lot of packages, 
if you don't local mirror the update repositories, it can be really 
time consuming. Furthermore, occasionally the build list for mock is 
broken making it un-usable for package building.


I have to use 5.2.x because I need a pecl extension that does not work 
with 5.1.x - and building rpm myself lets me add suhosin patch (to the 
fedora spec file) but unless your Linux students want to do absolutely 
everything php by source and not have anything installed from the 
package managers that rely on php, I would highly suggest that they 
use whatever version of php their distro of choice has in its stable 
repositories.


-=-

Since you are teaching students, one pet peeve of mine that I see in 
web app after web app after web app - they have an admin interface 
that writes a php file which the app then parses as php. Often they 
even instruct the person installing the web app to have 777 
permissions of directories and/or files within the web root.


There's a better way. Either store the configuration settings in a 
database (obviously can't store database connection setting in the 
database ...) or store them in an xml file, not php.


You can write and read the xml file with any number of existing php 
functions. And the config file should not be in the web root, nothing 
the web server can write to should be in the document root.


Applications (like Gallery and I think joomla and wordpress) often 
want write permission to the document root so they can have a web 
interface to install/update their modules - but it creates a security 
risk. It's better to install the modules you want from a distro vendor 
repository so you can keep them up to date that way, and hence, it's 
better to use a packaged php install so that the dependencies are met.


Sorry for rambling, but the trend of web server having write 
permissions to files the web server then executes (and often in the 
web root) is a trend that needs to stop. So flunk the students that do 
it ;)
And how do you propose people get around open_basedir restrictions which 
is common in many Plesk environments?


There is nothing wrong with having the above mentioned write access if 
it is properly protected.


Nothing wrong other than any vulnerability in apache (or a module apache 
loads or cgi/server script code) that allows a malicious user to write 
data as the apache user can now do so inside the web root where they can 
then request it causing php/perl/python/whatever to execute the code 
they just wrote.


This is fear mongering. I could make the same argument that making use 
of a webserver opens you up to any vulnerability in the webserver that 
may provide access to the entire filesystem. The intende

[PHP] Validation data - question

2009-06-24 Thread Dušan Novaković 
Hi guys,

Does anyone know how to write validation for data witch contains
letters such as šđčćž (those are Serbian letters)?
Here is part of my code where it does validation:

$admins_validation = array('name'=>
'/^[[:alnum:][:punct:][:space:]]{1,50}$/',
'surname'   => 
'/^[[:alnum:][:punct:][:space:]]{1,50}$/',
'email'  =>
'/^[A-Za-z0-9]+((\.|-|_)[A-Za-z0-9]+)*...@[a-za-z0-9]+((\.|-)[A-Za-z0-9]+)*\.[A-Za-z0-9]+$/',
..
   );

So, for example if someone enters name Dušan it won't except  it.



-- 
made by Dusan

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Progressbar

2009-06-24 Thread Michael A. Peters 

Teun Lassche wrote:

I'm making an upload script with PHP, is there a way I can show a
progressbar while uploading?



Yes.
Assuming you are using php 5.2.x you can use the PECL extension 
uploadprogress.


http://pecl.php.net/package/uploadprogress/

I am successfully using it with php 5.2.9 on i386 and x86_64

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Validation data - question

2009-06-24 Thread Per Jessen 
Dušan Novaković wrote:

> Hi guys,
> 
> Does anyone know how to write validation for data witch contains
> letters such as šđčćž (those are Serbian letters)?
> Here is part of my code where it does validation:
> 
> $admins_validation = array('name'  =>
> '/^[[:alnum:][:punct:][:space:]]{1,50}$/',
> 'surname'   => '/^[[:alnum:][:punct:][:space:]]{1,50}$/',
> 'email'=>
> '/^[A-Za-z0-9]+((\.|-|_)[A-Za-z0-9]+)*...@[a-za-z0-9]+((\.|-
[A-Za-z0-9]+)*\.[A-Za-z0-9]+$/',
> ..
>);
> So, for example if someone enters name Dušan it won't except  it.


I'm pretty certain you only have to set the right locale - that should
make [:alnum:] include the right characters as per the locale.  If you
need to accept other characters (that aren't alphanums in Serbian), you
may need to write your own character classes, but that's easy.

/Per

-- 
Per Jessen, Zürich (11.5°C)


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] chmod - Opertaion not permitted in ....

2009-06-24 Thread Morris 
Hi all
Got a problem don't know how to get in really..

simple code:


and I get a warning says "Operations not permitted in ."

Anyone met this before? I've done quite a lot reading on Google but couldn't
get to it.

THanks

Re: [PHP] I've some doubts if I should go with 5.2 or go already with 5.3 (for a course)

2009-06-24 Thread Michael A. Peters 

Robert Cummings wrote:



Michael A. Peters wrote:

Robert Cummings wrote:

Michael A. Peters wrote:

Manuel Aude wrote:
I'm giving a PHP course next semester (3 hours all saturdays for 22 
weeks)
and I just realized that PHP 5.3 is coming very soon (2 days now!). 
So, my
plans of teaching PHP 5.2 are starting to change, and I think it's 
a good

idea to teach them 5.3 already.

While the majority of the students use Windows, I'm aware that a 
vast amount

will be using Ubuntu/Debian (and some use Gentoo, Fedora and Arch)
distributions of Linux, so I'm hoping there won't be too many 
problems on

installation. I don't want to waste the entire first class fixing
installation problems, because that kills the student's motivation.

The course starts on August, but I'm preparing it during the last 
two weeks
of July. You think that installation packages will be bulletproof 
by then?
Or should I just teach 5.2 and wait for another semester before 
starting on
5.3? I mean, most hosts will remain with PHP 5.2 for the rest of 
the year,

so I'm a bit confused on what I should do.

I'm just a university student that wants to spread PHP, for I've 
been using

it for many years now =)

Thanks for the advices,
Mamsaac


Many hosts are still on php 5.1.x (IE RHEL based hosts).
I would be worried that many popular classes and apps might be 
quirky under 5.3.


I've not played with it at all, and probably won't for some time, 
but I've been bitten by that more than once.


Nice thing about 5.2.x as far as linux goes anyway, installing it is 
cake from the package repositories. Using package repositories for 
php installs is suggested as security fixes can be updated with ease.


As someone running a newer version of php (5.2.9) than what my 
distro ships with, here are some of the issues:


A) I needed to create packages so that I could RPM install various 
stuff, like Squirelmail, etc. - and get the security updates for 
them from my OS vendor (CentOS or EPEL repods). So to do that, I 
used the Fedora src.rpm.


B) When building php rpm's on my system, the %check portion of the 
spec file (runs make test I believe) fails sometimes if there is an 
existing php install. To solve that, you have to build it in mock.


C) Mock needs a lot of disk space and will download a lot of 
packages, if you don't local mirror the update repositories, it can 
be really time consuming. Furthermore, occasionally the build list 
for mock is broken making it un-usable for package building.


I have to use 5.2.x because I need a pecl extension that does not 
work with 5.1.x - and building rpm myself lets me add suhosin patch 
(to the fedora spec file) but unless your Linux students want to do 
absolutely everything php by source and not have anything installed 
from the package managers that rely on php, I would highly suggest 
that they use whatever version of php their distro of choice has in 
its stable repositories.


-=-

Since you are teaching students, one pet peeve of mine that I see in 
web app after web app after web app - they have an admin interface 
that writes a php file which the app then parses as php. Often they 
even instruct the person installing the web app to have 777 
permissions of directories and/or files within the web root.


There's a better way. Either store the configuration settings in a 
database (obviously can't store database connection setting in the 
database ...) or store them in an xml file, not php.


You can write and read the xml file with any number of existing php 
functions. And the config file should not be in the web root, 
nothing the web server can write to should be in the document root.


Applications (like Gallery and I think joomla and wordpress) often 
want write permission to the document root so they can have a web 
interface to install/update their modules - but it creates a 
security risk. It's better to install the modules you want from a 
distro vendor repository so you can keep them up to date that way, 
and hence, it's better to use a packaged php install so that the 
dependencies are met.


Sorry for rambling, but the trend of web server having write 
permissions to files the web server then executes (and often in the 
web root) is a trend that needs to stop. So flunk the students that 
do it ;)
And how do you propose people get around open_basedir restrictions 
which is common in many Plesk environments?


There is nothing wrong with having the above mentioned write access 
if it is properly protected.


Nothing wrong other than any vulnerability in apache (or a module 
apache loads or cgi/server script code) that allows a malicious user 
to write data as the apache user can now do so inside the web root 
where they can then request it causing php/perl/python/whatever to 
execute the code they just wrote.


This is fear mongering. 


No. It is not.
The web root should be read only.


I could make the same argument that making use 
of a webserver opens you up to any vulnerability

Re: [PHP] chmod - Opertaion not permitted in ....

2009-06-24 Thread Michael A. Peters 

Morris wrote:

Hi all
Got a problem don't know how to get in really..

simple code:


and I get a warning says "Operations not permitted in ."

Anyone met this before? I've done quite a lot reading on Google but couldn't
get to it.

THanks



Many servers do not allow the apache (or php) to change file permissions.

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Progressbar

2009-06-24 Thread Michael A. Peters 

Morris wrote:
Assumed you are using form uploading, could redirect to the page itself 
and play a Flash while uploading. 


I think this is the simplest way other than putting in mass codes


I open up a small window via javascript that then uses javascript and 
css to make a progress bar.


I'll share the code if anyone wants it, though it probably needs some 
tweaking as I don't think it validates. It works though.




M

2009/6/24 Michael A. Peters mailto:mpet...@mac.com>>

Teun Lassche wrote:

I'm making an upload script with PHP, is there a way I can show a
progressbar while uploading?


Yes.
Assuming you are using php 5.2.x you can use the PECL extension
uploadprogress.

http://pecl.php.net/package/uploadprogress/

I am successfully using it with php 5.2.9 on i386 and x86_64

-- 
PHP General Mailing List (http://www.php.net/)

To unsubscribe, visit: http://www.php.net/unsub.php





--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Progressbar

2009-06-24 Thread Teun Lassche 
Thanks to you all guys, I'll try to get it working!

On Wed, Jun 24, 2009 at 12:24, Michael A. Peters  wrote:

> Morris wrote:
>
>> Assumed you are using form uploading, could redirect to the page itself
>> and play a Flash while uploading.
>> I think this is the simplest way other than putting in mass codes
>>
>
> I open up a small window via javascript that then uses javascript and css
> to make a progress bar.
>
> I'll share the code if anyone wants it, though it probably needs some
> tweaking as I don't think it validates. It works though.
>
>
>> M
>>
>> 2009/6/24 Michael A. Peters mailto:mpet...@mac.com>>
>>
>>
>>Teun Lassche wrote:
>>
>>I'm making an upload script with PHP, is there a way I can show a
>>progressbar while uploading?
>>
>>
>>Yes.
>>Assuming you are using php 5.2.x you can use the PECL extension
>>uploadprogress.
>>
>>http://pecl.php.net/package/uploadprogress/
>>
>>I am successfully using it with php 5.2.9 on i386 and x86_64
>>
>>--PHP General Mailing List (http://www.php.net/)
>>To unsubscribe, visit: http://www.php.net/unsub.php
>>
>>
>>
>
> --
>  PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>


-- 
Teun Lassche
Laurence J. 
Peter
- "If two wrongs don't make a right, try three."

Re: [PHP] Progressbar

2009-06-24 Thread kranthi 
you can give this a try http://www.uploadify.com/ a jquery plugin.

Re: [PHP] I've some doubts if I should go with 5.2 or go already with 5.3 (for a course)

2009-06-24 Thread Robert Cummings 

Michael A. Peters wrote:

Robert Cummings wrote:


Michael A. Peters wrote:

Robert Cummings wrote:

Michael A. Peters wrote:

Manuel Aude wrote:
I'm giving a PHP course next semester (3 hours all saturdays for 22 
weeks)
and I just realized that PHP 5.3 is coming very soon (2 days now!). 
So, my
plans of teaching PHP 5.2 are starting to change, and I think it's 
a good

idea to teach them 5.3 already.

While the majority of the students use Windows, I'm aware that a 
vast amount

will be using Ubuntu/Debian (and some use Gentoo, Fedora and Arch)
distributions of Linux, so I'm hoping there won't be too many 
problems on

installation. I don't want to waste the entire first class fixing
installation problems, because that kills the student's motivation.

The course starts on August, but I'm preparing it during the last 
two weeks
of July. You think that installation packages will be bulletproof 
by then?
Or should I just teach 5.2 and wait for another semester before 
starting on
5.3? I mean, most hosts will remain with PHP 5.2 for the rest of 
the year,

so I'm a bit confused on what I should do.

I'm just a university student that wants to spread PHP, for I've 
been using

it for many years now =)

Thanks for the advices,
Mamsaac


Many hosts are still on php 5.1.x (IE RHEL based hosts).
I would be worried that many popular classes and apps might be 
quirky under 5.3.


I've not played with it at all, and probably won't for some time, 
but I've been bitten by that more than once.


Nice thing about 5.2.x as far as linux goes anyway, installing it is 
cake from the package repositories. Using package repositories for 
php installs is suggested as security fixes can be updated with ease.


As someone running a newer version of php (5.2.9) than what my 
distro ships with, here are some of the issues:


A) I needed to create packages so that I could RPM install various 
stuff, like Squirelmail, etc. - and get the security updates for 
them from my OS vendor (CentOS or EPEL repods). So to do that, I 
used the Fedora src.rpm.


B) When building php rpm's on my system, the %check portion of the 
spec file (runs make test I believe) fails sometimes if there is an 
existing php install. To solve that, you have to build it in mock.


C) Mock needs a lot of disk space and will download a lot of 
packages, if you don't local mirror the update repositories, it can 
be really time consuming. Furthermore, occasionally the build list 
for mock is broken making it un-usable for package building.


I have to use 5.2.x because I need a pecl extension that does not 
work with 5.1.x - and building rpm myself lets me add suhosin patch 
(to the fedora spec file) but unless your Linux students want to do 
absolutely everything php by source and not have anything installed 
from the package managers that rely on php, I would highly suggest 
that they use whatever version of php their distro of choice has in 
its stable repositories.


-=-

Since you are teaching students, one pet peeve of mine that I see in 
web app after web app after web app - they have an admin interface 
that writes a php file which the app then parses as php. Often they 
even instruct the person installing the web app to have 777 
permissions of directories and/or files within the web root.


There's a better way. Either store the configuration settings in a 
database (obviously can't store database connection setting in the 
database ...) or store them in an xml file, not php.


You can write and read the xml file with any number of existing php 
functions. And the config file should not be in the web root, 
nothing the web server can write to should be in the document root.


Applications (like Gallery and I think joomla and wordpress) often 
want write permission to the document root so they can have a web 
interface to install/update their modules - but it creates a 
security risk. It's better to install the modules you want from a 
distro vendor repository so you can keep them up to date that way, 
and hence, it's better to use a packaged php install so that the 
dependencies are met.


Sorry for rambling, but the trend of web server having write 
permissions to files the web server then executes (and often in the 
web root) is a trend that needs to stop. So flunk the students that 
do it ;)
And how do you propose people get around open_basedir restrictions 
which is common in many Plesk environments?


There is nothing wrong with having the above mentioned write access 
if it is properly protected.
Nothing wrong other than any vulnerability in apache (or a module 
apache loads or cgi/server script code) that allows a malicious user 
to write data as the apache user can now do so inside the web root 
where they can then request it causing php/perl/python/whatever to 
execute the code they just wrote.
This is fear mongering. 


No. It is not.
The web root should be read only.


Please cite references as to why it should be read only. Please explain 
why

Re: [PHP] Progressbar

2009-06-24 Thread Michael A. Peters 

Michael A. Peters wrote:

Morris wrote:
Assumed you are using form uploading, could redirect to the page 
itself and play a Flash while uploading.

I think this is the simplest way other than putting in mass codes


I open up a small window via javascript that then uses javascript and 
css to make a progress bar.


I'll share the code if anyone wants it, though it probably needs some 
tweaking as I don't think it validates. It works though.


http://www.clfsrpm.net/excode/uploadprogress.phps

and

http://www.clfsrpm.net/excode/uploadiframe.phps

in the form, BEFORE the file inputs, a hidden input -

$upid = md5(microtime() . rand());

value="" />


Then when submit is clicked, it open a new window with the src

uploadprogress.php?ID=

for rpm linux users, a src.rpm for uploadprogress is here:

http://www.clfsrpm.net/php/

1.0.1 is now out, but I haven't updated to it yet.

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Including "Due by" in an email sent from PHP program

2009-06-24 Thread Ravi 
Hi: does anyone know how to include a "Due by" attribute with a dare in 
an email that is sent from a PHP script. This value is acts as an 
reminder when the email is in Outlook.


TIA

--
Thank you,
RaVi



--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] supplied argument errors

2009-06-24 Thread David Robley 
PJ wrote:

> Lex Braun wrote:
>>
>>
>> On Tue, Jun 23, 2009 at 4:10 PM, PJ > > wrote:
>>
>> I think there is something I do not understand in the manual about
>> mysql_fetch_assoc(), mysql_affected_rows()
>> The code works, but I get these annoying messages.
>> snippet:
>>
>> 
>> What are the warnings?
> 1 .supplied argument is not a valid MySQL result resource
> 2. supplied argument is not a valid MySQL-link resource
> 
> snippet:
> $result = mysql_query($sql, $db); // this is following an UPDATE
>   $row = mysql_fetch_assoc($result); // warning... 1.
>   if (mysql_affected_rows($result) !== -1) //warning...2.
> print_r($result); // returns 1
> 
> another:
>  $sql = "DELETE FROM book_categories WHERE bookID = $bid";
> $result = mysql_query($sql, $db); // warning...1.
>   $row = mysql_fetch_assoc($result); // warning...1.
> if (mysql_num_rows($result) !== 0) {
> the last:
>   $result = mysql_query($sql,$db); // following an INSERT
> if (mysql_affected_rows($result) == -1) {  // warning2.
> 
> 
> 

Oh for $deity's sake, haven't you yet learned to a) echo your query and b)
use mysql_error() as aids to debugging errors with mysql ???



Cheers
-- 
David Robley

Imagery is All In The Mind.
Today is Setting Orange, the 29th day of Confusion in the YOLD 3175. 


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] CSV file

2009-06-24 Thread Alain Roger 
Hi,

i would like to import the content of a CSV file into my database.
but in order to show a progress bar to user  (to let him know that process
is still working on) i would like to determine before to start, how many
records / lines are in the CSV file.
is there a way to do that ?
thanks a lot.

-- 
Alain
---
Windows XP x64 SP2 / Fedora 10 KDE 4.2
PostgreSQL 8.3.5 / MS SQL server 2005
Apache 2.2.10
PHP 5.2.6
C# 2005-2008

Re: [PHP] CSV file

2009-06-24 Thread Jonathan Tapicer 
You can read the whole file (file_get_contents) and count the number
of "\n" in it, or read it line by line with fgets and store the lines
in an array, and then the number of lines is the count() of the array,
and you can use that array to store it in the database.

Jonathan

On Wed, Jun 24, 2009 at 9:05 AM, Alain Roger wrote:
> Hi,
>
> i would like to import the content of a CSV file into my database.
> but in order to show a progress bar to user  (to let him know that process
> is still working on) i would like to determine before to start, how many
> records / lines are in the CSV file.
> is there a way to do that ?
> thanks a lot.
>
> --
> Alain
> ---
> Windows XP x64 SP2 / Fedora 10 KDE 4.2
> PostgreSQL 8.3.5 / MS SQL server 2005
> Apache 2.2.10
> PHP 5.2.6
> C# 2005-2008
>

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Including "Due by" in an email sent from PHP program

2009-06-24 Thread Bastien Koert 
On Wed, Jun 24, 2009 at 6:54 AM, Ravi wrote:
> Hi: does anyone know how to include a "Due by" attribute with a dare in an
> email that is sent from a PHP script. This value is acts as an reminder when
> the email is in Outlook.
>
> TIA
>
> --
> Thank you,
> RaVi
>
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>

You would need to include the iCAL or vCAL standard to allow Outlook
to add it to the calendar.

-- 

Bastien

Cat, the other other white meat

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] CSV file

2009-06-24 Thread Richard Heyes 
Hi,

> You can read the whole file (file_get_contents) and count the number
> of "\n" in it, or read it line by line with fgets and store the lines
> in an array, and then the number of lines is the count() of the array,
> and you can use that array to store it in the database.

If you have a billion line CSV then speed may suffer somewhat though.
Best to still use fgets()  or fgetcsv() and count as you go.

-- 
Richard Heyes
HTML5 graphing: RGraph (www.rgraph.net - updated 20th June)
PHP mail: RMail (www.phpguru.org/rmail)
PHP datagrid: RGrid (www.phpguru.org/rgrid)
PHP Template: RTemplate (www.phpguru.org/rtemplate)
PHP SMTP: http://www.phpguru.org/smtp

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] CSV file

2009-06-24 Thread Jonathan Tapicer 
If you want to know how many lines there are *before* inserting to the
database, you can't count "as you go", you have to either read the
file twice or read it once, store it memory in a variable and then
insert in the database.

On Wed, Jun 24, 2009 at 11:12 AM, Richard Heyes wrote:
> Hi,
>
>> You can read the whole file (file_get_contents) and count the number
>> of "\n" in it, or read it line by line with fgets and store the lines
>> in an array, and then the number of lines is the count() of the array,
>> and you can use that array to store it in the database.
>
> If you have a billion line CSV then speed may suffer somewhat though.
> Best to still use fgets()  or fgetcsv() and count as you go.
>
> --
> Richard Heyes
> HTML5 graphing: RGraph (www.rgraph.net - updated 20th June)
> PHP mail: RMail (www.phpguru.org/rmail)
> PHP datagrid: RGrid (www.phpguru.org/rgrid)
> PHP Template: RTemplate (www.phpguru.org/rtemplate)
> PHP SMTP: http://www.phpguru.org/smtp
>

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] anyone using session_mysql successfully

2009-06-24 Thread Shawn McKenzie 
Michael A. Peters wrote:
> Randy Paries wrote:
>> Hello,
>> i am trying to get session_mysql
>>
>> http://websupport.sk/~stanojr/projects/session_mysql/
>>
>> It configured, compiled and installed ok (no errors anyways)
>>
>> but i am getting an error
>> session_start() [> href='function.session-start'>function.session-start]: Cannot find
>> save handler mysql in
>>
>> I was hoping someone in the group was using this and has seen the error
>>
>> Thanks
>> Randy
>>
> 
> Not sure about your problem but you shouldn't need to use a compiled
> module to use MySQL (or any other database) for sessions.
> 
> There are several tutorials on the web, not of which involve compiling
> squat.

Just use this:
http://us.php.net/manual/en/function.session-set-save-handler.php


And define functions for the different operations.

-- 
Thanks!
-Shawn
http://www.spidean.com

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] CSV file

2009-06-24 Thread Stuart 
2009/6/24 Jonathan Tapicer :
> If you want to know how many lines there are *before* inserting to the
> database, you can't count "as you go", you have to either read the
> file twice or read it once, store it memory in a variable and then
> insert in the database.

Do it in bytes rather than lines, then you don't waste time loading
the file twice and you'll get the same end result.

-Stuart

-- 
http://stut.net/

> On Wed, Jun 24, 2009 at 11:12 AM, Richard Heyes wrote:
>> Hi,
>>
>>> You can read the whole file (file_get_contents) and count the number
>>> of "\n" in it, or read it line by line with fgets and store the lines
>>> in an array, and then the number of lines is the count() of the array,
>>> and you can use that array to store it in the database.
>>
>> If you have a billion line CSV then speed may suffer somewhat though.
>> Best to still use fgets()  or fgetcsv() and count as you go.
>>
>> --
>> Richard Heyes
>> HTML5 graphing: RGraph (www.rgraph.net - updated 20th June)
>> PHP mail: RMail (www.phpguru.org/rmail)
>> PHP datagrid: RGrid (www.phpguru.org/rgrid)
>> PHP Template: RTemplate (www.phpguru.org/rtemplate)
>> PHP SMTP: http://www.phpguru.org/smtp
>>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] chmod - Opertaion not permitted in ....

2009-06-24 Thread Shawn McKenzie 
Michael A. Peters wrote:
> Morris wrote:
>> Hi all
>> Got a problem don't know how to get in really..
>>
>> simple code:
>> >
>> chmod("/aaa/bbb.php", 0777);
>>
>> ?>
>>
>> and I get a warning says "Operations not permitted in ."
>>
>> Anyone met this before? I've done quite a lot reading on Google but
>> couldn't
>> get to it.
>>
>> THanks
>>
> 
> Many servers do not allow the apache (or php) to change file permissions.

Most likely the apache user doesn't own the file.  You can't CHMOD a
file if you don't own it.

-- 
Thanks!
-Shawn
http://www.spidean.com

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] best way to communicate between PHP, Flash/Actionscript across LAN

2009-06-24 Thread tedd 

At 12:33 PM -0700 6/23/09, Daevid Vincent wrote:

Other solutions seem
to involve (hackishly) polling every x seconds. Seems there should be a
better way.

d


There might not be a better solution.

This is an example of javascript poling a php script:

http://webbytedd.com/b/timed-php/

This is simply client-side <-> sever-side communication. How that 
might solve your problem is beyond my understanding of what you are 
trying to do. I'm not a hardware guy.


Cheers,

tedd
--
---
http://sperling.com  http://ancientstones.com  http://earthstones.com

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] best way to communicate between PHP, Flash/Actionscript across LAN

2009-06-24 Thread tedd 

At 10:30 AM -0400 6/24/09, tedd wrote:

At 12:33 PM -0700 6/23/09, Daevid Vincent wrote:

Other solutions seem
to involve (hackishly) polling every x seconds. Seems there should be a
better way.

d


There might not be a better solution.

This is an example of javascript poling a php script:



Before Rob beats me to it, I should have said:

   This is an example of javascript polling a php script:

Next thing I know, he'll be asking just how can javascript stick it 
to php?  :-)


Cheers,

tedd


--
---
http://sperling.com  http://ancientstones.com  http://earthstones.com

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] I've some doubts if I should go with 5.2 or go already with 5.3 (for a course)

2009-06-24 Thread Per Jessen 
Robert Cummings wrote:

> It's hard to create a helpful application when fort knox is your
> delivery location. I'm not saying there's a problem with Fort Knoxes
> in the world, but this isn't necessary for everyone. if it were we
> wouldn't have banks, we wouldn't have credit unions, we'd all be going
> to Fort Knox to make our deposits and withdrawals. One size does NOT
> fit all.

If you're running with AppArmor or SELinux in 'enforce' mode, we could
begin to talk about Fort Knox, but not letting the webserver write to
the DocumentRoot is just a pretty sound precaution.  It is unfortunate
that many popular PHP apps were written/designed to expect that kind of
access (at least during initial configuration). 

>> modules), so one should have a strict policy of never having
>> directories or files inside the web root that the web server has
>> write permission to.
> 
> Why? You still haven't given a good reason. I am the master of my
> environment, if I know what I'm putting into my environment then who
> is to tell me my setup is wrong? 

Rob, for the same reason you make all kinds of other restrictions - you
are not necessarily the master of your own environment.  I also think I
am the master of my mailserver, but I still run a firewall.  


/Per

-- 
Per Jessen, Zürich (11.5°C)


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Progressbar

2009-06-24 Thread tedd 

At 7:55 AM +0200 6/24/09, Teun Lassche wrote:

I'm making an upload script with PHP, is there a way I can show a
progressbar while uploading?

--
Teun Lassche


It's not a progress bar, but it's a heck of a lot simpler:

http://webbytedd.com/bb/wait/

The biggest problem in uploading a file is figuring out how large it 
is. You can't find that out in php and Javascript is limited in what 
information it can access. I found the problem more trouble than it 
was worth to fix. Besides, what does the user need to see while an 
operation is underway?


Cheers,

tedd

--
---
http://sperling.com  http://ancientstones.com  http://earthstones.com

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] I've some doubts if I should go with 5.2 or go already with 5.3 (for a course)

2009-06-24 Thread Robert Cummings 



Per Jessen wrote:

Robert Cummings wrote:


It's hard to create a helpful application when fort knox is your
delivery location. I'm not saying there's a problem with Fort Knoxes
in the world, but this isn't necessary for everyone. if it were we
wouldn't have banks, we wouldn't have credit unions, we'd all be going
to Fort Knox to make our deposits and withdrawals. One size does NOT
fit all.


If you're running with AppArmor or SELinux in 'enforce' mode, we could
begin to talk about Fort Knox, but not letting the webserver write to
the DocumentRoot is just a pretty sound precaution.  It is unfortunate
that many popular PHP apps were written/designed to expect that kind of
access (at least during initial configuration). 


modules), so one should have a strict policy of never having
directories or files inside the web root that the web server has
write permission to.

Why? You still haven't given a good reason. I am the master of my
environment, if I know what I'm putting into my environment then who
is to tell me my setup is wrong? 


Rob, for the same reason you make all kinds of other restrictions - you
are not necessarily the master of your own environment.  I also think I
am the master of my mailserver, but I still run a firewall.


You run a firewall BECAUSE you are the master of your environment. 
Similarly, I choose a host that has or has not restrictions BECAUSE I am 
the master of my environment. Mastery includes what you choose for 
yourself. Personally, I prefer having my code outside the DocumentRoot 
also, but I do not believe it is the simplest solution, and I do not 
think it is "wrong" to place such information within the DocumentRoot. 
The feature exists, application developers have chosen to use the 
feature, it may be less secure, but it is not wrong. Not using AppArmor 
is less secure, but it is not wrong. It is one thing for Michael to 
argue that it is less secure, but he did not, he claimed the 
DocumentRoot should be read only and otherwise is wrong. This 
fundamentally changes the nature of the debate. Your argument is 
perfectly valid "less secure", perhaps, but wrong? Should never be done? 
Sorry, I'm not swallowing the medicine.


Cheers,
Rob.
--
http://www.interjinn.com
Application and Templating Framework for PHP

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] CSV file

2009-06-24 Thread Shawn McKenzie 
Stuart wrote:
> 2009/6/24 Jonathan Tapicer :
>> If you want to know how many lines there are *before* inserting to the
>> database, you can't count "as you go", you have to either read the
>> file twice or read it once, store it memory in a variable and then
>> insert in the database.
> 
> Do it in bytes rather than lines, then you don't waste time loading
> the file twice and you'll get the same end result.
> 
> -Stuart

  ^Winner!


$file_name = '/path/to/file.csv';
$file_size = filesize($file_name);
$bytes_read = 0;
$new_percentage = 0;

$handle = fopen($file_name, 'r');

if ($handle) {
while (!feof($handle)) {
$line = fgets($handle);
$bytes_read = $bytes_read + strlen($line);

//insert line into DB

$new_percentage = round($bytes_read / $file_size * 100, 0);

if ($new_percentage > $percentage) {
$percentage = $new_percentage;
echo $percentage . "%\n";
flush();
}
}
fclose($handle);
}

-- 
Thanks!
-Shawn
http://www.spidean.com

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] I've some doubts if I should go with 5.2 or go already with 5.3 (for a course)

2009-06-24 Thread Per Jessen 
Robert Cummings wrote:

> Personally, I prefer having my code outside the DocumentRoot
> also, but I do not believe it is the simplest solution, and I do not
> think it is "wrong" to place such information within the DocumentRoot.
> The feature exists, application developers have chosen to use the
> feature, it may be less secure, but it is not wrong. 

Are we just discussing semantics then?  I agree it's not wrong as such,
but right and wrong are usually determined by the environment one is in
and in a security-aware environment (such as I know them), letting the
webserver write to the DocumentRoot would be wrong. Elsewhere it is
perhaps at worst ill-advised. 


/Per

-- 
Per Jessen, Zürich (11.5°C)


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] I've some doubts if I should go with 5.2 or go already with 5.3 (for a course)

2009-06-24 Thread Robert Cummings 



Per Jessen wrote:

Robert Cummings wrote:


Personally, I prefer having my code outside the DocumentRoot
also, but I do not believe it is the simplest solution, and I do not
think it is "wrong" to place such information within the DocumentRoot.
The feature exists, application developers have chosen to use the
feature, it may be less secure, but it is not wrong. 


Are we just discussing semantics then?  I agree it's not wrong as such,
but right and wrong are usually determined by the environment one is in
and in a security-aware environment (such as I know them), letting the
webserver write to the DocumentRoot would be wrong. Elsewhere it is
perhaps at worst ill-advised.


I prefer "proceed with caution" :)

Cheers,
Rob.
--
http://www.interjinn.com
Application and Templating Framework for PHP

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] I've some doubts if I should go with 5.2 or go already with 5.3 (for a course)

2009-06-24 Thread Daniel Brown 
On Wed, Jun 24, 2009 at 13:24, Robert Cummings wrote:
>
> I prefer "proceed with caution" :)

Robjects in mirror are closer than they appear?

-- 

daniel.br...@parasane.net || danbr...@php.net
http://www.parasane.net/ || http://www.pilotpig.net/
50% Off All Shared Hosting Plans at PilotPig: Use Coupon DOW1

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] chmod - Opertaion not permitted in ....

2009-06-24 Thread Ashley Sheridan 
On Wed, 2009-06-24 at 09:23 -0500, Shawn McKenzie wrote:
> Michael A. Peters wrote:
> > Morris wrote:
> >> Hi all
> >> Got a problem don't know how to get in really..
> >>
> >> simple code:
> >>  >>
> >> chmod("/aaa/bbb.php", 0777);
> >>
> >> ?>
> >>
> >> and I get a warning says "Operations not permitted in ."
> >>
> >> Anyone met this before? I've done quite a lot reading on Google but
> >> couldn't
> >> get to it.
> >>
> >> THanks
> >>
> > 
> > Many servers do not allow the apache (or php) to change file permissions.
> 
> Most likely the apache user doesn't own the file.  You can't CHMOD a
> file if you don't own it.
> 
> -- 
> Thanks!
> -Shawn
> http://www.spidean.com
> 
Well, technically speaking you can, if you are part of the same group
and it has group permissions, or it has permissions allowing anyone to
modify it :p

Thanks
Ash
www.ashleysheridan.co.uk


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] CSV file

2009-06-24 Thread Richard Heyes 
Hi,

> If you want to know how many lines there are *before* inserting to the
> database, you can't count "as you go", you have to either read the
> file twice or read it once, store it memory in a variable and then
> insert in the database.

Sure you can, simply do the line count first, then the insert. If it's
a big file it will still be quicker than reading the whole thing into
memory.

-- 
Richard Heyes
HTML5 graphing: RGraph (www.rgraph.net - updated 20th June)
PHP mail: RMail (www.phpguru.org/rmail)
PHP datagrid: RGrid (www.phpguru.org/rgrid)
PHP Template: RTemplate (www.phpguru.org/rtemplate)
PHP SMTP: http://www.phpguru.org/smtp

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] chmod - Opertaion not permitted in ....

2009-06-24 Thread Shawn McKenzie 
Ashley Sheridan wrote:
> On Wed, 2009-06-24 at 09:23 -0500, Shawn McKenzie wrote:
>> Michael A. Peters wrote:
>>> Morris wrote:
 Hi all
 Got a problem don't know how to get in really..

 simple code:
 >>>
 chmod("/aaa/bbb.php", 0777);

 ?>

 and I get a warning says "Operations not permitted in ."

 Anyone met this before? I've done quite a lot reading on Google but
 couldn't
 get to it.

 THanks

>>> Many servers do not allow the apache (or php) to change file permissions.
>> Most likely the apache user doesn't own the file.  You can't CHMOD a
>> file if you don't own it.
>>
>> -- 
>> Thanks!
>> -Shawn
>> http://www.spidean.com
>>
> Well, technically speaking you can, if you are part of the same group
> and it has group permissions,

technically speaking, No

 or it has permissions allowing anyone to
> modify it :p

technically speaking, No

> 
> Thanks
> Ash
> www.ashleysheridan.co.uk
> 


-- 
Thanks!
-Shawn
http://www.spidean.com

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] I've some doubts if I should go with 5.2 or go already with 5.3 (for a course)

2009-06-24 Thread HallMarc Websites 


> -Original Message-
> From: paras...@gmail.com [mailto:paras...@gmail.com] On Behalf Of
> Daniel Brown
> Sent: Wednesday, June 24, 2009 1:34 PM
> To: Robert Cummings
> Cc: Per Jessen; php-general@lists.php.net
> Subject: Re: [PHP] I've some doubts if I should go with 5.2 or go
> already with 5.3 (for a course)
> 
> On Wed, Jun 24, 2009 at 13:24, Robert Cummings
> wrote:
> >
> > I prefer "proceed with caution" :)
> 
> Robjects in mirror are closer than they appear?
> 
> --
> 
> daniel.br...@parasane.net || danbr...@php.net
> http://www.parasane.net/ || http://www.pilotpig.net/
> 50% Off All Shared Hosting Plans at PilotPig: Use Coupon DOW1
> 
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
> 
> 
> __ Information from ESET Smart Security, version of virus
> signature database 4185 (20090624) __
> 
> The message was checked by ESET Smart Security.
> 
> http://www.eset.com
> 
[Marc Hall - HallMarc Websites - http://www.hallmarcwebsites.com
610.446.3346]  

Nice one. :o) 
Now, for my two centavos:

I think anyone needs to base any decision regarding security measures within
the context of the current project and what it is you are trying to protect.
It seems to go without saying that you should also be aware of your host
environment and any limitations, etc that may arise. Fort Knox has the
security that it does because of what it is contracted to protect while the
banks have their own pared down version of security based on what they are
protecting. 

As far as which version of PHP to include in your curriculum, I suggest
staying with 5.2 for now and add in information about 5.3 and the changes we
expect to see and what they mean to all concerned.

As I once saw in someone elses sig line
"Invoice for $0.02 will be sent post-haste."



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] CSV file

2009-06-24 Thread Jonathan Tapicer 
To do the line count first, you have to read the whole file, how would
you do it?

On Wed, Jun 24, 2009 at 3:00 PM, Richard Heyes wrote:
> Hi,
>
>> If you want to know how many lines there are *before* inserting to the
>> database, you can't count "as you go", you have to either read the
>> file twice or read it once, store it memory in a variable and then
>> insert in the database.
>
> Sure you can, simply do the line count first, then the insert. If it's
> a big file it will still be quicker than reading the whole thing into
> memory.
>
> --
> Richard Heyes
> HTML5 graphing: RGraph (www.rgraph.net - updated 20th June)
> PHP mail: RMail (www.phpguru.org/rmail)
> PHP datagrid: RGrid (www.phpguru.org/rgrid)
> PHP Template: RTemplate (www.phpguru.org/rtemplate)
> PHP SMTP: http://www.phpguru.org/smtp
>

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] CSV file

2009-06-24 Thread Richard Heyes 
Hi,

> To do the line count first, you have to read the whole file, how would
> you do it?

Something like this:

$fp = fopen('/tmp/foo', 'r');
$count = 0;

while (!feof($fp)) {
  fgets($fp);
  ++$count;
}

--
Richard Heyes
HTML5 graphing: RGraph (www.rgraph.net - updated 20th June)
PHP mail: RMail (www.phpguru.org/rmail)
PHP datagrid: RGrid (www.phpguru.org/rgrid)
PHP Template: RTemplate (www.phpguru.org/rtemplate)
PHP SMTP: http://www.phpguru.org/smtp

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] I've some doubts if I should go with 5.2 or go already with 5.3 (for a course)

2009-06-24 Thread Michael A. Peters 

Robert Cummings wrote:
* snip *


No. It is not.
The web root should be read only.


Please cite references as to why it should be read only. Please explain 
why the feature exists if it should not be so.


The feature exists because the web server runs as a standard user, and 
standard users have permission to directories they have write permission to.


In a properly administered web server, the apache user only has read 
permission to the contents of the web root.




I could make the same argument that making use of a webserver opens 
you up to any vulnerability in the webserver that may provide access 
to the entire filesystem. The intended purpose of the webserver is 
not to allow such access when configured properly, and so it is an 
exceptional circumstance when such security is compromised.


These compromises do happen, which is why the web root should be read 
only to the web server and any data the web server has write access to 
should be validated before it is used.


And the operating system?


Operating system doesn't matter.
The web server should not have write permission to directories/files 
within the web root.





It isn't hard to do.


It's hard to create a helpful application when fort knox is your 
delivery location. I'm not saying there's a problem with Fort Knoxes in 
the world, but this isn't necessary for everyone. if it were we wouldn't 
have banks, we wouldn't have credit unions, we'd all be going to Fort 
Knox to make our deposits and withdrawals. One size does NOT fit all.


I'm sick and tired of owned boxes spamming me.
It's been so bad at time I though my spam filters were crap, and I 
looked at the large number of messages they did catch.


I'm tired of XSS attacks. I run with scripting disabled for most sites, 
which makes the web a pain in the arse because most web pages out there 
are done by clueless hacks who expect me to allow them to send arbitrary 
code to be executed on my machine.


Very often these XSS attacks are the result of compromised boxes.

Yes, people need to run secure web servers. Yes, application developers 
need to take security into consideration before uploading their project 
for public consumption.


Kind of scenario that happens all the time:

Jane, a non technical person, has a soft spot for the Desert Tortoise. 
She buys a cheap web account and sets up a blog on it. She gives an 
account to her friend betty.


Betty's webmail account is compromised by an XSS attack (happens all the 
time, even has happened to gmail). Now the attacker has access to 
Betty's mail including her password. He logs on to Betty's account and 
modifies a blog, adding an image that isn't an image, and either 
successfully now has an XSS attack on Jane's blog, or possibly have even 
rooted the server Jane's account is with through a local exploit he was 
able to get the apache server to run because he was able to upload a 
perl or php script inside the web root.




Just as an example, I was looking for a simplistic blog to add to my 
website. The install script didn't even work because it used system 
and exec calls which many servers (including mine) do not allow.


This is a problem with your setup. I make use of exec() calls often 
enough when within a Linux environment. If this is a known parameter of 
the application, then it is not incorrect to use exec(). It is common to 
build upon existing shell binaries.


Vast majority of stuff can be done with pure php via php modules and 
extensions. Allowing exec() or system() is extremely dangerous.


Yes, I do allow it for my squirrelmail install, but fixing that is on my 
todo list.




A specific instance of a poorly designed application does not stand as 
the model for all applications. There are countless examples of bad 
programming and exploits at pretty much every level of a system. These 
do not suggest we should not use computers.


No, but it does suggest we need to think about security, such as not 
having web server writeable files in the web root and not having the web 
server write files it then parses as php (extremely common practice for 
app configuration files) - especially when it is cake to use a database 
or flat file (IE xml) for configuration, allowing parsing of the values 
read to make sure they are sane and avoiding addition of declarations 
you don't want.




So with some hand waving and fluttering of your eyes you've eliminated 
(or at least completely ignored) all the Windows machines in the world. 


No. I haven't.
For years, the LaTeX community had a package manager for Windows 
installs that was in fact superior to any TeX package management on any 
UN*X environment I ever saw.


Now with TeXLive tlmgr there is finally good TeX package management for 
every OS.


There are far more php users than TeX users, there is no good reason why 
such a package manager does not already exist for php in the Windows 
environment. It would be an excellent addition to the WAMP stack.


The Windows P

Re: [PHP] CSV file

2009-06-24 Thread Eddie Drapkin 
or $arr = file('foo.csv'); $count = count($arr);

On Wed, Jun 24, 2009 at 5:19 PM, Richard Heyes wrote:
> Hi,
>
>> To do the line count first, you have to read the whole file, how would
>> you do it?
>
> Something like this:
>
> $fp = fopen('/tmp/foo', 'r');
> $count = 0;
>
> while (!feof($fp)) {
>  fgets($fp);
>  ++$count;
> }
>
> --
> Richard Heyes
> HTML5 graphing: RGraph (www.rgraph.net - updated 20th June)
> PHP mail: RMail (www.phpguru.org/rmail)
> PHP datagrid: RGrid (www.phpguru.org/rgrid)
> PHP Template: RTemplate (www.phpguru.org/rtemplate)
> PHP SMTP: http://www.phpguru.org/smtp
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] I've some doubts if I should go with 5.2 or go already with 5.3 (for a course)

2009-06-24 Thread Daniel Brown 
On Wed, Jun 24, 2009 at 17:19, Michael A. Peters wrote:
>
> Jane, a non technical person [...]
>
> Betty's webmail account is compromised [...]

Bottom line: hax0r5 hate g1rls.

-- 

daniel.br...@parasane.net || danbr...@php.net
http://www.parasane.net/ || http://www.pilotpig.net/
50% Off All Shared Hosting Plans at PilotPig: Use Coupon DOW1

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: idiot proofing

2009-06-24 Thread Shawn McKenzie 
PJ wrote:
> I have a bit of a situation.
> I have set up addBooks, editBooks and deleteBooks pages. Before
> complicating my life & mixing them up in one file, I am running tests.
> I'd like to make them idiot proof, up to a point.
> When the page is submitted and the code is parsed, the form inputs
> remain on the screen along with the submit buttons.
> I'm not sure of what is the normal way of closing/hiding/wiping the
> screen output before showing the result output of the operation.
> I do not want a user to resubmit the input which is still in the input
> $strings.
> I am wondering if I should be using some code to clear the inputs like
> unsetting??? sessions or a break or am I doing something wrong with the
> flow of the code?
> I'd like to leave the pages with only the output of success (or failure)
> and links to do another add/edit/delete operation.
> Thanks for any suggestions.
> 

I've never tried it, but you can possibly submit to an intermediate page
that stuffs the post vars into a session, echos "please wait" and then
redirects to the page that does the processing.  The processing page
gets the sessions vars and does its business.

-- 
Thanks!
-Shawn
http://www.spidean.com

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] I've some doubts if I should go with 5.2 or go already with 5.3 (for a course)

2009-06-24 Thread Robert Cummings 



Michael A. Peters wrote:

Robert Cummings wrote:
* snip *

No. It is not.
The web root should be read only.
Please cite references as to why it should be read only. Please explain 
why the feature exists if it should not be so.


The feature exists because the web server runs as a standard user, and 
standard users have permission to directories they have write permission to.


In a properly administered web server, the apache user only has read 
permission to the contents of the web root.


I could make the same argument that making use of a webserver opens 
you up to any vulnerability in the webserver that may provide access 
to the entire filesystem. The intended purpose of the webserver is 
not to allow such access when configured properly, and so it is an 
exceptional circumstance when such security is compromised.
These compromises do happen, which is why the web root should be read 
only to the web server and any data the web server has write access to 
should be validated before it is used.

And the operating system?


Operating system doesn't matter.
The web server should not have write permission to directories/files 
within the web root.



It isn't hard to do.
It's hard to create a helpful application when fort knox is your 
delivery location. I'm not saying there's a problem with Fort Knoxes in 
the world, but this isn't necessary for everyone. if it were we wouldn't 
have banks, we wouldn't have credit unions, we'd all be going to Fort 
Knox to make our deposits and withdrawals. One size does NOT fit all.


I'm sick and tired of owned boxes spamming me.
It's been so bad at time I though my spam filters were crap, and I 
looked at the large number of messages they did catch.


I'm tired of XSS attacks. I run with scripting disabled for most sites, 
which makes the web a pain in the arse because most web pages out there 
are done by clueless hacks who expect me to allow them to send arbitrary 
code to be executed on my machine.


Very often these XSS attacks are the result of compromised boxes.

Yes, people need to run secure web servers. Yes, application developers 
need to take security into consideration before uploading their project 
for public consumption.


Kind of scenario that happens all the time:

Jane, a non technical person, has a soft spot for the Desert Tortoise. 
She buys a cheap web account and sets up a blog on it. She gives an 
account to her friend betty.


Betty's webmail account is compromised by an XSS attack (happens all the 
time, even has happened to gmail). Now the attacker has access to 
Betty's mail including her password. He logs on to Betty's account and 
modifies a blog, adding an image that isn't an image, and either 
successfully now has an XSS attack on Jane's blog, or possibly have even 
rooted the server Jane's account is with through a local exploit he was 
able to get the apache server to run because he was able to upload a 
perl or php script inside the web root.


Just as an example, I was looking for a simplistic blog to add to my 
website. The install script didn't even work because it used system 
and exec calls which many servers (including mine) do not allow.
This is a problem with your setup. I make use of exec() calls often 
enough when within a Linux environment. If this is a known parameter of 
the application, then it is not incorrect to use exec(). It is common to 
build upon existing shell binaries.


Vast majority of stuff can be done with pure php via php modules and 
extensions. Allowing exec() or system() is extremely dangerous.


Yes, I do allow it for my squirrelmail install, but fixing that is on my 
todo list.


A specific instance of a poorly designed application does not stand as 
the model for all applications. There are countless examples of bad 
programming and exploits at pretty much every level of a system. These 
do not suggest we should not use computers.


No, but it does suggest we need to think about security, such as not 
having web server writeable files in the web root and not having the web 
server write files it then parses as php (extremely common practice for 
app configuration files) - especially when it is cake to use a database 
or flat file (IE xml) for configuration, allowing parsing of the values 
read to make sure they are sane and avoiding addition of declarations 
you don't want.


So with some hand waving and fluttering of your eyes you've eliminated 
(or at least completely ignored) all the Windows machines in the world. 


No. I haven't.
For years, the LaTeX community had a package manager for Windows 
installs that was in fact superior to any TeX package management on any 
UN*X environment I ever saw.


Now with TeXLive tlmgr there is finally good TeX package management for 
every OS.


There are far more php users than TeX users, there is no good reason why 
such a package manager does not already exist for php in the Windows 
environment. It would be an excellent addition to the WAMP stack.


The W

[PHP] idiot proofing

2009-06-24 Thread PJ 
I have a bit of a situation.
I have set up addBooks, editBooks and deleteBooks pages. Before
complicating my life & mixing them up in one file, I am running tests.
I'd like to make them idiot proof, up to a point.
When the page is submitted and the code is parsed, the form inputs
remain on the screen along with the submit buttons.
I'm not sure of what is the normal way of closing/hiding/wiping the
screen output before showing the result output of the operation.
I do not want a user to resubmit the input which is still in the input
$strings.
I am wondering if I should be using some code to clear the inputs like
unsetting??? sessions or a break or am I doing something wrong with the
flow of the code?
I'd like to leave the pages with only the output of success (or failure)
and links to do another add/edit/delete operation.
Thanks for any suggestions.

-- 
Hervé Kempf: "Pour sauver la planète, sortez du capitalisme."
-
Phil Jourdan --- p...@ptahhotep.com
   http://www.ptahhotep.com
   http://www.chiccantine.com/andypantry.php


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] I've some doubts if I should go with 5.2 or go already with 5.3 (for a course)

2009-06-24 Thread Michael A. Peters 

Robert Cummings wrote:



I respectfully disagree with your position. Everything you have 
described about Jane is also true of an operating system. There are 
compromised machines all over the world just because installing an 
operating system is so easy. No amount of packaging is going to solve 
the problem created by bad software and idiots.


But php coders writing code that follows basic policy rules does reduce 
the problem. Such policies include not writing your app so the install 
instructions tell the user to chmod 777 directories and files within the 
web root.


Since the OP is teaching a class, that's an important concept student 
need to understand.


Yes, there will always be mis-behaving apps. There will also be well 
written applications that are vulnerable simply because they use a 
vulnerable module or class. Creating a secure development policy and 
implementing it greatly reduces your well written application from being 
an attack vector when those issues exist, and they will always exist.


Similarly, web developers (php and other) need to start following and 
implementing the CSP recommendation at Mozilla.org. In a perfect world 
where we could guarantee our web apps were not vulnerable to XSS 
injection, a web app would never have to send headers telling the client 
what is allowed and from where, but as we don't live in a perfect world, 
it is the right thing to do - even though it makes coding a lot more 
tedious.


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] How to sort a two-D ARRAY

2009-06-24 Thread salmarayan 

Can Anyone tell me how to sort two D Array 
for example like this one based on the gain
Array ( [0] => Array ( [company_name] =>X [gain] => 0.2 ) [1] => Array (
[company_name] => y[gain] => 0.34 )[2]1] => Array ( [company_name] =>z[gain]
=> 2 )  )
Thanks in advance
-- 
View this message in context: 
http://www.nabble.com/How-to-sort-a-two-D-ARRAY-tp24193925p24193925.html
Sent from the PHP - General mailing list archive at Nabble.com.


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: idiot proofing

2009-06-24 Thread Bastien Koert 
On Wed, Jun 24, 2009 at 5:30 PM, Shawn McKenzie wrote:
> PJ wrote:
>> I have a bit of a situation.
>> I have set up addBooks, editBooks and deleteBooks pages. Before
>> complicating my life & mixing them up in one file, I am running tests.
>> I'd like to make them idiot proof, up to a point.
>> When the page is submitted and the code is parsed, the form inputs
>> remain on the screen along with the submit buttons.
>> I'm not sure of what is the normal way of closing/hiding/wiping the
>> screen output before showing the result output of the operation.
>> I do not want a user to resubmit the input which is still in the input
>> $strings.
>> I am wondering if I should be using some code to clear the inputs like
>> unsetting??? sessions or a break or am I doing something wrong with the
>> flow of the code?
>> I'd like to leave the pages with only the output of success (or failure)
>> and links to do another add/edit/delete operation.
>> Thanks for any suggestions.
>>
>
> I've never tried it, but you can possibly submit to an intermediate page
> that stuffs the post vars into a session, echos "please wait" and then
> redirects to the page that does the processing.  The processing page
> gets the sessions vars and does its business.
>
> --
> Thanks!
> -Shawn
> http://www.spidean.com
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>

What about placing the contents in different divs and showing hiding
those divs on submit? Then using AJAX to update the server / database
with the requested operation?

-- 

Bastien

Cat, the other other white meat

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: idiot proofing

2009-06-24 Thread Shawn McKenzie 
Bastien Koert wrote:
> On Wed, Jun 24, 2009 at 5:30 PM, Shawn McKenzie wrote:
>> PJ wrote:
>>> I have a bit of a situation.
>>> I have set up addBooks, editBooks and deleteBooks pages. Before
>>> complicating my life & mixing them up in one file, I am running tests.
>>> I'd like to make them idiot proof, up to a point.
>>> When the page is submitted and the code is parsed, the form inputs
>>> remain on the screen along with the submit buttons.
>>> I'm not sure of what is the normal way of closing/hiding/wiping the
>>> screen output before showing the result output of the operation.
>>> I do not want a user to resubmit the input which is still in the input
>>> $strings.
>>> I am wondering if I should be using some code to clear the inputs like
>>> unsetting??? sessions or a break or am I doing something wrong with the
>>> flow of the code?
>>> I'd like to leave the pages with only the output of success (or failure)
>>> and links to do another add/edit/delete operation.
>>> Thanks for any suggestions.
>>>
>> I've never tried it, but you can possibly submit to an intermediate page
>> that stuffs the post vars into a session, echos "please wait" and then
>> redirects to the page that does the processing.  The processing page
>> gets the sessions vars and does its business.
>>
>> --
>> Thanks!
>> -Shawn
>> http://www.spidean.com
>>
>> --
>> PHP General Mailing List (http://www.php.net/)
>> To unsubscribe, visit: http://www.php.net/unsub.php
>>
>>
> 
> What about placing the contents in different divs and showing hiding
> those divs on submit? Then using AJAX to update the server / database
> with the requested operation?
> 
That's a good one, however I'm assuming you haven't been following PJ's
posts :-)  Once he tries AJAX, I feel for the js.general and
ajax.general folks!

-- 
Thanks!
-Shawn
http://www.spidean.com

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] CSV file

2009-06-24 Thread Jonathan Tapicer 
Well, you are reading the whole file there (and throwing the data you
read not assigning the fgets result to anything), and then to store it
in the database you need to read it again, so you read the file twice.
It will probably better to store the data you read the first time in
an array and then store it in the database, that way you read it only
once.

Anyway, doing it by file size is better.

On Wed, Jun 24, 2009 at 6:19 PM, Richard Heyes wrote:
> Hi,
>
>> To do the line count first, you have to read the whole file, how would
>> you do it?
>
> Something like this:
>
> $fp = fopen('/tmp/foo', 'r');
> $count = 0;
>
> while (!feof($fp)) {
>  fgets($fp);
>  ++$count;
> }
>
> --
> Richard Heyes
> HTML5 graphing: RGraph (www.rgraph.net - updated 20th June)
> PHP mail: RMail (www.phpguru.org/rmail)
> PHP datagrid: RGrid (www.phpguru.org/rgrid)
> PHP Template: RTemplate (www.phpguru.org/rtemplate)
> PHP SMTP: http://www.phpguru.org/smtp
>

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: idiot proofing

2009-06-24 Thread Bastien Koert 
On Wed, Jun 24, 2009 at 8:24 PM, Shawn McKenzie wrote:
> Bastien Koert wrote:
>> On Wed, Jun 24, 2009 at 5:30 PM, Shawn McKenzie wrote:
>>> PJ wrote:
 I have a bit of a situation.
 I have set up addBooks, editBooks and deleteBooks pages. Before
 complicating my life & mixing them up in one file, I am running tests.
 I'd like to make them idiot proof, up to a point.
 When the page is submitted and the code is parsed, the form inputs
 remain on the screen along with the submit buttons.
 I'm not sure of what is the normal way of closing/hiding/wiping the
 screen output before showing the result output of the operation.
 I do not want a user to resubmit the input which is still in the input
 $strings.
 I am wondering if I should be using some code to clear the inputs like
 unsetting??? sessions or a break or am I doing something wrong with the
 flow of the code?
 I'd like to leave the pages with only the output of success (or failure)
 and links to do another add/edit/delete operation.
 Thanks for any suggestions.

>>> I've never tried it, but you can possibly submit to an intermediate page
>>> that stuffs the post vars into a session, echos "please wait" and then
>>> redirects to the page that does the processing.  The processing page
>>> gets the sessions vars and does its business.
>>>
>>> --
>>> Thanks!
>>> -Shawn
>>> http://www.spidean.com
>>>
>>> --
>>> PHP General Mailing List (http://www.php.net/)
>>> To unsubscribe, visit: http://www.php.net/unsub.php
>>>
>>>
>>
>> What about placing the contents in different divs and showing hiding
>> those divs on submit? Then using AJAX to update the server / database
>> with the requested operation?
>>
> That's a good one, however I'm assuming you haven't been following PJ's
> posts :-)  Once he tries AJAX, I feel for the js.general and
> ajax.general folks!
>
> --
> Thanks!
> -Shawn
> http://www.spidean.com
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>

Well, I have followed PJ's posts and agree that this [AJAX] is
something that he's not ready for yet.

@PJ, the whole submit / process/ redraw the form only takes a few
seconds and the simplest thing is to just place a spinning 'buy' gif
image in the center of the page to let people know something is
working

-- 

Bastien

Cat, the other other white meat

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: idiot proofing

2009-06-24 Thread Michael A. Peters 

Bastien Koert wrote:




That's a good one, however I'm assuming you haven't been following PJ's
posts :-)  Once he tries AJAX, I feel for the js.general and
ajax.general folks!



Well, I have followed PJ's posts and agree that this [AJAX] is
something that he's not ready for yet.


Not to mention, when your site depends upon ajax, it doesn't work for 
those who disable scripting, so a solution that doesn't involve js 
really should be developed anyway.


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] I've some doubts if I should go with 5.2 or go already with 5.3 (for a course)

2009-06-24 Thread Paul M Foster 
On Wed, Jun 24, 2009 at 05:26:11PM -0400, Daniel Brown wrote:

> On Wed, Jun 24, 2009 at 17:19, Michael A. Peters wrote:
> >
> > Jane, a non technical person [...]
> >
> > Betty's webmail account is compromised [...]
> 
> Bottom line: hax0r5 hate g1rls.

Or hax0r5 hate grrls.

Paul

-- 
Paul M. Foster

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Progressbar

2009-06-24 Thread Paul M Foster 
On Wed, Jun 24, 2009 at 10:24:21AM -0400, tedd wrote:

> At 7:55 AM +0200 6/24/09, Teun Lassche wrote:
>> I'm making an upload script with PHP, is there a way I can show a
>> progressbar while uploading?
>>
>> --
>> Teun Lassche
>
> It's not a progress bar, but it's a heck of a lot simpler:
>
> http://webbytedd.com/bb/wait/
>
> The biggest problem in uploading a file is figuring out how large it
> is. You can't find that out in php and Javascript is limited in what
> information it can access. I found the problem more trouble than it
> was worth to fix. Besides, what does the user need to see while an
> operation is underway?

I like the last one (#39). Perfect for a "progress bar". ;-}

Paul

-- 
Paul M. Foster

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Unable to load dynamic php_oci8.dll

2009-06-24 Thread Raj 
Hi,

I get the following error when i start the Apache Server.

PHP Startup: Unable to load dynamic library
'F:\\Apps\\PHP\\ext\\php_oci8.dll' - The specified procedure could not
be found.\r\n in Unknown on line 0

I dont see there is any issue with the dir as well as the ini file.
everything is in place.

oracle version in 9.2
windows XP
PHP  5.2.10

Kindly let me know, what needs to be checked.

Thank you

Raj

Re: [PHP] Unable to load dynamic php_oci8.dll

2009-06-24 Thread Kun Niu 
http://forums.oracle.com/forums/thread.jspa?threadID=412805
Will this be of help?

2009/6/25 Raj 

> Hi,
>
> I get the following error when i start the Apache Server.
>
> PHP Startup: Unable to load dynamic library
> 'F:\\Apps\\PHP\\ext\\php_oci8.dll' - The specified procedure could not
> be found.\r\n in Unknown on line 0
>
> I dont see there is any issue with the dir as well as the ini file.
> everything is in place.
>
> oracle version in 9.2
> windows XP
> PHP  5.2.10
>
> Kindly let me know, what needs to be checked.
>
> Thank you
>
> Raj
>



-- 
牛坤
MSN:haoniu...@hotmail.com

RE: [PHP] Re: idiot proofing

2009-06-24 Thread Asher Snyder 
He can even use http://www.ajaxload.info/ to create his own loading circle
to just embed the code. He can then image's visibility to the css property
display:none and on the form submit he can do a JavaScript
"document.getElementById(id).style.visibility = 'visible';" , assuming he
gave the object an id and make it visible.

While this post might feel too instructional the fact that you joked PJ
wasn't ready for AJAX made want to put in a bit more clarity. If this isn't
clear enough, please let me know and I'll paste the appropriate markup and
js.

-Original Message-
From: Michael A. Peters [mailto:mpet...@mac.com] 
Sent: Wednesday, June 24, 2009 10:36 PM
To: Bastien Koert
Cc: Shawn McKenzie; php-general@lists.php.net
Subject: Re: [PHP] Re: idiot proofing

Bastien Koert wrote:

>>>
>> That's a good one, however I'm assuming you haven't been following PJ's
>> posts :-)  Once he tries AJAX, I feel for the js.general and
>> ajax.general folks!
>>
> 
> Well, I have followed PJ's posts and agree that this [AJAX] is
> something that he's not ready for yet.

Not to mention, when your site depends upon ajax, it doesn't work for 
those who disable scripting, so a solution that doesn't involve js 
really should be developed anyway.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] Re: idiot proofing

2009-06-24 Thread Asher Snyder 
[EDITED FOR MISTAKES AND TYPOS]

He can even use http://www.ajaxload.info/ to create his own loading circle
to hide on the page. He can hide the image's visibility by using the css
property display:none and on the form submit he can do a JavaScript
"document.getElementById(id).style.display = '';" , assuming he gave the
object an id and make it visible.

While this post might feel too instructional the fact that you joked PJ
wasn't ready for AJAX made want to put in a bit more clarity. If this isn't
clear enough, please let me know and I'll paste the appropriate markup and
js.

-Original Message-
From: Michael A. Peters [mailto:mpet...@mac.com] 
Sent: Wednesday, June 24, 2009 10:36 PM
To: Bastien Koert
Cc: Shawn McKenzie; php-general@lists.php.net
Subject: Re: [PHP] Re: idiot proofing

Bastien Koert wrote:

>>>
>> That's a good one, however I'm assuming you haven't been following PJ's
>> posts :-)  Once he tries AJAX, I feel for the js.general and
>> ajax.general folks!
>>
> 
> Well, I have followed PJ's posts and agree that this [AJAX] is
> something that he's not ready for yet.

Not to mention, when your site depends upon ajax, it doesn't work for 
those who disable scripting, so a solution that doesn't involve js 
really should be developed anyway.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Unable to load dynamic php_oci8.dll

2009-06-24 Thread Raj 
i tired this earlier, it is not working.

On Thu, Jun 25, 2009 at 9:54 AM, Kun Niu  wrote:

> http://forums.oracle.com/forums/thread.jspa?threadID=412805
> Will this be of help?
>
> 2009/6/25 Raj 
>
> Hi,
>>
>> I get the following error when i start the Apache Server.
>>
>> PHP Startup: Unable to load dynamic library
>> 'F:\\Apps\\PHP\\ext\\php_oci8.dll' - The specified procedure could not
>> be found.\r\n in Unknown on line 0
>>
>> I dont see there is any issue with the dir as well as the ini file.
>> everything is in place.
>>
>> oracle version in 9.2
>> windows XP
>> PHP  5.2.10
>>
>> Kindly let me know, what needs to be checked.
>>
>> Thank you
>>
>> Raj
>>
>
>
>
> --
> 牛坤
> MSN:haoniu...@hotmail.com 
>



-- 


Thank you

Ramesh S Raj

[PHP] PHP doesn't use php.ini

2009-06-24 Thread Tir 
When i installed PHP, I had written to my httpd.conf PHPIniDir "c:/php". But 
phpinfo() returns "C:\WINDOWS" in "Configuration File (php.ini) Path" row 
and right path to my php.ini in "Loaded Configuration File". It looks like 
php.ini really isn't used. I think so because when i try to enable MySQL it 
doesn't work ("extension=php_mysql.dll", "extension=php_mysqli.dll" and 
"extension=php_pdo_mysql.dll" is uncommented, "extension_dir" is correct, 
libmysql.dll is copied to C:\WINDOWS\system32). I've tried to write to 
php.ini an abracadabra. But I havent received an error as i expected. I've 
tried to rename php.ini. phpinfo() has returned "(none)" in "Loaded 
Configuration File" row instead of "c:\php\php.ini" as that was before. But 
PHP still worked. It worked without php.ini. It seems very strange. I've 
searched another php.ini on my system. There is no another one. What's 
wrong? Why doesn't PHP use php.ini file? 



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] PHP doesn't see php.ini

2009-06-24 Thread Tir 
When i installed PHP, I had written to my httpd.conf PHPIniDir "c:/php". But 
phpinfo() returns "C:\WINDOWS" in "Configuration File (php.ini) Path" row 
and right path to my php.ini in "Loaded Configuration File". It looks like 
php.ini really isn't used. I think so because when i try to enable MySQL 
extension it doesn't work ("extension=php_mysql.dll", 
"extension=php_mysqli.dll" and "extension=php_pdo_mysql.dll" is uncommented, 
"extension_dir" is correct, libmysql.dll is copied to C:\WINDOWS\system32). 
I've tried to write to php.ini an abracadabra. But I haven't received an 
error as i expected. I've tried to rename php.ini. phpinfo() has returned 
"(none)" in "Loaded Configuration File" row instead of "c:\php\php.ini" as 
that was before. But PHP still worked. It worked without php.ini. It seems 
very strange. I've searched another php.ini on my system. There is no 
another one. What's wrong? Why doesn't PHP use php.ini file? 



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: PHP doesn't use php.ini

2009-06-24 Thread Tir 
Sorry for double posting 



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php