RE: [PHP] Can't connect to MySQL via PHP
> -Original Message- > From: tamouse mailing lists [mailto:tamouse.li...@gmail.com] > Sent: Saturday, January 12, 2013 7:55 PM > To: admin > Cc: a...@ashleysheridan.co.uk; Rick Dwyer; php-general@lists.php.net > Subject: Re: [PHP] Can't connect to MySQL via PHP > > On Sat, Jan 12, 2013 at 4:49 PM, admin > wrote: > > As much as the php list would like to force people from using mysql, > I guess you should not have invented it, if you don't want people to > still use it. > > It's not this php list. It's the php developers. mysql* functions are > set to be removed in a release coming soon. > > Time marches on. mysql* functions were written first, then the mysqli* > functions were written. mysql* is old, out of date, and not begin > supported. > > Should not have written it? Maybe? But maybe no libraries should have > been written, nothing should move forward, better ways should not have > been found. > > Maybe you want to do your computing using pebbles, too. So let me understand how this works. Someone ask for help, no matter what version they are using or function that is currently in place. We slam them. Call them an idiot. Not that they ask a question about a function in the CURRENT version. Yes the documentation does fully express the function is depreciated, but let's deal with the now. So let's NOT answer the question? (Hello, welcome to MICROSOFT) I am very glad 90% of other languages that have list don't have the same approach. They would gladly give you the answer, but then go on to express how they may suggest this (with example) because it is (safer, easier, ect...). Every time I see someone give a simple answer in an approach to help them learn, in comes the marching band of ignorance and they are toting the banner of epic fail. This is a list to help people understand php and grow the community and knowledge base of its inner workings. If you want to answer at question please at least use SOMETHING that is conducive to educating them. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Can't connect to MySQL via PHP
On Sun, 2013-01-13 at 11:37 -0800, admin wrote: > > > -Original Message- > > From: tamouse mailing lists [mailto:tamouse.li...@gmail.com] > > Sent: Saturday, January 12, 2013 7:55 PM > > To: admin > > Cc: a...@ashleysheridan.co.uk; Rick Dwyer; php-general@lists.php.net > > Subject: Re: [PHP] Can't connect to MySQL via PHP > > > > On Sat, Jan 12, 2013 at 4:49 PM, admin > > wrote: > > > As much as the php list would like to force people from using mysql, > > I guess you should not have invented it, if you don't want people to > > still use it. > > > > It's not this php list. It's the php developers. mysql* functions are > > set to be removed in a release coming soon. > > > > Time marches on. mysql* functions were written first, then the mysqli* > > functions were written. mysql* is old, out of date, and not begin > > supported. > > > > Should not have written it? Maybe? But maybe no libraries should have > > been written, nothing should move forward, better ways should not have > > been found. > > > > Maybe you want to do your computing using pebbles, too. > > > > So let me understand how this works. > Someone ask for help, no matter what version they are using or function that > is currently in place. > We slam them. > Call them an idiot. > > Not that they ask a question about a function in the CURRENT version. Yes the > documentation does fully express the function is depreciated, but let's deal > with the now. > So let's NOT answer the question? (Hello, welcome to MICROSOFT) > I am very glad 90% of other languages that have list don't have the same > approach. > They would gladly give you the answer, but then go on to express how they may > suggest this (with example) because it is (safer, easier, ect...). > > Every time I see someone give a simple answer in an approach to help them > learn, in comes the marching band of ignorance and they are toting the banner > of epic fail. > This is a list to help people understand php and grow the community and > knowledge base of its inner workings. > If you want to answer at question please at least use SOMETHING that is > conducive to educating them. > At no point was I slamming someone for using the old functions, in-fact I was trying to make a joke of that and point out that the msqli functions would be better, unless you really do believe that kittens will kill programmers... The thing is most of us expect the person asking the question here to have done at least a little bit of research into the problem, even if that only extends to "I'll Google some of these keywords in the error". That should at least have produced the same advice about those old deprecated functions, but I wanted to reiterate it a bit just to be sure. It can't hurt to know something like that. The fact is, what you considered a simple answer was bad advice, and would have just taught more people that those old functions are fine, when in-fact they are not. I think it's very important to make people aware of security concerns, especially if they're a beginner with the language. Thanks, Ash http://www.ashleysheridan.co.uk
[PHP] PHP programming a members only access site
Can anyone point me to good tutorials/documentation on the subject? I want to add this functionality to one of my sites. I know there are existing solutions for this, but the ones I have found are complex, turnkey and don't really facilitate learning. I consider myself strong in php programming and using MySQL. But I have never used sessions or cookies, and want to learn and do it properly. And I am interested in the security of logins and credentials. Things like detecting sharing of credentials and the appropriate action to take. Also what logs to keep and how to audit them. And, of course, having sample code for functions like creating a new account, sending the confirmation email, handling the response. Dealing with forgotten passwords. I don't want to re-invent the wheel, but I don't want to have to dissect the code for, say, phpBB to see how it is done there, either. Thanks in advance for suggestions! -- Stephen -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Can't connect to MySQL via PHP
From: Ashley Sheridan [mailto:a...@ashleysheridan.co.uk] Sent: Sunday, January 13, 2013 8:52 AM To: admin Cc: 'tamouse mailing lists'; 'Rick Dwyer'; php-general@lists.php.net Subject: RE: [PHP] Can't connect to MySQL via PHP On Sun, 2013-01-13 at 11:37 -0800, admin wrote: > -Original Message- > From: tamouse mailing lists [mailto:tamouse.li...@gmail.com] > Sent: Saturday, January 12, 2013 7:55 PM > To: admin > Cc: a...@ashleysheridan.co.uk; Rick Dwyer; php-general@lists.php.net > Subject: Re: [PHP] Can't connect to MySQL via PHP > > On Sat, Jan 12, 2013 at 4:49 PM, admin > wrote: > > As much as the php list would like to force people from using mysql, > I guess you should not have invented it, if you don't want people to > still use it. > > It's not this php list. It's the php developers. mysql* functions are > set to be removed in a release coming soon. > > Time marches on. mysql* functions were written first, then the mysqli* > functions were written. mysql* is old, out of date, and not begin > supported. > > Should not have written it? Maybe? But maybe no libraries should have > been written, nothing should move forward, better ways should not have > been found. > > Maybe you want to do your computing using pebbles, too. So let me understand how this works. Someone ask for help, no matter what version they are using or function that is currently in place. We slam them. Call them an idiot. Not that they ask a question about a function in the CURRENT version. Yes the documentation does fully express the function is depreciated, but let's deal with the now. So let's NOT answer the question? (Hello, welcome to MICROSOFT) I am very glad 90% of other languages that have list don't have the same approach. They would gladly give you the answer, but then go on to express how they may suggest this (with example) because it is (safer, easier, ect...). Every time I see someone give a simple answer in an approach to help them learn, in comes the marching band of ignorance and they are toting the banner of epic fail. This is a list to help people understand php and grow the community and knowledge base of its inner workings. If you want to answer at question please at least use SOMETHING that is conducive to educating them. At no point was I slamming someone for using the old functions, in-fact I was trying to make a joke of that and point out that the msqli functions would be better, unless you really do believe that kittens will kill programmers... The thing is most of us expect the person asking the question here to have done at least a little bit of research into the problem, even if that only extends to "I'll Google some of these keywords in the error". That should at least have produced the same advice about those old deprecated functions, but I wanted to reiterate it a bit just to be sure. It can't hurt to know something like that. The fact is, what you considered a simple answer was bad advice, and would have just taught more people that those old functions are fine, when in-fact they are not. I think it's very important to make people aware of security concerns, especially if they're a beginner with the language. Thanks, Ash http://www.ashleysheridan.co.uk Ash, I am not trying to single you out and i hope that is not how you have taken this conversation. While i agree with you on the security of mysql and BTW (Kittens are monsters). The question clearly showed they have NO experience in db connectors. I felt to over complicate the problem by pushing them into another function was not the best approach. Yes they should understand the security risk and i take the reasonability for not fully explaining the ramifications for using such a function. If you knew my staff you would know I am the last person to think old ways is any approach i will accept. I will end the conversation with an apology to person asking the question, because i should have went into more detail and to anyone this conversation has mislead into thinking i think that function is anything BUT outmode.
Re: [PHP] Can't connect to MySQL via PHP
Regardless of the choice of interface to mysql, regardless of the completely harmless but educational tips from Ash, and very deliberately ignoring the un-helpful and extraneous comments of others, I'm wondering how the OP is doing with getting his mysql access working. Haven't heard from him lately. Rick? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Can't connect to MySQL via PHP
> -Original Message- > From: Jim Giner [mailto:jim.gi...@albanyhandball.com] > Sent: Sunday, January 13, 2013 9:13 AM > To: php-general@lists.php.net > Subject: Re: [PHP] Can't connect to MySQL via PHP > > Regardless of the choice of interface to mysql, regardless of the > completely harmless but educational tips from Ash, and very > deliberately ignoring the un-helpful and extraneous comments of others, > I'm wondering how the OP is doing with getting his mysql access > working. > Haven't heard from him lately. > > Rick? > > -- > PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: > http://www.php.net/unsub.php Jim, I understand it was a credentials issue and all is working fine now. I hope they did take the advice from ash and change the function for security reasons. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] PHP programming a members only access site
> -Original Message- > From: Stephen [mailto:stephe...@rogers.com] > Sent: Sunday, January 13, 2013 9:06 AM > To: php-general@lists.php.net > Subject: [PHP] PHP programming a members only access site > > Can anyone point me to good tutorials/documentation on the subject? > > I want to add this functionality to one of my sites. > > I know there are existing solutions for this, but the ones I have found > are complex, turnkey and don't really facilitate learning. > > I consider myself strong in php programming and using MySQL. > > But I have never used sessions or cookies, and want to learn and do it > properly. > > And I am interested in the security of logins and credentials. Things > like detecting sharing of credentials and the appropriate action to > take. Also what logs to keep and how to audit them. > > And, of course, having sample code for functions like creating a new > account, sending the confirmation email, handling the response. Dealing > with forgotten passwords. I don't want to re-invent the wheel, but I > don't want to have to dissect the code for, say, phpBB to see how it is > done there, either. > > Thanks in advance for suggestions! > > -- > Stephen > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php Stephen, Chris Shiflett wrote an amazing book on this subject "Essential PHP Security" he examines specific attacks and the techniques used to protect against them. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Can't connect to MySQL via PHP
Hi Jim, and all the rest. Thanks for the help. What was throwing me was the EXACT same creds were being used to connect via Navicat… but not when using PHP. Could not figure it out. So I zapped gremlins in BBEdit on my test file.. which had literally no more lines than what I posted to this list… not expecting it to work since the code was so simple and I saw nothing out of place…but it did, I connected after that. So some character had to gotten placed into the file when moving from one hosting provider to another. Thanks to all who offered help regarding the connection issue. --Rick On Jan 13, 2013, at 12:12 PM, Jim Giner wrote: > Regardless of the choice of interface to mysql, regardless of the completely > harmless but educational tips from Ash, and very deliberately ignoring the > un-helpful and extraneous comments of others, > I'm wondering how the OP is doing with getting his mysql access working. > Haven't heard from him lately. > > Rick? > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP programming a members only access site
On Sun, Jan 13, 2013 at 11:05 AM, Stephen wrote: > I know there are existing solutions for this, but the ones I have found are > complex, turnkey and don't really facilitate learning. When learning is the goal, writing your own is probably the best course. When deploying a live site, go with something that is time tested and has had many eyes upon it. > And, of course, having sample code for functions like creating a new > account, sending the confirmation email, handling the response. Dealing with > forgotten passwords. I don't want to re-invent the wheel, but I don't want > to have to dissect the code for, say, phpBB to see how it is done there, > either. I'd be rather hesitant to look into phpBB as well; it's rather old, a lot of security has been bolted on, stuck in, and so on. Plus it has many known exploits. Drupal is somewhat better as it has had major rewrites and releases, but it's not the most accessible of code. Symfony is well written, but it seems to borrow quite a lot from Ruby's DSL concepts in PHP-land. (Incidently, Drupal will be using Symfony for Version 8.) Do spend time perusing the questions and answers at stackoverflow as well: http://stackoverflow.com/questions/tagged/security and this: http://www.owasp.org/index.php/Main_Page +1 for Essential PHP Security. Dated, but still very valid and useful in a learning context. Also, while not really tutorials or documentation, start following the hacker news to see what sorts of exploits are out there in the world. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
