Re: [PHP] security concern with curl
On Fri, Aug 09, 2002 at 10:10:28PM +0200, Andy wrote: [curl] > So I fear that someone would be able to tranfer files on / off my server. > > Has anybody some experiance on that, or can give a comment on that? Ehhh, PHP already has enough capabilities to transfer files to/from your server from/to the rest of the world without using curl. Or are you (healthy) paranoied about oasis? -- Daniel Tryba -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] OOP Question in PHP
On Wed, Jun 05, 2002 at 10:32:39PM +0100, Henry Blackman wrote:
> Do I create a new document and pass the primary key as it's a variable in
> the
>
> $document = new Document(number);
>
> and have the constructor retrieve the appropriate data from MySQL and fill
> the attribute variables.
>
> Or do I do something like:
>
> $document = new Document;
> $document ->retrieve(number);
>
> Which is the best and most "valid" way of doing things.
You could do both, and use whatever you find more appropriate at that
moment:
class Document
{
function Document($id='')
{
if($id)
{
$this->retrieve($id);
}
}
function retrieve($id)
{
//do something
}
}
BTW I get the feeling that you want retrieve() to output directly to the
browser (echo/print...), IMHO you shouldn't do that at all but let
retrieve() return a string/array/whatever. But that's up to you :)
--
Daniel Tryba
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] converting C to PHP
On Thu, Jun 13, 2002 at 01:12:18PM +1000, Martin Towell wrote:
> I'm converting some C functions to PHP and have come across this:
>
> int skipf(..., char *format)
> {
> /* ... */
> cp = format;
> char *cp, *cp2;
> multiplier = strtol(cp, &cp2, 10);
> /* ... */
> }
>
>
> How can I implement this line in PHP ?
> multiplier = strtol(cp, &cp2, 10);
>
>
> Oh, and an example of format is "12L20W2P"
And the outcome in this case would be 12?
From man strtol:
The string must begin with an arbitrary amount of white
space (as determined by isspace(3)) followed by a single
optional `+' or `-' sign. If base is zero or 16, the
string may then include a `0x' prefix, and the number will
be read in base 16; otherwise, a zero base is taken as 10
(decimal) unless the next character is `0', in which case
it is taken as 8 (octal).
The remainder of the string is converted to a long int
value in the obvious manner, stopping at the first characĀ
ter which is not a valid digit in the given base. (In
bases above 10, the letter `A' in either upper or lower
case represents 10, `B' represents 11, and so forth, with
`Z' representing 35.)
Sounds like a regexp would work, with base 10 this would make:
function skipf($str)
{
if(preg_match("/^\s*(\+|-)?(\d+)/",$str,$match))
{
return intval($match[1].$match[2],10);
}
else
{
return false;
}
}
$format="012L20W2P";
$int=skipf($format);
$int is 12 in this example.
--
Daniel Tryba
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] converting C to PHP
On Thu, Jun 13, 2002 at 02:13:48PM +1000, Martin Towell wrote: > But what about the pointer &cp2 > > If endptr is not NULL, strtol() stores the address of the first > invalid character in *endptr. In you example endptr is always NULL! > If there were no digits at all, > strtol() stores the original value of nptr in *endptr. (Thus, > if *nptr is not `\0' but **endptr is `\0' on return, the entire > string is valid.) Check if the returncode is false, then use $format instead. > Instead of a pointer - a position number would be okay > > (Actually, to get the number, I could just do "$cp-0" or "$cp*1" - gotta > love variants) >From your example I got the impression you are only interested in multiplier -- Daniel Tryba -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] HTTP Compression
On Fri, Jun 14, 2002 at 08:58:29AM +0100, Webmaster do Aborla.net wrote: > I would like to know how can I compress the output of PHP through Zlib. You mean like: http://www.php.net/manual/en/function.ob-gzhandler.php -- Daniel Tryba -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] saving a jpeg via HTTP
On Sat, Jun 15, 2002 at 11:15:42AM -0400, Jeff Bearer wrote: > I'm trying to read it with fsockopen and writing it with fopen to the > file but the file is no good when it's saved, I saw that it saved the > http headers in there so I cut those out but still, the image wan't > viewable. Are you using the binary safe fread/fwrite()? Didn't forget to fclose() the output file? This works for me: -- Daniel Tryba -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] saving a jpeg via HTTP
On Sat, Jun 15, 2002 at 06:02:58PM +0200, Daniel Tryba wrote: > This works for me: Hmmm, one while(!feof()) to many not that it really matters :) -- Daniel Tryba -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Advantage of CURL over using LYNX
On Wed, Jun 26, 2002 at 05:59:00PM -0400, Dennis Moore wrote: > I need to grab some data from a CGI program running on a different > server. I have been toying around executing LYNX using the passthru > command. I seem to be able to grab the data just fine using "lynx > -source -preparsed $URL". I've started reading about CURL. I am > wondering if it is worth my effort to recompile my server to include > CURL support. Any feedback is appreciated. Why use curl (or an external program like lynx) when you can use file()/readfile()/fopen()/fsockopen(), depending if you just need the source from that cgi or need to mangle it a little? Using PHP build-ins will most likely be faster or at least nicer for your resources. IMHO (never used it) curl is only needed when you need to something fancy like post/put requests. -- Daniel Tryba -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Content-Length
On Thu, Jul 04, 2002 at 01:24:04PM +0200, Grant wrote: > My question is how do I go about calculating the correct Content-Length for > each and every php page on my site. > > I have done some digging and presume I need to do "Output buffering" and > calculate the strlen of the response the php returns, but how do I reference > the result of a php page to get a strlen from it?? You didn't dig far enough, since there is an example of exactly what you want on: http://www.php.net/manual/en/function.ob-get-length.php Isn't the online reference need? :) -- Daniel Tryba -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Revised [PHP] COM and PHP
On Mon, Feb 05, 2001 at 03:05:24PM -0500, Conover, Ryan wrote:
> I have been trying the following example from the PHP developer's cookbook
> and it keeps giving me the following error.
>
> Parse error: parse error in c:\Inetpub\wwwroot/temp.php on line 5
> $excel_handle = new COM("excel.application"); //line2
> $excel_handle->Visible = false; //line3
> $worksheet = $excel_handle->workbooks->add(); //line4
> $worksheet->Cells(1,1)->value = "Name"; //line5
> $worksheet->SaveAs("temp.xls"); //line6
> $excel_handle->quit(); //line7
> //line8
> ?> //line9
>
> Anyone that has Com and PHP experience help please
I didn't test it in PHP (only in wscript.exe), but it seems the example
is wrong. It should be (line 4 -> 4a, 4b):
excel_handle = new COM("Excel.Application"); //line2
excel_handle.Visible = true; //line3
workbook = excel_handle.Workbooks.Add(); //4a
worksheet=workbook.WorkSheets.Add(); //4b
worksheet.Cells(1,1).Value = "Name"; //line5
worksheet.SaveAs("temp.xls"); //line6
excel_handle.quit(); //line7
This seems to work.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] Connection with a Palm
On Wed, Apr 18, 2001 at 09:22:32AM -0500, Plutarck wrote: > Hm...can't say I've seen many subjects about this, but you might want to > look around for information on WAP/WML. > > Maybe someone else would know more though, because I have no experiance with > non-PC browsers. For Palm/PocketPC/blala handhelds one can use AvantGo channels (http://www.avantgo.com/) to get content to the handheld. Together with PHP to rip/strip/filter/create the content it's a solution for my needs. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] Get the string between custom delimiters
On Mon, Apr 30, 2001 at 02:06:50PM +0100, Matthew Ralston wrote:
> Is there a nice easy function that could be used to get a sub string that
> lies in between two other sub strings in one big string.
>
> For example... get the text that lies in between "" and ""
> (without the quotes) in the code of a web page.
>
> I'm after a function like:
>
> string getstring_between_customdelimiters(string source, string
> open_delimiter, sting close_delimiter)
Regular Expressions are you friends
http://www.php.net/manual/en/ref.regex.php
blabla blabla yada";
eregi("(.*)",$string,$result);
echo "Before:\"$string\", after \"$result[1]\"";
?>
--
Daniel Tryba
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] Generating PINs
On Tue, May 14, 2002 at 12:13:08PM +0800, Alvin Tan wrote: > I have a client who wants to release a unique PIN for each product they > sell which works as a key to get more goodies on the website. How/where can > I get a large number of PINs, much like a software key (e.g. > 3HH5R-E59VB-7SX99 or similar)? Does md5() fit you needs? http://www.php.net/manual/en/function.md5.php -- Daniel Tryba -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] user auth
On Thu, May 30, 2002 at 11:46:29PM -0400, Justin Blake wrote:
> I will soon be developing a user authentication system with different
> access levels. I will need to check the users against a mysql
> database. How secure is checking for a session var, and then
> redirecting with header('Location:...') ? Is there a way to get around
> this method of protection?
I'm no expert on this but I don't think session in PHP them selves have
any security embedded in it by them selves, you could just try to do a
bruteforce attack on sessionIDs (good luck :).
But what you yourself could do is keep track of eg. the IP adress of the
user and check if it doesn't change... if it does then maybe someone is
trying something fishy.
--
Daniel Tryba
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Advice needed
On Sat, Mar 23, 2002 at 05:19:05AM +, James Newkid wrote:
> so if $Quantity1 is 10
> and $Price1 is $1.00
> that means each "unit" is .10
>
> so the output would be
> q1 q2 q3 q5 q10 q15 q20 q25 q50 q100 q300 q500 q600 q10
> 0 0 0 0 .10 .10 .10 .10 .10 .10 .10 .10 .10 .10
>
> Now the tricky part is $Quantity2 can either be blank or have a value
> and if $Quantity2 has a value then $Quantity3 can either be blank or have a
> value
>
> SO If $Quantity2 is 500
> and $Price2 is $40.00
> the output would now be
> q1 q2 q3 q5 q10 q15 q20 q25 q50 q100 q300 q500 q600 q10
> 0 0 0 0 .10 .10 .10 .10 .10 .10 .10 .08 .08 .08
>
This had 7 people stumped? Fire them :)
I think you had something like this in mind:
8<-
=$quantity)
{
$ppu[$i]=$price/$quantity;
}
}
}
$quant=array(1,2,3,5,10,15,20,25,50,100,300,500,600,1);
$Quantity1=10;
$Price1=1;
$Quantity2=500;
$Price2=40;
$ppu=array();
for($i=0;$i
8<-
Output:
|1|2|3|5|10|15|20|25|50|100|300|500|600|10000
|0|0|0|0|0.1|0.1|0.1|0.1|0.1|0.1|0.1|0.08|0.08|0.08
--
Daniel Tryba
PGP public key: http://www.stack.nl/~muaddib/pgp.txt
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Files only available via HTTPS
On Thu, Feb 01, 2001 at 04:29:09PM -0800, Michael Conley wrote:
> I have several PHP files that I only want users to be able to access via
> HTTPS. How can I control that on an Apache 1.3.14 server running on RedHat
> 7? I have openssl and mod_ssl working fine. Currently, I can access all of
> the files on my site via either http or https. I want to keep certain files
> (with interesting information) from being accessed via http. I realize this
> isn't really a PHP question, but I have no idea how to do this.
You could check on which port the request was made for the php file.
https is usually port 443
if ($SERVER_PORT!=443)
header("Location: https://server/$PHP_SELF");
--
Daniel Tryba
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
