[PHP] overriding php.ini path in cgi
Hi!
I am trying to override php.ini filename for cgi scripts running through the
following setup:
AddType php-script .php
Action php-script /php4/php
It is all working fine, but specifying alternative php.ini path does not
work!
I have tried the following solution:
over.c:
#include
int main(int argc, char *argv[]){
execl("./php",argv[0],"-c","/a/custom/path/to/php.ini",argv[1],0);
return 1;
};
It works as intended when launched from the command line, but when used from
Apache by the above directives, it does not work! (i also tried setting the
"PHPRC" environment variable, same results). Can anyone suggest why, or how
to override php.ini path otherwise?
Thanks a lot,
--Dmitri
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] overriding php.ini path in cgi
This worked, problem solved:
(apparently it only understands a path but not a filename. and command-line
arguments didn't work for some reason.)
#include
int main(int argc, char *argv[]){
putenv("PHPRC=/a/custom/path/to/");
execl("./php",argv[0],argv[1],0);
return 0;
};
Thanks,
--Dmitri
- Original Message -
From: "Dmitri" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, February 04, 2003 7:01 PM
Subject: [PHP] overriding php.ini path in cgi
> Hi!
> I am trying to override php.ini filename for cgi scripts running through
the
> following setup:
>
> AddType php-script .php
> Action php-script /php4/php
>
> It is all working fine, but specifying alternative php.ini path does not
> work!
> I have tried the following solution:
> over.c:
> #include
> int main(int argc, char *argv[]){
> execl("./php",argv[0],"-c","/a/custom/path/to/php.ini",argv[1],0);
> return 1;
> };
>
>
> It works as intended when launched from the command line, but when used
from
> Apache by the above directives, it does not work! (i also tried setting
the
> "PHPRC" environment variable, same results). Can anyone suggest why, or
how
> to override php.ini path otherwise?
>
> Thanks a lot,
> --Dmitri
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Sessions and Cookies
Well, that is natural - cookies can only be set before any output is produced by the script. And since sessions in this case use cookies, it follows that sessions can also be started before any output is produced. Why is that? Because cookies are transmitted by means of http headers, and http headers precede any content. The approach I find works extremely well is using some kind of design of the scripts, such that the script does some "analysis" of the situation at the very beginning, processes, saves/loads any data and only then proceeds to display the results. Otherwise, you might want to use buffering. See manual for ob_start(): This function will turn output buffering on. While output buffering is active no output is sent from the script (other than headers), instead the output is stored in an internal buffer. --- So you can use it at the beginning of your scripts. Also, see the config file, php.ini, there is a directive that allows you to enable it globally without modifying scripts: --- ; Output buffering allows you to send header lines (including cookies) even ; after you send body content, at the price of slowing PHP's output layer a ; bit. You can enable output buffering during runtime by calling the output ; buffering functions. You can also enable output buffering for all files by ; setting this directive to On. If you wish to limit the size of the buffer ; to a certain size - you can use a maximum number of bytes instead of 'On', as ; a value for this directive (e.g., output_buffering=4096). output_buffering = On --- Yours trully, --Dmitri - Original Message - From: "acleave" <> To: "php-general" <[EMAIL PROTECTED]> Sent: Wednesday, February 05, 2003 12:01 AM Subject: [PHP] Sessions and Cookies > I'm trying to use cookies in PHP4 (.whatever the latest release is). I want > to use them for validation (ensuring a user has logged in) but all I can find > is setcookie, which seems only to create the cookie. In trying to use PHP > sessions, I end up with odd errors. > > When I try to use sessions I get the error message the header has already been > sent. I've pasted them below (I was getting different errors before I moved > the code before the < html > tag). > > Warning: Cannot send session cookie - headers already sent by (output started > at /home/allan/public_html/sestest2.php:10) in > /home/allan/public_html/verifysession.php on line 6 > > Warning: Cannot send session cache limiter - headers already sent (output > started at /home/allan/public_html/sestest2.php:10) in > /home/allan/public_html/verifysession.php on line 6 > > > My Questions: > If I create a cookie with set_cookie how do I read it/check it? > > How do I use sessions if they can't be sent in the code? > > What use are sessions if I can only mess with them in one place? What if I > need to do some processing first to decide what to do with them? > > Any insight is welcome. > > Allan Cleaveland > Webmaster and Computer Technician > Math Department > Univeristy of Arkansas > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] $_SESSION NOT WORKING
Try adding session_start() at top of the script Balpo wrote: Hi everyone, I'm having a problem moving my code to a linux computer. I won't post the whole code here, but an accurate example that reproduces exactly the error. // 1.php // 2.php // php.ini (incomplete) session.save_handler = files session.save_path = /tmp/php/sessions/ o ;C:/temp/php/sessions for Windows session.use_cookies = 1 session.name = cito session.auto_start = 1 session.cookie_lifetime = 0 session.cookie_path = / session.cookie_domain = session.cookie_httponly = session.serialize_handler = php session.gc_probability = 1 session.gc_divisor = 100 session.gc_maxlifetime = 1440 session.bug_compat_42 = 0 session.bug_compat_warn = 0 session.referer_check = session.entropy_length = 0 session.entropy_file = session.cache_limiter = nocache session.cache_expire = 180 session.use_trans_sid = 0 session.hash_function = 0 session.hash_bits_per_character = 4 url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=,fieldset=" The web server is Apache 2.2 with php 5.24 for both, Linux & Windows. In Linux the Apache server is run by the 'apache' user, which has reading, writing and execution grants on /tmp/php/sessions/ The output for 2.php is: Array ( [tree] => This is tree number one ) is what I get on Windows, but on Linux I get: Notice: Undefined variable: _SESSION in /var/www/html/2.php on line 2 I don't know what the error is, but something evident is that on Linux session.auto_start = 1 is NOT working properly. On Windows it is not necessary to explicitly start the session to use the $_SESSION, so no need to session_start(). If on Linux I add session_start() at the top of each script, the script executes well. I want to know why session.auto_start does not work on Linux. If you require the whole php.ini, I'll send it gladly -- Open Source ALL content management with streaming video http://wiki.sharedlog.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] My open source php CMS
Hello, first of all, sorry for this plug, I am looking for interested developers. I just want to let you know about my open source project that uses over 15 pear classes and uses pear installer as the primary means to install it I also wrote a web-based interface for using pear installer to install upgrades and modules I created some flash-based demos on how to install it. I really hope to find some interested developers to join this project. It became too big for me. Please at least look at it, watch the demos: http://dev.sharedlog.com/index.php?a=personal&uid=1002 I will be adding more demos on how to use other feature. The anonymous svn is here for anyone who is interested. http://dev.sharedlog.com/svn/ Is there a better more appropriate list to announce such project? -- Open Source ALL content management with streaming video http://wiki.sharedlog.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] question about validation and sql injection
your validation looks good enough to me. If you only allow
alphanumerical chars, then your should not be worried about sql injection
also use addslashes($username) before you insert into database and you
should be fine.
Usually addslashes is enough to prevent this, but the validation that
you have is also enough. So if you worried about the sql injection, then
use both and you should be fine.
Sudhakar wrote:
A) validating username in php
as part of a registration form a user fills there desired username and this
is stored in a mysql. there are certain conditions for the username.
a) the username should only begin either letters or numbers, and Underscore
character
example = user123, 123user, u_ser123, user_123 = completely case insensitive
b) a user may choose not to have an underscore or numbers sometimes. example
= username
presently my validation for username is
$username = $_POST["username"];
if( $username == "" || !eregi("^[a-zA-Z0-9_]+$", $username) )
{
$error.="User name cannot be blank or has special characters";
}
Question = how can i rewrite this php validation for username to meet the
above criteria or is my validation correct
B) preventing sql injection
till now i have been capturing the form values and directly inserting into
the table without considering sql injection however for this project as it
is for a forum i would like to implement prevention of sql injection. from
what i have read about preventing sql injection there are several steps that
need to be followed,
htmlentities
addslashes
trim
mysql-real-escape-string
magic_quotes_gpc is ON
magic_quotes_runtime is OFF
magic_quotes_sybase is OFF
as i have not done preventing sql injection i am not sure what is the
correct process.
Question =
a) please advice a step by step process of how to go about avoiding the sql
injection before the insert sql query is executed starting from
$username = $_POST["username"]; till the
insert into tablename(field1, field2) values($value1, $value2) SQL query is
executed which will prevent sql injection even if the user enters any
special characters while filling the form.
b) should i consider the setting of magic quotes as in should it be ON or
OFF or should i ignore it if so should it be
ON or OFF
c) also with the prevention methods if a user types a special character in
the data will that character be written in the table as a escaped character
or how does it store those special characters
d) a very important point here, i have a feature where a user can check if a
username is available or not. so while storing a username if the username is
stored as john\smith in mysql and if the user is searching for johnsmith
this would not match, so even in the table the username should be stored
without slashes as i have to read the username and compare with what the
user has typed to see if they both are same or different.
please advice if i have missed any other steps to prevent sql injection.
thanks a lot for your help.
--
Open Source ALL content management
with streaming video
http://wiki.sharedlog.com
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] SetEnv directives in VirtualHost configuration not accessible in PHP
If you are on apache2 server, try |$myvar =
apache_getenv("|APP_CONFIG_SECTION|");
echo $myvar
and see if it has value that you expect
|
Dietrich Bollmann wrote:
Hi,
I have the following directive in my virtual host configuration:
SetEnv APP_CONFIG_SECTION "development"
and would like to access the value from PHP with
getenv('APP_CONFIG_SECTION') or $_SERVER['APP_CONFIG_SECTION'] or
whatever. But none of them work.
Is there any PHP / Zend / Apache2 / ... configuration option etc. I have
to activate / deactivate in order to use SetEnv?
I am using the Debian packate apache / php installation and the current
version of the Zend Framework.
I tried to use `safe_mode_allowed_env_vars = PHP_, APP_CONFIG_' in
php.ini - but this didn't change anything either.
mod_env seems to be loaded also: /etc/apache2/mods-enabled/env.load
-> ../mods-available/env.load
Thanks, Dietrich
--
Open Source ALL content management
with streaming video
http://wiki.sharedlog.com
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] mnoGoSearch and similar
Mattias Thorslund wrote: Hi, I'm looking at possibly implementing mnoGoSearch (for indexing and search of uploaded documents on the server) into my application, but noticed it has been moved into PECL since PHP 5.1. Does this mean mnoGoSearch has been deprecated and there is a different/better solution that I should consider first? Thanks, Mattias Mnogosearch i very good for indexing/search I use it and I like it. you can just build extension from PECL or you can build php module provided by mnogosearch website, which is a little bit harder to do. -- Open Source ALL content management with streaming video http://wiki.sharedlog.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Strategy to protect images
This is how I do it:
1) put image files in folder that is not accessable from browser, like
outside of http root dir.
2) in the img src tag point src to script like src="/image.php?imageID=$someID">
where $someID is the id of image or name of image you want user to see
3) the image.php script will have the function to make sure that user
has right to access the image, for example the user is logged in.
if user has the right to view the image then do something like this:
$pathtoimage is the full path you have to calculate based on image name
or imageID
$strFile = file_get_contents($pathtoimage);
if($strFile)
{
header('Content-type: image/jpeg' );
echo $strFile;
}
Stefano Esposito wrote:
Hi all,
i have to forbid users of my site to view images directly (i.e.
writing the image URL in the address bar) but they'd be able viewing
them from the pages of the site. What's the best way of doing it, or
something similar? Is there a common strategy using PHP? Thank you for
any hint :-)
Ciao,
Stefano
--
Email.it, the professional e-mail, gratis per te: http://www.email.it/f
Sponsor:
VOGLIA DI VACANZE ?
* A Riccione i Family Hotels sono gli alberghi specializzati per le vacanze dei bambini
Clicca qui: http://adv.email.it/cgi-bin/foclick.cgi?mid=7984&d=15-6
--
Open Source ALL content management
with streaming video
http://wiki.sharedlog.com
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] HTTP_RAW_POST_DATA
Hi, Could anyone help me with altering PHP sources? Or tell me please where may I ask this question? The problem is when PHP handles a POST request of a known Content-type (e.g. x-www-form-urlencoded), it leaves $HTTP_RAW_POST_DATA blank. I need to alter the sources so that PHP would always put the request data into this variable. This would allow me to handle malformed POST requests. For example, if a client sends a request of Content-type x-www-form-urlencoded and the data is NOT really "urlencoded", such request seems to get lost. I can't find the data neither in $HTTP_RAW_POST_DATA, nor in $HTTP_POST_VARS. I figured it would be great if PHP could always set $HTTP_RAW_POST_DATA independently of the Content-type. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] HTTP_RAW_POST_DATA
Zak,
Thank you for the answer. Are you sure $HTTP_POST_VARS will be still set after
that modification in case of a valid x-www-form-urlencoded POST request? I'm
afraid they won't.. Such side effect is very undesirable for me.
Anyway thanks.
Zak Greant wrote:
> Dmitri Zasypkin wrote:
> > Hi,
> >
> > Could anyone help me with altering PHP sources? Or tell me please where
> > may I ask this question?
> >
> > The problem is when PHP handles a POST request of a known Content-type
> > (e.g. x-www-form-urlencoded), it leaves $HTTP_RAW_POST_DATA blank. I
> > need to alter the sources so that PHP would always put the request data
> > into this variable.
> >
> > This would allow me to handle malformed POST requests. For example, if a
> > client sends a request of Content-type x-www-form-urlencoded and the
> > data is NOT really "urlencoded", such request seems to get lost. I can't
> > find the data neither in $HTTP_RAW_POST_DATA, nor in $HTTP_POST_VARS. I
> > figured it would be great if PHP could always set $HTTP_RAW_POST_DATA
> > independently of the Content-type.
>
> **WILD GUESS ALERT**
>
> If you modify lines 140-150 of php4/main/SAPI.c from:
>
> --
>
> if (zend_hash_find(&known_post_content_types, content_type,
> content_type_length+1, (void **) &post_entry)==SUCCESS) {
> SG(request_info).post_entry = post_entry;
> post_reader_func = post_entry->post_reader;
> } else {
> if (!sapi_module.default_post_reader) {
> sapi_module.sapi_error(E_WARNING, "Unsupported content type:
> '%s'", content_type);
> return;
> }
> SG(request_info).post_entry = NULL;
> post_reader_func = sapi_module.default_post_reader;
> }
>
> --
>
> to:
>
> --
>
>SG(request_info).post_entry = NULL;
>post_reader_func = sapi_module.default_post_reader;
>
> --
>
> you *may* get the behavior that you are looking for.
>
> --zak
>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP] PHP --with-java problem
I am trying to configue PHP with Java support.
with PHP-4.1.2, JDK1.3.1_01
The installation goes smoothly. My php.ini file
contains the follwing section for Java
[Java]
java.class.path = /usr/local/src/php-4.1.2/ext/java/php_java.jar
java.home = /usr/local/jdk1.3.1_01
java.library = /usr/local/jdk1.3.1_01/jre/lib/i386/server/libjvm.so
;java.library.path = .\
extension_dir = /usr/lib/php4
extension = libphp_java.so
phpinfo() function output shows me Java section OK.
BUT, when I run a simple example from 'ext/java/jver.php'
(available with PHP distribution), Netscape gives me an
error box with a message:
"The document contained no data.
Try again later or contact the server's administrator."
Here's the code for jver.php I'm trying to run:
test
Java Test
Java Test
$system = new Java("java.lang.System");
print "Java version=".$system->getProperty("java.version")." \n";
print "Java vendor=".$system->getProperty("java.vendor")." \n\n";
print "OS=".$system->getProperty("os.name")." ".
$system->getProperty("os.version")." on ".
$system->getProperty("os.arch")." \n";
$formatter = new Java("java.text.SimpleDateFormat",
", dd, 'at' h:mm:ss a ");
print $formatter->format(new Java("java.util.Date"))."\n";
// - */
?>
Obviously, there's somthing still wrong with PHP/Java configuration
Anybody has the same problem? Any suggestions?
Any help is appreciated,
Thanks
--
zakd
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: How to detect if cookies are enable?
Pekesan wrote:
>
> Does anyone know how to detect if the client browser allows cookies or not?
>
> Thanks in advance.
Here's one way to do that
(This is from 'Professional PHP Programming' published by Wrox Press):
Step 1:
- send a set-cookie request
- reload current page
Step 2:
- check whether set-cookie request was successful
if (empty($check)) {
$page = "$PHP_SELF?check=1";
header("Location: $page");
setcookie("testcookie", "1");
} else {
if (empty($testcookie)) {
echo "Could not set test cookie. You browser has disabled
cookies support.";
} else {
echo "Your browser supports cookies
}
}
Hope that helps. ;)
--
Dmitri Zakharov
email: [EMAIL PROTECTED]
phone: (514)938-7389
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP] User's language settings
Hello!
I have a web-site, part of which is in Russian and another part in English.
English and Russian parts are located in different directories. The
web-site is static.
I want to create a PHP file, which redirects the user from /index.php to
/ru/index.html, when his primary language is Russian and to
/en/index.html, when his primary language is non-Russian.
In other words:
if ($languageRussian)
{
header("Location: http://dapissarenko.com/ru/index.html";);
}
else
{
header("Location: http://dapissarenko.com/en/index.html";);
}
exit;
?>
How can I determine user's primary language?
Thanks!
dap
--
Dmitri Pissarenko
Software Engineer
http://dapissarenko.com
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
