[PHP] Replacing special characters with their HTML equivalents
Hey everyone. I have a question. I have a web scraper that grabs information from web pages that often contain characters such as vowels with umlots (I know I spelled that wrong.) The data is editable, so the characters show up unmodified in an editable text box. However, when I try to import the data into a MySQL database, the first occurrence of such a character, along with the rest of the string, is truncated from the result. Not all special characters cause the problem; vowels with macrons work, for example. I don't know if it's failing during the actual query or if the character is being filtered out at some earlier stage, but whatever the cause, it's not working. My question is, is there a way to replace these characters with their HTML equivalents? For example, the a with an umlot over the top is ä in HTML, so before the query is made, and before the filtering on the string is done, I'd like to replace that special character with its HTML representation. This allows the user to see the character while it's in its text box, yet at the same time allow it to be successfully imported into the database. I know about str_replace, but assuming it's the right function for the job, how would I go about representing these special characters in PHP so that it will understand what I'm trying to do? Thanks! James -- "Black holes are where God divided by zero." --Steven Wright signature.asc Description: OpenPGP digital signature
Re: [PHP] Replacing special characters with their HTML equivalents
Daniel Brown wrote: > Welcome to the list, James. Thanks :) > Check out htmlentities(): http://php.net/htmlentities I'll check that out. James -- "Black holes are where God divided by zero." --Steven Wright signature.asc Description: OpenPGP digital signature
Re: [PHP] Re: 64bit vs. 32bit
Ross McKay wrote: > One restriction I know (knew?) of is that you can't run DOS programs > under Wine on 64-bit, but then... why? I could be wrong, but I'll bet anything that Wine made use of the now defunct vm86 component of the x86 architecture. That allowed the CPU to implement a "virtual machine" with limited memory to appear as a separate process to the operating system, and is how most DOS instances on 32-bit OS's were implemented prior to the x86_64 architecture. On its way to being phased out, you can now only use vm86 if you boot the CPU in 32-bit protected mode, so the way DOS is run now is via VM software like KVM, VMWare, Xen, etc. Not sure how Wine was implemented though, so I could be very wrong :) James -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Help with MySQL
Hey everyone. I've been reading the list for a long time, but have only really posted to the mailing list a few times. I just had a quick question about MySQL. I'm not sure if this is exactly relevant to PHP, but it is for a PHP application I'm writing, so hopefully that makes this question ok :) Basically, I was wondering if there are any queries in MySQL that I can use to determine the data types used to construct a pre-existing table. The reason I ask is that I went back to look at the data in a table I've been using for a while and realized that I forgot to document what the data types were (DOH!) I'm sure there's something, but I wasn't quite sure what to google for, so I wasn't really able to turn up anything. Thanks! James -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Persistent data between two executions
Hey everyone, Long time reader, not such a long time poster :-P (though I have posted to the list occasionally in the past...) Anyway, I have a general question for the list. Basically, I need to maintain persistent objects between page refreshes. So, for example, if while running a PHP script the first time I create an instance of class foo, the next time the script is run (when the browser reloads the page) I can again access that same instance of foo. I know that there's no way to truly do that, since a script only runs while generating output for the browser, but my question is, in the group's opinion, what's the best way to mimic this sort of behavior using temporary storage? Should I be using temporary files? I can think of at least a couple ways to do it, but I'd like to get some opinions as to "best practice" techniques, which take both security and relative efficiency into account. I would want to make sure that data isn't shared between multiple concurrent sessions, which would be a bad thing for what I'm doing. my oh-so-limited knowledge of PHP is shining through, I think :) Thanks so much! James -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Persistent data between two executions
Martin Scotta wrote: > You can use $_SESSION to store the object, and serialize to convert to > string and reverse I like that idea. I think I may end up going that route. I have one question. This is VERY hypothetical, and mostly just to satisfy a curiosity, but let's assume that you write an application that supports a few hundred users, each of which happen to be logged on at the same time. Assuming that serialization/unserialization happens frequently in the application, how severely will that impact performance? I'd imagine quite a bit, since you're reading/writing a lot from disk, which is inherently slow. I suppose one interesting way to alleviate this problem on a per-machine basis would be to implement /tmp in a RAM disk, so that session data is effectively written to and read from memory instead of to and from the disk. I suppose the best solution would be to design things such that as little data as possible is serialized between page refreshes. James -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Object type determined at runtime
Hey everyone. I have a question. Hopefully it's clear, because I'm not sure quite how to ask it. Basically, I have a variety of different objects that a variable can be instantiated as in the same block of code, its type being determined at runtime. I want to be able to do something like this: $object = new $objType(); Where $objType is the type of object, which must be determined at runtime. I'm sure the syntax I have above is incorrect. My question is, is there any way that I can determine the object's type at runtime and do the same type of thing? Thanks! James -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Object type determined at runtime
Ah, thanks very much. That was very helpful! James -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP Manual in PDF format
Richard Quadling wrote: > $ pecl install haru > [...] > $ phd -f pdf -t phppdf -d .manual.xml I installed haru, yet when I try the phd command, I get a "class 'HaruDoc' not found" error :( Has this happened to anyone else? James -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] HTTP headers and include()
Hey everyone, I've been hard at work on a new web application, and discovered something that I would never have seen coming. I was noticing that when I called session_start() after a few lines of includes, I was getting complaints because the HTTP headers had already been sent out. Then, after putting session_start() above the include lines, suddenly everything was working fine. The files that were included were nothing more than functions; there was no code executing that I could tell up to the point of the call to session_start(). I was just wondering if anybody on the list knows why HTTP headers were being sent out by my includes. I'm sure there's a good reason. I'm just very curious :) Thanks very much in advance. James -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] HTTP headers and include()
Eddie Drapkin wrote: > HTTP headers are sent and finalized after the first bit of output. I > had the same problem before and it turned out to be because I had a > close tag "?>" at the end of a file followed by some whitespace. The > solution was to remove the ?> from the end of all the files and I > haven't closed an entire file since. Perhaps that might be it? Hmm... In fact, I did close all my include files with the ?> tag, and per Michael's observation in another response, there is a line of whitespace after the closing tag in my include files. I tried getting rid of the trailing whitespace, and removed the closing tags. Unfortunately, even after that, when I place my include files before session_start, I get the same problem. There's no leading whitespace before the starting http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] HTTP headers and include()
Zareef Ahmed wrote: > You should get a "headers already sent output started at " kind of error > if you have enabled error reporting with display_errors ON. Actually, I did. I just didn't think to mention it in my first post. The thing was that it said it was coming from one of my includes, even though I wasn't yet printing anything to the browser. That's why I was so confused. I've been following what tedd said in an earlier post (to make session_start() your first line of code) and haven't had a problem since. James -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] reason for a "Notice:.." on one site but not another? (Same code.)
John Butler wrote:
> if($_POST['UserWishesDateRange']) { //--line 79
> echo'submitted';
> } else {
> echo'NOT submitted';
> }
Try this instead:
if (isset('UserWishesDateRange'])) {
// [...stuff goes here...]
}
James
--
"Black holes are where God divided by zero." --Steven Wright
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Using fopen on a site with popups
Hey everyone! I have a question. I know that you can use fopen to open not just local files, but also files via HTTP. My question is, assuming you're attempting to open a page that has popups, is there anyway to get at the actual content underneath the popup? Thanks! James -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Using fopen on a site with popups
Ralph Deffke wrote: > have u tried? > > I did not, but as far as I understand u getting the stream including the > html causing the browser to open an popup. > > so what is ur real problem then? Yeah, ummm... Sorry for the traffic. That was a really stupid question... It looks like the format of a page I was reading data from changed, which messed something else up. It just recently started implementing popup ads as well, so I blamed that, but as another poster pointed out, popups are caused by javascript execution in the browser, so that shouldn't have any effect on the content I read. Me needs to get some sleep :) James -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] PHP inserting carriage returns into POST values?
Hey everyone. I ran into a really weird issue that I was hoping I could find some clarification on. In short, I have javascript functions that operate on hidden text values. Those values may be posted, in which case PHP then prints them back to the page via what comes in on $_POST. The weird thing is, I was no longer able to match substrings inside those hidden text values after posting via Javascript. I banged my head over this for a couple hours, until I realized that the string's length was being increased by one after posting (I found this out in javascript). Upon further investigation, I found that all instances of "substring\n" were being replaced by "substring(carriage return)\n" after post. For now, I'm simply doing str_replace(chr(13), "", $_POST['value']) before re-inserting it into the HTML, but I was wondering why PHP is inserting those extra characters. Thanks! James -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP inserting carriage returns into POST values?
Andrew Ballard wrote: > Javascript interpolates \n as a newline character inside both double > and single quotes unlike PHP that only interpolates inside double > quotes. If the client browser is running under Windows, it may even be > possible that the \n is recognized by the browser as a line terminator > and converted to the Windows line terminator sequence (\r\n) either > inside the form element itself or in the Javascript you are using to > post back to the web server. Both the server and the client are Linux machines, so there are no issues with incompatible representations of newline. I only ever place \n's inside double quotes in PHP, and am aware of the fact that I don't have to do that in PHP. For the life of me, I just can't figure out what's happening. Anyway, for now, filtering \r's out in PHP seems to do the trick. James -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] accessing variable from inside a class
Lars Nielsen wrote: > Hi, > > How do i access a variable from inside a class? Add the following statement: global $template_dir; James -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: PHP inserting carriage returns into POST values?
Nisse Engström wrote: > It may be the browser that is converting those line breaks. Ah. That's probably it then. I didn't realize that was a part of the HTML standard. Thanks! James -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Sorting an array of sub-arrays based on a sub-array's key
Hey everyone. I have an array that looks like this:
$main_array[0] = array('key1' => 'vala');
$main_array[1] = array('key1' => 'valb');
etc.
I want to sort the main array based on the value of key1 for each
sub-array. I looked at all the array sorting functions, but unless I
misunderstood something, I didn't see a direct way to do what I want.
If there were a sorting function in which I could pass as an argument
the name of a function that compares two elements like qsort in C, I
could do it easily. Is there a function like that in PHP? If not, what
should I do?
Thanks everyone!
James
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Sorting an array of sub-arrays based on a sub-array's key
Eddie Drapkin wrote: > http://us3.php.net/uasort Exactly what I was looking for. Thanks. James -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Converting print_r() output to an array
Hey everyone, I was pretty sure there was an easy built-in solution for what I want to do, but I've been googling around with no luck. Basically, I just want to take a string containing the output of print_r() and convert it back into an array again. That is possible, right? If so, how do I go about it? If not, what's a quick and easy way to parse a string and turn it into an array (I don't necessarily need the string to be in the format print_r returns). Thanks! James -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] utf8_decode() and mixed character sets
Hey everyone. I'd been troubled for a while by the fact that inserting cut-pasted special characters such as ä caused truncation when passed to MySQL, then discovered that it was because I was cutting and pasting unicode values into non-unicode Latin-1 strings. Since Latin-1 also has equivalent values, I was hoping that filtering my mixed unicode/non-unicode string through utf8_decode() would solve the problem, but instead, where the unicode character used to be, I now get a '?', followed by a few characters being taken out of the middle. I'm guessing that this is because utf8_decode() assumes the whole string is unicode and therefore removes a bunch of extra bytes from the string and corrupts it. At least, that's my guess. I could be very wrong (I have pretty much no experience with different character sets...) My question is, what's a good way to translate unicode characters in a non-unicode string to their Latin-1 equivalents? I need to be able to do this in order to sanitize a fairly common form of input. Thanks! James -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] utf8_decode() and mixed character sets
Andrew Ballard wrote: > Have you tried iconv or mb_string? Is it a option to update the > database to use UTF-8? I'll look into those functions. And, I suppose I could in fact convert my database to use UTF-8 if necessary. James -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Happy New Year
tedd wrote: > May 2010 > 2009. Fortunately, I think that's automatically true by definition :-D James -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] database abstraction layer
Lars Nielsen wrote: Is it save to assume that I can use the same SQL, or should i make some exceptions? Standard SQL should work across all SQL servers with only a few exceptions (for example, MySQL doesn't support full outer joins.) Anything that has to do with server administration, however, such as dealing with users and permissions, will be unique to the db engine. James -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] MySQL: Return Number of Matched Rows
Hey everyone, I have a question. If I do a mysql query that updates a column in a row to the same value, I get 0 rows affected. However, I also get 1 or more matched rows. Is there a way that I can return the number of matched rows, rather than the number of rows affected? I'm trying to get something done with as few SQL queries as possible. Thanks! James -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] MySQL: Return Number of Matched Rows
Floyd Resler wrote: > As for as I know, MySQL simply just doesn't report a row as being affected if > nothing has changed in it. To get the number of matched rows, try doing a > SELECT query before you do the UPDATE query. I don't know if that will > produce the results you're looking for, but it might. > Yeah, the extra select is what I was hoping to avoid :-P The MySQL client will return both the number of rows matched and the number of rows affected by the query; I was hoping perhaps the PHP API offered a way for me to do the same. Ah well... Thanks! James -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] var_dump( (0 == 'heading') ) == TRUE ?!
I'm pretty sure this is the right answer. If not, someone please correct me. PHP will compare the 0 against the integer represented by the string. So, for example, 0 == "0" would test true. 0 == "1" would test false. However, 'heading' doesn't represent a valid integer, so it appears on the right hand side as just 0, which is equal to the left hand side. James Daevid Vincent wrote: > Can someone explain why an integer 0 compared to a string evaluates to > boolean true?? > > var_dump( (0 == 'heading') ); > > Yet, > > var_dump( (1 == 'heading') ); > > Is FALSE. > > WTF? I would expect the 0 one to be FALSE too. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Question about logins and locking
Hey everyone, I have a question about logins. Let's say that I want to allow each user account to login only once at a time. I would then need some kind of locking mechanism to make sure that the same user can't login again somewhere else until first logging off. What's a good way to achieve this? I want to be able to handle situations in which the user closes their browser without first logging off, where I would want to count that as a logout. Perhaps I could do some kind of periodic polling in Javascript, combined with a query to the database that sets a value when the user logs in and when the user logs out? I'm just looking for some conceptual ideas. Thanks everyone! James -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Question about logins and locking
Tommy Pham wrote: > 1) Set an encrypted (to prevent hijacking and eavesdropping) cookie to > expire when browser closes > 2) Have a table in the DB backend to keep track if the user is logged in or > not and when was the last time the validated user access your site (this > gets updated when the user visit a link on your site by checking the cookie > and the DB entry of the session ID) > 3) Set your session timeout accordingly to you security requirement > 4) Have a javascript on a timeout to self-logoff should the user is AFK > longer than your session timeout. > > If another user or if the same user tries to login with a different browser, > you can check the status of the user. If the user is logged in, you can > deny it after the authentication. Should the user closes the browser > without having to logoff, you can check when was the last time the user > accessed your site and see if it's been longer than your session timeout. > For security purposes, you can optionally send a courtesy email notifying > that the user didn't logout properly since last accessed. This way, you can > track whether if the user's system is compromised in some way or not. It > all depends on what kind of application, service, user level access, and the > strict security you require. Thanks Tommy. That was very helpful, and some of it is similar to how I was thinking of doing it. James -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Exception Handling
Hey guys, Haven't posted in a long time... Happy Memorial Day! I have an issue with exception handling. I'm using a framework that throws a "Database_Exception" object. I was expecting catch (Exception $var) to be sufficient to catch this, but it doesn't. I have to do catch (Database_Exception $var) to make it work. I've been reading that Exception should be sufficient, since every exception object is a child class of Exception. Did this perhaps change in 5.4? I think it was working properly in 5.3, but I'm not sure. Any clarification would be greatly appreciated! James -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Exception Handling
On 06/01/12 07:30, ma...@behnke.biz wrote:
James Colannino hat am 1. Juni 2012 um 16:25
geschrieben:
Hey guys,
Haven't posted in a long time... Happy Memorial Day! I have an issue
with exception handling. I'm using a framework that throws a
"Database_Exception" object. I was expecting catch (Exception $var) to
be sufficient to catch this, but it doesn't. I have to do catch
(Database_Exception $var) to make it work. I've been reading that
Exception should be sufficient, since every exception object is a child
class of Exception. Did this perhaps change in 5.4? I think it was
working properly in 5.3, but I'm not sure.
Look at the definition of "Database_Exception" and see if it extends Exception,
I'll guess it doesn't.
Nothing changed in PHP 5.4 to that.
Hey Marco,
Thanks for the reply! That was the first thing I checked.
class Database_Exception extends \FuelException {}
class Fuel_Exception extends \Exception {}
It's extending Exception, as expected. Also, can you throw classes that
don't extend Exception? It was always my understanding that doing so
would cause a fatal error.
James
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Exception Handling
On 06/01/12 08:08, James Colannino wrote:
On 06/01/12 07:30, ma...@behnke.biz wrote:
James Colannino hat am 1. Juni 2012 um 16:25
geschrieben:
Hey guys,
Haven't posted in a long time... Happy Memorial Day! I have an issue
with exception handling. I'm using a framework that throws a
"Database_Exception" object. I was expecting catch (Exception $var) to
be sufficient to catch this, but it doesn't. I have to do catch
(Database_Exception $var) to make it work. I've been reading that
Exception should be sufficient, since every exception object is a child
class of Exception. Did this perhaps change in 5.4? I think it was
working properly in 5.3, but I'm not sure.
Look at the definition of "Database_Exception" and see if it extends
Exception,
I'll guess it doesn't.
Nothing changed in PHP 5.4 to that.
Hey Marco,
Thanks for the reply! That was the first thing I checked.
class Database_Exception extends \FuelException {}
class Fuel_Exception extends \Exception {}
It's extending Exception, as expected. Also, can you throw classes
that don't extend Exception? It was always my understanding that
doing so would cause a fatal error.
I was right. From the documentation
(http://php.net/manual/en/language.exceptions.php):
"The thrown object must be an instance of the Exception
<http://www.php.net/manual/en/class.exception.php> class or a subclass
of Exception <http://www.php.net/manual/en/class.exception.php>. Trying
to throw an object that is not will result in a PHP Fatal Error."
James
Re: [PHP] Exception Handling
On 06/01/12 07:32, Mackintosh, Mike wrote: Hi James, You would have to catch Database_Exception. It is also good practice to also always catch exception afterwards. Hey Mike, Thanks for the reply! I saw this comment in the documentation (http://www.php.net/manual/en/language.exceptions.extending.php) -- it's the first one: "|It's important to note that subclasses of the Exception class will be caught by the default Exception handler" Of course, I haven't tested the code they posted. I'll do that tonight and confirm or deny the expected result. James |
Re: [PHP] Exception Handling
On Fri, Jun 1, 2012 at 12:51 PM, Marco Behnke wrote: Ah, I guess that is the problem. Your application framework uses namespaces. > I guess you should try > > catch (\Exception $e) > > instead of > > catch (Exception $e) > > :-) > Ah, that was probably it. Will try it out tonight to confirm. Thanks! James
[PHP] mysqli_query() returns NULL?
Hey everyone, After reading the documentation for mysqli_query(), I was lead to believe that on any error it would return false. However, through a stupid mistake, I discovered that when I specify an invalid value for the database link identifier (in my case, I accidentally passed an integer), instead of false I get a return value of NULL. Does anyone know why? Thanks! James -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] mysqli_query() returns NULL?
On 06/18/11 13:27, Ashley Sheridan wrote: > You'll only get an error if there was an error with the query. A query that > has no result is still a valid query, so won't return an error. It's quite > common to check the value of mysql_num_rows() before trying to use the > results of the query. But in that case it would return boolean true rather than NULL, right? James -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] (Kinda sorta) PHP related: recovering lost passwords
Hi everyone, I don't post all that often, so I hope my (mildly) off-topic question won't be too unwelcome... Keep in mind that I'm still pretty new when it comes to security, so what I propose may or may not sound incredibly dumb (you have been warned! :-P) I'm working on a project in PHP, a toy framework, and would really like to be able to send someone their password should they ever forget it. The only problem is that it's best not to store the actual password in the database, or at least to store it unencrypted. Security-wise, how would the following scenario work out for password retrieval: You ask the user to setup a "security question" when they create their account. You use the string value of the answer to the question as a cryptographic key, and encrypt the password with it. You also generate a random string of characters, and encrypt it with the same key. You store the encrypted password, along with both the encrypted and unencrypted versions of the randomly generated string, in the database. When the user goes to retrieve their password, they enter their security question. The randomly generated string is then decrypted using the answer as the key. If it matches the unencrypted version stored in the database, you know you have the correct answer, and use it to decrypt the user's password and send it to the email the user has setup for their account. James -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] (Kinda sorta) PHP related: recovering lost passwords
On 08/16/11 01:30, Lester Caine wrote: > All the good sites simply don't have that capability ... > Much safer rather than 'recovering' a password is to identify the user, > and send them a temporary password which they have to change when they > log in. This way nobody is allowed access existing passwords ;) Good point. I think I'll go that route instead. James -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] (Kinda sorta) PHP related: recovering lost passwords
On 08/16/11 02:08, Richard Quadling wrote: > Take a look at https://code.google.com/p/loginsystem-rd/ > > Whilst it is just a login system, the techniques here could be adapted > and probably learned from (if you are new to security). Ah, that looks interesting. Thanks for the link! James -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP MS-Word plugin
Jochem Maas wrote: > that said I have no idea if there are any *nix based word doc > manipulators, if there > are they probably won't work with all versions of word documents - the > file format is > closed and changes from version to version. OpenOffice.org (the website is the same as the name) is pretty good at the basic manipulation of most word documents. James -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Persistent state applications
Hey everyone! I'm very new to PHP, and had a somewhat general question (forgive me if it's too broad in scope.) Basically, I'd like to be able to have a single PHP application that remembers its state as users click on links. When the user clicks on a link, though, the user unavoidably re-requests the URL from the web server, which forces the PHP application to reload. I'm therefore uncertain as to how I should keep the program in a state in which it remembers things like login information when the users have to click on links in order to navigate the application. This is especially an issue for me when it comes to maintaining things like persistent connections to SQL servers. Thanks! James -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Persistent state applications
tedd wrote: James: Hey tedd, thanks for the response! 1. A $_SESSION variable; After googling briefly on the subject of sessions, it looks like this is probably the way I'd want to go. I like this idea, because I can modularize the code and call different php scripts for different actions. I could have each script check for the proper session variables, and if they don't exist, redirect the user to the login page. I'm assuming that a session will last as long as the browser is open (or until it's explicitly destroyed), correct? Are there any security issues I should be aware of? Since there's a login, I'd be serving this over SSL, and the user's password would be stored as an SHA1 hash in the MySQL db. James -- My blog: http://www.crazydrclaw.com/ My homepage: http://james.colannino.org/ "When you do the common things in life in an uncommon way, you will command the attention of the world." --George Washington Carver -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] strip_tags and nl2br
Hey everyone, I have a little bit of a quandry. I need to strip HTML tags from user input, but I also need to convert \n's from the textarea elements to tags so it will display properly in a browser. nl2br() works just fine, but if I use strip_tags first, then run nl2br, nl2br won't work as expected. Instead, everything shows up on a single line. I understand why it won't work if I place a call to nl2br inside a call to strip_tags, but strip_tags doesn't get rid of \n's, right? I'm making my calls like this: $string = strip_tags($_SESSION['variable']); $string = nl2br($string); I would expect that to work, but it doesn't :( Am I missing something? I originally placed the call to strip_tags inside the call to nl2br, but when that didn't work, I tried doing these calls separately. Thanks! James -- My blog: http://www.crazydrclaw.com/ My homepage: http://james.colannino.org/ "When you do the common things in life in an uncommon way, you will command the attention of the world." --George Washington Carver -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] strip_tags and nl2br
Chris wrote: RTM. Supply the tags you want to keep when you call strip_tags. $stripped = strip_tags($data, ''); I can do that, but my question had to do with strip_tags seeming to get rid of \n's, not tags. This is why I was concerned. If I run strip_tags(), followed by nl2br, the tags that nl2br generates should be there. James -- My blog: http://www.crazydrclaw.com/ My homepage: http://james.colannino.org/ "Black holes are where God divided by zero." --Steven Wright signature.asc Description: OpenPGP digital signature
Re: [PHP] strip_tags and nl2br
Chris wrote: Are you sure there are newlines before you run strip_tags? I would assume so, because everything from the textarea runs together in one line when displayed in the browser until filtered through nl2br(). That would suggest to me that there are indeed \n's that are being converted to 's. It doesn't touch newlines because they aren't html entities. That is exactly why I am distressed. James -- My blog: http://www.crazydrclaw.com/ My homepage: http://james.colannino.org/ "When you do the common things in life in an uncommon way, you will command the attention of the world." --George Washington Carver -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] strip_tags and nl2br
James Colannino wrote: Chris wrote: Are you sure there are newlines before you run strip_tags? I would assume so, because everything from the textarea runs together in one line when displayed in the browser until filtered through nl2br(). That would suggest to me that there are indeed \n's that are being converted to 's. And about 15 minutes later, it appears I'm eating my words... My code was fine upon injecting my data into its database. However, I run strip_tags again upon extracting the data, so of course that caused problems. I solved this by entering the data with newlines instead of tags, so only when displaying the data do I run nl2br() after running strip_tags. Now everything works fine. Sorry for the noise everyone. James -- My blog: http://www.crazydrclaw.com/ My homepage: http://james.colannino.org/ "When you do the common things in life in an uncommon way, you will command the attention of the world." --George Washington Carver -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Uploading files without saving them
Hey everyone. Here's a simple question. I'd like to be able to import information from a text file located on the client without actually saving it on the server; that is, I simply want to read the data into memory on the server, without actually saving it to a file. I've been googling around to learn about uploading files via PHP, but haven't found anything yet (I could save the file to a temporary location and delete it when finished, but I'd prefer not to have to do this if at all possible.) Anyone have any ideas? Thanks! :) James -- My blog: http://www.crazydrclaw.com/ My homepage: http://james.colannino.org/ "Black holes are where God divided by zero." --Steven Wright -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Uploading files without saving them
Boyd, Todd M. wrote: IIRC, if you never move it out of PHP's defaulted temporary storage sandbox, it will eventually be wiped. When files are uploaded via PHP, they must explicitly be moved into the active file system. Ah, I see. What would happen if two people just happened to upload files with the same filename at the same time? Would one stomp over the other, or does PHP have mechanisms to handle that sort of situation? James -- My blog: http://www.crazydrclaw.com/ My homepage: http://james.colannino.org/ "Black holes are where God divided by zero." --Steven Wright -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Uploading files without saving them
Nitsan Bin-Nun wrote: PHP uses randomaly name for each of them (during the upload to the temporary directory), when its done PHP moves the file to the objective location, i dont think you will obstacle filename problems. Ah, excellent! Thanks :) James -- My blog: http://www.crazydrclaw.com/ My homepage: http://james.colannino.org/ "Black holes are where God divided by zero." --Steven Wright -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
