RE: [PHP] how do i hide my .inc files in apache??
I could be mistaken here, but last I checked you could include files outside of the document root. Can't get much more secure then that and you don't have to mess with the Apache rewrite engine, which is known for slowing things down. --Jon At 02:02 PM 1/17/01 +, Matt Williams wrote: > > Order allow,deny > Deny from all > > >in either your httpd.conf or a .htaccess file will deny users access to your >*.inc files > >M@ > > > -Original Message- > > From: Jon Haworth [mailto:[EMAIL PROTECTED]] > > Sent: 17 January 2001 13:01 > > To: 'Jamie Burns' > > Cc: '[EMAIL PROTECTED]' > > Subject: RE: [PHP] how do i hide my .inc files in apache?? > > > > > > I take it you're talking about normal html .inc files, and not the PHP > > include() function? If so, this is well off-list, try the > > comp.infosystems.www.servers heirarchy for this sort of thing. > > > > But... > > > > You can't, AFAIK. The whole *point* of an include file is that the entire > > contents of that file are included in whatever document you call it from. > > You use them for holding repetitive information that you don't > > want to type > > out for every page, such as a footer, eg: > > > > This page is copyright blah blah blah > > mailto:[EMAIL PROTECTED]">E-mail the webmaster > > > > would be a candidate for a .inc file. > > > > If I have completely missed the point, please forgive me. > > > > > > Cheers > > Jon > > > > > > -Original Message- > > From: Jamie Burns [mailto:[EMAIL PROTECTED]] > > Sent: 17 January 2001 12:48 > > To: [EMAIL PROTECTED] > > Subject: [PHP] how do i hide my .inc files in apache?? > > > > > > hi.. > > > > can anyone tell me how i get apache to never send out the contents of my > > include files (*.inc) to users? > > > > i dont want my source sode to be visible to browsers. > > > > thanks, > > > > jamie. > > > > -- > > PHP General Mailing List (http://www.php.net/) > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > To contact the list administrators, e-mail: [EMAIL PROTECTED] > > > > >-- >PHP General Mailing List (http://www.php.net/) >To unsubscribe, e-mail: [EMAIL PROTECTED] >For additional commands, e-mail: [EMAIL PROTECTED] >To contact the list administrators, e-mail: [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP] session question (4.1.1)
I am trying to implement a user authentication/login system using PHP 4.x's
built in session functions. Upon a successful login, there is a
session_register('uid','uname','status'). On pages that require someone to
be an authenticated user I check against HTTP_SESSION_VARS['uid'] to make
sure it is not null, is greater then 0, and i also check the
HTTP_SESSION_VARS['uname'].
This seemed to be working until I tried to see what would happen if I fed
it a query string. I fed a "secure"
page ?action=edit&uid=3&uname=jon&status=true and my check still failed
me, but then when i went back to the same secure page without the bogus
query string, I was in fact authenticated as the user i forced through.
Is it possible that global vars even if not registered via
session_register() to end up the HTTP_SESSION_VARS array? I was under the
impression that the OLY variables and values that would be in this array
were those that were explicity registered via session_register().
Should i disable register_globals?
--Jon
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP] DSO woes :(
Hey folks, I am having some annoying problems with building PHP 4.0.6 as a DSO. In summary, Apache is not finding various library files that the libphp4.so wants... First I built Apache 1.3.22 w/ mod_ssl. That all went smooth. Built it in /usr/local/apache SSL_BASE=../openssl-0.9.6b \ RSA_BASE=../rsaref-2.0/local \ ./configure \ --enable-module=ssl \ --prefix=/usr/local/apache \ --enable-shared=ssl \ --with-perl=/usr/bin/perl \ --enable-module=rewrite \ --enable-module=so \ --enable-module=userdir Then I configured PHP: ./configure \ --with-apxs=/usr/local/apache/bin/apxs \ --with-config-file-path=/usr/local/apache/conf \ --with-mysql=/usr/local/mysql \ --with-pgsql=/usr/local/pgsql \ --with-oci8=/u01/app/oracle/product/8.1.7/OraHome1 \ --with-openssl=/usr/local/ssl \ --enable-bcmath \ --enable-calendar \ --with-bz2=/usr/bin/bzip2 \ --enable-ftp \ --with-xml \ --enable-track-vars \ --enable-trans-sid \ --enable-shmop \ --enable-sockets \ --enable-wddx \ --with-gd \ --enable-gd-native-ttf \ --with-jpeg-dir \ --with-freetype-dir \ --with-ttf \ --with-gettext \ --with-gmp \ --with-iconv \ --with-readline \ Did make and make install, and copied over the php.ini file. All worked fine. Then I ran Apache: [root@megatron bin]# ./apachectl startssl Syntax error on line 207 of /usr/local/apache/conf/httpd.conf: Cannot load /usr/local/apache/libexec/libphp4.so into server: libpq.so.2: cannot open shared object file: No such file or directory ./apachectl startssl: httpd could not be started Took me like 20 minutes to figure out that that libpq.so.2 is a Postgres library. The file is in my /usr/local/pgsql/bin. Searched mailing list archives and the consensus answer was to add /usr/local/pgsql/lib to the bottom of my /etc/ld.so.conf and then run /sbin/ldconfig to read in the new config. I then ran Apache again: [root@megatron bin]# ./apachectl startssl Syntax error on line 207 of /usr/local/apache/conf/httpd.conf: Cannot load /usr/local/apache/libexec/libphp4.so into server: libmysqlclient.so.10: cannot open shared object file: No such file or directory ./apachectl startssl: httpd could not be started Now, if I add the path to that library to the /etc/ld.so.conf, I get another error because it can't find the next module. My gut feeling is that I am doing something wrong because it makes no sense to add every single library it needs to the /etc/ld.so.conf file. I have a feeling that that is not good for performance either. Is there another way to go about this? Thanks in advance for any help you can give :) --Jon -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] what is "Trans-sid" in PHP
When you doa phpinfo() look at the top block. you will probably see something like ./configure --enable-track-vars --enable-trans-sid etc. If it is not here your PHP module was not compiled with trans-sid enabled. --Jon At 09:13 PM 12/10/2001 -0500, John King wrote: >Running a script that requires: > >"Trans-sid enabled in php" > >How would I find if this is enabled or disabled? Did a phpinfo() on the >server but could not find this? Was it a misprint? > >Thanks, > >John > >-- >PHP General Mailing List (http://www.php.net/) >To unsubscribe, e-mail: [EMAIL PROTECTED] >For additional commands, e-mail: [EMAIL PROTECTED] >To contact the list administrators, e-mail: [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] what is "Trans-sid" in PHP
You would need to have write access to the php.ini file as well as execute access to the httpd binary to do a server restart in order to initialize with new configuration. --Jon At 11:54 AM 12/11/2001 -0500, John King wrote: >Ahh, Thanks. Ok I don't see it so it must not be enabled. PHP is installed >through my WebHost so to get this enabled I call them and ask if it's >possible? > >Or is there a way for me to enable it without access to the server? > > > > > > >on 12/11/01 1:19 AM, Jon Niola at [EMAIL PROTECTED] wrote: > > > When you doa phpinfo() look at the top block. you will probably see > > something like ./configure --enable-track-vars --enable-trans-sid etc. If > > it is not here your PHP module was not compiled with trans-sid enabled. > > > > --Jon > > > > At 09:13 PM 12/10/2001 -0500, John King wrote: > >> Running a script that requires: > >> > >> "Trans-sid enabled in php" > >> > >> How would I find if this is enabled or disabled? Did a phpinfo() on the > >> server but could not find this? Was it a misprint? > >> > >> Thanks, > >> > >> John > >> > >> -- > >> PHP General Mailing List (http://www.php.net/) > >> To unsubscribe, e-mail: [EMAIL PROTECTED] > >> For additional commands, e-mail: [EMAIL PROTECTED] > >> To contact the list administrators, e-mail: [EMAIL PROTECTED] > > > > >-- >PHP General Mailing List (http://www.php.net/) >To unsubscribe, e-mail: [EMAIL PROTECTED] >For additional commands, e-mail: [EMAIL PROTECTED] >To contact the list administrators, e-mail: [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP] Logo proposal
LOL, I guess Python is spoken for too ;) --Jon At 11:32 AM 12/11/2001 -0800, Andrew Chase wrote: >Maybe an animal beginning with "P" would be a good Mnemonic device (and good >for alliteration; think "The PHP Panda" or "The PHP Platypus".) Hmm, I >guess Panda and Platypus aren't particularly "powerful" animals, though. :/ > >Other animals beginning with "P": > >Pelican >Panther (cheesy) >Polliwog >Protozoa > >Of course, the Penguin is already spoken for. :) > >Personally, I don't have a problem with the current PHP logo... From a >marketing standpoint, I don't know; has MySQL become a more attractive >prospect to the pointy haired bosses of the world since they streamlined >their logo and added a Dolphin? It would be interesting to know. > >If PHP was going to adopt a mascot, I kinda like the idea of the Platypus. >If you want to force a metaphor, think of PHP as an interesting language >that fits between traditional scripting languages and the HTTP server - sort >of like the Platypus is an interesting critter that fits somewhere between >mammal and.. whatever else. :) > >-Andy > > > > -Original Message- > > From: Tim Ward [mailto:[EMAIL PROTECTED]] > > Sent: Tuesday, December 11, 2001 2:02 AM > > To: PHP; Valentin V. Petruchek > > Subject: RE: [PHP] Logo proposal > > > > > > Chinchillas are fluffy, and I don't think anyone is using them for their > > logo. > > > > -- > > From: Valentin V. Petruchek [SMTP:[EMAIL PROTECTED]] > > Sent: 10 December 2001 16:58 > > To: PHP > > Subject: [PHP] Logo proposal > > > > Hello world of php-programmers! > > > > It seemes to me PHP is very powerful tool and very popular among > > web-programmers, too. As for me I use php for solving web tasks for > > 2 years > > and I'm very satisfied with it. > > > > It seemes to me current PHP logo (can be found by > > http://www.php.net/gifs/logo.gif) doesn't suite to PHP. It's common > > logo > > without any idea except using title in it. > > > > I propose to create and develop new PHP logo corresponding to its > > power. > > > > My propose is WoodPecker (e.g. like Woody). > > > > Other propositions? > > > > Respectfully, Zliy Pes http://www.zliypes.com.ua > > > > > > > > > > > > > > >-- >PHP General Mailing List (http://www.php.net/) >To unsubscribe, e-mail: [EMAIL PROTECTED] >For additional commands, e-mail: [EMAIL PROTECTED] >To contact the list administrators, e-mail: [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] How to compile PHP-4.1.0 or 4.0.6 with Oracle-9i ?
Here is something that may help you: http://www.cba.ua.edu/~spaff/ I have yet to try it but plan on it soon. Apparently you have to patch the configure script and it will work :) Let me know how it works out --Jon At 09:11 PM 12/11/2001 +0100, Thies C. Arntzen wrote: >On Tue, Dec 11, 2001 at 10:38:26PM +0700, Somsak RAKTHAI wrote: > > Dear sir, > > Now I install "Oracle-9i" running on RedHat-7.2. > > > > In php-4.0.6 and php-4.1.0 have option for Oracle-7 or 8 below. > > > > --with-oci8[=DIR] Include Oracle-oci8 support. Default DIR is > > ORACLE_HOME. > > --with-oracle[=DIR] Include Oracle-oci7 support. Default DIR is > > ORACLE_HOME. > > > > Don't have option for Oracle-9i. > > When I used command below. > > ./configure --with-apache=../apache_1.3.22 \ > > --with-mysql=/usr/local/mysql \ > > --with-imap=../imap-2001a \ > > --with-ldap=/usr/local/openldap \ > > --with-oci8=/u01/app/oracle/product/9.0.1 \ > > --enable-sigchild > > > >It has error messages below. > > > >checking for Oracle-OCI8 support... yes > >checking Oracle Install-Dir... /u01/app/oracle/product/9.0.1 > >checking Oracle version... configure: error: Oracle-OCI8 needed > > libraries not found > > > >I want to compile PHP with Oracle-9i. > >Please let me know more detail how to solve this problem ? > > pelase send me teh output of > > ls /u01/app/oracle/product/9.0.1/lib/libclntsh* > > re, > > tc > >-- >PHP General Mailing List (http://www.php.net/) >To unsubscribe, e-mail: [EMAIL PROTECTED] >For additional commands, e-mail: [EMAIL PROTECTED] >To contact the list administrators, e-mail: [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] Logo proposal
I think MySQL has that already ;) At 12:33 PM 12/11/2001 -0800, Hugh Danaher wrote: >How about a porpoise. They're fast, intelligent, and as Lewis Carol said, >"you shouldn't go anywhere without a porpoise." >- Original Message - >From: Dan McCullough <[EMAIL PROTECTED]> >To: PHP General List <[EMAIL PROTECTED]> >Sent: Tuesday, December 11, 2001 11:38 AM >Subject: RE: [PHP] Logo proposal > > > > But for the use of visualization you might want to pick something friendly >and fast, so they think > > of PHP in that way, instead of strange and slow. > > --- Andrew Chase <[EMAIL PROTECTED]> wrote: > > > Maybe an animal beginning with "P" would be a good Mnemonic device (and >good > > > for alliteration; think "The PHP Panda" or "The PHP Platypus".) Hmm, I > > > guess Panda and Platypus aren't particularly "powerful" animals, though. >:/ > > > > > > Other animals beginning with "P": > > > > > > Pelican > > > Panther (cheesy) > > > Polliwog > > > Protozoa > > > > > > Of course, the Penguin is already spoken for. :) > > > > > > Personally, I don't have a problem with the current PHP logo... From a > > > marketing standpoint, I don't know; has MySQL become a more attractive > > > prospect to the pointy haired bosses of the world since they streamlined > > > their logo and added a Dolphin? It would be interesting to know. > > > > > > If PHP was going to adopt a mascot, I kinda like the idea of the >Platypus. > > > If you want to force a metaphor, think of PHP as an interesting language > > > that fits between traditional scripting languages and the HTTP server - >sort > > > of like the Platypus is an interesting critter that fits somewhere >between > > > mammal and.. whatever else. :) > > > > > > -Andy > > > > > > > > > > -Original Message- > > > > From: Tim Ward [mailto:[EMAIL PROTECTED]] > > > > Sent: Tuesday, December 11, 2001 2:02 AM > > > > To: PHP; Valentin V. Petruchek > > > > Subject: RE: [PHP] Logo proposal > > > > > > > > > > > > Chinchillas are fluffy, and I don't think anyone is using them for >their > > > > logo. > > > > > > > > -- > > > > From: Valentin V. Petruchek [SMTP:[EMAIL PROTECTED]] > > > > Sent: 10 December 2001 16:58 > > > > To: PHP > > > > Subject: [PHP] Logo proposal > > > > > > > > Hello world of php-programmers! > > > > > > > > It seemes to me PHP is very powerful tool and very popular among > > > > web-programmers, too. As for me I use php for solving web tasks for > > > > 2 years > > > > and I'm very satisfied with it. > > > > > > > > It seemes to me current PHP logo (can be found by > > > > http://www.php.net/gifs/logo.gif) doesn't suite to PHP. It's common > > > > logo > > > > without any idea except using title in it. > > > > > > > > I propose to create and develop new PHP logo corresponding to its > > > > power. > > > > > > > > My propose is WoodPecker (e.g. like Woody). > > > > > > > > Other propositions? > > > > > > > > Respectfully, Zliy Pes http://www.zliypes.com.ua > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > -- > > > PHP General Mailing List (http://www.php.net/) > > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > > For additional commands, e-mail: [EMAIL PROTECTED] > > > To contact the list administrators, e-mail: [EMAIL PROTECTED] > > > > > > > > > = > > dan mccullough > > > > "Theres no such thing as a problem unless the servers are on fire!" > > > > > > __ > > Do You Yahoo!? > > Check out Yahoo! Shopping and Yahoo! Auctions for all of > > your unique holiday gifts! Buy at http://shopping.yahoo.com > > or bid at http://auctions.yahoo.com > > > > -- > > PHP General Mailing List (http://www.php.net/) > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > To contact the list administrators, e-mail: [EMAIL PROTECTED] > > > > >-- >PHP General Mailing List (http://www.php.net/) >To unsubscribe, e-mail: [EMAIL PROTECTED] >For additional commands, e-mail: [EMAIL PROTECTED] >To contact the list administrators, e-mail: [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] last entry in mysql
You should try using mysql_insert_id() with the connection descriptor. For example: $dblink = mysql_connect($host, $user, $password); mysql_select_db($databasename, $dblink); The $dblink variable or what I call the connection descriptor, should be used with mysql_insert_id($dblink); --Jon At 10:30 AM 12/12/2001 -0600, Yoed Anis wrote: >hey guys, > >quick question I'm having trouble finding an answer too. >In a mysql database, how can I select that last row entry. This might be >done mins after i put that entry there and i tried to use: > $lastid=mysql_insert_id(); to get the last id but to no avail. > >Thanks >Yoed > > > >-- >PHP General Mailing List (http://www.php.net/) >To unsubscribe, e-mail: [EMAIL PROTECTED] >For additional commands, e-mail: [EMAIL PROTECTED] >To contact the list administrators, e-mail: [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP] PHP 4.x on Apache 2.x?
With all the architectural changes to the Apache platform for 2.x, will PHP 4.x run as a module still, or is that TBD? --Jon -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP] echo vs. print() performance?
Someone on this list once mentioned a performance difference between using echo and print(). Is there any evidence to back this up? I am really curious to see if it would make a difference to use one over the other. --Jon -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
