[PHP] COM integration problems

2005-06-15 Thread Jonathan Kart 
Hi all,

I'm trying to interface with verisign's payflow pro on windows using
the COM workaround.

This code was originally taken from an example listed with the manual
as a workaound for the fact that the php pfpro functions are not
supported on windows.  It worked for some time until the server was
upgraded to windows 2003 server. Now, all calls to instantiate a COM
object return the boolean value 'true'

   $pfpro_client = new COM('PFProCOMControl.PFProCOMControl.1');

// this line outputs 'true'
   echo $pfpro_client;
   //Connect to Verisign via COM object...
// this line gives a "call to a member function on a non object" error
   $pfpro_context =
$pfpro_client->CreateContext($this->getURL(), 443,
24,"",0,"","");

I've tried other COM objects like "new
COM(InternetExplorer.Application)" and it also returns 'true'.  Other
tests of the pfpro install are sucessful (asp, pfpro.exe), so i
believe the payflow config is correct.  It just seems like the php com
integration is screwed up.

Any ideas?
thanks,
jon

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] PHP Build Tool / CVS management

2005-06-30 Thread Jonathan Kart 
Hey everyone, 

wondering if anyone has any suggestions for a build management tool
written in php to lay over a cvs repository.

We're really looking for something along the lines of anthill
-http://www.urbancode.com/projects/anthill/default.jsp  but more php
focused. Like an anthill-like tool using phing instead of ant.  dare i
say ... phinghill?

Oh and cheaper than anthill, if at all possible.

Anyone know if such a tool exists?  Or know of any good cvs/build
management tools for php?

thanks a bunch,
-jon

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: Re[6]: [PHP] Re: Security, Late Nights and Overall Paranoia

2005-07-11 Thread Jonathan Kart 
I've been loosely following this thread, and have a question now. 
Isn't one advantage of a bbcode type solution that you can more easily
avoid session hijacking vis cross site scripting?  If you allow html,
then you open the door for people to add eventhandlers.  I guess you
could always strip them, but it seems like for simple stuff bbcode
isn't a bad solution.

On 7/11/05, Richard Davey <[EMAIL PROTECTED]> wrote:
> Hello Greg,
> 
> Monday, July 11, 2005, 5:06:51 PM, you wrote:
> 
> GD> I wouldn't know,  isn't one of the tags I allow.
> 
> If you stick to the plain vanilla HTML tags such as i, b, u, etc then
> BBCode is pointless - I agreed on this with you several posts ago. I
> don't however use it just for that, I use it to let thousands of kids
> add a little sparkle to their messages/profiles with colours, images,
> etc -- without them having to have good CSS/HTML knowledge (most of them
> could handle a font tag, but that'd break my XHTML Trans). This is the
> point I argued all along to which I get "it's not really a security
> benefit" (no, it's a user benefit) and it's a "misuse of cpu cycles".
> 
> For people I hold in such high regard, I'm ashamed at the lot of you :)
> 
> GD> I don't bother with perfect tag validation, and I doubt the phpbb
> GD> bbcode people do either since they average about 2-3 exploits a
> GD> month on Bugtraq.
> 
> Not that I'd let an install of phpBB anywhere near a site I run, they
> didn't invent BBCode, and in all fairness to those guys the majority
> of their exploits are elsewhere.
> 
> GD> I allow a specific set of safe html tags and I provide a preview
> GD> function. Even after that, if the user goofs up I allow a specific
> GD> time span in which to edit the post to correct the goof.
> 
> Ditto. I just don't force them to use HTML.
> 
> Best regards,
> 
> Richard Davey
> --
>  http://www.launchcode.co.uk - PHP Development Services
>  "I do not fear computers. I fear the lack of them." - Isaac Asimov
> 
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
> 
>

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php