[PHP] PHP security bug and patch

2002-07-22 Thread Michal Dvoracek 

Hello,

when applying patch on version 4.2.1 then in phpinfo(); is still PHP
Version 4.2.1 but SERVER_SOFTWARE: Apache/1.3.26 (Unix) PHP/4.2.2
mod_ssl/2.8.9 OpenSSL/0.9.6d-beta1

Regards,
Michal Dvoracek  [EMAIL PROTECTED]
Capitol Internet Publisher, Korunovacni 6, 170 00 Prague 7, Czech Republic
tel.: ++420 2 3337 1117, fax:  ++420 2 3337 1112


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] array_push

2002-08-27 Thread Michal Dvoracek 

Hello,

why this array_push($x ? $a : $b, 'value'); produce error(Fatal error:
Only variables can be passed by reference)

http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] bug in sessions

2002-06-30 Thread Michal Dvoracek 

Hello,

i discovered bug in sessions:

when using unset($_SESSION[...]) insted session_unregister(...) and
before calling read _$SESSION[...] variable WILL NOT unset.

please try these examples and see result.

here is method how to produce this bug (you must have cookies enabled):
1. run script
2. reload page (you should see 2 $_SESSION arrays with the same value)
3. click on unset link
4. now you should see first array filled with test value and second
should be empty - that's OK - but variable test should be deleted from
session
5. reload page
6. here is BUG: i unset session variable test so i shouldn't exists,
but exists.
---

7. comment line marked #fatal

and go to repeat process from begining
on step 6. both arrays will be empty

cut here--
';

print_r($_SESSION);

if (isset($_GET['submit'])) {
$test = $_SESSION['test'];  # fatal
unset($_SESSION['test']);
} else {
$_SESSION['test'] = 'this is test';
}
echo 'unset';
print_r($_SESSION);
echo '';
?>
cut here--


replaceunset($_SESSION['test']); with
session_unregister('test'); and repeat process - here will be
everything OK.

http://www.php.net/manual/en/ref.session.php (see Example 3.)

Tested on PHP 4.2.1 (win, Debian).

Epilogue: using unset at $_SESSION array is NOT safe.

Regards,
Michal Dvoracek  [EMAIL PROTECTED]
Capitol Internet Publisher, Korunovacni 6, 170 00 Prague 7, Czech Republic
tel.: ++420 2 3337 1117, fax:  ++420 2 3337 1112


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re[2]: [PHP] Session variables

2002-07-08 Thread Michal Dvoracek 

> 
>  ?>>
> >
>  ?>>
>  } ?>>
>  ?>>
>     >
> 

better is (IMHO):
>
>

Regards,
Michal Dvoracek  [EMAIL PROTECTED]


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Character Array

2002-07-11 Thread Michal Dvoracek 

Hello,

IMHO string is array of characters

so is possible:
$str = 'string';
for ($i = 0; $ < count($str); $i++)
echo $str[$i];

Regards,
Michal Dvoracek  [EMAIL PROTECTED]
Capitol Internet Publisher, Korunovacni 6, 170 00 Prague 7, Czech Republic
tel.: ++420 2 3337 1117, fax:  ++420 2 3337 1112


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] bug or bad definition ?

2002-01-31 Thread Michal Dvoracek 

Hello,

can someone test this code and send me results ?

http://www.php.net/";);
exit();
}

?>
?>


XXX


" method="post">





i want to know if apache fails (returns no response) or if it passed.
And then try please again but with this line in function: //global
$_SESSION; # disable global

Thank you

Lampa



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

Re: [PHP] Passing Variable

2002-04-17 Thread Michal Dvoracek 

Hello,

store value in hidden field in form, like this:


when form is submitted field id contains required value.

or use cookie (but here is test if cookie enabled)


Regards
Michal Dvoracek  [EMAIL PROTECTED]


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Array question

2002-04-23 Thread Michal Dvoracek 

Hello,

i think that unset($a['color']); is the best way :)

Regards
Michal Dvoracek  [EMAIL PROTECTED]


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] compiling php 4.2 with apache 2.0.35

2002-04-23 Thread Michal Dvoracek 

Hello,

i have problem with %subj%.

It's possible to build php without apxs2 ?
Building php with apxs2 - apxs must be instaled before (e.g. apache
must be instaled first ?)

Regards,
Michal Dvoracek  [EMAIL PROTECTED]


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] php & apache 2

2002-04-24 Thread Michal Dvoracek 

Hello,

when will be possible to compile php as static module with apache 2?

Regards,
Michal Dvoracek  [EMAIL PROTECTED]


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] parsing mail files

2002-04-29 Thread Michal Dvoracek 

Hello,

try sourceforge.net or freshmeat.net.

There are very usefull programs.

Try search: mail mime

Regards
Michal Dvoracek  [EMAIL PROTECTED]


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] error_reporting()

2002-04-30 Thread Michal Dvoracek 

Hi,

error_reporting(E_ALL);


BTW: RTFM!
Regards
Michal Dvoracek  [EMAIL PROTECTED]


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] php & performance

2002-05-14 Thread Michal Dvoracek 

Hello,

what is better syntax (for perfomance option, not code-style)
e.g. html code out of php tags





text




or

';
while (...)
$table .= ''.$something.'text';
$table .= '';
?>

Thank you.

Regards,
Michal Dvoracek  [EMAIL PROTECTED]


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] IF Statements

2002-05-15 Thread Michal Dvoracek 

Hello,

try this version :)

if (($this->checkReferralCB($this->benefitRef, $this->benefitNo, $this->childDOB))  && 
(!$this->checkLocation($this->post, "W")) && (!empty($this->childDOB)) || 
($this->checkPregnancy($this->benefitRef, $this->benefitNo)))

Regards,
Michal Dvoracek  [EMAIL PROTECTED]


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] building php

2002-05-15 Thread Michal Dvoracek 

Hello,

i can't get php binary when installing php on my server.
my configure:
./configure --prefix=/usr/local \
--with-config-file-path=/usr/local/etc \
--with-openssl=/usr/local \
--with-zlib-dir=/usr/local \
--with-zlib=/usr/local \
--with-bz2=/usr/local \
--with-mysql=/usr/local \
--with-apache=../apache_1.3.24 \
--with-zip=/usr/local \
--enable-calendar \
--enable-sockets \
--with-mod_charset \
--without-pear


configure pass with no errors, make too
make install - module is installed, everything is ok but no php binary
is installed.

when i type make php i got:
/bin/sh /usr/local/src/php-4.2.0/libtool --silent --mode=link gcc -I. 
-I/usr/local/src/php-4.2.0/ -I/usr/local/src/php-4.2.0/main -I/usr/local/src/php-4.2.0 
-I/usr/local/src/apache_1.3.24/src/include -I/usr/local/src/apache_1.3.24/src/os/unix 
-I/usr/local/src/php-4.2.0/Zend -I/usr/local/include -I/usr/local/include/mysql 
-I/usr/local/src/php-4.2.0/ext/xml/expat  -I/usr/local/src/php-4.2.0/TSRM -g -O2   -o 
php -export-dynamicstub.lo libphp4.la
/usr/lib/crt1.o: In function `_start':
/usr/lib/crt1.o(.text+0x18): undefined reference to `main'
collect2: ld returned 1 exit status
make: *** [php] Error 1


Can you help me please ? (I urgent need php binary to execute some
scripts from crontab)

Thank you.

Regards,
Michal Dvoracek  [EMAIL PROTECTED]


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] php sessions

2002-06-02 Thread Michal Dvoracek 

Hello,

i'm using sessions in my application but i found something strange.

when creating new session:

define('S_USER', 0);
define('S_USER_ID', 0);
define('S_USER_NAME', 1);

session_start();
$_SESSION[S_USER][S_USER_ID] = 1;
$_SESSION[S_USER][S_USER_NAME] = 'Michal';

when redirect on next page - session is empty but when a change first define to:
define('S_USER', 'user');

everything works ok.

So in session isn't possible use numeric indexes ?

Regards,
Michal Dvoracek  [EMAIL PROTECTED]

Sorry if this question was here answered.


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] login library

2002-03-27 Thread Michal Dvoracek 

Hello,

i want to write some application that requires users login.

So i have question how i can check duplicity login (eg. browser crash,
login from one computer using two browsers, ...). I need some idea
(the best will be some example code :) ).

Thank you.

Michal Dvoracek  [EMAIL PROTECTED]


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] register_globals

2002-04-12 Thread Michal Dvoracek 

Hello,

in php 4.0.6 on the begin of the script include file called config.php.
In config file i have ini_set('register_globals', 'off');
i setup session via session_register('variable') and redirect to
another page, where i include the same config (config.php) and call
session_start(); but when i make print_r($HTTP_SESSION_VARS); array is
empty. When i disable line with ini_set in config file all is ok.

It's bug ?

I must using two versions of PHP 4.0.6 and 4.1.2. On 4.1.2 is
everything OK but on 4.0.6 not. So where is problem ? In myself or
between keyboard and chair (that's myself too :))

Regards
Michal Dvoracek  [EMAIL PROTECTED]


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php