Re: [PHP] Questions about $_SERVER

[Tamara Temple]

Sorry, forgot to include the mailing list email when I replied to this  
originally...


On Aug 28, 2010, at 8:28 PM, tedd wrote:

Sorry for not making sense. But sometimes you have to confirm the  
players (both server and remote) in communications.


Try this -- place this script on your site:



You will note that:

[SERVER_NAME] => is the domain name of your site.

Also:

[SERVER_ADDR] => is the IP of your site. If you are on a shared  
host, then it will still be the IP of the main host.


Please note:

[REMOTE_ADDR] => is the IP of the remote server. It *will be* the IP  
of the remote main host regardless of if the requesting script is  
running on the remote main host OR is running under a remote shared  
host.


Here's an example:

My site http://webbytedd.com is running on a shared host.

The server address reported for this site is: 74.208.162.186

However, if I enter 74.208.162.186 into a browser, I do not arrive  
at webbytedd.com, but instead go to securelayer.com who is my host.


Now, if webbytedd.com was the requesting script, how could the  
original script know what domain name the request came from? As it  
is now, it can only know the main host ID, but not the domain name  
of the requesting script. Does that make my question any clearer?


So my questions basically is -- how can I discover the actual domain  
name of the remote script when it is running on a shared server?


I hope that makes better sense.

Cheers,

tedd



I really don't understand what you mean by "remote script" -- most  
requests are made by clients. REMOTE_ADDR is the IP address of the  
*client* - i.e. the requesting system. It may or may not be a script.  
And it may or may not have an accessible hostname.


Is this a situation where you are establishing a service that is to be  
called by other servers, i.e, some form of API? If not, and if it is a  
case of a browser client calling a PHP script on your server, most  
browser clients aren't running on very useful hostnames for the  
outside world anyway. E.g. the hostname of my mac is "paladin.local"  
but it obviously can't be called by the outside world by that name.  
Maybe tell us what you are trying to accomplish by knowing the  
hostname of the calling machine? Maybe there's another way.


Are you trying to set up two-way communication between the two  
servers?  Normally, communication is established without regard for  
the calling machine's hostname, because it's going through the  
connection established by the web server. PHP just returns info along  
that connection to the calling machine. It seems you would only need  
to know the requesting system's hostname if you were going to  
establish some other channel of communication with it, i.e., if your  
original script was somehow going to call back the calling machine,  
webbytedd.com to do some other kind of activity. If that *is* what  
you're doing, I can probably guarantee there's a better way to do it.


However, if what you're after is *authenticating* that the requester  
is who they say they are, there are ways to do that as well without  
knowing the requesting host's name (and better than knowing the  
requesting host's name, you can establish authenticity and access  
control for a particular script which is much better than just  
establishing blanket authority for a particular hostname).


However, I'm really reaching here with trying to understand what you  
want to accomplish by knowing the requesting machine's hostname.


So, please, explain what you are trying to do and maybe we can help  
with that.


Tamara


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Elegance is the goal... Sticky form submit help

[Tamara Temple]

Rather than repeating all that code, I suggest the following:


-- select type --
   $_POST['hidSubmit'] == TRUE && $_POST['type'] == "meeting") ?  
"selected" : '' ?>
   $_POST['hidSubmit'] == TRUE && $_POST['type'] == "event") ?  
"selected" : '' ?>




For a month selector, try:

   $months = array(1 => "January", "February", "March", "April",  
"May", "June", "July", "August", "September", "October", "November",  
"December"); // will create an array of month names, with a starting  
base of 1 (instead of zero)


  echo "\n";
  foreach ($months as $m => $mname) {
echo "$mname\n";
  }
  echo "\n";
?>

There are other possiblities as well. One time, I didn't want to  
actually store the month names, perhaps allowing them to be localized.  
Instead I used strftime, which will return appropriate names based on  
locale:


\n";
  for ($m = 1; $m <= 12; $m++) {
echo "";
$mname = strftime("%B", 0,0,0,2010, $m, 1); // time, year and day  
don't matter, all we're after is the appropriate month name set in the  
locale

echo $mname;
echo "\n";
  }
  echo "\n";
?>




On Sep 11, 2010, at 8:49 AM, Jason Pruim wrote:


Hey everyone!

Hope you are having a great weekend, and I'm hoping someone might be  
coherent enough to help me find a more elegant solution to a problem  
that I have...


I have a form for submitting an event to a website, and if the form  
is not submitted successfully (such as they didn't fill out a  
required field) I want it to redisplay the form with inline errors  
as to what happened and display the values they selected...


I have a working solution but was hoping for something a little more  
elegant. And something that would work better for a month selector  
as well... Here is the relevant code that I have that works:



   -- select type --
   Meeting
   Event
   
HTML;

elseif ($_POST['hidSubmit'] == TRUE & $_POST['type'] == "event"):
//if ($_POST['hidSubmit'] == TRUE & $_POST['type'] == "event") {

echo <<
   -- select type --
   Meeting
   Event
   
HTML;

else:
//if ($_POST['hidSubmit'] != TRUE):


echo <<
   -- select type --
   Meeting
   Event
   
HTML;
endif;

?>

which works BUT I don't want to have to have that for a month  
selector or a day selector :)


Any ideas what I'm missing?



--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php




--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Elegance is the goal... Sticky form submit help

[Tamara Temple]

The debate on client-side vs. server-side form validation is ongoing.  
Client-side is more responsive, and attempts to keep bad data from  
ever reaching your application, but relies on javascript being  
enabled. Since this is something easily turned off by users, one can't  
always rely on it to do form validation. So server-side validation is  
needed as well to allow your full application to gracefully degrade in  
the absence of working javascript on the client's side. Coding  
defensively helps!


On Sep 11, 2010, at 10:55 AM, tedd wrote:


At 9:49 AM -0400 9/11/10, Jason Pruim wrote:

Hey everyone!

Hope you are having a great weekend, and I'm hoping someone might  
be coherent enough to help me find a more elegant solution to a  
problem that I have...


I have a form for submitting an event to a website, and if the form  
is not submitted successfully (such as they didn't fill out a  
required field) I want it to redisplay the form with inline errors  
as to what happened and display the values they selected...


-snip-


Any ideas what I'm missing?


Jason:

I think what you are missing is that this data collection should be  
split between client-side and server-side operations.


For client-side simply use javascript to monitor what they user  
enters and then immediately respond to the requirements imposed upon  
the user.


After the user fills out the information correctly and clicks  
submit, then have your server-side scripts check the data again and  
respond accordingly.


Here are a couple of examples:

http://webbytedd.com/c/form-calc/

http://webbytedd.com/c/form-submit/


Cheers,

tedd

--
---
http://sperling.com/

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php




--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] How to handle a submitted form with no changes -- best practices sought

[Tamara Temple]

I have a general question and am looking for best practices.

Suppose I present a user with a form for editing an entry in a table,  
i.e., the form has filled in values from the existing table entry.


Now, suppose they click on 'submit' without making any changes in the  
form. (Perhaps, say, rather than clicking 'Cancel' or 'Return to Main'  
or some other option which would get them out of that screen without  
submitting the form).


Is it worth the overhead of passing along the previous values in the  
table in hidden fields so that fields can be checked to see if they've  
been updated or not after the submit? Or is it worth reloading the old  
values from the table to check against the newly submitted form? Or is  
all that overhead not worth the time because an update that overwrites  
existing values with the same values is not that onerous?


(Is that question clear enough?)

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Elegance is the goal... Sticky form submit help

[Tamara Temple]

On Sep 11, 2010, at 12:14 PM, Jason Pruim wrote:

On Sep 11, 2010, at 12:39 PM, Tamara Temple wrote:

Rather than repeating all that code, I suggest the following:

[snip]
That's actually what I'm trying to get away from. I was hoping to do  
it all in HEREDOC syntax. I've always thought it made it cleaner.   
But that is a personal opinion :)


Well, from a maintainability aspect, the way i showed makes more sense  
because if there are changes to be made (such as adding another  
option), you only have to make one change, not n changes.




--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: How to handle a submitted form with no changes -- best practices sought

[Tamara Temple]

On Sep 11, 2010, at 10:46 PM, Shawn McKenzie wrote:

It could however be a problem if there is a BOT or something that
continually submits to your page.  In that case (and in general) I  
would

recommend using a form token that helps guard against this.


I've seen this on some sites, but I'm unclear how to implement this.
How is this generally done?

Thanks,
Tamara


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] How to handle a submitted form with no changes -- best practices sought

[Tamara Temple]

On Sep 11, 2010, at 9:27 PM, viraj wrote:

On Sat, Sep 11, 2010 at 10:22 PM, Tamara Temple > wrote:

I have a general question and am looking for best practices.

Is it worth the overhead of passing along the previous values in  
the table

in hidden fields so that fields can be checked to see if they've been


without storing all the values in respective hidden fields, calculate
a 'checksum' on data and store in one hidden field. after the submit
and before you decide on the update, you can calculate the checksum of
submitted data, compare against the hidden field checksum and take the
decision.

if you maintain a session, storing checksum in session instead of
client side (hidden field in form) will be more safe/secure and will
help in improving the mechanism (persistent classes, serialized data
etc)


Ah, interesting idea, I hadn't thought of that as an option. Yes, it  
makes sense.
Also makes sense to store it in a session variable instead of on the  
form.


Thanks,
Tamara


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] 1984 (Big Brother)

[Tamara Temple]

Sounds like there are some security concerns here.

On Sep 12, 2010, at 11:32 AM, tedd wrote:
I have a client who wants his employees' access to their online  
business database restricted to only times when he is logged on.  
(Don't ask why)


I do wonder why, though. Perhaps this is an opportunity to educate  
someone about security and privacy and web applications? Does he feel  
that by being logged in, he can control every aspect of connection to  
the data base? Or even be aware of every access to the data base? What  
is he hoping to accomplish be being logged in? Does he propose to  
actively monitor the data base transactions in real time while he's at  
work? What is he hoping to avoid by requiring his logged in state  
before anyone else can access the data base? Just being logged in  
won't dissuade a cracker from attacking his data if they so choose,  
nor will it prevent a disgruntled employee from damaging the data  
while he's logged in if they have the expertise and means.


Also, what happens when he's sick or incapacitated some day and can't  
log in to the data base. Does he expect his business to continue  
without his presence or does it also shut down for the day?


This just seems like an excessive amount of paranoia that his solution  
won't provide an answer for. It seems like a poor business decision on  
his part.


In other words, when the boss is not logged on, then his employees  
cannot access the business database in any fashion whatsoever  
including checking to see if the boss is logged on, or not. No  
access whatsoever!


What about access to the web application while he's not logged in? Do  
they still have that? If someone is determined, they can still learn a  
lot.


Normally, I would just set up a field in the database and have that  
set to "yes" or "no" as to if the employees could access the  
database, or not. But in this case, the boss does not want even that  
type of access to the database permitted. Repeat -- No access  
whatsoever!


I was thinking of the boss' script writing to a file that  
accomplished the "yes" or "no" thing, but if the boss did not log  
off properly then the file would remain in the "yes" state allowing  
employees undesired access. That would not be acceptable.


So, what methods would you suggest?


What about access to a parallel data base that only contains  
information pertaining to access? i.e. separate out the application's  
authentication and access control from the main data base and put it  
in a parallel data base.


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] How to handle a submitted form with no changes -- best practices sought

[Tamara Temple]

On Sep 12, 2010, at 3:34 PM, Robert Cummings wrote:


On 10-09-11 12:52 PM, Tamara Temple wrote:

I have a general question and am looking for best practices.

Suppose I present a user with a form for editing an entry in a table,
i.e., the form has filled in values from the existing table entry.

Now, suppose they click on 'submit' without making any changes in the
form. (Perhaps, say, rather than clicking 'Cancel' or 'Return to  
Main'

or some other option which would get them out of that screen without
submitting the form).

Is it worth the overhead of passing along the previous values in the
table in hidden fields so that fields can be checked to see if  
they've
been updated or not after the submit? Or is it worth reloading the  
old
values from the table to check against the newly submitted form? Or  
is
all that overhead not worth the time because an update that  
overwrites

existing values with the same values is not that onerous?

(Is that question clear enough?)


I use database table to object mapping classes. The base class sets  
a dirty bit if a field actually changes. If an attempt is made to  
save the data and no dirty bits are set, then the save method  
returns true for a successful save, but no commit to database is  
made since nothing has changed. In this way I never think about the  
problem beyond the original implementation of the base class.


Ok, but how do you detect if a field changes? The specific  
implementation between application and data storage is probably moot  
until you figure that part out.


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] How to handle a submitted form with no changes -- best practices sought

[Tamara Temple]

On Sep 12, 2010, at 4:28 PM, Robert Cummings wrote:


On 10-09-12 05:19 PM, Michael Shadle wrote:
On Sun, Sep 12, 2010 at 2:12 PM, Tamara Temple>  wrote:
Ok, but how do you detect if a field changes? The specific  
implementation
between application and data storage is probably moot until you  
figure that

part out.


+1

without talking to the server, or accessing it in the DOM somewhere,
the client has no access to the data. is it done via ajax/javascript?
some action onchange/onkeypress/etc. and check it against a variable
that was set on pageload?


Sorry, I thought this was about committing to the database versus  
sending back to the web server. I must have misread the original  
requirement. If trying to trap before submitting the form to the  
webserver then JavaScript is necessary. You can't do this on upload  
fields though.


Actually, even the client-side aspect isn't good enough -- they could  
simply retype the same value in the field. Also, I'd like to not rely  
on JavaScript alone to indicate that there's been a change, since, as  
Ashley points out, someone could simply send up a form without  
bothering with JavaScript. I'm talking about checking whether the  
field has changed on the server-side of things, specifically.


So far, it seems the contenders are:

1) just update the record if there's not a big load on the server
2) use a checksum before populating the form for display and after  
receiving the post from the client, storing the initial checksum in a  
session variable
3) compare the submitted values against the values in the data base,  
since you can't trust what is coming from the client, although this  
does put an additional load on the server which might not be good if  
there's already a big load on the server





--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] 1984 (Big Brother)

[Tamara Temple]

On Sep 12, 2010, at 4:48 PM, tedd wrote:


At 4:05 PM -0500 9/12/10, Tamara Temple wrote:

Sounds like there are some security concerns here.

On Sep 12, 2010, at 11:32 AM, tedd wrote:
I have a client who wants his employees' access to their online  
business database restricted to only times when he is logged on.  
(Don't ask why)


I do wonder why, though. Perhaps this is an opportunity to educate  
someone about security and privacy and web applications? Does he  
feel that by being logged in, he can control every aspect of  
connection to the data base? Or even be aware of every access to  
the data base? What is he hoping to accomplish be being logged in?  
Does he propose to actively monitor the data base transactions in  
real time while he's at work? What is he hoping to avoid by  
requiring his logged in state before anyone else can access the  
data base? Just being logged in won't dissuade a cracker from  
attacking his data if they so choose, nor will it prevent a  
disgruntled employee from damaging the data while he's logged in if  
they have the expertise and means.


Tamara:

I said "Don't ask why"


Wondering isn't asking. I don't personally care why. It's not my  
client, not my business, not my problem.


You see, people often have strange notions about "their" business or  
unusual ideas about how to do things, That goes with consulting.  
While many may find that odd, but some of the most revolutionary  
ideas come from such unusual thinking.


I've been in business and technology consulting for years and years,  
and very successful at getting customer's desired outcomes. I don't  
think their notions "strange" or "unusual" -- just that without  
further elicitation, one cannot understand what they are truly  
desiring, and to find out what they don't want as an outcome of their  
up-front stated goals.


I don't pass judgement. I simply advise (based upon my limited  
understanding of things) and let the client make the calls. After  
all, he's the one paying the bills and he has answers for the  
remainder of your questions.


It's not a question of passing judgement on someone's ideas. It's a  
question of finding the best solution for the customer's actual needs  
and desires. It's almost always the case that further exploration of  
the customer's concerns behind their thoughts has proven to give them  
a much more robust and useful solution and gets them what they are  
really after. Most people aren't aware of the assumptions and  
conclusions they have. Eliciting more information can lead to better  
solutions for all. Blind faith in the customer's stated requirements  
can lead one to a disastrous conclusion. It's been said all over the  
net that customers don't really know what they want until they see it.  
Further, that they don't know what they don't want until it happens to  
them. I believe in delivering the most value to the customer for their  
money, and that means understanding their needs as best as possible,  
and that is done by exploring their business models, assumptions, and  
needs.




--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Could this be a bug?

[Tamara Temple]

This isn't to answer your question, but...

On Sep 13, 2010, at 5:16 PM, Camilo Sperberg wrote:
function my_error_handler($errno = '0', $errstr = '[FATAL] General  
Error',

$errfile = 'N/A', $errline = 'N/A', $errctx = '') {
 global $clean_exit;
 if(empty($clean_exit)) {
   ini_set('memory_limit','16M');
   ob_start();
   echo 'PHP v'.PHP_VERSION.', error N° '.$errno.'';
?>-- BEGIN COPY --Error N°:'.$errno.'';
?>Error Detail:'.$errstr.'File:'.$errfile.'Line:'.$errline.'Debug:';
   if (isset($errctx['r']['print'])) echo 'THIS LINE GIVES THE  
ERROR,

WHAT SHOULD IT RETURN?';
?>-- END COPY --

Why do you put  inside an echo statement in php space?


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] What other languages do you use?

[Tamara Temple]

On Oct 8, 2010, at 12:30 PM, Nathan Rixham wrote:

As per the subject, not what other languages have you used, but what  
other languages do you currently use?




Perl, Ruby, Javascript, Sh, C. Planning on picking up Python.


I guess it may also be interesting to know if:

(1) there's any particular reason for you using a different language  
(other than work/day-job/client requires it)




Usually just choose the language that best fits the application at  
hand. No real magic to it.



(2) about to jump in to another language



I mentioned Python above, not as a replacement for any of the other  
languages, but just because I want to know it.



--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: strtotime

[Tamara Temple]

On Oct 17, 2010, at 12:58 AM, John Taylor-Johnston wrote:


According to this, I'm 44 not 45 :)p

$birthday = '1965-08-30';

//calculate years of age (input string: -MM-DD)

function birthday ($birthday){
  list($year,$month,$day) = explode("-",$birthday);
  $year_diff  = date("Y") - $year;
  $month_diff = date("m") - $month;
  $day_diff   = date("d") - $day;
  if ($day_diff < 0 || $month_diff < 0)


This will trigger anytime the current day of the month is less than 30.


$year_diff--;
  return $year_diff;
}

echo birthday ($birthday);




--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: strtotime

[Tamara Temple]

On Oct 17, 2010, at 2:34 PM, John Taylor-Johnston wrote:

Here is another nifty piece of code I found. How does this work?  
What is 31556926?


Number of second in a year? (31556926 / (24 * 60 * 60) yields  
365.2421...)



--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Questions from a Newbie

[Tamara Temple]

On Oct 17, 2010, at 1:22 PM, Ethan Rosenberg wrote:

At 01:41 AM 10/17/2010, Tommy Pham wrote:
> I cannot get the following to work.  In my Firefox [Iceweasel]  
browser, I

> enter the following URL: [w/ the http]


Whenever you get a blank screen running a php application, the place  
to look is the http server's error_log. This is frequently found in / 
var/log/httpd/error_log or /var/log/apache2/error_log. (If your system  
is hosted someplace else, it could very easily be in a different  
place). Typically you need root permission to read this file. Tail the  
file after you run your PHP script to see the most recent errors.



> The code  contained in the file CreateNew.php is:
>
> /*
>   *  Create Database test22
>   */
>   
>  $cxn = mysqli_connect("$host",$user,$password);


Better to use the OO approach:

$cxn = new mysqli($host, $user, $password);


> echo"Create database test22;"


Instead of echo statements (which would just echo the contents to the  
output, i.e., your browser, you want to assign them to a variable,  
such as:


   $sql = "create database test22; use test22";

Then you need to execute the sql statement:

$res = $cxn->query($sql);
if (!$res) {
die("Could not create database test22: " . $cxn->error());
}


> echo"Create table Names2


$sql = "create table Names2


> (
>  RecordNum Int(11) Primary Key Not null default=1
auto_increment,
>  FirstName varchar(10),
>  LastName varchar(10),
>  Height  decimal(4,1),
>  Weight0 decimal(4,1),
>  BMI decimal(3,1)
>  Date0 date
> );"


  ; // to close off the php statement
$res = $cxn->query($sql);
if (!$res) {
die("Could not create table Names2: " . $cxn->error());
}


>
> echo"   Create table Visit2


$sql = "create table Visit2


> (
>  Indx Int(7) Primary Key Not null auto_increment,
>  Weight decimal(4,1) not null,
>  StudyDate date not null,
>  RecordNum Int(11)
> );"


; // again, to close off the php statement
$res = $cxn->query($sql);
if (!$res) {
die("Could not create table Visit2: " . $cxn->error());
}


>
>  $sql= "SHOW DATABASES";


This doesn't work in a programmatic setting.

Terminate the database connection:

$cxn->close();


> ?>
> 



> I would also like to be able to add data to a table, using PHP,  
which I

can do
> in MySQL as:
> load data infile '/home/ethan/Databases/tester21.dat.' replace  
into table
> Names fields escaped by '\\' terminated by '\t'  lines terminated  
by '\n'

;



That's a specific feature of the mysql program. You'd have to write  
something in php to be able to parse the file and insert the data.  
There are examples all over the net. Then you would need to set up sql  
insert or replace statements to actually get the data into the data  
base using mysqli::query. There are numerous examples of this as well.


Here's one example:

	$contents = file($filename); // returns the contents of the file into  
an array, one line of file per array


	$columns = explode("\t", $contents[0]); // get the column names from  
the first line of the file


$sql = "insert into $table set ";
for ($i=1; $i			$insertdata[] = "$column='" . $cxn->real_escape_string($data[$j+ 
+]) . "'"; // this assumes the column names in the tsv file match the  
column names in your data base table exactly. It also assumes that all  
your data are strings, not numerics.

}
$sql .= implode(",",$insertdata);
$res = $cxn->query($sql);
if (!res) die ("Error inserting data: " . $cxn->error());
}
?>
Imported data

Data just imported:



	$res = $cxn->query("select * from $table limit 1"); // get one row  
from table for generating column names

if (!res) die ("Query failed for table $table: " . $cxn->error());
$row = $res->fetch_assoc();
foreach ($row as $column => $value) {
echo "" . $column . "";
}
?>



query("select * from $table");
if (!res) die ("Query failed for table $table: " . $cxn->error());
while ($row = $res->fetch_assoc()) {
echo "";
foreach ($row as $column => $value) {
echo "" . $value . "";
}
echo "\n";
}
?>








As I stated, I am a newbie.

1] I am trying to shorten the learning curve by asking some  
questions, which I understand are probably trivial.  A whole MySQLi  
list of functions at this point is to much for me.  I have to break  
the problem into manageable parts.


Important, most used mysqli functions:

Creating the database connection: $cxn = new mysqli( host, user,  
password, database );  (mysqli::__construct function)


Submitting queries: $result = $cxn->query( sql ); (my

Re: [PHP] Questions from a Newbie

[Tamara Temple]

gah, i botched that up.

For the first part, you want the following:

$cxn = new mysql($host, $user, $password);
$res = $cxn->query("create database test22:);
if (!$res) {
die("Failed to create database test22: " . $cxn->error());
}

Then, reopen the connection with the new data base:

$cxn = new mysql($host, $user, $password, "test22");

Then the following code will work.


Tamara Temple
-- aka tamouse__
tam...@tamaratemple.com


"May you never see a stranger's face in the mirror."

On Oct 17, 2010, at 4:26 PM, Tamara Temple wrote:



On Oct 17, 2010, at 1:22 PM, Ethan Rosenberg wrote:

At 01:41 AM 10/17/2010, Tommy Pham wrote:
> I cannot get the following to work.  In my Firefox [Iceweasel]  
browser, I

> enter the following URL: [w/ the http]


Whenever you get a blank screen running a php application, the place  
to look is the http server's error_log. This is frequently found in / 
var/log/httpd/error_log or /var/log/apache2/error_log. (If your  
system is hosted someplace else, it could very easily be in a  
different place). Typically you need root permission to read this  
file. Tail the file after you run your PHP script to see the most  
recent errors.



> The code  contained in the file CreateNew.php is:
>
> /*
>   *  Create Database test22
>   */
>   
>  $cxn = mysqli_connect("$host",$user,$password);


Better to use the OO approach:

$cxn = new mysqli($host, $user, $password);


> echo"Create database test22;"


Instead of echo statements (which would just echo the contents to  
the output, i.e., your browser, you want to assign them to a  
variable, such as:


   $sql = "create database test22; use test22";

Then you need to execute the sql statement:

$res = $cxn->query($sql);
if (!$res) {
die("Could not create database test22: " . $cxn->error());
}


> echo"Create table Names2


$sql = "create table Names2


> (
>  RecordNum Int(11) Primary Key Not null default=1
auto_increment,
>  FirstName varchar(10),
>  LastName varchar(10),
>  Height  decimal(4,1),
>  Weight0 decimal(4,1),
>  BMI decimal(3,1)
>  Date0 date
> );"


  ; // to close off the php statement
$res = $cxn->query($sql);
if (!$res) {
die("Could not create table Names2: " . $cxn->error());
}


>
> echo"   Create table Visit2


$sql = "create table Visit2


> (
>  Indx Int(7) Primary Key Not null auto_increment,
>  Weight decimal(4,1) not null,
>  StudyDate date not null,
>  RecordNum Int(11)
> );"


; // again, to close off the php statement
$res = $cxn->query($sql);
if (!$res) {
die("Could not create table Visit2: " . $cxn->error());
}


>
>  $sql= "SHOW DATABASES";


This doesn't work in a programmatic setting.

Terminate the database connection:

$cxn->close();


> ?>
> 



> I would also like to be able to add data to a table, using PHP,  
which I

can do
> in MySQL as:
> load data infile '/home/ethan/Databases/tester21.dat.' replace  
into table
> Names fields escaped by '\\' terminated by '\t'  lines  
terminated by '\n'

;



That's a specific feature of the mysql program. You'd have to write  
something in php to be able to parse the file and insert the data.  
There are examples all over the net. Then you would need to set up  
sql insert or replace statements to actually get the data into the  
data base using mysqli::query. There are numerous examples of this  
as well.


Here's one example:

	$contents = file($filename); // returns the contents of the file  
into an array, one line of file per array


	$columns = explode("\t", $contents[0]); // get the column names  
from the first line of the file


$sql = "insert into $table set ";
for ($i=1; $i			$insertdata[] = "$column='" . $cxn->real_escape_string($data[$j+ 
+]) . "'"; // this assumes the column names in the tsv file match  
the column names in your data base table exactly. It also assumes  
that all your data are strings, not numerics.

}
$sql .= implode(",",$insertdata);
$res = $cxn->query($sql);
if (!res) die ("Error inserting data: " . $cxn->error());
}
?>
Imported data

Data just imported:



	$res = $cxn->query("select * from $table limit 1"); // get one row  
from table for generating column names

 

Re: [PHP] Re: strtotime

[Tamara Temple]

On Oct 17, 2010, at 9:57 PM, Tommy Pham wrote:


-Original Message-
From: Tamara Temple [mailto:tamouse.li...@gmail.com]
On Oct 17, 2010, at 2:34 PM, John Taylor-Johnston wrote:


Here is another nifty piece of code I found. How does this work?
What is 31556926?


Number of second in a year? (31556926 / (24 * 60 * 60) yields
365.2421...)



Your forgot to divide 365.25 days per year ;)

well, no i didn't forget, merely pointing out that it equals days in a  
year.



--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Is there a way to write to the php error log from a php script?

[Tamara Temple]

I'm trying to log some data for debugging and don't have use of the  
standard output to do so. I'd like to write the info to the php error  
log. Can this be done from within PHP? I've searched the web site for  
logging functions, but cannot find any.



--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Is there a way to write to the php error log from a php script?

[Tamara Temple]

On Oct 22, 2010, at 7:31 PM, Daniel P. Brown wrote:

On Fri, Oct 22, 2010 at 20:24, Tamara Temple  
 wrote:
I'm trying to log some data for debugging and don't have use of the  
standard
output to do so. I'd like to write the info to the php error log.  
Can this
be done from within PHP? I've searched the web site for logging  
functions,

but cannot find any.


   Sure.  You can use trigger_error() and error_log() for that.


Ah, yes, error_log() is precisely what I'm looking for. Seaching for  
"log" gave me the log function, searching for "logging" gave me a  
bunch of references I couldn't follow (for some reason the feeds want  
to open in my Mail.app client and create RSS feeds -- less than useful).




--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Watermark with GD

[Tamara Temple]

On Oct 29, 2010, at 2:44 PM, Gary wrote:

"Adam Richardson"  wrote in message
news:aanlkti=kenxt7yewrztcm4+hyifrlqhozxse7ufmq...@mail.gmail.com...
On Fri, Oct 29, 2010 at 3:05 PM, Gary  wrote:
I am trying to get the watermark to work, however I am having a  
problem in

that the image is being called from a database (image sits in images
file).

The script in question is this

$image = imagecreatefromjpeg($_GET['src']);

However it produces an error message of

Warning: imagecreatefromjpeg() [function.imagecreatefromjpeg]:  
Filename
cannot be empty in /home/content/a/l/i/alinde52/html/ 
imagesDetail.php on

line 233



First things first.  It looks like there's nothing in $_GET['src'].
From where are you getting the value 'src'?

Adam

**
Adam

Thanks for your reply, that is my question, what is to replace  
['src'] if I

am calling the image from a database.

Gary


I'd really need to know more about this application to help. If you  
are calling the image from a database (does this mean you have the  
image's file spec saved in the database, or you actually storing the  
image data in the database?), you need to use a query to do that. Is  
the imagesDetail.php script being called by something else that  
already queried the database and put the file spec in the src query  
string argument? Before you dump the query string argument directly  
into the imagecreatefromjpeg() funciton, you should verify that it  
exists:


if (isset($_GET['src'[) && (!empty($_GET['src'[) {
$src = $_GET['src'];
if (fileexists($src)) {
 $image = imageceatefromjpeg($src);
if ($image === FALSE) {
# process error from imagecreatefromjpeg
}
} else {
 # process missing image
}
} else {
 # process missing query string parameter
}

This is all prediated on the idea that something is calling your  
imageDetail.php script with the source path for the image in question.  
If that is not the case, and you need to in fact query the database  
for the source path of the image, then you need to do a database query.


Not knowing anything about how your database is set up, I'll take a  
stab at a generic method of doing it.


Somehow, imageDetail.php needs to know what image to get. Let's assume  
you are calling it from a gallery that has several images displayed.  
Part of the information needed is some what to identify the image's  
record in the database. Let's assume you have images stored with an  
id, that is not null and autoincrements when you store a new image.  
Here's a sample schema:


CREATE TABLE `photos` (
`id`INT AUTO_INCREMENT NOT NULL,
`src`   VARCHAR(255) NOT NULL,
`created`   TIMESTAMP NOT NULL DEFAULT 0,
`updated`   TIMESTAMP NOT NULL DEFAULT 0 ON UPDATE CURRENT_TIMESTAMP
PRIMARY KEY (`id`)
);

Of course, you would probably want to store a lot more info about an  
image, but this will do for explanation.


Let's say you have a gallery shown at your application's index.php  
program. In the html it generates, you may have something like this  
for any particular thumbnail:





This is making some assumptions:
  * you have image thumbnails for each image stored in the  
subdirectory thumbs/
  * you've figured out somehow that the id for thumbs/imageABC.jpg is  
25


When the user clicks on the image, they get taken to your  
imageDetail.php script, with the query string paramter id set to 25.


In PHP you would then do:

if (isset($_GET['id'] && (!empty($_GET['id'] &&  
is_numeric($_GET['id']) {

$id = $_GET['id'];
$sql = "SELECT * FROM `photos` WHERE id=".$id." LIMIT 1";
$result = mysql_query($sql,$db);
if ($result) {
$imagedata = mysql_fetch_array($result,MYSQL_ASSOC);
$src = $imagedata['src'];
if (isset($src) && !empty($src) && fileexists($src)) {
$image = imagecreatefromjpeg($src);

# do stuff with image

} else {

# handle invalid src data

}
} else {

# handle error from query

}
} else {

# handle invalid id paramter on script

}


Note: some people like to handle error conditions before moving on to  
working with the successful state. It's a matter of style. Either works.


Hope this helps.

Tamara
 


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Watermark with GD

[Tamara Temple]

On Oct 30, 2010, at 9:31 AM, Gary wrote:



"tedd"  wrote in message
news:p06240800c8f1d19b9...@[192.168.1.2]...

At 3:05 PM -0400 10/29/10, Gary wrote:
I am trying to get the watermark to work, however I am having a  
problem in

that the image is being called from a database (image sits in images
file).

The script in question is this

$image = imagecreatefromjpeg($_GET['src']);

However it produces an error message of

Warning: imagecreatefromjpeg() [function.imagecreatefromjpeg]:  
Filename
cannot be empty in /home/content/a/l/i/alinde52/html/ 
imagesDetail.php on

line 233

I have tried various methods, for example: ($_GET ['images/'] or  
($_GET

['images/$row_WADAimages["image_id"]].

Can anyone shed some light on this for me.

Thank you

Gary


Gary:

Several things.

1. Getting an image from a database? You mean that you are getting  
the

path of the image in the file system, right?

Side note: You could place the image inside the database using a  
BLOB and

do away with the path all together. That has the benefit of being
portable -- you simply move the database to where ever you want it.  
The
downside is that the database becomes very large, but no more so  
that the

file system. There are pro's and con's in storing actual images in a
database.

2. Using a GET is not the way to get the path. Instead, you have to
retrieve the path from the database table where the path is stored --
and that requires a MySQL query similar to "SELECT * FROM  
 WHERE
id=". There are lot's of examples of how to pull data  
from a

database.

3. After getting the path, then you can create the watermark like so:

http://webbytedd.com/b/watermark/

Hope this helps,

tedd

--
---
http://sperling.com/



tedd

Thank you for your reply.

I was under the impression that the image is stored in a folder called
images, in fact the images file do go in, however I have the DB set  
up for
longblob, averaging about 20kb each, so now I am unsure.  I exported  
the sql

so perhaps you can tell me.

Table structure for table `images`
--

CREATE TABLE IF NOT EXISTS `images` (
 `image_id` int(10) unsigned NOT NULL AUTO_INCREMENT,
 `caption` varchar(50) NOT NULL,
 `wheretaken` varchar(100) NOT NULL,
 `description` text NOT NULL,
 `file_name` varchar(25) NOT NULL,
 `image_file` longblob NOT NULL,
 `submitted` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,
 PRIMARY KEY (`image_id`)
) ENGINE=InnoDB  DEFAULT CHARSET=latin1 AUTO_INCREMENT=1447 ;

When I call the images, which works fine, I do need to specify the  
path that

leads to the images folder. Am I being redundant in this structure.

This is the script that I use to call the images. I have pulled out  
some of

the html that styles the data.

 0) { // Show if recordset not  
empty ?>

 
 src="images/" "


   

Thank you for your help.

Gary


is this the imageDetail.php script?

From what it appears in the code, `image_file` is holding the file  
name rather than the actual image. Yet you have `image_file` defined  
as a longblob, which would make sense if you were storing the actual  
image data in the data base rather than on the file system. As Ashley  
noted, you can do it either way. I notice you also have a field  
`file_name` -- what is this used for? It sounds like your design is a  
bit off -- neither one way or the other. The php shown doesn't look  
complete enough, though -- where is the img tag and such? Also, going  
in and out of php on each line is kind of a waste and looks sloppy. If  
i read that code right, it would emit something like this:



caption text
src="images/pathtoimagefile" description text

where taken text
description text

Look at the html that's emitted from the script and see if that's what  
you get.


Can you post or pastebin more of the .php script so I can see more of  
what is going on?




--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Watermark with GD

[Tamara Temple]

On Oct 31, 2010, at 7:29 AM, Gary wrote:

Thanks for the reply, here is a link to the code of the page.

http://www.paulgdesigns.com/detailcode.php



Ok, that was pretty messy code. But what I could glean from it is  
this. (See your code at http://pastie.org/1262989).


Line 238: width="auto">class="WADADetailsMainImage" style="border:#FF 6px solid"  
src="images/" alt="echo $row_WADAimages["description"]; ?>" />width="25%"> This photo was taken in $row_WADAimages["where_taken"]; ?>


You've got an img tag there, indicating the src of:

images/

Is this the image file you want to watermark?

The code there has me confused. Is this all one script? Or is it  
multiple scripts?


If it's all one script, it won't work the way you intend. The script  
emits data before it gets to the point where you have set up to  
watermark the image. Thus, the point where you call header to change  
the Content-type won't work. Then there is more data emitted after the  
image.


Am I reading this correctly? Is it all one big script?

If it is, what you really need to do, is at the point where you want  
the watermarked image to appear, is put out some HTML like so:


" .. other stuff ..>


Then put that code you've got in lines 247-272 in the script  
watermark.php and it should work as is.




--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Fwd: Mail delivery failed: returning message to sender

[Tamara Temple]

Is this something I need to worry about?? Is my mail sending some  
malware??


Begin forwarded message:


From: Mail Delivery Subsystem 
Date: October 31, 2010 7:37:54 PM CDT
To: Tamara Temple 
Subject: Mail delivery failed: returning message to sender

This message was created automatically by mail delivery software.

A message sent by

 

could not be delivered to all of its recipients.
The following address(es) failed:

 

The following text was generated during the delivery attempt(s):


   (reason: 550 This message contains malware  
(winnow.malware.wa.webinjection.1450.UNOFFICIAL))


-- This is a copy of the message, including all the headers.

Received: from [192.168.1.110] (helo=mailin01.ims-firmen.de)
by mail01.ims-firmen.de with esmtp (Exim 4.69)
	(envelope-from >)

id 1PCiPJ-0001i7-R8
for sascha.br...@immosky.ch; Mon, 01 Nov 2010 01:37:53 +0100
Received: from pb1.pair.com ([76.75.200.58] helo=lists.php.net)
by mailin01.ims-firmen.de with esmtp (Exim 4.72)
	(envelope-from >)

id 1PCiPs-00047o-Sb
for sascha.br...@immosky.ch; Mon, 01 Nov 2010 01:38:29 +0100
Authentication-Results: pb1.pair.com header.from=tamouse.li...@gmail.com 
; domainkeys=bad

DomainKey-Status: bad
X-DomainKeys: Ecelerity dk_validate implementing draft-delany- 
domainkeys-base-01

X-Host-Fingerprint: 76.75.200.58 pb1.pair.com
Received: from [76.75.200.58] ([76.75.200.58:2084] helo=lists.php.net)
by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id EF/73-24094-FDB0ECC4 for ; Sun, 31 Oct  
2010 19:37:51 -0500

Received: (qmail 51732 invoked by uid 1010); 1 Nov 2010 00:37:02 -
Mailing-List: contact php-general-h...@lists.php.net; run by ezmlm
Precedence: bulk
list-help: <mailto:php-general-h...@lists.php.net>
list-unsubscribe: <mailto:php-general-unsubscr...@lists.php.net>
list-post: <mailto:php-general@lists.php.net>
List-Id: php-general.lists.php.net
Delivered-To: mailing list php-general@lists.php.net
Received: (qmail 51725 invoked from network); 1 Nov 2010 00:37:02  
-
Authentication-Results: pb1.pair.com header.from=tamouse.li...@gmail.com 
; sender-id=pass; domainkeys=bad
Authentication-Results: pb1.pair.com  
smtp.mail=tamouse.li...@gmail.com; spf=pass; sender-id=pass
Received-SPF: pass (pb1.pair.com: domain gmail.com designates  
209.85.214.170 as permitted sender)
X-DomainKeys: Ecelerity dk_validate implementing draft-delany- 
domainkeys-base-01

X-PHP-List-Original-Sender: tamouse.li...@gmail.com
X-Host-Fingerprint: 209.85.214.170 mail-iw0-f170.google.com
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
   d=gmail.com; s=gamma;
   h=domainkey-signature:received:received:message-id:from:to
:in-reply-to:content-type:content-transfer-encoding:mime- 
version

:subject:x-priority:date:references:x-mailer;
   bh=1SBvdJiJMqFW3oAPgBXlRPveD1uwTXHSzA8U6+E93g0=;

b=XHIyqG6ZzyCKVSLzyPdNuLXtAIWM1ny0zKFupfTsZgMElSrlCA1aJ9FpDUGvgHMQof
0ygppTTq2fo3499HwTzbRYXQSJ4Z2NiEZfYHmwwoTmuenC9XjYbPk+ZUE3p 
+6S4Okbsm

sSzu18qFOWAGGhJ8dG8LfcDSfhKhRj3R57Yh4=
DomainKey-Signature: a=rsa-sha1; c=nofws;
   d=gmail.com; s=gamma;
   h=message-id:from:to:in-reply-to:content-type
:content-transfer-encoding:mime-version:subject:x- 
priority:date

:references:x-mailer;
   b=CnWjshGm9zyFaRv0eUKJml94xT5U1Lb 
+kEBb503a7VlYtSAWaZm4nK38otH7iJ+Bit
wr77nJ0SSxoXmaQ/ljQ16IoSGhhXJ9Ew6lOaBE7ntbjibfYnnz7Yzi+sfGt 
+8STXjHZx

LP7Z8lk+uMvIH4gNDGw6CcqWawTHJ3Ll7PX7o=
Message-Id: <30708a14-2818-4b28-87f9-11db56c40...@gmail.com>
From: Tamara Temple 
To: PHP General 
In-Reply-To: 
Content-Type: text/plain; charset=US-ASCII; format=flowed; delsp=yes
Content-Transfer-Encoding: 7bit
Mime-Version: 1.0 (Apple Message framework v936)
X-Priority: 3
Date: Sun, 31 Oct 2010 19:36:53 -0500
References: <15.34.06635.e1b1b...@pb1.pair.com>  
 > <94df613c-6b40-4897-b101-21cf7d83a...@gmail.com> >

X-Mailer: Apple Mail (2.936)
Subject: Re: [PHP] Watermark with GD
X-Envelope-To: sascha.br...@immosky.ch
X-Envelope-From: php-general-return-309188-sascha.braun=immosky...@lists.php.net
X-IMS-IP: 76.75.200.58
X-AV-scan: yes


On Oct 31, 2010, at 7:29 AM, Gary wrote:

Thanks for the reply, here is a link to the code of the page.

http://www.paulgdesigns.com/detailcode.php



Ok, that was pretty messy code. But what I could glean from it is
this. (See your code at http://pastie.org/1262989).

Line 238: " alt="" /> This photo was taken in 

You've got an img tag there, indicating the src of:

images/

Is this the image file you want to watermark?

The code there has me confused. Is this all one script? Or is it
multiple scripts?

If it's all one script, it won't work the way you intend. The script
emits data before it gets to the point where you have set up to
watermark the image. Thus, the point where you call header to change
the Conten

Re: [PHP] updating sub-request parameters

[Tamara Temple]

On Nov 1, 2010, at 9:21 AM, Daniela Floroiu wrote:


hi,

I need to make an apache sub-request like:

   virtual('.../script.php?param1=val1¶m2=val2...');

where the parameters are different from the parameters of the original
request.
I tried to set param1 and param2 in $_GET, $_REQUEST,
$_SERVER['QUERY_STRING'] but without success: what script.php  
receives are
nothing less and nothing more than the original parameters with the  
original

values.

any ideea how one could touch the parameters being passed to a sub- 
request?


cheers,
--df


I can see no way of passing parameters to a file called by virtual().  
If you really need to do this, consider using include/require. If it  
indeed needs to be a separate server call, consider doing something  
with file_get_contents() or curl.




--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Fwd: Mail delivery failed: returning message to sender

[Tamara Temple]

On Nov 1, 2010, at 3:29 AM, Ben Brentlinger wrote:

it could be that the person whom you tried email has reached the  
quota on their inbox.  It's also possible that the person you tried  
emailing gave you a fake email address and it's also possible that  
your domain might be hosted on a cheap hosting account with a  
company that has been known for other people using their service to  
host websites that have a bulk mailing script meant for sending  
spam.  The possibility to what could be going on are endless, but  
out of all the possibilities I can think of, I can't imagine a  
spammer hijacking your site to send malware from it being one of the  
more likely possibilities especially if you have a hosting account  
with cpanel, which is harder to gain unauthorized access to a cpanel  
hosting account than it is to gain access to a web server's FTP,  
especially if you allow public FTP uploads to the site, that can be  
a breading ground for hackers to upload a password sniffing script  
onto your site via FTP that would track back to their server, which  
would allow them to hack into your website.  Cheap, no name  
webhosting companies are more likely breading grounds for those  
kinds of shady charachters.  If you have an account with one of  
those no name companies, I'd recommend changing webhosts  
immediately, otherwise, you should be ok.  If you do, though, and  
you're not sure who to switch to, I'd recommend hostgator <http://secure.hostgator.com/%7Eaffiliat/cgi-bin/affiliates/clickthru.cgi?id=BenBrent 
>.


They're not as big as 1&1 or Godaddy, but there one of the biggest  
webhosting companies that use cpanel.  I wouldn't recommend any  
webhosting company that doesn't use cpanel because anything else is  
either harder to use, not as secure or both.




I don't think you understand. I got that bounce back from a response I  
sent to this list from one of my gmail accounts. My message did not  
originate from my personal domain.


See here:

From: Tamara Temple
To: PHP General





On 11/1/2010 3:56, Ashley Sheridan wrote:

On Sun, 2010-10-31 at 20:06 -0500, Tamara Temple wrote:


Is this something I need to worry about?? Is my mail sending some
malware??

Begin forwarded message:


From: Mail Delivery Subsystem
Date: October 31, 2010 7:37:54 PM CDT
To: Tamara Temple
Subject: Mail delivery failed: returning message to sender

This message was created automatically by mail delivery software.

A message sent by

 

could not be delivered to all of its recipients.
The following address(es) failed:

 

The following text was generated during the delivery attempt(s):


   (reason: 550 This message contains malware
(winnow.malware.wa.webinjection.1450.UNOFFICIAL))

-- This is a copy of the message, including all the headers.

Received: from [192.168.1.110] (helo=mailin01.ims-firmen.de)
by mail01.ims-firmen.de with esmtp (Exim 4.69)

(envelope-from
)

id 1PCiPJ-0001i7-R8
for sascha.br...@immosky.ch; Mon, 01 Nov 2010 01:37:53 +0100
Received: from pb1.pair.com ([76.75.200.58] helo=lists.php.net)
by mailin01.ims-firmen.de with esmtp (Exim 4.72)

(envelope-from
)

id 1PCiPs-00047o-Sb
for sascha.br...@immosky.ch; Mon, 01 Nov 2010 01:38:29 +0100
Authentication-Results: pb1.pair.com header.from=tamouse.li...@gmail.com
; domainkeys=bad
DomainKey-Status: bad
X-DomainKeys: Ecelerity dk_validate implementing draft-delany-
domainkeys-base-01
X-Host-Fingerprint: 76.75.200.58 pb1.pair.com
Received: from [76.75.200.58] ([76.75.200.58:2084]  
helo=lists.php.net)

by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
id EF/73-24094-FDB0ECC4 for; Sun, 31 Oct
2010 19:37:51 -0500
Received: (qmail 51732 invoked by uid 1010); 1 Nov 2010 00:37:02  
-

Mailing-List: contact php-general-h...@lists.php.net; run by ezmlm
Precedence: bulk
list-help:<mailto:php-general-h...@lists.php.net>
list-unsubscribe:<mailto:php-general-unsubscr...@lists.php.net>
list-post:<mailto:php-general@lists.php.net>
List-Id: php-general.lists.php.net
Delivered-To: mailing list php-general@lists.php.net
Received: (qmail 51725 invoked from network); 1 Nov 2010 00:37:02
-
Authentication-Results: pb1.pair.com header.from=tamouse.li...@gmail.com
; sender-id=pass; domainkeys=bad
Authentication-Results: pb1.pair.com
smtp.mail=tamouse.li...@gmail.com; spf=pass; sender-id=pass
Received-SPF: pass (pb1.pair.com: domain gmail.com designates
209.85.214.170 as permitted sender)
X-DomainKeys: Ecelerity dk_validate implementing draft-delany-
domainkeys-base-01
X-PHP-List-Original-Sender: tamouse.li...@gmail.com
X-Host-Fingerprint: 209.85.214.170 mail-iw0-f170.google.com
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
   d=gmail.com; s=gamma;
   h=domainkey-signature:received:received:message-id:from:to
:in-reply-to:content-type:content-transfer-enc

Re: [PHP] Fwd: Mail delivery failed: returning message to sender

[Tamara Temple]

On Nov 1, 2010, at 7:43 AM, Daniel P. Brown wrote:

On Sun, Oct 31, 2010 at 21:06, Tamara Temple  
 wrote:
Is this something I need to worry about?? Is my mail sending some  
malware??


   No, you're safe in this case.



  (reason: 550 This message contains malware
(winnow.malware.wa.webinjection.1450.UNOFFICIAL))


   Sascha's server's scanner (say that three times fast) is having a
fit over this:


this. (See your code at http://pastie.org/1262989).


   A version of ClamAV released during the spring of this year
erroneously catches all URLs from pastie.org as malware.



Ah, that does explain it, thanks.


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Pros/Cons of using mysqli prepared statments

[Tamara Temple]

I'm wondering what the advantages/disadvantage of using prepared  
statements with mysqli are. I'm used to using the mysqli::query and  
mysqli::fetch_assoc functions to deal with retrieving data and bulding  
my sql statement in php code.


Tamara Temple
-- aka tamouse__
tam...@tamaratemple.com


"May you never see a stranger's face in the mirror."


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Pros/Cons of using mysqli prepared statments

[Tamara Temple]

On Nov 4, 2010, at 6:36 AM, Jay Blanchard wrote:


[snip]
If you have a query in your PHP code, which you are going to be
executing a lot, even if you are using prepared statements, you can go
one further by creating a stored procedure. Now the SQL server will
only ever need to compile the statement once. No matter how many times
it is used. You only need to supply the data which will be type
appropriate.
[/snip]

I second this, using stored procedures has a lot of advantages. If you
need to change your SQL you can do it in one spot. It reinforces MVS  
or

modular coding behavior, the SP becomes very re-usable. Security is
improved. Performance can be improved. You can put the bulk of the  
data

handling on the database where it really belongs because SP's can
perform complex operations complete with control structures. Lastly it
simplifies your PHP code.



(dangit, i sent this from the wrong address initially)

I do know about stored procedures and have used them where appropriate  
(retrieving the entire contents of a table, one record from a table,  
etc.). It was the prepared statements that I haven't had experience  
with. I wasn't away that these were precompiled. That does make them  
more attractive for heavily executed pulls. On the other hand, the  
seem to require more intense maintenance than just changing some lines  
of code in a file if need be. (I assume prepared statements don't  
share the same efficiency of maintenance that stored procedures do  
across applications.)




--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Updating a GET variable

[Tamara Temple]

On Nov 9, 2010, at 2:47 PM, Marc Guay wrote:

What's wrong with just putting the url parameters in the link that  
you know

you need, one by one?


I have a footer that I include on every page and would like it to
adapt to whatever situation it finds itself in.  Is your suggestion,
to do the following for the existing example:

echo "Flip";



Also, don't just output the values sent to the server, as that's an  
attack waiting to happen.


Are you referring to echoing the SCRIPT_NAME and QUERY STRING values
into the href attribute?


I would add the parameter you want to $_GET ($_GET['lang']='en') and  
use http_build_query on $_GET if you really want to include the whole  
query string in the call:


$_GET['lang']='en';
echo 'Flip";



--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Fwd: [PHP] Updating a GET variable

[Tamara Temple]

Begin forwarded message:


From: Tamara Temple 
Date: November 10, 2010 12:05:32 AM CST
To: PHP General 
Subject: Re: [PHP] Updating a GET variable


On Nov 9, 2010, at 2:47 PM, Marc Guay wrote:

What's wrong with just putting the url parameters in the link that  
you know

you need, one by one?


I have a footer that I include on every page and would like it to
adapt to whatever situation it finds itself in.  Is your suggestion,
to do the following for the existing example:

echo "Flip";



Also, don't just output the values sent to the server, as that's  
an attack waiting to happen.


Are you referring to echoing the SCRIPT_NAME and QUERY STRING values
into the href attribute?


I would add the parameter you want to $_GET ($_GET['lang']='en') and  
use http_build_query on $_GET if you really want to include the  
whole query string in the call:


$_GET['lang']='en';
echo 'Flip"


Woops, just realized a problem with this. If the values in $_GET are  
URL encode, http_build_query will encode them again, so you have to  
decode them first:


foreach($_GET as $k => $v) $qs[$k] = URLDecode($v);
$qs['lang'] = 'en';
echo 'Flip';


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Updating a GET variable

[Tamara Temple]

On Nov 10, 2010, at 8:58 AM, Marc Guay wrote:


foreach($_GET as $k => $v) $qs[$k] = URLDecode($v);
$qs['lang'] = 'en';
echo 'Flip';


Hi Tamara,

Thanks for the tips.  Do you see any advantage of this method over
using a small POST form besides the styling problems I'll run into
trying to make the submit button look like an achor?


The main advantage I see is that you're application doesn't have to  
become bi-modal, with looking for variables on both the query string  
and in the post data, then deciding which to use.


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] parse_ini_file() seems to be broken in PHP 5.2.4-2ubuntu5.12

[Tamara Temple]

On Nov 10, 2010, at 8:08 PM, Daevid Vincent wrote:


http://php.net/manual/en/function.parse-ini-file.php

Why doesn't PHP parse the 'null', 'true', 'false', etc into their  
proper
equivalents? What's worse is that it does this mangling of my RAW  
values to

be strings and sets them to "1" !!! WTF good does that do me?!


Here is my test.ini file:
---
---
[examples]  ; this is a section
   ; this is a comment line
log_level = E_ALL & ~E_NOTICE
1 = intkey  ; this is a int key
nullvalue = null; this is NULL
truebool = true ; this is boolean (TRUE)
falsebool = false   ; this is boolean (FALSE)
intvalue = -1   ; this is a integer (-1)
floatvalue = +1.4E-3; this is a float (0.0014)
stringvalue = Hello World   ; this is a unquoted  
string

quoted = "Hello World"  ; this is a quoted string
apostrophed = 'Hello World' ; this is a apostrophed  
string
quoted escaped = "it work's \"fine\"!"  ; this is a quoted  
string with

escaped quotes
apostrophed escaped = 'it work\'s "fine"!'  ; this is a apostrophed  
string

with escaped apostrophes
---
---

Here is my test.php page:
---
---

---
---

Here is the output:
---
---
array
 'examples' =>
   array
 'log_level' => string '6135' (length=4)
 1 => string 'intkey' (length=6)
 'nullvalue' => string '' (length=0)
 'truebool' => string '1' (length=1)
 'falsebool' => string '' (length=0)
 'intvalue' => string '-1' (length=2)
 'floatvalue' => string '+1.4E-3' (length=7)
 'stringvalue' => string 'Hello World' (length=11)
 'quoted' => string 'Hello World' (length=11)
 'apostrophed' => string ''Hello World'' (length=13)
 'quoted escaped' => string 'it work's \fine\!' (length=17)
 'apostrophed escaped' => string ''it work\'sfine' (length=15)
---
---



develo...@mypse:~$ php -v
PHP 5.2.4-2ubuntu5.12 with Suhosin-Patch 0.9.6.2 (cli) (built: Sep  
20 2010

13:18:10)
Copyright (c) 1997-2007 The PHP Group
Zend Engine v2.2.0, Copyright (c) 1998-2007 Zend Technologies
   with Xdebug v2.0.5, Copyright (c) 2002-2008, by Derick Rethans


Maybe I'm missing something, but i thought that's what the constants  
evaluated to


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] use of ini vs include file for configuration

[Tamara Temple]

I'm curious what the lists' opinions are regarding the use of an .ini  
file versus an include configuration file in PHP code are?


I can see uses for either (or both).

To me, it seems that an .ini file would be ideal in the case where you  
want to allow a simpler interface for people installing your app to  
configure things that need configuring, and an included PHP code  
configuration file for things you don't necessarily want the average  
installer to change.


What do you think?

Tamara


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Retrieving function values

[Tamara Temple]

On Nov 14, 2010, at 9:12 PM, Ron Piggott wrote:

I am writing a custom function and I need to be able to retrieve 3  
values from it.




To return multiple values, you have to return an array:

return array($var1, $var2, $var3);

Then at the calling site, you retrieve them with a list construct:

list ($var1, $var2, $var3) = function_returning_array($param);



--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: String manipulation

[Tamara Temple]

On Nov 14, 2010, at 4:48 PM, Ron Piggott wrote:


Warning: strpos() [function.strpos]: Offset not contained in string



Shouldn't you check the length of the string before giving it the  
offset?



From: a...@ashleysheridan.co.uk


$pos = (strpos(' ', $string, 76))?strpos(' ',$string,  
76):strlen($string);


Doesn't strpos(' ',$string,76) look for the first space to the *right*  
of position 76?


I really don't know how to do this except by exploding the string and  
shooting the array of characters, keeping mind of the last space found  
before you get to slot 75.



- Reply message -
From: "Ron Piggott" 


How would I write an IF statement that looks for the first space  
space (“ “) left of the 76th character

^ left


in a string or , which ever comes


first --- OR the end of the string (IE the string is less than 76  
characters long? I specifically want is it’s character position in  
the string.




--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] database design in a survey/poll system

[Tamara Temple]

On Nov 17, 2010, at 7:42 AM, 肖晗 wrote:


I plan to design a small survey/poll system similar to
polldaddy
.

And I have some confusion in designing the database for the multiple/ 
single
choice questions. Of course, it is possible to use one table to  
store the
question title and  another table to store the choice item(one  
record for

each choice item).


As you have a many-to-one relationship of answers to questions, two  
tables would be necessary in a normalized database.


My main concern is that whether we can place the choices together in  
the
same table(and in one ) with the question title. I guess it can be  
faster to

read from one table than reading from two table.


It is possible, but really, why bother? It's not a very time consuming  
function whether you join two tables or read from one and end up  
parsing the results. String parsing can be expensive, too.


And my idea is to use  a delimiter to separate the choices. And the  
handling
of the choices are done in the php script. But what delimiter should  
be

used?


You can easily choose any character and just make sure your responses  
never include that character, or escape it somehow (eg. via \ )



Can anyone help? Thanks!


I really don't think you gain much, if anything, by having a single  
table in this instance. The retrieval is trivial for the sql engine,  
vs creating parsing code in PHP which may be trouble-prone or  
convoluted.



--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] How to protect the source code.

[Tamara Temple]

On Nov 19, 2010, at 3:39 PM, Hans Åhlin wrote:


Does any one know if there is any way for me to protect my source code
without the requirement of a extension being installed on the server?
i.e encryption, obfusicator, script library, compile the code.


Perhaps it's just me, but I'm completely missing the point of this.  
How is someone going to get your code off of a server?



--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Problem with functions and arrays...

[Tamara Temple]

On Nov 20, 2010, at 5:31 PM, Jason Pruim wrote:




Maybe it's just me, but using the name of a global as a function  
parameter just seems like a bad idea. Yes, you can do it. Should you?  
I think not. Especially, as, you are passing it a scalar below and  
treating it here like the global array.



   //Make sure to post form start/stop OUTSIDE of this function...
   //It's not meant to be a one size fits all function!
echo "NAME: " . $name . "";
echo "MESSAGE: " . $message . "";

echo "POST: " . $_POST . "";
echo "OPTION: " . $option . "";


$sticky = '';
if(isset($_POST['submit'])) {


Check the error messages -- since you're passing in $startYear as a  
scalar below, you shouldn't be able to access $_POST as an associative  
array.



$sticky = $_POST["{$name}"];
echo "STICKY: " . $sticky;
}
//echo "OPTION: ";
//print_r($option);

   echo <<
{$message}

HTML;

foreach ($option as $key => $value){

if($key == $sticky) {
echo '' . $value . '';
}else{
echo '' . $value . '';
}

}

echo <<
HTML;
unset($value);
return;
}

?>

One for Month, Day & Year... All the same exact code... When I get  
brave I'll combine it into 1 functions :)


Now... What it's trying to do.. It's on a "update" form on my  
website. Basically pulls the info from the database and displays it  
in the form again so it can be edited and resubmitted...


As I'm sure you can tell from the function it checks to see if the a  
value has been selected in the drop down box and if it has then set  
the drop down box to that value.


I call the function like this:
$startYear = date("Y", $row['startdate']); //Actual DBValue:  
1265000400


You're setting $startYear as a scalar value here.

$optionYear = array("2010" => "2010", "2011" => "2011", "2012" =>  
"2012", "2013" => "2013", "2014" => "2014");


ddbYear("startYear", "Select Year", $startYear, $optionYear);


And passing it in to the $_POST variable in your function. Then you  
treat the $_POST variable as an associative array (seemingly much like  
the global $_POST array).





?>

The output I'm getting is:
THESE ARE THE ACTUAL UNPROCESSED (OTHER THEN SEPARATING) VALUES FROM  
THE DATABASE

startmonth: 2
startday: 1
startYear: 2010
endmonth: 11
endDay: 30
endYear: 1999

THESE ARE THE VALUES INSIDE THE FUNCTION
NAME: startYear
MESSAGE: Select Year
POST: 2010
OPTION: Array
STICKY: 2

Now... The problem is that $sticky get set to "2" instead of  
"2010"... But I can't figure out why...


Anyone have any ideas?

And just incase I didn't provide enough info here's a link that  
shows it happening:


HTTP://jason.pruimphotography.com/dev/cms2/events/update_form.php? 
id=62


Again, I will reiterate that taking the name of a global variable and  
using it as a parameter in a function is a bad idea. It can be done,  
and my in some cases have some uses, but I don't think the way you're  
using it is a good idea, and looks wrong to me as well.



--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Can't find existing file

[Tamara Temple]

On Nov 25, 2010, at 8:07 AM, Richard Quadling wrote:


I prefer PICNIC.

So you can now have a Senior Picnic or a Kiddies Picnic and it all
sounds quite pleasant.


Ok, I give, what's a PICNIC?

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] preg_match fails to resolve variable as a subject

[Tamara Temple]

On Nov 25, 2010, at 6:07 PM, Da Rock wrote:
preg_match("/(\d{1,3})(\.)$/", exec($mixer . ' ' . $command), & 
$matches)


it looks like you're failing to account for the newline that comes  
back in a command execution. Add trim() around the exec() call and try  
again.


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] preg_match fails to resolve variable as a subject

[Tamara Temple]

On Nov 26, 2010, at 7:28 PM, Da Rock wrote:


On 11/27/10 00:57, Richard Quadling wrote:
On 26 November 2010 00:07, Da Rockl...@herveybayaustralia.com.au>  wrote:


preg_match("/(\d{1,3})(\.)$/", exec($mixer . ' ' . $command),& 
$matches)



Can you ...

var_dump(exec($mixer . ' ' . $command));

I wonder if the output includes a new line which you are not
accounting for in the regex.



Haven't tried yet, but isn't that what $ is for? End of line?




$ matches end of line, but since your last match expression is to  
match explicitly the character '.' before end of line, and there's a  
newline, it won't match. Again, use trim() to get rid of the newline  
character at the end of the string returned by exec(). Looking at the  
output or


And exec only gives one line- the last line of the output of the  
command. You have to provide a reference to an array for the entire  
output.


var_dump gives:
string(41) "Mixer vol is currently set to 75:75"



It also looks like \d{1,3}\. won't match anything in the output string  
given by the command.




--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] PHP Add +1 mysql updates by 2?

[Tamara Temple]

On Nov 26, 2010, at 8:36 PM, Richard West wrote:


Hey guys,
I've never run into this before.
I have a field in mysql for page views.
So I pull out value and do +1 to new value - after UPDATE SET it has  
incremented by 2?


$val = $row['a_downloads'] ;

$new_val = $val+1;

mysql_query("UPDATE cbn_articles SET a_downloads='$new_val' WHERE  
a_id = '".$_GET['id']."' ");


Any ideas? What am I missing?
RD


a_downloads wouldn't happen to be an autoincrement value, would it?



--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] preg_match fails to resolve variable as a subject

[Tamara Temple]

On Dec 2, 2010, at 11:33 PM, Da Rock wrote:


On 11/29/10 09:10, Richard Quadling wrote:
On 27 November 2010 04:45, Da Rockl...@herveybayaustralia.com.au>  wrote:



On 11/27/10 13:51, Tamara Temple wrote:


On Nov 26, 2010, at 7:28 PM, Da Rock wrote:



On 11/27/10 00:57, Richard Quadling wrote:

On 26 November 2010 00:07, Da Rock>

 wrote:


preg_match("/(\d{1,3})(\.)$/", exec($mixer . ' ' . $command),& 
$matches)




Can you ...

var_dump(exec($mixer . ' ' . $command));

I wonder if the output includes a new line which you are not
accounting for in the regex.




Haven't tried yet, but isn't that what $ is for? End of line?




$ matches end of line, but since your last match expression is to  
match
explicitly the character '.' before end of line, and there's a  
newline, it
won't match. Again, use trim() to get rid of the newline  
character at the

end of the string returned by exec(). Looking at the output or


And exec only gives one line- the last line of the output of the  
command.

You have to provide a reference to an array for the entire output.

var_dump gives:
string(41) "Mixer vol is currently set to 75:75"


It also looks like \d{1,3}\. won't match anything in the output  
string

given by the command.





Thank you for that- that did it. I removed the \.

I am a little confused though; that regex was tested on several  
test sites
and was deemed accurate on them, and one of them actually supplied  
the
preg_match code. And if I run the command on a shell it actually  
outputs
exactly the right subject for the regex- not to mention it got  
printed
inadvertently (using system() ) via the php exactly the same. So I  
don't

think I missed it somehow.

What I have constantly seen come up (shell and php/html) is: Mixer  
vol is

currently set to 75:75. (including the period)

Don't get me wrong- you guys make sense; my system doesn't. I need  
to get to
the bottom of this so I can ensure my code will port well. I don't  
want to
get it all working and find it breaks when I run it on another  
system,
albeit same OS (FreeBSD). Could be updates or variations of  
releases.


Just to check again, I ran the command on the shell again and sure  
enough
the period is no longer there- but I can't for the life of me  
figure out
when that changed as this code has never worked (and yes, I added  
in the \.
to match the end of line because it originally wasn't working).  
Another

great mystery? Weird... :)

Thanks again guys.

The regex is a valid regex. It's just useless for the data you are  
providing it.


I'm wondering what is missing from your output? The var_dump says the
text is a 41 character string, but the data you provided only has 36
characters in it.

What elements of the string do you want to capture?

/:(\d++)/ would catch the number after the :




Apologies for the delay.

That works, except it will catch all instances. I need it to catch  
the last number specifically and not the period. The output will  
also output a previous and new reading- I need the new reading. And  
I also need to allow for the possibility of a period. So here's  
what I have:


/(\d++)[^.]?$

Which works as long as there is no period at the end. I just can't  
seem to get my head around it. I need a guru... :)


Did you miss the ":" at the beginning of RIchard's suggested regex? /: 
(\d++)/ would gather up all digits following a ":". If the output from  
the mixer command is always something like dd:dd (irrespective of  
trailing period), the regex above would always return the second set  
of digits.



--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] code quest

[Tamara Temple]

On Dec 4, 2010, at 2:15 PM, Kirk Bailey wrote:

The hound barks, but does not yet properly hunt, and we need to  
bring home the bacon.


OK, here is the current code:

  '.include('./'.$d.'/desc.txt')
  ;#.''.PHP_EOL;
}
  }
  ?>

the url again, to view the results, is http://www.howlermonkey.net/dirlisting.php 
 and is live right now. The results are a tad odd to say the least.




Ok, I don't think that's actually the code that generated the page you  
link to, but let's go with what you've got.


First of all, include() does not return a string to the calling  
program. include() basically redirects the php interpretter to process  
the contents of the file. What include() returns is success or failure  
of the execution of the included script. To use the current setup you  
have with the desc.txt files, you want to do something like this:


echo '';
include('./'.$d.'/desc.txt');
echo ''.PHP_EOL;

If the file desc.txt contains only text, it will get sent to the  
browser as is.







Kirk Bailey wrote:

Ok, let's kick this around.

iterating an array(?; 1 dimensional listing of things) in php, I am  
creating a list of direcoties. I want to open and read in a file in  
each directory with a standard name, which contains a 1 line  
description of the directory and it's purpose.


Now, here's the existing code; this code is online NOW at this url:
http://www.howlermonkey.net/dirlisting.php

  * 1'.$d.''.PHP_EOL;
  14 }
  15}
  16?>*

Let's say the file to read in /elite is named 'desc.txt'.
It looks like you want me to modify line 13 to say:
echo ''.include($d.'desc.txt').'>'.PHP_EOL;


so, if the file '/elite/desc.txt' contains the line

  *82nd Airbourne - We are an elite unit of army Paratroopers
  *

Then that element in the list would appear as:

  * 82nd Airbourne  -We are an elite unit of army Paratroopers

And would be clickable. Let's try it and see if this hound hunts.

Matt Graham wrote:

From: Kirk Bailey 


OK, now here's a giggle; I like ssi includes. If I put the script
in as an ssi include, will it still work?



If you're using Apache, and you do



...the PHP in something.php will execute and produce output, but
something.php will not have any access to $_GET or $_POST or  
$_SESSION or any

of those things.  This is generally not what you want.  If you do



...then something.php will be able to see and work with the  
superglobals that
have been set up further up the page, which is *usually* what you  
want.  You
could try both approaches in a test env and see what you get.   
I'll use SSI
for "dumb" blocks of text and php include for "smart" blocks of  
code, because

IME that tends to produce fewer instances of gross stupidity.

Note that YMMV on all this and ICBW.






--
end

Very Truly yours,
   - Kirk Bailey,
 Largo Florida

 kniht+- 
+   | BOX |   +- 
+think



--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] code quest

[Tamara Temple]

On Dec 4, 2010, at 2:58 PM, Kirk Bailey wrote:


the code is now:

  ';
echo include($d.'/desc.txt' );


There should be no echo here


echo ''.PHP_EOL;
}
  }
  ?>

And it works!
  BUT!
Where is the "1" coming from?!?
Please inspect the page and see what I mean. This is not in the  
code, and it's not in the source file. Link: http://www.howlermonkey.net/dirlisting.php


I hope this dialog is proving at least mildly interesting to the  
remainder of the list as an educational exercise.



Tamara Temple wrote:


On Dec 4, 2010, at 2:15 PM, Kirk Bailey wrote:

The hound barks, but does not yet properly hunt, and we need to  
bring home the bacon.


OK, here is the current code:

 which

 are NOT to be listed!
 $excludes[] = 'images';
 $excludes[] = 'cgi-bin';
 $excludes[] = 'vti_cnf';
 $excludes[] = 'private';
 $excludes[] = 'thumbnail';

 $ls = scandir(dirname(__FILE__));
 foreach ($ls as $d) {
   if (is_dir($d) && !preg_match('/^\./',basename($d)) &&
 !in_array(basename($d),$excludes)) {
   echo ''.include('./'.$d.'/desc.txt')
 ;#.''.PHP_EOL;
   }
 }
 ?>

the url again, to view the results, is http://www.howlermonkey.net/dirlisting.php 
 and is live right now. The results are a tad odd to say the least.




Ok, I don't think that's actually the code that generated the page  
you link to, but let's go with what you've got.


First of all, include() does not return a string to the calling  
program. include() basically redirects the php interpretter to  
process the contents of the file. What include() returns is success  
or failure of the execution of the included script. To use the  
current setup you have with the desc.txt files, you want to do  
something like this:


   echo '';
   include('./'.$d.'/desc.txt');
   echo ''.PHP_EOL;

If the file desc.txt contains only text, it will get sent to the  
browser as is.







Kirk Bailey wrote:

Ok, let's kick this around.

iterating an array(?; 1 dimensional listing of things) in php, I  
am creating a list of direcoties. I want to open and read in a  
file in each directory with a standard name, which contains a 1  
line description of the directory and it's purpose.


Now, here's the existing code; this code is online NOW at this url:
http://www.howlermonkey.net/dirlisting.php

 * 1'.$d.''.PHP_EOL;
 14 }
 15}
 16?>*

Let's say the file to read in /elite is named 'desc.txt'.
It looks like you want me to modify line 13 to say:
echo ''.include($d.'desc.txt').'>'.PHP_EOL;


so, if the file '/elite/desc.txt' contains the line

 *82nd Airbourne - We are an elite unit of army Paratroopers
 *

Then that element in the list would appear as:

 * 82nd Airbourne  -We are an elite unit of army Paratroopers

And would be clickable. Let's try it and see if this hound hunts.

Matt Graham wrote:

From: Kirk Bailey 


OK, now here's a giggle; I like ssi includes. If I put the script
in as an ssi include, will it still work?



If you're using Apache, and you do



...the PHP in something.php will execute and produce output, but
something.php will not have any access to $_GET or $_POST or  
$_SESSION or any

of those things.  This is generally not what you want.  If you do



...then something.php will be able to see and work with the  
superglobals that
have been set up further up the page, which is *usually* what  
you want.  You
could try both approaches in a test env and see what you get.   
I'll use SSI
for "dumb" blocks of text and php include for "smart" blocks of  
code, because

IME that tends to produce fewer instances of gross stupidity.

Note that YMMV on all this and ICBW.






--
end

Very Truly yours,
  - Kirk Bailey,
Largo Florida

kniht+- 
+   | BOX |   +- 
+think





--
end

Very Truly yours,
   - Kirk Bailey,
 Largo Florida

 kniht+- 
+   | BOX |   +- 
+think



--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] All records not displaying...

[Tamara Temple]

On Dec 19, 2010, at 9:46 AM, Gary wrote:

I have an issue that the first record in a query is not being  
displayed.  It
seems that the first row in alphabetical order is not being brought  
to the

screen.

I have run the query in the DB and it displays the correct result,  
so it has

to be in the php.

I have a MySQL DB that lists beers.  I have a column for 'type' of  
beer

(imported, domestic, craft, light). The queries:

$result = MySQL_query("SELECT * FROM beer WHERE type = 'imported'  
AND stock

= 'YES' ORDER by beername ");

When I run the query

if (mysql_num_rows($result) == !'0') {
   $row = mysql_fetch_array($result);

 echo 'Imported Beers';
 echo '

 Beer
 Maker
 Type
 Singles
 6-Packs
 Cans
 Bottles
 Draft
 Size
 Description';

 while ($row = mysql_fetch_array($result)) {

echo '' . $row['beername'].'';
echo '' . $row['manu'] . '';
echo '' . $row['type'] . '';
echo '' . $row['singles'] . '';
echo '' . $row['six'] . '';
echo '' . $row['can'] . '';
echo '' . $row['bottles'] . '';
echo '' . $row['tap'] . '';
echo '' . $row['size'] . '';
echo '' . $row['descrip'] . '';
'';
   }
echo '';

}

All but the first row in alphabetical order are displayed properly.

Can anyone tell me where I am going wrong?
--
Gary

BTW, I do have a bonus question that is about javascript in this  
same file,

so if anyone want to take a stab at that, I'll be happy to post it.



This code will totally eliminate the first row of data.


if (mysql_num_rows($result) == !'0') {
   $row = mysql_fetch_array($result);


Fetches the first row, but is not output. Because:


 while ($row = mysql_fetch_array($result)) {


Fetches the second row before you do any output of the data.

Eliminate the first fetch_array and you're code should work fine.

BTW, if you put the  attributes 'width="n"' in the preceding   
tags, you won't have to output them for each row. You should also put  
the units those numbers are associated with.




--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Problem with Include

[Tamara Temple]

On Dec 19, 2010, at 10:43 AM, Bill Guion wrote:

In an effort to clean up some code, I tried taking four lines out of  
6 or 7 programs and putting them into an include file. The file  
structure is


Root
 data
   clubs.php
 include
   fmt.inc

Originally, clubs.php had the following code:



This code works - on the web page I get

This page last modified 12/18/2010

which is correct.

So then I did the following:
Create an include file, fmt.inc with the following code:

$file_name= basename($_SERVER['PHP_SELF']);
$last_modified = filemtime($file_name);
print("This page last modified ");
print(date("m/j/y", $last_modified));

and then in the original file, I have



On my web page, I then get

$file_name= basename($_SERVER['PHP_SELF']);$last_modified =  
filemtime($file_name);print("This page last modified ");  
print(date("m/j/y", $last_modified));


(all on one line).

I would really like to understand why the include construct doesn't  
give the same results as the original?


-= Bill =-

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php



Whenever you see PHP code emitted to the web page, it means it wasn't  
wrapped in . If your include file above is complete, it's  
missing these tags.



--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: Do you trim() usernames and passwords?

[Tamara Temple]

On Dec 28, 2010, at 2:11 PM, Joshua Kehn wrote:


Specifically:


Dotan Cohen wrote:
I seem to have an issue with users who copy-paste their usernames  
and

passwords coping and pasting leading and trailing space characters.


Users should not be copy-pasting passwords or usernames. Do not  
compromise a system to cater to bad [stupid, ignorant, you pick]  
users. If this is an issue then educate the users.


I'm sorry, but this is just bloody stupid. I keep my usernames and  
randomly generated, very long passwords in a password keeper. If  
you're not going to let me copy paste them into a web page, i'm just  
not going to ever use your application. Copy/pasting is something that  
happens on the *local* machine -- it never goes out to the net. By  
forcing people to type in their user names and passwords you are going  
to cause them to enter easily-remembered, and typically easily- 
crackable combinations. What is the possible logic for disallowing  
someone to paste in their usernames/passwords???



--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: Do you trim() usernames and passwords?

[Tamara Temple]

On Dec 28, 2010, at 10:28 PM, Joshua Kehn wrote:


On Dec 28, 2010, at 6:28 PM, Paul M Foster wrote:


On Tue, Dec 28, 2010 at 03:11:56PM -0500, Joshua Kehn wrote:


Specifically:


Dotan Cohen wrote:
I seem to have an issue with users who copy-paste their  
usernames and
passwords coping and pasting leading and trailing space  
characters.


Users should not be copy-pasting passwords or usernames. Do not  
compromise a system to cater to bad [stupid, ignorant, you pick]  
users. If this is an issue then educate the users.




Wrong. I use a program called pwgen to generate passwords for me,  
which

I cannot remember. I use another program I built to store them in an
encrypted file. When I have to supply a password which I've forgotten
(as usual), I fire up my password "vault", find the password, and  
paste

it wherever it's needed. Users would be wise to follow a scheme like
this, rather than using their dog's name or somesuch as their  
passwords.


Paul

--
Paul M. Foster
http://noferblatz.com



What is "wrong?" That users should not be copy-pasting passwords or  
don't compromise the system?


I agree that users should not use weak passwords, but not everyone  
goes everywhere with a vault. I am more then capable of memorizing  
20 or so 16-32 character full set passwords.


20? child's play. How about 250+ randomly generated passwords and  
username combinations?


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: Do you trim() usernames and passwords?

[Tamara Temple]

On Dec 29, 2010, at 7:27 PM, Mujtaba Arshad wrote:


craphound.com/images/xkcdwrongoninternet.jpg


Least you could do is give Randall the love, instead of Cory :)

http://xkcd.com/386/



--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Regex for telephone numbers

[Tamara Temple]

On Dec 29, 2010, at 6:12 PM, Ethan Rosenberg wrote:

I would like to have a regex  which would validate that a telephone  
number is in the format xxx-xxx-.




http://lmgtfy.com/?q=regex+to+validate+US+phone+numbers

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: Do you trim() usernames and passwords?

[Tamara Temple]

On Dec 31, 2010, at 12:41 AM, Joshua Kehn wrote:



On Dec 31, 2010, at 1:26 AM, Tamara Temple wrote:



On Dec 28, 2010, at 2:11 PM, Joshua Kehn wrote:


Specifically:


Dotan Cohen wrote:
I seem to have an issue with users who copy-paste their  
usernames and
passwords coping and pasting leading and trailing space  
characters.


Users should not be copy-pasting passwords or usernames. Do not  
compromise a system to cater to bad [stupid, ignorant, you pick]  
users. If this is an issue then educate the users.


I'm sorry, but this is just bloody stupid. I keep my usernames and  
randomly generated, very long passwords in a password keeper. If  
you're not going to let me copy paste them into a web page, i'm  
just not going to ever use your application. Copy/pasting is  
something that happens on the *local* machine -- it never goes out  
to the net. By forcing people to type in their user names and  
passwords you are going to cause them to enter easily-remembered,  
and typically easily-crackable combinations. What is the possible  
logic for disallowing someone to paste in their usernames/ 
passwords???




My point has been completely missed by you. I'm not saying don't  
allow copy pasting usernames and passwords (though I think that this  
is a poor choice). I'm saying don't automatically trim the passwords.


Sorry, I was mislead by your use of the phrase "Users should not be  
copy-pasting passwords or usernames" above. I'd love to hear what you  
think is an alternative to identifying with web app that keeps track  
of information about someone that is more secure.



--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: Do you trim() usernames and passwords?

[Tamara Temple]

On Dec 31, 2010, at 12:41 AM, Joshua Kehn wrote:


On Dec 31, 2010, at 1:31 AM, Tamara Temple wrote:

20? child's play. How about 250+ randomly generated passwords and  
username combinations?


Why do you randomly generate 250+ usernames and passwords??


I generate unique pairs for the various website, email account,  
computer systems, and other things i've signed up for.


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: Do you trim() usernames and passwords?

[Tamara Temple]

On Dec 31, 2010, at 12:37 AM, Mujtaba Arshad wrote:

Won't there also be a higher chance of getting your username/ 
password combination stolen if you are keylogged, if you are typing  
in your passwords all day everyday? Obviously, the people on this  
list will say "I don't get keylogged, cause I am that pro" but  
whatever, just don't force people to enter passwords, no one  
appreciates it.


On Fri, Dec 31, 2010 at 1:26 AM, Tamara Temple > wrote:


On Dec 28, 2010, at 2:11 PM, Joshua Kehn wrote:

Specifically:

Dotan Cohen wrote:
I seem to have an issue with users who copy-paste their usernames and
passwords coping and pasting leading and trailing space characters.

Users should not be copy-pasting passwords or usernames. Do not  
compromise a system to cater to bad [stupid, ignorant, you pick]  
users. If this is an issue then educate the users.


I'm sorry, but this is just bloody stupid. I keep my usernames and  
randomly generated, very long passwords in a password keeper. If  
you're not going to let me copy paste them into a web page, i'm just  
not going to ever use your application. Copy/pasting is something  
that happens on the *local* machine -- it never goes out to the net.  
By forcing people to type in their user names and passwords you are  
going to cause them to enter easily-remembered, and typically easily- 
crackable combinations. What is the possible logic for disallowing  
someone to paste in their usernames/passwords???




--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php



This is an entirely different problem than not letting people copy/ 
paste their user/password info. I *never* said i do this every day.

Re: [PHP] Mac 10.7 Install/Copy fresh PHP over Pre-Installed PHP

[Tamara Temple]

JeffPGMT  wrote:
> Please correct me if I'm wrong and IMAP is available (maybe a known config 
> issue?)
> 
> Mac OSX 10.7, Using the pre-installed Apache & Php, IMAP is not installed, 
> pulled out my Apple for this server OS.

I don't know if it is, but something below seems very odd to me:

> $ php -v
> PHP Warning:  PHP Startup: Unable to load dynamic library 
> '/usr/lib/php/extensions/no-debug-non-zts-20090626/php_imap.dll' - 
> dlopen(/usr/lib/php/extensions/no-debug-non-zts-20090626/php_imap.dll, 9): 
> image not found in Unknown on line 0

I might be wrong here on 10.7, as I haven't even migrated off 10.5, but,
I've never seen a .dll file on a mac -- they're windows dynamic link
libraries. I think somehow things are little messed up there...

Someone has suggested installing MAMP, which is a much better solution
in general that what Apple supplies. The issue is knowing which you're
running at any point in time, which for most things, MAMP will handle
correctly. But it may not be the case for command line execution as
you've shown above.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: Differences

[Tamara Temple]

On Thu, 2012-10-04 at 18:06 -0400, Jim Giner wrote:
> I've read thru 9 responses to the OP and not one of you mentioned that 
> the code presented is problematic in itself.  Very forgiving, but 
> perhaps someone should have suggested that he post "actual code" when 
> looking for help in the future, and not some typing that is supposed to 
> represent the problem.
> 
> In this case, I"m looking for the function he called 
> "completeImageFilename"
> 
> :):)
> 

You might have missed mine:

On Wed, 2012-10-03 at 21:58 -0500, tamouse mailing lists wrote:
> (as a side note, the code you supplied would not work, as the name you
> gave the function was "filename" yet the function you were trying to
> call was "completeImageFileName".)
> 



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Friday - Return of Brain Teasers

[Tamara Temple]

On Fri, 2012-10-05 at 22:50 +0200, iostream wrote:
> If you want to execute some code...
> 
> I'm sure you've all heard of the new "goes to" operator by now, but I 
> hope it might be new to somebody.
> 
>$i = 10;
>while ($i --> 0) { // while $i goes to 0
>  echo $i ."\n";
>}

Okay, I haven't heard of it, and I don't get it. AFAIK, this "operator"
does not exist, but I don't get the trick that's being applied.



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] need some regex help to strip out // comments but not http:// urls

[Tamara Temple]

Tedd Sperling  wrote:
> On May 29, 2013, at 5:53 PM, Ashley Sheridan  
> wrote:
> > Sometimes when all you know is regex, everything looks like a nail...
> > 
> > Thanks,
> > Ash
> > 
> 
> There are people who *know* regrex?

Well, not *biblically*, but yeah, I do.




-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] limit access to php page

[Tamara Temple]

Camilo Sperberg  wrote:
> On 30 mei 2013, at 05:05, Paul M Foster  wrote:
> 
> > On Wed, May 29, 2013 at 08:51:47PM -0400, Tedd Sperling wrote:
> > 
> >> On May 29, 2013, at 7:11 PM, Tim Dunphy  wrote:
> >> 
> >>> Hello list,
> >>> 
> >>> I've created an authentication page (index.php) that logs into an LDAP
> >>> server, then points you to a second page that some folks are intended to
> >>> use to request apache redirects from the sysadmin group (redirect.php).
> >>> 
> >>> Everything works great so far, except if you pop the full URL of
> >>> redirect.php into your browser you can hit the page regardless of the 
> >>> login
> >>> process on index.php.
> >>> 
> >>> How can I limit redirect.php so that it can only be reached once you login
> >>> via the index page?
> >>> 
> >>> Thank you!
> >>> Tim
> >>> 
> >>> -- 
> >>> GPG me!!
> >> 
> >> Try this:
> >> 
> >> http://sperling.com/php/authorization/log-on.php
> > 
> > I realize this is example code.
> > 
> > My question is, in a real application where that $_SESSION['auth'] token
> > would be used subsequently to gain entry to other pages, what would you
> > use instead of the simple TRUE/FALSE value? It seems that someone (with
> > far more knowledge of hacking than I have) could rather easily hack the
> > session value to change its value. But then again, I pretty much suck
> > when it comes to working out how you'd "hack" (crack) things.
> > 
> > Paul
> 
> $_SESSION value are quite secure, as they are set on the server, only you can 
> control what's inside them. What can be hacked is the authentification 
> process or some script that sets session values. There is also a way of 
> hijacking a session, but again: its values aren't changed by some PHP script, 
> the session is being hijacked. Don't pass urls with the session id within 
> them and you'll be save. 

Looking back through the posts, I see I sent one without the link I
intended.

Session variables can be secure enough (there will never be perfect
security, just like there will never be completely safe sex), but you
*do* have to take precautions.

This is the link I meant to send before:

http://www.php.net/manual/en/session.security.php

Very important reading.





-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Has this always been the case?

[Tamara Temple]

Richard Quadling  wrote:

> Hi.
> 
> Both
> 
>  class Oddity{
>   public $var = 'a' . 'b';
> }
> ?>
> 

>From http://www.php.net/manual/en/language.oop5.properties.php:

"This declaration may include an initialization, but this initialization
must be a constant value--that is, it must be able to be evaluated at
compile time and must not depend on run-time information in order to be
evaluated."


> and
> 
>  class Oddity{
> const A_VAR = 'a' . 'b';
> }
> ?>
> 
> produce ...
> 
> PHP Parse error:  syntax error, unexpected '.', expecting ',' or ';' in -
> on line 3

>From http://www.php.net/manual/en/language.oop5.constants.php: 

"The value must be a constant expression, not (for example) a variable,
a property, a result of a mathematical operation, or a function call."

> 
> For properties, has this always been the case?
> 
> Admittedly, this is the first time I've ever written code to assign a
> concatenated string to a static property ...
> 
> static protected $s_NormaliserScript = __DIR__ . '/normalizedError.php';
> 
> And I was just surprised.
> 
> That's all.
> 
> Regards,
> 
> Richard.
> 
> P.S. Happy Friday!
> 
> 
> -- 
> Richard Quadling
> Twitter : @RQuadling
> EE : http://e-e.com/M_248814.html
> Zend : http://bit.ly/9O8vFY

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] How to enable cURL php extension on Debian Wheezy?

[Tamara Temple]

Csanyi Pal  wrote:
> I have installed following packages related to this issue:
> curl, libcurl3, libcurl3-gnutls, php5-curl.

All good.

> I have in
> /etc/php5/mods-available/curl.ini
> ; configuration for php CURL module
> ; priority=20
> extension=curl.so

Have you enabled the extension as well? That looks like the standard
set-up, which means that curl.ini is available, but you still have to
enable it. Check in /etc/php5/conf.d to see if there's a symlink in
there, otherwise look through the various bits to see if it's included
somewhere in one of the stock php.ini files.

Here's an example from one of my servers:

tamara@gandimouse /etc/php5$ ll mods-available/
total 4.0K
-rw-r--r-- 1 root root 66 Sep 15  2012 pdo.ini

tamara@gandimouse /etc/php5$ ll conf.d/
total 0
lrwxrwxrwx 1 root root 25 Sep 24  2012 10-pdo.ini -> ../mods-available/pdo.ini

If you make changes here, ensure you restart your sever.


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] php links doest work when im using mod rewrite

[Tamara Temple]

Farzan,

I don't have a direct answer to your question, but I work a lot with a
wiki application called PmWiki that does something very similar to what
you are doing.

Their instructions for using "clean urls" such as
http://example.com/blog/2 (only in their syntax) can be seen here:

http://www.pmwiki.org/wiki/Cookbook/CleanUrls

I don't know if that will help at all, but I've used it successfully.



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] URL Rewriting

[Tamara Temple]

Silvio Siefke  wrote:
> On Wed, 22 Jun 2011 17:50:49 -0400 Daniel P. Brown wrote:
> > > Has someone a Link with Tutorials or other Information?
> > 
> > Not entirely sure what you're asking here, or how you (or the
> > nginx folks) expect it to relate to PHP.  Do you mean that you want to
> > use PHP to have theme2.php act as if it was called as theme.php?id=2 ?
> 
> I have me write a blog, but my blog has link like blogdetail.html?id=1 or =2
> through 16 at moment. And for google and other Search  Engines not good the
> links, better where i can rewrite to a fix link, and when someone use the
> link, php write to correct url. 

Common SEO mythology is that you need pretty human-understandable
links. (In point of fact, the search engines care not in the least.)
However, human-understandable URLs are a benefit to users when they want
to understand what they're linking to or clicking on.

A human-understandable link is more like:

http://www.example.com/blog/2013-05-a-day-in-the-life-of-my-dog

not:

http://www.example.com/blog/2

as that really does not provide any more information than:

http://www.example.com/blog.php?id=2

Otherwise, Daniel's solution below should do the trick.

> Sorry my english not perfect on earth. 
> 
>  
> > If so, it's not redirect or rewrite, and it's extremely hacky, but
> > this is the only real way PHP could achieve the desired result:
> > 
> >  > // dynamictheme.php
> > 
> > if (preg_match('/.*([0-9]+)\.php/Ui',$_SERVER['PHP_SELF'],$match)) {
> >   $_GET['id'] = $match[1];
> >   include dirname(__FILE__).'/theme.php';
> > }
> > 
> > ?>
> > 
> > Then just symlink dynamictheme.php to your various themes like so:
> > 
> > ln -s dynamictheme.php theme2.php
> > ln -s dynamictheme.php theme301.php
> > ln -s dynamictheme.php theme18447.php
> > 







-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: How to enable cURL php extension on Debian Wheezy?

[Tamara Temple]

Csanyi Pal  wrote:
> It is interesting.. that when I switch to English language for
> Moodle installation ( on the web interface ), then I get not this error,
> but if I switch back to Hungarian language for installation, I get it
> again. 

I am completely unfamiliar with Moodle, have no idea what it is or how
it works with I18n stuff. But, if it works in one language and not the
other, the problem probably isn't with curl, or necessarily with the php
configuration, either.

When you switch to Hungarian, what are the actual errors you are seeing?
Stick the log in a gist or pastebin so it doesn't get mangled by email.

> The info.php file with the content of:
>   phpinfo();
> ?>
> 
> should show the enabled cURL extension?

I missed this one, somehow.

Yes, exactly, the cURL module should show up on phpinfo() output.


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] sorry for the blast from the past

[Tamara Temple]

Sorry for replying to a message from 2011 -- for some reason I had a
whole bunch of PHP messages suddenly show up in my inbox from the
past. I generally don't check the year of an unread message in my inbox,
as I try to keep inbox-zero.

Anyway, carry on!


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: How to enable cURL php extension on Debian Wheezy?

[Tamara Temple]

Csanyi Pal  wrote:
> Tamara Temple  writes:
> > Csanyi Pal  wrote:
> >> It is interesting.. that when I switch to English language for
> >> Moodle installation ( on the web interface ), then I get not this
> >> error, but if I switch back to Hungarian language for installation, I
> >> get it again. 
> >
> > I am completely unfamiliar with Moodle, have no idea what it is or how
> > it works with I18n stuff. But, if it works in one language and not the
> > other, the problem probably isn't with curl, or necessarily with the
> > php configuration, either.
> 
> It doesn't work in Englis language either, just at this step of Moodle
> installation on the web interface, it doesn't complain for the missing
> cURL extension. But, when I proceed with the installation in English
> language, I come to the step where it shows up again the missing cURL
> extension. 

Ah, I'm sorry, my misundertanding.

> > When you switch to Hungarian, what are the actual errors you are
> > seeing? 
> > Stick the log in a gist or pastebin so it doesn't get mangled by
> > email. 
> 
> I get no error message at this step of Moodle installation, when I use
> Hungarian language.
> 
> >> The info.php file with the content of:
> >>  >>  phpinfo();
> >> ?>
> >> 
> >> should show the enabled cURL extension?
> >
> > I missed this one, somehow.
> >
> > Yes, exactly, the cURL module should show up on phpinfo() output.
> 
> Well, the phpinfo() output doesn't show up the cURL module yet.
> 
> I have the following directories and files in the 
> 
> /etc/php5/ directory:
> 
>  /apache2 directory with the content:
>php.ini file
>/conf.d subdirectory with the content:
>  gd.ini
>  ..
>  xcache.ini
> 
>  But here I don't have
>  curl.ini
>  xmlrpc.ini
> 
>  and I think that that it should be here curl.ini, xmlrpc.ini
> 
>  Why is not here curl.ini?

My ../apache2/conf.d directory is a symlink to the ../conf.d
directory. This might indeed be the problem.

Not to make *your* ../apache2/conf.d a symlink, but to put symlinks
inside it to the .ini files you need in ../conf.d. Give that go, and
see? I'm sorry I'm not much better help -- this all came out of the box
the way I needed it and I didn't think about it much.

> 
>  /conf.d directory with the content:
>@10-pdo.ini
>@20-curl.ini
>..
>@20-xmlrpc.ini
>ldap.ini
> 
>  /mods-available subdirectory with the files:
>curl.ini
>..
>xmlrpc.ini
> 
>  /cgi directory
>  /cli directory
> 
> 
> -- 
> Regards from Pal
> 
> 
> -- 
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
> 

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] URL Rewriting

[Tamara Temple]

Daniel Brown  wrote:
> Studying archaeology now, Tam?  ;-P

Always been a huge fan. :)



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] browser rendering

[Tamara Temple]

georg  wrote:
> Possibly this issue is for other fora, which you might direct me, anyways;

It's actually an HTML question. But most PHPers do a lot of HTML, too,
it turns. out. :)

> I have been dablling making my own little webpages, however having
> gotten a nice
> result jon fireforx, I realize picture sizes gets treated very
> differntly on different browsers !!!
> so the looks of the pages get very strange from smaller (Opera) and
> much bigger (Explorer)
> brower !!!

Cross-browser testing has been the bane of web design since basically
Day 0 of the WWW. It doesn't seem to be abating, either, while IE10
comes more in line, Opera and now Chrome are branching out, and we still
have a huge legacy of older IE versions. Achieving completely identical
views on different browsers is a fool's errand. Just get it close
enough, and move on.



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: How to enable cURL php extension on Debian Wheezy?

[Tamara Temple]

Csanyi Pal  wrote:
> Tamara Temple  writes:
> > My ../apache2/conf.d directory is a symlink to the ../conf.d
> > directory. This might indeed be the problem.
> 
> Yes.
> My system was Debian Squeeze and I just upgraded it to Debian
> Wheezy. Some configuration files and directories remains from Squeeze
> and probably cause this problem.

Okay, I've not made that particular upgrade; perhaps there something
that doesn't quite go along smoothly there.

> > Not to make *your* ../apache2/conf.d a symlink, but to put symlinks
> > inside it to the .ini files you need in ../conf.d. Give that go, and
> > see? I'm sorry I'm not much better help -- this all came out of the box
> > the way I needed it and I didn't think about it much.
> 
> Yes, that help me out. Now the phpinfo() funktion gives the cURL module
> enabled. 

Excellent! 



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Using Table prefixes

[Tamara Temple]

Tedd Sperling  wrote:
> On Jun 8, 2013, at 3:00 PM, Ashley Sheridan  wrote:
> dealTek  wrote:
> > 
> >> I can see the basic need for a table prefix in a case where you may use
> >> one mysql database for several projects at once so as to distinguish
> >> tables per project like...
> >> 
> >> -snip-
> >> however I was told a long time ago to use a prefix "tbl_" like
> >> tbl_Mytable but I don't really see much need for this by itself ... Am
> >> I missing something?
> > 
> > I think that's a pattern that people use to distinguish their tables from 
> > views, etc, but personally I find it a little pointless. It doesn't really 
> > help in any way, and just means more typing.
> > 
> > Using a prefix for a set of tables in one db where you might have several 
> > things using the db (i.e. some hosting limits the databases you can have) 
> > makes sense, and especially so if you name it sensibly as in your first 
> > example. 
> > Thanks,
> > Ash
> 
> I agree, but more than that I also set up databases specifically for clients 
> such that all the tables in them are related to the client and not each 
> other, such as:
> 
> client1_db
> 
> contacts
> invoices
> etc
> 
> and
> 
> client2_db
> 
> contacts
> invoices
> etc
> 
> As such, the "tbl_" prefix is not needed.
> 
> Cheers,
> 
> tedd
> 
> _
> tedd.sperl...@gmail.com
> http://sperling.com
> -- 
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
> 

In a multi-client situation like Tedd describes, it is rather more
important to segregate client's data, otherwise you need to do a fair
bit of permissions management to keep rogue employees/contractors at the
various clients from snooping around. (It happens!)

OTOH, when it's your own apps, and you are db restricted as Ash
mentions, the table prefix thing can be useful. Personally, I don't do
that, but that's because I am rarely resource-bound in that way. One db
per app, basically.



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Using Table prefixes

[Tamara Temple]

Julian Wanke  wrote:
> A database for each client? Isn't that over-powered? If you have 1000
> clients, you would loose the overview over your databases...

I believe what is being talked about is one DB per application install --
'client' can be a way-overloaded term.


> 
> Am 08.06.2013, 21:46 Uhr, schrieb Tedd Sperling :
> 
> > On Jun 8, 2013, at 3:00 PM, Ashley Sheridan
> >  wrote:
> > dealTek  wrote:
> >>
> >>> I can see the basic need for a table prefix in a case where you may use
> >>> one mysql database for several projects at once so as to distinguish
> >>> tables per project like...
> >>>
> >>> -snip-
> >>> however I was told a long time ago to use a prefix "tbl_" like
> >>> tbl_Mytable but I don't really see much need for this by itself ... Am
> >>> I missing something?
> >>
> >> I think that's a pattern that people use to distinguish their
> >> tables from views, etc, but personally I find it a little
> >> pointless. It  doesn't really help in any way, and just means more
> >> typing.
> >>
> >> Using a prefix for a set of tables in one db where you might have
> >> several things using the db (i.e. some hosting limits the databases
> >> you  can have) makes sense, and especially so if you name it
> >> sensibly as in  your first example.
> >> Thanks,
> >> Ash
> >
> > I agree, but more than that I also set up databases specifically for
> > clients such that all the tables in them are related to the client
> > and  not each other, such as:
> >
> > client1_db
> >
> > contacts
> > invoices
> > etc
> >
> > and
> >
> > client2_db
> >
> > contacts
> > invoices
> > etc
> >
> > As such, the "tbl_" prefix is not needed.
> >
> > Cheers,
> >
> > tedd
> >
> > _
> > tedd.sperl...@gmail.com
> > http://sperling.com
> > --
> > PHP General Mailing List (http://www.php.net/)
> > To unsubscribe, visit: http://www.php.net/unsub.php
> 
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
> 

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Using Table prefixes

[Tamara Temple]

Julian Wanke  wrote:
> Facebook has 1,11 Billion Accounts. If we divide this through 1000
> members per data team member they need 1 Million data team mebers,
> each of them  has a salary which I would say is about 2000$.
> That means they have to pay 2 Billion US$ (!) per month to the data
> team which is very unrealistic.

I think, again, that people have *very* different concepts of what the
term 'client' means. I would never call Facebook's billion accounts
clients - they are users.

And, seriously, I think taking a concept to absurd lengths is just that,
absurd.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Detect and Redirect Mobile Users

[Tamara Temple]

Ford, Mike  wrote:
> (someone else wrote:)
> > $browser = get_browser(null, TRUE);
> > if (isset($browser['ismobiledevice']) && ($browser['ismobiledevice'] == 
> > TRUE)) {
> > $isMobile = TRUE;
> > }
> > else {
> >  = FALSE;

Mike's remarks below notwithstanding, I think something fell off here.

> > }
> > unset($browser);
> 
> Argh!, Argh!, Argh! -- two of my pet hates in one snippet!

Tell us how you really feel, Mike. :))

> Comparing something ==TRUE is almost always unnecessary, and
> absolutely always when it's used as an element of a Boolean
> expression: if x evaluates to TRUE, x==TRUE is also TRUE, and if it
> evaluates to FALSE x==TRUE is also FALSE, so the comparison is
> unnecessary, redundant and wasteful. Just use x.

The only time I'd be looking at whether content of $somearray['somekey']
== TRUE is when it's possible that it may contain something other than
TRUE or FALSE, and somehow my code *cares* whether it does. In this
case, we do not, your rant holds.

> And why use an if test on a Boolean value to see if it's TRUE or
> FALSE, just so you can assign TRUE or FALSE?? Since the thing you're
> testing has the value you want in the first place, just flipping
> assign it!

This is most egregious.

>   $isMobile = isset($browser['ismobiledevice']) && $browser['ismobiledevice'];

This would even be a case where I'd opt for:

$isMobile = @$browser['ismobiledevice'];

since if it *isn't* set, it's still falsy, with the rather strong caveat
of don't use @ indiscriminantly.

> 

Cheers!

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: AW: AW: [PHP] PHP is Zero

[Tamara Temple]

BUSCHKE Daniel  wrote:
> Why is PHP doing that? I know it works as designed and I know it is
> documented like this but that does not mean that it is a good feature,
> does it? So lets talk about the question: Is that behaviour awaited by
> PHP software developers? Is that really the way PHP should work here?
> May we should change that?!

If you've been using PHP since 2000, you probably well know all the
rants there are about how terrible PHP is as a language; this is one of
the big ones people always mention.

An analog to your statement above is "This screwdriver is absolute
*bollux* at pounding in nails! Maybe we should change that!?". (In point
of fact, PHP can be seen as a screwdriver that is *astoundingly* capable
of pounding in nails, so the analogy is in kind only, not in fact. In
real fact, PHP is a programmer's wealthy toolkit; not complete by any
means, but tools that will work for most things, *when you know how to
use them*.)

I don't know the reasons why; it's moot to me. The designers of PHP
chose to go that route, it's up to me as a developer to know how the
language works. If I'm insufficiently able to use it without throwing
errors, or without realizing my code is throwing errors, perhaps it
isn't the language's fault, but mine to learn to adapt to it's
quirks. If I am sufficiently fed up with having to adapt to it's quirks,
Then I will find another language to use.

Now, that said, PHP is often some people's first programming language,
and that, IMO, is a serious problem. PHP is full of these sorts of
things that may not help a newbie learn proper software development
skills. I love that people can teach themselves to program; I wouldn't
want to take that away from anyone. And sometimes that leads to
problems, too. Eventually they'll learn, and get better, or they won't,
and probably not make much of a living at it if that's their desire.

When I came up, I was learning how to program in two languages at the
same time (not mixed in the same program; alternating): Pascal and
Lisp. There really could not be two more different languages (and this
was before anyone thought about OO as an actual thing rather than some
loosely associated concepts.) Pascal being strongly typed, Lisp having
no types and no distinction between code and data. I actually learned a
hella lot more working in Lisp than I did working in Pascal. (Not the
least of which was how to make my TAs scratch their heads in confusion.)
But that may just be me, and since it may just be me, I'm not about to
suggest it to anyone else.

Now, the question here may be merely academic (read: somewhat
interesting, but not really that practical). If it is not, however, this
isn't the right forum. Take your question to -dev and see what they
think. I am personally not interested in such a change to the language
at this point. It's bad enough when they roll to a new major release
breaking backwards compatibility. The anger and invective goes on for
years; people quit using PHP altogether because of such things and hold
grudges for years and years.

> Regards
> Daniel


Cheers,
   tamouse__

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] LightBox click detection

[Tamara Temple]

Tedd Sperling  wrote:
> It's Friday so I am allowed to ask odd questions.

W00T! Friday!

> Here's the problem --  I need to count the number of times a user activates a 
> LightBox -- how do you do that?
> 
> Here's a LightBox Example:
> 
>http://www.webbytedd.com/c2/lightbox/
> 
> All the javascript is there (jQuery et al).
> 
> Ideally, I would like to have a php/javascript combination that would:
> 
> 1. Detect when a user clicked the LightBox;
> 2. Pass that value to PHP so I can keep count.
> 
> Any ideas?

First off, do you have the javascript code available in an unsquished
form? That would mean I could read it.

Not knowing whether your JS code or Lightbox has any hooks that you can
take advantage of, I'd steal the onclick event from those images that
start lightbox, fire off an AJAX request and ignore the return, then
fire the lightbox event handler.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] LightBox click detection

[Tamara Temple]

Marc Guay  wrote:
> $('.lightbox-image-class').click(function(){
> $.post('ajax.php', {click: true});
> });

Do javascript DOM events stack? If they do, this is definitely the
simplest way to go. If they don't, you need to capture the previous
click handler and call it.



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] scandir doesn't find all files

[Tamara Temple]

Daniel Pöllmann  wrote:
> I have some files in a directory - some are uploaded via ftp and some other
> are created by a php script.
> 
> Scandir just finds the uploaded files, but none of the created files.
> I can't run chown() because the server is part of shared hosting.

Please show code and output.

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] json stream filter

[Tamara Temple]

Markus Staab  wrote:
> first post on the list, so please bare with me ;-)

No, I'm getting nekkee with you... :)

> we are handling a lot of cache files in our apps and use json to persist
> those contents on the filesystem, because it seems to be the fastest
> possible way to read/write files with PHP.
> 
> Since I discovered stream-filters, http://www.php.net/manual/en/filters.php,
> we use those also for base64 encoding files before sending them over the
> wire, which preserves a lot of memory and allows even bigger files.
> 
> Would it make sense to also have a native stream filter for fileformats
> like JSON, to get maximum performance for reading/writing those (and also
> to be able to write big files)?

I think this could be a real win for some folks; I personally haven't
got a use for it at the moment, but I can see where it would make
a lot of sense of some applications.




-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Thread-Hijacking (was: Re: [PHP] Fwd: Is it possible???)

[Tamara Temple]

Maciek Sokolewicz  wrote:
> Please please please please don't do this!

Please Please Please Do Not Hijack Threads.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Problem with variables

[Tamara Temple]

Fernando A  wrote:
> I am working with php and codeigniter, but I have not yet experienced.
> I need create a variable that is available throughout  system.
> This variable contains the number of company and can change.
> as I can handle this?

Hi, Fernando, welcome. I'm just a little unsure what you mean by "number
of company" -- is this a count, as in 10 companies, or is it a phone
number, or is it something else?

Jim's reply is workable -- storing session values is quite useful, but
sessions are tied to a specific browser client/ip, and I'm not sure
that's what you want/need here.

If you are looking for setting a global variable that will be available
everywhere in your application, you can use $GLOBALS, or set it from the
very top level context of the application. Given you're using
CodeIgniter, which sadly I am not versed in, you may need to set it with
$GLOBALS: 

$GLOBALS['my_var'] = 10; // whatever you need to do here

When you say it changes, how and when exactly does it change?


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Reseting the auto-increment number in a MySQL database.

[Tamara Temple]

Tedd Sperling  wrote:
> On Jun 27, 2013, at 8:47 PM, Paul M Foster  wrote:
> 
> > On Thu, Jun 27, 2013 at 11:47:28PM +0200, adriano wrote:
> > 
> >> holes in sequence of auto increment happen using transaction for
> >> insert new record but you don't commit transaction itself
> >> it seems that the autoincrement is incremented anyway
> >> at least this is my case.
> > 
> > I think what Tedd was referring to was something else. The "hole" was
> > quite large. I've seen this behavior myself, in PostgreSQL. From one
> > transaction to the next, there were over 10,000 skipped numbers, and
> > only me and my wife on the system. Some sort of bug, like a spinlock
> > that wasn't interrupted the way it should have been. I remember the
> > system taking forever to calm down before it gave the next transaction a
> > number way forward of the last one. I waited in front of my browser for
> > quite some time. But I couldn't explain why.
> > 
> > Paul
> 
> Yes, it was something like what Paul said -- it was not a transaction skip.
> 
> I don't know what to think about it -- no explanation.
> 
> But, the problem suddenly vanished -- very strange.
> 
> Cheers,
> 
> tedd
> 
> _
> tedd.sperl...@gmail.com
> http://sperling.com

I have no answers as to why the huge skip forward, the huge skip
backwards though makes me think someone else is doing something in the
database, and all the alarums and red flags are waving. I hope I'm
wrong.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Web dev, DB and "proper db design".

[Tamara Temple]

On Jul 4, 2013, at 8:02 AM, Jim Giner  wrote:

> On 7/4/2013 6:42 AM, Richard Quadling wrote:
>> Hi.
>> 
>> I've just had a conversation regarding DB, foreign keys and their benefits.
>> 
>> I was told "I've never worked on a web application where foreign keys were
>> used in the database".
>> 
>> As someone who has spent 25 years working on accounting/epos systems on MS
>> SQL Server (yep, windows) and now in a web environment and hearing the
>> above, ... well, ... slightly concerned.
>> 
>> So, in the biggest broadest terms, what do you lot do?
>> 
>> DBs with no foreign keys (constrainted or not).
>> ORM builders with manual definition of relationships between the tables.
>> Inline SQL where you have to just remember all the relationships.
>> Views for simple lookups? How do you handle updatable views (does mysql
>> support them?)
>> etc.
>> 
>> Is there a difference in those in 'startups' and web only situations, or
>> those doing more traditional development (split that as you like - I'm just
>> trying to get an understanding and not go off on one!).
>> 
>> No definitive answers, and I hope I get some wide experiences here.
>> 
>> Thanks for looking.
>> 
>> Richard.
>> 
> I"m going to guess that your source of such drivel never learned about such 
> things.  Probably thinks that a 'key' has to be defined as such in the db, 
> whereas we know what a FK really is.
> 
> Don't worry.  As a former big iron guy and then a c/s guy and now a (new) web 
> guy, things haven't changed.
> 
> -- 
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
> 

So, like Jim, I'm just going to speculate your correspondent has never actually 
designed anything very interesting. I can't really imagine how one does not use 
foreign keys, unless one does the entire relationship mapping between tables in 
the source… what a waste that would be.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] I am completely lost and need an advice (beginner)

[Tamara Temple]

On Jul 18, 2013, at 12:28 PM, Daniel Brown  wrote:

> On Thu, Jul 18, 2013 at 3:08 PM, php colos  wrote:
>> Hello world!
>> 
>> I'm trying to learn PHP ( first programming language that I learn) and
>> I feel kinda lost. I've read PHP programming 3rd edition( O'reilly),
>> 'getting good with PHP' by Andrew Burgees and some tutorials on the
>> internet but can't code something more complex than 'hello world'.
>> 
>> 
>> I do understand functions/values/operators/control structures, etc but
>> as I said, I feel that I can't use the language.
>> Am I reading the wrong books for a beginner?
>> 
>> Any advices?
>> 
>> 
>> 
>> *Apologies if this email might seem confusing. :)
> 
>Perhaps I'm biased, but I think other folks will agree --- the
> official documentation is your best source of learning second only to
> your own experiences with the language.  Check through the user notes
> as well, as they often provide very valuable insight and other
> developers' personal experiences.
> 
> --


I completely agree with Daniel that the online PHP documentation is the best 
way to understand the language. However, It seems our OP does not understand 
how to program. The php docs don't help with that.

If you really don't understand what programming is useful for, perhaps this is 
the wrong thing to be learning.

That said, what programming is for is to solve problems, provide tools, and 
provide means for people to communicate with each other and get work done via 
the computer and the internet. So, key, #1 thing: have a problem to solve.

While saying you understand various aspects of the language, I would say you 
cannot understand them until you actually put them to use, break things, learn 
how to fix them, and finally, teach someone else how to use them.

Almost every text, learning site, and documentation discusses how to write a 
program or application in the language or using the framework. Very, very few 
teach the essence of solving problems. Even the classics, such as Knuth's, 
Djyktra's, Wurth's, and so on, describe ways to solve particular problems. 
Patterns books describe how to structure solutions, but not actually how to 
solve problems in a general sense.



--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] pass parameter from client to server

[Tamara Temple]

On Jul 18, 2013, at 6:53 PM, Joshua Kehn  wrote:

> Could also use jquery instead 

True, but it's good to see the bare javascript as well in a demo.

> 
> Best,
> 
> -Josh
> ___
> http://byjakt.com
> Currently mobile
> 
> On Jul 19, 2013, at 4:08, Tedd Sperling  wrote:
> 
>> 
>> One additional comment.
>> 
>> Please change the javascript onclick to onchange -- that way the demo will 
>> work for Chrome as well as other Browsers.
>> 
>> Cheers,
>> 
>> tedd
>> 
>> _
>> t...@sperling.com
>> http://sperling.com
>> -- 
>> PHP General Mailing List (http://www.php.net/)
>> To unsubscribe, visit: http://www.php.net/unsub.php
>> 
> 
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
> 


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Foreach and mydql_query problem

[Tamara Temple]

On Jul 22, 2013, at 1:19 AM, Karl-Arne Gjersøyen  wrote:

> Hello again.
> I have this this source code that not work as I want...
> 
> THe PHP/HTHML form fields is generated by a while loop and looks like this:
> 
> " required="required">
> 
> 
> the php source code look like this:
>  if(!empty($_POST['number_of_itemsi'])){
>include('../../connect.php');
> 
>foreach($number_of_items as $itemi){
>echo "$itemi";
> 
>$sql = "UPDATE item_table SET number_item = '$item' WHERE date
> = '$todays_date' AND sign = '$username'";
>mysql_query($sql,$connect) or die(mysql_error());
> }
> }
> 
> ?>
> 
> The problem is:
> Foreach list every items as expected in PHP doc and I thought that $sql and
> mysql_query should be run five times when I have five items.
> But the problem is that only the very last number_of_items is written when
> update the form..
> I believe this is becayse number_of_items = '$item in $sqk override every
> earlier result.
> 
> So my querstion is. How to to update the database in this case?
> 
> Thanks again for your good advice  and time to help me.
> 
> Karl'

Either the code you posted isn't the actual code, or if it is, the errors 
should be rather obvious. Post *actual* code.


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] /tmp/directory

[Tamara Temple]

On Jul 22, 2013, at 10:20 AM, Tedd Sperling  wrote:

> Hi gang:
> 
> I should know this, but I don't.
> 
> Where is the /tmp/ directory?
> 
> You see, I have a client where his host has apparently changed the /tmp/ 
> directory permissions such that old php/mysql scripts cannot write to the 
> /tmp/ directory anymore -- they did at one time.
> 
> So, how do I fix it?
> 
> Cheers,
> 
> tedd
> 
> _
> t...@sperling.com
> http://sperling.com
> 
> 
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
> 

This is one of those questions I look at sideways and think "they did WH???"

Anyway, /tmp is under / on most linux systems, /private/tmp sometimes; I've 
encountered one system where it linked to /var/tmp, too. Try:

$ /bin/ls -ld /tmp

and see what it shows. -l is long listing, which will show permissions, if it's 
symlinked, etc. -d will treat /tmp as a file rather than as a directory (which 
would show the contents of /tmp).

Hopefully, they didn't delete the /tmp directory; but if they had, *many* 
things would probably stop working….


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] From 24/7/2013 to 2013-07-24

[Tamara Temple]

On Jul 26, 2013, at 4:18 AM, Karl-Arne Gjersøyen  wrote:

> Below is something I try that ofcourse not work because of rsosort.
> Here is my code:
> ---
> $lagret_dato = $_POST['lagret_dato'];
>foreach($lagret_dato as $dag){
> 
>$dag = explode("/", $dag);
>   rsort($dag);

You want to reverse the array, not sort it :) array_reverse().

>$dag = implode("-", $dag);
>var_dump($dag);
> 
> What I want is a way to rewrite contents of a variable like this:
> 
> From 24/7/2013 to 2013-07-24
> 
> Is there a way in PHP to do this?
> 
> Thank you very much.
> 
> Karl

Also, I thought the locale for European countries used periods as separators, 
not slashes; slashes for North America…

*shrug*


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] From 24/7/2013 to 2013-07-24

[Tamara Temple]

augh, apologies; i didn't see all the other replies….
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Just passing this along: Free Book

[Tamara Temple]

O'Reilly has a free download, apparently through a company called SAVVIS. No 
affiliation, just passing this along…

http://go.savvis.net/paas

You give them some contact info, and you get a download link. Nothing is 
actually checked to see if the info you fill in is real or not.

(cross-posted: ruby-talk, rubyonrails-talk, php-general)


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] fpdf problem?

[Tamara Temple]

On Aug 9, 2013, at 10:50 AM, Jim Giner  wrote:

> I've been using fpdf to create pdf files for my site.  All has been well for 
> over a year.  Suddenly I have a problem wherein IE 10 on W7 crashes when I 
> try to print one of these pdfs created by my php scripts.
> 
> The pdf files that I create seem fine.  If I bring one up in IE and then save 
> it to my drive, I can then exit IE and go open the pdf and print it just fine.
> 
> I have removed my pdf printer drivers from my system and that hasn't improved 
> my situation.  No luck there.
> 
> The exact scenario is:
> - script generates pdf and opens it in a new target window;
> - user clicks on print toolbar icon or File,Print;
> - print dialog opens;  here I see some problems in that the (very complex) 
> dialog is not displaying correctly with controls misaligned or overlaying 
> other controls;
> - click on Ok to execute the print to printer and nothing happens;  wait 5 
> minutes and still nothing;
> - NOW the problems begin;  when the window with the pdf in it is closed, in 
> about 2 seconds I get a dialog box telling me IE has stopped working.
> 
> Note that the problem only occurs when I attempt to print.  If my script 
> opens the pdf target window and I simply close it - no problems occur. BUT - 
> if I actually open a print dialog I get a crash whether I click OK or Cancel, 
> as soon as I close the window containing the pdf.
> 
> My question is does anyone have problems with fpdf lately?  Since my files 
> seem to be completely normal to adobe reader I don't think their content is 
> at fault.  It seems more like IE is not handling them and I can't find 
> anything online about this.
> 
> I'm really hoping this is a problem wtih fpdf rather than IE since solutions 
> are more apt to come out of this forum than the great wizards of M$ Oz.

Does this happen only for pdfs you've generated with fpdf, or any pdf file?


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Finally....

[Tamara Temple]

On Aug 16, 2013, at 10:58 AM, Marc Guay  wrote:

> Those Belgacom emails were the only thing keeping me from a crushing
> loneliness - undo!

I'll place a forward on my other spam…



--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] how old is this version of PHP?

[Tamara Temple]

Looking into a problem for someone who is using Godaddy Shared Web Hosting (I 
know..), I noticed the version tag reported by phpinfo is: 


PHP API 20041225
PHP Extension   20060613
Zend Extension  220060519

Just how old is this version of PHP??



--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] how old is this version of PHP?

[Tamara Temple]

On Aug 17, 2013, at 6:26 PM, Camilo Sperberg  wrote:

> On 16 aug. 2013, at 19:17, Tamara Temple  wrote:
> 
>> Looking into a problem for someone who is using Godaddy Shared Web Hosting 
>> (I know..), I noticed the version tag reported by phpinfo is: 
>> 
>> 
>> PHP API  20041225
>> PHP Extension20060613
>> Zend Extension   220060519
>> 
>> Just how old is this version of PHP??
>> 
>> 
>> 
>> --
>> PHP General Mailing List (http://www.php.net/)
>> To unsubscribe, visit: http://www.php.net/unsub.php
>> 
> 
> According to my google search, it should be 5.2.9, so it isn't "that" old:
> 
> 
> http://devzone.zend.com/1442/compiling-php-extensions-with-zend-server/
> 
> CD onto the extension's source dir (in our example, the PHP version is 5.2.9 
> as it is the current stable version Zend Server is shipped with):
> 
> $ cd /usr/local/zend/share/php-source/php-5.2.9/ext/pspell
> Run phpize:
> 
> $ /usr/local/zend/bin/phpize
> Output should be similar to this:
> 
> /Configuring for:
> PHP Api Version: 20041225
> Zend Module Api No:  20060613
> Zend Extension Api No:   220060519/

That would be neat if there was any shell access.


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] exec and system do not work

[Tamara Temple]

On Aug 25, 2013, at 10:41 PM, Ethan Rosenberg  
wrote:

> Dear List -
> 
> I'm lost on this one -
> 
> This works -
> 
> $out = system("ls -l ",$retvals);
> printf("%s", $out);
> 
> This does -
> 
> echo exec("ls -l");
> 
> This does not -
> 
> if( !file_exists("/var/www/orders.txt"));
> {
>   $out = system("touch /var/www/orders.txt", $ret);
>   $out2 = system("chmod 766 /var/www/orders.txt", $ret);
>   echo 'file2';
>   echo file_exists("/var/www/orders.txt");
> }
> 
> and this does not -
> 
> if( !file_exists("/var/www/orders.txt"));
> {
>   exec("touch /var/www/orders.txt");
>   exec("chmod 766 /var/www/orders.txt");
>   echo 'file2';
>   echo file_exists("/var/www/orders.txt");
> }
> 
> Ethan
> 
> -- 
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
> 

When you say "does not work", can you show what is actually not working? I 
believe the exec and system functions are likely working just fine, but that 
the commands you've passed to them may not be.



--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] exec and system do not work

[Tamara Temple]

On Aug 26, 2013, at 1:41 PM, Ethan Rosenberg  
wrote:
> On 08/26/2013 11:36 AM, ma...@behnke.biz wrote:
>>> Tamara Temple  hat am 26. August 2013 um 08:33
>>> geschrieben:
>>> 
>>> 
>>> 
>>> On Aug 25, 2013, at 10:41 PM, Ethan Rosenberg
>>>  wrote:
>>> 
>>>> Dear List -
>>>> 
>>>> I'm lost on this one -
>>>> 
>>>> This works -
>>>> 
>>>> $out = system("ls -l ",$retvals);
>>>> printf("%s", $out);
>>>> 
>>>> This does -
>>>> 
>>>> echo exec("ls -l");
>> 
>> Please show the output of the directory listing.
>> Please us "ls -la"
>> 
>>>> 
>>>> This does not -
>>>> 
>>>> if( !file_exists("/var/www/orders.txt"));
>>>> {
>>>>$out = system("touch /var/www/orders.txt", $ret);
>> 
>> Maybe you don't have write permissions on the folder?
>> 
>>>>$out2 = system("chmod 766 /var/www/orders.txt", $ret);
>>>>echo 'file2';
>>>>echo file_exists("/var/www/orders.txt");
>>>> }
>>>> 
>>>> and this does not -
>>>> 
>>>> if( !file_exists("/var/www/orders.txt"));
>>>> {
>>>>exec("touch /var/www/orders.txt");
>>>>exec("chmod 766 /var/www/orders.txt");
>>>>echo 'file2';
>>>>echo file_exists("/var/www/orders.txt");
>>>> }
>>>> 
>>>> Ethan
>>>> 
>>>> 
>>> 
>>> When you say "does not work", can you show what is actually not working? I
>>> believe the exec and system functions are likely working just fine, but that
>>> the commands you've passed to them may not be.
>>> 
>>> 
>>> 
>> --
>> Marco Behnke
>> Dipl. Informatiker (FH), SAE Audio Engineer Diploma
>> Zend Certified Engineer PHP 5.3
>> 
>> Tel.: 0174 / 9722336
>> e-Mail: ma...@behnke.biz
>> 
>> Softwaretechnik Behnke
>> Heinrich-Heine-Str. 7D
>> 21218 Seevetal
>> 
>> http://www.behnke.biz
>> 
> 
> Tamara -

You're replying to me about something someone else asked you.

> 
> > Please show the output of the directory listing.
> > Please us "ls -la"
> 
> echo exec('ls -la orders.txt');
> 
> -rw-rw-rw- 1 ethan ethan 43 Aug 25 23:50 orders.txt
> 
> 
> Maybe you don't have write permissions on the folder?
> 
> If I perform the touch and chmod from the command line, everything works.
> 
> 
> >> When you say "does not work", can you show what is actually not working? I
> >> believe the exec and system functions are likely working just fine, but 
> >> that
> >> the commands you've passed to them may not be.
> 
> Here are my commands.
> 
> if( !file_exists("/var/www/orders.txt"));
> {
> echo system("touch /var/www/orders.txt", $ret);
> echo system("chmod 766 /var/www/orders.txt", $ret);
> echo 'file2';
> echo file_exists("/var/www/orders.txt");
> }
> 
> If I now try a ls from the command line, the return is
> cannot access /var/www/orders.txt: No such file or directory
> 
> The ls -la  works because the file was created from the command line.
> 
> TIA
> 
> Ethan
> 
> 
> 
> 
> 
> 
> -- 
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
> 


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] How to send "post"-variables in a "Location" header

[Tamara Temple]

On Aug 26, 2013, at 2:48 PM, Ajay Garg  wrote:
> Hi all.
> 
> I have a scenario, wherein I need to do something like this ::
> 
> ###
>$original_url = "/autologin.php";
>$username = "ajay";
>$password = "garg";
> 
>header('Location: ' . $original_url);
> ###
> 
> As can be seen, I wish to redirect to the URL "autologin.php".
> 
> Additionally, I wish to pass two POST key-value pairs :: "user=ajay" and
> "password=garg" (I understand that passing GET key-value pairs is trivial).
> 
> Is it  even possible?
> If yes, I will be grateful if someone could let me know how to redirect to
> a URL, passing the POST key-value pairs as necessary.
> 
> 
> Looking forward to a reply :)

Since this seems that it will not work, I'm wondering if you could take a step 
back for us and say what is it you're hoping to accomplish by this. Maybe 
there's a better way to get you what you need that is possible, and also will 
be good PHP. Describe your scenario in higher level terms, not how you'd 
implement it, but what the outcome you need is, and what the design goal is for 
the user.


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Apache's PHP handlers

[Tamara Temple]

On Sep 19, 2013, at 9:14 AM, Arno Kuhl  wrote:

> Arno: If you can request that file using a web browser, and it gets executed
> as PHP on your server then there is an error in the Apache configuration.
> 
> Easy test: create a file in a text editor containing some PHP ( phpinfo(); ?> would be enough) and upload it to the www root of your site
> and name it test.pgif. Then hit http://www.yourdomain.com/test.pgif in your
> browser. If you see the PHP code or an error then you're fine. If you see
> PHP's info page then you need to change web host as quickly as possible. I
> don't care if they fix it - the fact their server was configured to do this
> by default is enough for me to never trust them again.
> 
> -Stuart
> --
> 
> Thanks Stuart. I just tried it now, test.php.pgif displayed the info while
> test.xyz.pgif returned the content, confirming the problem. My service
> provider finally conceded the problem is on their side and are looking for
> an urgent fix, much too complicated to consider moving service providers in
> the short term.
> 
> As a side note, the sp said the issue is new and coincided with an upgrade
> to fastcgi recently, I wonder if the hacker was exploiting a known issue
> with that scenario?
> 
> Cheers
> Arno
> 

GoDaddy's default plesk-generated configuration for FastCGI-served PHP files 
only looked to see if the file contained ".php" somewhere on it's path - i.e. 
it would happily execute 'malicilous.php.txt' as php code, even something 
ridiculous like 'malware.phpnoreallyiwantthistorun'.


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] filesize() fails on file and works on it's copy (same permissions, same directory)

[Tamara Temple]

On Aug 13, 2013, at 3:00 AM, Michał Kochanowicz  wrote:

> Hello
> 
> I've got a file, which can't be checked with filesize(). I copy it (with 
> permissions) and then I can filesize() the copy. This is same directory, 
> permissions are same. I don't understand what's the difference. Can you help 
> me?
> 
> Original file:
>  File: 'DSC_5196_fx-1553725666.JPG'
>  Size: 1907383 Blocks: 3728   IO Block: 4096   regular file
> Device: 803h/2051d  Inode: 5905591363  Links: 1
> Access: (0644/-rw-r--r--)  Uid: (   51/http)   Gid: (   51/http)
> Access: 2013-08-13 00:47:28.107477918 +0200
> Modify: 2013-08-12 21:38:27.219913208 +0200
> Change: 2013-08-13 00:47:08.931478654 +0200
> Birth: -
> 
> Copy:
>  File: 'DSC_5196_fx-1553725666_X.JPG'
>  Size: 1907383 Blocks: 3728   IO Block: 4096   regular file
> Device: 803h/2051d  Inode: 144 Links: 1
> Access: (0644/-rw-r--r--)  Uid: (   51/http)   Gid: (   51/http)
> Access: 2013-08-13 00:45:48.0 +0200
> Modify: 2013-08-12 21:38:27.0 +0200
> Change: 2013-08-13 00:47:28.199477914 +0200
> Birth: -
> 
> The only difference is inode: (5905591363 - doesn't work vs 144 - does work).
> 
> Test script:
> 
> 
> 
> 
>  $f3 = 
> '/home/services/httpd/html.galeria.XXX/gallery/var/albums/988_Rok-2013/333_Rydzewo-04-06.08.2013/Sobota/DSC_5196_fx-1553725666.JPG';
> $f4 = 
> '/home/services/httpd/html.galeria.XXX/gallery/var/albums/988_Rok-2013/333_Rydzewo-04-06.08.2013/Sobota/DSC_5196_fx-1553725666_X.JPG';
> 
> print $f3.": ".filesize($f3)."\n";
> print $f4.": ".filesize($f4)."\n";
> 
> ?>
> 
> 
> 
> 
> Result:
> 
> Warning: filesize(): stat failed for 
> /home/services/httpd/html.galeria.XXX/gallery/var/albums/988_Rok-2013/333_Rydzewo-04-06.08.2013/Sobota/DSC_5196_fx-1553725666.JPG
>  in /home/services/httpd/html.galeria.michal.waw.pl/gallery3-3.0.x/test.php 
> on line 13
> /home/services/httpd/html.galeria.XXX/gallery/var/albums/988_Rok-2013/333_Rydzewo-04-06.08.2013/Sobota/DSC_5196_fx-1553725666.JPG:
>  
> /home/services/httpd/html.galeria.XXX/gallery/var/albums/988_Rok-2013/333_Rydzewo-04-06.08.2013/Sobota/DSC_5196_fx-1553725666_X.JPG:
>  1907383
> 
> Regards
> Michał
> 
> -- 
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
> 


That is one whopping-big inode number — I am really out on a limb here, but is 
this a 32-bit vs 64-bit issue?


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Apache

[Tamara Temple]

On Sep 23, 2013, at 1:36 PM, Domain nikha.org  wrote:

> Better solutions?

One I have used, and continue to use in Apache environments, is place uploads 
only in a place where they cannot be executed by turning off such options and 
handlers in that directory. This is *in addition* to untainting files and names 
of uploaded files.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php