[PHP] Re: sessions
You forgot the session_start(); call. You will have to do that before you can tap into registered vars. Hope that helps. Jas "Alexander Ross" <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > I'm trying to understand sessions so I can set session variables. I set up 2 > very simple pages: > > Page 1: > > session_start(); > $test_var = "froggy"; > session_register('test_var'); > ?> > Click here > > > Page 2: > > print $test_var."!"; > ?> > > > This doesn't seem to work though. $test_var doesn't seem to have a value > when I go the second page. What am I missing. Thanks for helping a newbie. > > Alex > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Credit card checks?
Just wondering if anyone has come across the need to develop a class to test a string of numbers based on a credit card type. If you have where would I be able to get information on what string of numbers is consistent with each of the different credit cards? Any help would be appreciated! Jas -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Credit card checks?
So there is no way to use some sort of string comparison to check the number then? I would have to have a merchant account? Sorry for being nieve, just never tried to work with credit card numbers etc. Jas "Kristopher Yates" <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > You should contact Visa International Service Association to determine > what constitues a "valid" credit card number. Just FYI, a valid format > is 16 digits; ---. I believe VISA normally begins with > "41" as the first two digits, however, I am not a Visa Int. agent but I > am a client. Ultimately, you would need a merchant account to verify its > validity, AFTER you have verified its format for accuracy. HTH Kris > > Jas wrote: > > >Yeah, I have looked at that class file and I don't want someone elses > >example to use, I want to build my own but have no way of knowing what makes > >up a valid visa number etc > >Jas > > > >"Richard Baskett" <[EMAIL PROTECTED]> wrote in message > >[EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > > > > >>Try this: > >> > >>http://www.AnalysisAndSolutions.com/code/ccvs-ph.htm > >> > >>Rick > >> > >>A sense of humor can help you over look the unattractive, tolerate the > >>unpleasant, cope with the unexpected, and smile through the unbearable. - > >>Moshe Waldoks > >> > >> > >> > >>>From: "Jas" <[EMAIL PROTECTED]> > >>>Date: Tue, 23 Jul 2002 12:09:48 -0600 > >>>To: [EMAIL PROTECTED] > >>>Subject: [PHP] Credit card checks? > >>> > >>>Just wondering if anyone has come across the need to develop a class to > >>> > >>> > >test > > > > > >>>a string of numbers based on a credit card type. If you have where > >>> > >>> > >would I > > > > > >>>be able to get information on what string of numbers is consistent with > >>> > >>> > >each > > > > > >>>of the different credit cards? Any help would be appreciated! > >>>Jas > >>> > >>> > >>> > >>>-- > >>>PHP General Mailing List (http://www.php.net/) > >>>To unsubscribe, visit: http://www.php.net/unsub.php > >>> > >>> > >>> > > > > > > > > > > > > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Credit card checks?
Yeah, I have looked at that class file and I don't want someone elses example to use, I want to build my own but have no way of knowing what makes up a valid visa number etc.... Jas "Richard Baskett" <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Try this: > > http://www.AnalysisAndSolutions.com/code/ccvs-ph.htm > > Rick > > A sense of humor can help you over look the unattractive, tolerate the > unpleasant, cope with the unexpected, and smile through the unbearable. - > Moshe Waldoks > > > From: "Jas" <[EMAIL PROTECTED]> > > Date: Tue, 23 Jul 2002 12:09:48 -0600 > > To: [EMAIL PROTECTED] > > Subject: [PHP] Credit card checks? > > > > Just wondering if anyone has come across the need to develop a class to test > > a string of numbers based on a credit card type. If you have where would I > > be able to get information on what string of numbers is consistent with each > > of the different credit cards? Any help would be appreciated! > > Jas > > > > > > > > -- > > PHP General Mailing List (http://www.php.net/) > > To unsubscribe, visit: http://www.php.net/unsub.php > > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Parse error - new set of eyes?
I am getting a parse error on line 14, I am trying to make sure session vars are being set before rendering the page. This is lines 12,13,14 & 15. Any help is appreciated. Jas if ((!$u_name) || (!$p_word)){ header("Location: index.php"); session_destroy(); exit; } /* Check for missing session vars */ elseif ((!isset($HTTP_SESSION_VARS['clk']) || (!isset($HTTP_SESSION_VARS['holy_cow']) || (!isset($HTTP_SESSION_VARS['ipaddy']) || (!isset($HTTP_SESSION_VARS['a'])) { /* Begin logging of client info to database table since session vars are not present */ require '/path/to/connection/class/db.php'; -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] dir to array?
Not sure why this isn't working, any help is appreciated. I am trying to read the files in a directory and place them into an array. Here is the code: /* Function to create array of directory contents */ function dCNTS($files) { $dir = opendir("/path/to/directory/"); while($imgs = readdir($dir)) { if (($imgs != ".") && ($imgs != "..")) { $cnt[count($imgs)] = $cnt; } else { print "Cannot create array of files in directory!"; } } closedir($dir); } -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] dir to array? - SOLVED
I got it fixed, thanks again. Just in case anyone else needs help with this type of item look at readdir() at http://www.php.net Jas "Jason Wong" <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > On Thursday 01 August 2002 03:00, Jas wrote: > > Not sure why this isn't working, any help is appreciated. I am trying to > > read the files in a directory and place them into an array. Here is the > > code: > > > > /* Function to create array of directory contents */ > > function dCNTS($files) { > > $dir = opendir("/path/to/directory/"); > > while($imgs = readdir($dir)) { > >if (($imgs != ".") && ($imgs != "..")) { > > $cnt[count($imgs)] = $cnt; > >} else { > > print "Cannot create array of files in directory!"; } > >} > > closedir($dir); > > } > > HOW isn't it working? > > -- > Jason Wong -> Gremlins Associates -> www.gremlins.com.hk > Open Source Software Systems Integrators > * Web Design & Hosting * Internet & Intranet Applications Development * > > /* > One person's error is another person's data. > */ > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Passing hidden form var?
I think I am just over looking something here, a new pair of eyes would be useful. Thanks in advance. The var $ipaddy is not getting passed to code listed below /* Form for IP checking */ $table = "cm_sessions"; $record = @mysql_query("SELECT * FROM $table",$dbh); while ($row = mysql_fetch_array($record)) { $session = $row['session']; $ipaddy = $row['ipaddy']; $host = $row['host']; $referrer = $row['referrer']; $hck = $row['hck']; $nrml = $row['nrml']; $hour = $row['hour']; $date_stamp = $row['date_stamp']; $stats .= "$session $ipaddy $host $hck $nrml $date_stamp https://localhost/admin/view.whois.php') \" name=\"whois\"> "; } /* Function to check IP vs. Whois db */ $ipaddy = ""; function message($msg){ echo "$msg"; flush(); } function arin($ipaddy){ $server = "whois.arin.net"; if (!$ipaddy = gethostbyname($ipaddy)) $msg .= "Can't check Whois without an IP address."; else{ if (! $sock = fsockopen($server, 43, &$num, &$error, 20)){ unset($sock); $msg .= "Timed-out connecting to $server (port 43)"; } else{ fputs($sock, "$ipaddy\n"); while (!feof($sock)) $buffer .= fgets($sock, 10240); fclose($sock); } if (eregi("RIPE.NET", $buffer)) $nextServer = "whois.ripe.net"; else if (eregi("whois.apnic.net", $buffer)) $nextServer = "whois.apnic.net"; else if (eregi("nic.ad.jp", $buffer)){ $nextServer = "whois.nic.ad.jp"; #/e suppresses Japanese character output from JPNIC $extra = "/e"; } else if (eregi("whois.registro.br", $buffer)) $nextServer = "whois.registro.br"; if($nextServer){ $buffer = ""; message("Deferred to specific whois server: $nextServer..."); if(! $sock = fsockopen($nextServer, 43, &$num, &$error, 10)){ unset($sock); $msg .= "Timed-out connecting to $nextServer (port 43)"; } else{ fputs($sock, "$ipaddy$extra\n"); while (!feof($sock)) $buffer .= fgets($sock, 10240); fclose($sock); } } $buffer = str_replace(" ", " ", $buffer); $msg .= nl2br($buffer); } message($msg); } echo arin($ipaddy); echo $ipaddy; -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] secure?
Ok, I am not a security expert so I would like to know if my security measures I have implimented is adequate enough to keep people out. Any pointers on this would be very helpful as I am trying to impliment a secure way for people to update a website through the use of a content management application. Example of code is as follows // Login form - index.php Select an image to identify yourself as an administrator. image01 image02 image03 image04 image05 // Authentication checker - auth_done.php #check fields for valid entries in form if ((!$u_name) || (!$p_word) || (!$image)){ header("Location: index.php"); exit; } connects to database require '/path/to/database/connection/script/dbcon.php'; #selects database table containing users that are allowed to use application $db_table = 'users'; $sql = "SELECT * from $db_table WHERE un = \"$user\" AND pw = password(\"$pw\")"; $result = @mysql_query($sql,$dbh) or die("Couldn't execute query"); #loops through all records to find a match $num = mysql_numrows($result); if ($num !=0) { #creates variables for sessions $p_hash = "$p_word"; $to_hash = "$image"; #creates md5 hash of image user selected $pstring = md5($to_hash); #creates md5 hash of password user entered $image_sel = md5(uniqid(microtime($p_word),1)); #starts session for user session_start(); #registers variables created (md5 of password, username, & image) in session session_register('user'); session_register('$pstring'); session_register('$image_sel'); #captures users ip address (logging stuff, not listed in this code for security reasons) $ipaddy = $REMOTE_ADDR; #echoes success message to authenticated user $msg_success = "You have been authorized to make changes to the website! Your IP address has been recorded and sent to the administrator: $ipaddy"; } else { #this prints if user name and password combination is not found in database print "You are not authorized to use this application!"; exit; } Now on each page in the content management app I have these lines of code: #Start the session# session_start(); #check session variables# if (isset($HTTP_SESSION_VARS['user']) || isset($HTTP_SESSION_VARS['$image_sel']) || isset($HTTP_SESSION_VARS['$pstring'])) { $main = "Some kinda message for page in question"; #connects to database# require '/path/to/database/connection/script/dbcon.php'; #if session variables not registered kick the user back to login form# } else { header ("Location: index.php"); } Now just so you know I have changed all the variables to something other than what I am currently using, however I have made sure that this is a working example so everything should work as is. Also I have tested this a few different ways, including: creating a page that tries to include one of the pages I have my security checks on from another website, linking directly to a script within the application etc. In any event, I also have logging setup on each and every script which I have not included here (different topic), just in case someone does get in I can at least "try" to find them. Any help, pointers, tutorials, examples, etc. would be appreciated!!! TIA Jas -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Anyone?
I posted this yesterday and did not get any response at all? Just wondering if someone can give me some insight into some security measures for a content management application... Posted 06/05/2002 Ok, I am not a security expert so I would like to know if my security measures I have implimented is adequate enough to keep people out. Any pointers on this would be very helpful as I am trying to impliment a secure way for people to update a website through the use of a content management application. Example of code is as follows // Login form - index.php Select an image to identify yourself as an administrator. image01 image02 image03 image04 image05 // Authentication checker - auth_done.php #check fields for valid entries in form if ((!$u_name) || (!$p_word) || (!$image)){ header("Location: index.php"); exit; } connects to database require '/path/to/database/connection/script/dbcon.php'; #selects database table containing users that are allowed to use application $db_table = 'users'; $sql = "SELECT * from $db_table WHERE un = \"$user\" AND pw = password(\"$pw\")"; $result = @mysql_query($sql,$dbh) or die("Couldn't execute query"); #loops through all records to find a match $num = mysql_numrows($result); if ($num !=0) { #creates variables for sessions $p_hash = "$p_word"; $to_hash = "$image"; #creates md5 hash of image user selected $pstring = md5($to_hash); #creates md5 hash of password user entered $image_sel = md5(uniqid(microtime($p_word),1)); #starts session for user session_start(); #registers variables created (md5 of password, username, & image) in session session_register('user'); session_register('$pstring'); session_register('$image_sel'); #captures users ip address (logging stuff, not listed in this code for security reasons) $ipaddy = $REMOTE_ADDR; #echoes success message to authenticated user $msg_success = "You have been authorized to make changes to the website! Your IP address has been recorded and sent to the administrator: $ipaddy"; } else { #this prints if user name and password combination is not found in database print "You are not authorized to use this application!"; exit; } Now on each page in the content management app I have these lines of code: #Start the session# session_start(); #check session variables# if (isset($HTTP_SESSION_VARS['user']) || isset($HTTP_SESSION_VARS['$image_sel']) || isset($HTTP_SESSION_VARS['$pstring'])) { $main = "Some kinda message for page in question"; #connects to database# require '/path/to/database/connection/script/dbcon.php'; #if session variables not registered kick the user back to login form# } else { header ("Location: index.php"); } Now just so you know I have changed all the variables to something other than what I am currently using, however I have made sure that this is a working example so everything should work as is. Also I have tested this a few different ways, including: creating a page that tries to include one of the pages I have my security checks on from another website, linking directly to a script within the application etc. In any event, I also have logging setup on each and every script which I have not included here (different topic), just in case someone does get in I can at least "try" to find them. Any help, pointers, tutorials, examples, etc. would be appreciated!!! TIA Jas -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Anyone?
I cannot believe that no one with alot of PHP and MySQL experience has not replied to this post yet. Is PHP not a secure scripting language? I would really like a little insight into this question, anyone? "Jas" <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > I posted this yesterday and did not get any response at all? Just wondering > if someone can give me some insight into some security measures for a > content management application... > > Posted 06/05/2002 > Ok, I am not a security expert so I would like to know if my security > measures I have implimented is adequate enough to keep people out. Any > pointers on this would be very helpful as I am trying to impliment a secure > way for people to update a website through the use of a content management > application. Example of code is as follows > > // Login form - index.php > > > > Select an image to identify yourself as an administrator. > > image01 > image02 > image03 > image04 > image05 > > > > > > // Authentication checker - auth_done.php > #check fields for valid entries in form > if ((!$u_name) || (!$p_word) || (!$image)){ > header("Location: index.php"); > exit; > } > connects to database > require '/path/to/database/connection/script/dbcon.php'; > #selects database table containing users that are allowed to > use application > $db_table = 'users'; > $sql = "SELECT * from $db_table WHERE un = \"$user\" AND pw = > password(\"$pw\")"; > $result = @mysql_query($sql,$dbh) or die("Couldn't execute query"); > #loops through all records to find a match > $num = mysql_numrows($result); > if ($num !=0) { > #creates variables for sessions > $p_hash = "$p_word"; > $to_hash = "$image"; > #creates md5 hash of image user selected > $pstring = md5($to_hash); > #creates md5 hash of password user entered > $image_sel = md5(uniqid(microtime($p_word),1)); > #starts session for user >session_start(); > #registers variables created (md5 of password, username, & > image) in session >session_register('user'); >session_register('$pstring'); >session_register('$image_sel'); > #captures users ip address (logging stuff, not listed in this > code for security reasons) > $ipaddy = $REMOTE_ADDR; > #echoes success message to authenticated user > $msg_success = "You have been authorized to make changes to the > website! Your IP address has been recorded and sent to the administrator: > $ipaddy"; > } else { > #this prints if user name and password combination is not > found in database > print "You are not authorized to use this application!"; > exit; > } > > Now on each page in the content management app I have these lines of code: > #Start the session# > session_start(); > #check session variables# > if (isset($HTTP_SESSION_VARS['user']) || > isset($HTTP_SESSION_VARS['$image_sel']) || > isset($HTTP_SESSION_VARS['$pstring'])) { > $main = "Some kinda message for page in question"; > #connects to database# > require '/path/to/database/connection/script/dbcon.php'; > #if session variables not registered kick the user back to > login form# > } else { > header ("Location: index.php"); > } > > Now just so you know I have changed all the variables to something other > than what I am currently using, however I have made sure that this is a > working example so everything should work as is. Also I have tested this a > few different ways, including: creating a page that tries to include one of > the pages I have my security checks on from another website, linking > directly to a script within the application etc. In any event, I also have > logging setup on each and every script which I have not included here > (different topic), just in case someone does get in I can at least "try" to > find them. Any help, pointers, tutorials, examples, etc. would be > appreciated!!! > TIA > Jas > > > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Help on Session and cockies
With sessions, the session_start(); function will initiate a session in the severs tmp directory with a file name such as 55abhc8a83kqk etc. The session_name("name_of_var"); function allows you to create a unique name for your session vs. the 55abhc8a83kqk. A good way to check your sessions is to do something like this: $session_id"; ?> Or if you want to assign session vars, or unique variables you can do something like this $unique_number is your session id$unique_number is your registered variable"; ?> If you go to php.net you can look up session() in the function list and it will break it down alot better for you HTH Jas "Marcos Lois BermúDez" <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... A have two webs made in php, both uses a authentication based on session suport. I use in every page a session_start(); and a session_name( name); to get different name for the sessions but when i get login i one web, and then go to the other i get the same login. what happend? What means the session_name? I use php-4.2.0 and apache-1.3.24 in a lunux box. Any help will be apreciated. Regards. Marcos Lois Bermúdez [EMAIL PROTECTED] IQC-Services. Carretera provincial 60 - 1 36210 Vigo - Pontevedra Tel: +34 986 281 830 Fax: +34 986 415 074 http://www.iqc-services.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Anyone?
Ok, so you have pointed out an problem, now that you have been so kind to do this could please recommend how to resolve this? Thanks, Jas "Jay Blanchard" <[EMAIL PROTECTED]> wrote in message 002201c20d80$552be430$8102a8c0@niigziuo4ohhdt">news:002201c20d80$552be430$8102a8c0@niigziuo4ohhdt... > [snip] > I cannot believe that no one with alot of PHP and MySQL experience has not > replied to this post yet. Is PHP not a secure scripting language? I would > really like a little insight into this question, anyone? > [/snip] > > [rant warning!] > I'll bite! ;-( > > A. You gave so much code that those of us on the list who may be working may > have not had time to set it all up and test it. > 2. Security from what standpoint? That you can't be hacked? That people > can't use your CMS without authorization? That your code is complicated > enough to be impressive? Test your code...if it works you're good, if > not...fix it. > III. Your code is somewhat bloated, you don't have to go through everything > you go through to assure yourself security. Is this for an Intranet? If so > is the URL to the CMS accessible through the firewall? If for an Internet > site have you thought about putting the CMS on an SSL. > > Dang...and D. PHP is secure. You may, to assuage any further fears, encrypt > any username password information that gets transmitted from the login to > the server the first time. That is very insecure. I could port sniff your > butt to kingdom come and gain usernames and passwords all day long. You > cannot believe that no one with alot of PHP and MySQL experience has not > replied to this post yet. I cannot believe that anyone asking about security > would transmit the initial login as plain text...so we're even. > [/rant] > > Jay > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Anyone?
Sorry, never thought about using a search on forms to check my existing security measures... I am currently employing the use of SSL, however I am not that familiar with "securing forms" in the traditional sense so I do appreciate your comments. And also, I am not trying to "show off" my code, simply find ways to improve my existing ideas. Thanks again, jas "Jay Blanchard" <[EMAIL PROTECTED]> wrote in message 002301c20d82$444a6130$8102a8c0@niigziuo4ohhdt">news:002301c20d82$444a6130$8102a8c0@niigziuo4ohhdt... > [snip] > Ok, so you have pointed out an problem, now that you have been so kind to do > this could please recommend how to resolve this? > [/snip] > > You may want to do some research on securing plain text transmission. > http://www.ariadne.ac.uk/issue5/securing-forms/ > http://www.google.com/search?hl=en&ie=UTF8&oe=UTF8&q=securing+plain+text&btn > G=Google+Search > > HTH! > > Jay > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Anyone?
Ok, I think you have gotten my point... I simply want to make sure that the code I am writting is "up to par" on security issues such as you listed. Maybe there are some examples of what to do vs. what not to do when writting code that would be near impossible to exploit. I simply do not need some script kiddie messing with the time and research I have put into making this application. Any resources would be appreciated! Jas "Scott Hurring" <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > No language is "secure" becuase there's no such thing. > even supposedly secure Java VM sandboxes have well-known > security exploits. > > PHP code is as secure as you write it. > Bad programmer = bad code > > Name any language or program and there are > well-documented ways to subvert it. Buffer > overflows in "C", and flawed Double-byte char > support in "IIS", to name a few recent and > better-known exploits. > > --- > Scott Hurring > Systems Programmer > EAC Corporation > [EMAIL PROTECTED] > Voice: 201-462-2149 > Fax: 201-288-1515 > > > -Original Message- > > From: Adam Voigt [mailto:[EMAIL PROTECTED]] > > Sent: Thursday, June 06, 2002 1:22 PM > > To: [EMAIL PROTECTED] > > Subject: Re: [PHP] Re: Anyone? > > > > > > Yes, PHP is a secure programming language. > > > > On Thu, 2002-06-06 at 13:18, Jas wrote: > > > I cannot believe that no one with alot of PHP and MySQL > > experience has not > > > replied to this post yet. Is PHP not a secure scripting > > language? I would > > > really like a little insight into this question, anyone? > > > > > > "Jas" <[EMAIL PROTECTED]> wrote in message > > > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > > > I posted this yesterday and did not get any response at all? Just > > > wondering > > > > if someone can give me some insight into some security > > measures for a > > > > content management application... > > > > > > > > Posted 06/05/2002 > > > > Ok, I am not a security expert so I would like to know if > > my security > > > > measures I have implimented is adequate enough to keep > > people out. Any > > > > pointers on this would be very helpful as I am trying to > > impliment a > > > secure > > > > way for people to update a website through the use of a > > content management > > > > application. Example of code is as follows > > > > > > > > // Login form - index.php > > > > > > > > > > > > > > > > Select an image to identify yourself as an administrator. > > > > > > > > image01 > > > > image02 > > > > image03 > > > > image04 > > > > image05 > > > > > > > > > > > > > > > > > > > > > > > > // Authentication checker - auth_done.php > > > > #check fields for valid entries in form > > > > if ((!$u_name) || (!$p_word) || (!$image)){ > > > > header("Location: index.php"); > > > > exit; > > > > } > > > > connects to database > > > > require '/path/to/database/connection/script/dbcon.php'; > > > > #selects database table containing users > > that are allowed to > > > > use application > > > > $db_table = 'users'; > > > > $sql = "SELECT * from $db_table WHERE un = \"$user\" AND pw = > > > > password(\"$pw\")"; > > > > $result = @mysql_query($sql,$dbh) or die("Couldn't > > execute query"); > > > > #loops through all records to find a > > match > > > > $num = mysql_numrows($result); > > > > if ($num !=0) { > > > > #creates variables for sessions > > > > $p_hash = "$p_word"; > > > > $to_hash = "$image"; > > > > #creates md5 hash of image user selected > > > > $pstring = md5($to_hash); > > > > #creates md5 hash of password user > > entered > > > > $image_sel = md5(uniqid(microtime($p_word),1)); > > > > #start
[PHP] video file properties?
I am trying to see if there is a way to get the height and width attributes of a .mpg or .avi file, and the codec used in the file. I have been looking at php.net for a function to get these types of properties, however I have been unsuccessful at finding any. Has anyone accomplished something to this effect, and if so could you give me the names of the functions you used to get said properties? TIA Jas -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] security advice...
I am wondering if anyone out there knows of a good and quick way to test the security of a site for multiple vulnerabilities; cross site scripting, etc. Of course any examples of secure coding techniques might be a better question to ask, so if anyone knows of some good resources for this please let me know where I can do some good research on this subject. Thanks in advance, Jas -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Dreamweaver MX?
It also has support for snippits, or a code library that you can add, edit or delete. Saves alot of time in re-using code. I definately recommend it, not only for that reason for but for the code debugging options available. HTH Jas "John Holmes" <[EMAIL PROTECTED]> wrote in message 002101c213ca$36cfba20$b402a8c0@mango">news:002101c213ca$36cfba20$b402a8c0@mango... > Yes, download it and see. Gives you a GUI to program recordsets from the > database, and drag and drop for results. Other PHP stuff along with > highlighting built in. If it didn't cost so much, I'd recommend it. > > ---John Holmes... > > > -Original Message- > > From: Lazor, Ed [mailto:[EMAIL PROTECTED]] > > Sent: Friday, June 14, 2002 12:39 PM > > To: [EMAIL PROTECTED] > > Subject: [PHP] Dreamweaver MX? > > > > Does Dreamweaver MX have good PHP support? > > > > Thanks, > > > > -Ed > > > > > > ** > > ** > > This message is intended for the sole use of the individual and entity > to > > whom it is addressed, and may contain information that is privileged, > > confidential and exempt from disclosure under applicable law. If you > are > > not the intended addressee, nor authorized to receive for the intended > > addressee, you are hereby notified that you may not use, copy, > disclose or > > distribute to anyone the message or any information contained in the > > message. If you have received this message in error, please > immediately > > advise the sender by reply email and delete the message. Thank you > very > > much. > > > > -- > > PHP General Mailing List (http://www.php.net/) > > To unsubscribe, visit: http://www.php.net/unsub.php > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] compare variables from text fields...
What is the best function or operator to compare two text strings being inputted by a text field within a form? Any help is appreciated. Thanks in advance, Jas -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] support@bignickel.net
http://www.adobe.com/products/premiere/demodnld.html#win -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] another pair of eyes?
Hello all, I have a parse error and I am not sure why, I think my eyes are giving up on me, or its a friday. Any help is appreciated. // just trying to compare the session var $date to timeout if older than 5 minutes [snippit] /* Begin Session and register timeout, random image & client info variables */ session_start(); session_register('$var1); session_register('$var2'); session_register('$var3'); session_register('$var4'); session_register('$var5'); } elseif (isset($HTTP_SESSION_VARS[$hour]) => $hour + 5*60)) { header("Location: https://localhost/index.php"}; } else { endif(); } [end snippit] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] php.security newsgroup any time?
I am wondering how we can get a newsgroup for security type of things, with either php, mysql or apache... To be honest I am interested in the php security newsgroup the most being as there is for the following two applications. How can one ask a moderator about that type of newsgroup? Jas -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] timer on sessions?
Not sure how to go about setting up a function to parse the date, hour, minutes, seconds, take the seconds and register them in a session var, then do a check on the session var (seconds) vs. the seconds var + 5*60 (or 5 minutes) to time out the session and force the user to log back in. My problem is finding the correct way to check the seconds in php. Any help or pointers is appreciated. Jas -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] timer on sessions?
I am not able to test from this machine so please tell me if I am right or wrong on this: $tmp = time(); $tme = time() - 5*60; session_register('tmp'); if ($tmp >= $tme) { echo 'Time has not reached 5 minutes, session still valid'; } else { echo 'Timer has reached 5 minutes, you will need to log back in to continue.'; } "Asmodean" <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > J> Not sure how to go about setting up a function to parse the date, hour, > J> minutes, seconds, take the seconds and register them in a session var, then > J> do a check on the session var (seconds) vs. the seconds var + 5*60 (or 5 > J> minutes) to time out the session and force the user to log back in. My > J> problem is finding the correct way to check the seconds in php. Any help or > J> pointers is appreciated. > J> Jas > > time() will give you a UNIX timestamp. Use it to do the math. > > -- > Best regards, > Asmodeanmailto:[EMAIL PROTECTED] > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: Re[2]: [PHP] timer on sessions?
So under the time() call, comparing it to a simple numerical value such as "300" it knows that you are talking about 300 seconds? Is that because it is a unix timestamp? I previously tried using date("s") to give me the seconds from today's date then tried the compare, so using time() will work better. Thanks a ton. Jas "Asmodean" <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > J> I am not able to test from this machine so please tell me if I am right or > J> wrong on this: > J> $tmp = time(); > J> $tme = time() - 5*60; > J> session_register('tmp'); > if ($tmp >>= $tme) { > J> echo 'Time has not reached 5 minutes, session still valid'; > J> } else { > J> echo 'Timer has reached 5 minutes, you will need to log back in to > J> continue.'; } > > J> "Asmodean" <[EMAIL PROTECTED]> wrote in message > J> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > >> J> Not sure how to go about setting up a function to parse the date, hour, > >> J> minutes, seconds, take the seconds and register them in a session var, > J> then > >> J> do a check on the session var (seconds) vs. the seconds var + 5*60 (or > J> 5 > >> J> minutes) to time out the session and force the user to log back in. My > >> J> problem is finding the correct way to check the seconds in php. Any > J> help or > >> J> pointers is appreciated. > >> J> Jas > >> > >> time() will give you a UNIX timestamp. Use it to do the math. > >> > >> -- > >> Best regards, > >> Asmodeanmailto:[EMAIL PROTECTED] > >> > > Let's assume you've set your session timestamp (assume it's called > $session_time) to time() at the time of login. Now, in the script... > > if ((time() + 300) > $session_time) { > > } > > This would be a check to see if the session is still valid. Timewise. > > -- > Best regards, > Asmodeanmailto:[EMAIL PROTECTED] > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] IIS Ports
Well what version of Windows are you running? NT, 2K, XP etc. Have you looked at what ports are open? What services do you need to run? Obviously IIS to serve up web pages, but what else is running? SMTP, FTP etc? Do you need those other services? If not turn them off... NT :: Administrative tools / services / locate service corresponding to port you wish to close and set to 'disabled' 2K :: Control panel / Administrative tools / services / locate service and set to 'disabled' XP :: Control panel / Administrative tools / services / locate service and set to 'disabled' Linux :: edit the file name xinet.d, init.d, ftpd, httpd, etc to disable from starting service A list of port assignments can be found here. http://www.iana.org/assignments/port-numbers Information on securing your box can be found here. http://www.securityfocus.com // recent exploits and tools to help secure your box http://www.nsa.gov/snac/index.html // for windows and linux HTH Jas "Stephen Craton" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] I'm not sure where he tried to find the ports that were open but I'd guess from his apartment in Lafayette. We have a hardware firewall protecting the entire network. We're connected with a cable line and I'm really clueless as to what to do. I run windows update every day to make sure I'm not lagging behind. So far I have no real enemies that want to hack me, but I'm bound to make some eventually. I'll probably end up getting apache sometime or something. Oh, and um, I would beat up my brother but he was in the military (he dropped out because of the 5am 5 mile runs) and he's 5 years older then me... Thanks, Stephen Craton http://www.melchior.us -- http://www.melchior.us/portfolio -Original Message- From: Jeff McKeon [mailto:[EMAIL PROTECTED] Sent: Saturday, September 27, 2003 4:10 PM To: Stephen Craton; [EMAIL PROTECTED] Subject: RE: [PHP] IIS Ports can't you just beat up your brother? It won't fix your pc but it will probably make you feel better. :o) Chances are your bro is no genious and just using scripts (script kiddie) that other people write for known exploits. If this is the case, then you probably haven't been keeping up with your MS updates. What connection did he get to your pc/server though? was he inside the network or coming in from the internet. If he came in from the internet, what kind of connection are you running (cable, DSL etc)? Do you have a hardware firewall between the internet and your network? If not, you should. I make all my friend's/family who have cable/DSL modems spend the money and install them. Very often they've asked me to install them and just for gigles I turn on logging. Usually I see port scans within 10 minutes of the firewall coming up on the cable/DSL modem. Pretty scary. Whether your running MS or Linux, you should check for patches and updates EVERY DAY for all your systems and especially those acting as servers of any kind. There are also plenty of books on hacking that you can read to familarize yourself with the techniques of hacking. This will help you understand what's going on and better equip your network to deal with it. There are also many books on "box hardening" AKA firewalling. If your going to runs servers available on the internet, I suggest you read up on these things. good luck. -Original Message- From: Stephen Craton [mailto:[EMAIL PROTECTED] Sent: Sat 9/27/2003 4:31 PM To: PHP List Cc: Subject: [PHP] IIS Ports This is kind of off topic but kind of not, it's your call. My brother came home this weekend from college this weekend acting all cool since he has been learning to hack. He was telling us (the family) how he did random port penetration on the home network and he said my computer was the most vulnerable with around 25 ports open. I didn't really care until about an hour later he hacked into my computer and then reset it causing me to loose all my important information. I told my dad and my brother promptly lied about anything of the sort. What I want to know.since I know the majority of my ports open are from IIS.is how I can close these. I only need my local server accessible by just my computer but the entire network too.just not the network. I thought the ports would just be open on my computer and not the hardware firewall and everything. I went ahead and turned on the Windows XP firewall but I've heard it really sucks. So is there any way of closing the IIS ports so my brother, and any other hacker, can't get in here and cause havoc? Thanks, Stephen Craton http://www.melchior.us -- http://www.melchior.us/portfolio -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] form not working...
For some reason my form to edit selected items is not working, I think I need a new set of eyes. Any help is appreciated... Jas // inc.php function db_retrieve() { require 'dbase.inc.php'; $tble = $_SESSION['table']; $show = @mysql_query("SELECT * FROM $tble LIMIT 0, 15",$db)or die(mysql_error()); while ($row = @mysql_fetch_array($show)) { @list($nItemSKU, $bActive, $nUserID, $nItemConfig, $tItemType, $tDepartment, $blSerialNumber, $nPropertyNumber, $blHostName, $nIPID, $tRoomNumber, $tNotes) = $row; $_SESSION['table'] .= "$nItemSKU $bActive $nUserID $nItemConfig $tItemType $tDepartment $blSerialNumber $nPropertyNumber $blHostName $nIPID $tRoomNumber $tNotes "; } $_SESSION['number'] = mysql_num_rows($show); } $bActive $nUserID $nItemConfig $tItemType $tDepartment $blSerialNumber $nPropertyNumber $blHostName $nIPID $tRoomNumber $tNotes "; } } ?> -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] mcrypt libraries?
Curt Zirzow wrote: * Thus wrote Jas ([EMAIL PROTECTED]): I am not sure if I should post my question here but I will anyways. Ok, I have compiled the mcrypt libraries on a Redhat 9 box running apache 2 with php4. And I need to know the next step(s) in getting php to use the libmcrypt libraries. If anyone has set this up in the past or has some pointers (other than reading the manual) I would appreciate it. Did you read the next step: Installation http://php.net/mcrypt Curt Yes I have and I guess I was looking for a method of using the libmcrypt library without having to recompile php. Sorry for the confusion. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] mcrypt libraries?
I am not sure if I should post my question here but I will anyways. Ok, I have compiled the mcrypt libraries on a Redhat 9 box running apache 2 with php4. And I need to know the next step(s) in getting php to use the libmcrypt libraries. If anyone has set this up in the past or has some pointers (other than reading the manual) I would appreciate it. Jas -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] mcrypt libraries?
Evan Nemerson wrote: On Tuesday 18 November 2003 01:13 pm, Jas wrote: Curt Zirzow wrote: * Thus wrote Jas ([EMAIL PROTECTED]): I am not sure if I should post my question here but I will anyways. Ok, I have compiled the mcrypt libraries on a Redhat 9 box running apache 2 with php4. And I need to know the next step(s) in getting php to use the libmcrypt libraries. If anyone has set this up in the past or has some pointers (other than reading the manual) I would appreciate it. Did you read the next step: Installation http://php.net/mcrypt Curt Yes I have and I guess I was looking for a method of using the libmcrypt library without having to recompile php. Sorry for the confusion. Have you tried using phpize? Actually I have not, not sure what phpize is but I will look it up. If you know of a URL where some fairly detailed instructions on compiling PHP with the mcrypt libraries are please post it. Thanks again, Jas -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Session vars not echoing?
Not sure why this is happening but I think it has something to do with an include statement... [Server environment] Apache/2.0.47 (Unix) DAV/2 PHP/4.3.3 register_globals On On report_memleaks On On safe_mode Off Off safe_mode_exec_dir no value no value Session Support enabled [Script registering vars - sessions.php] /* Format Date & Time */ $hour = (date("H:i:s")); $day = (date("d")); $date = (date("F $day, Y")); /* Register vars */ $_SESSION['date'] = $date; [Main script - index.php] require 'scripts/sessions.php'; echo $_SESSION['date']; //This is not showing up in browser? Any help is appreciated... Jas -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Session vars not echoing?
Yeah I did that, sorry I just didn't note it in the snippit.. and it is now working with the $_SESSION function, i just had to restart the browser to clear the cache after updating the code. jas Pete M wrote: need to issue a session_start() at top of page Pete Jas wrote: Not sure why this is happening but I think it has something to do with an include statement... [Server environment] Apache/2.0.47 (Unix) DAV/2 PHP/4.3.3 register_globalsOnOn report_memleaksOnOn safe_modeOffOff safe_mode_exec_dirno valueno value Session Support enabled [Script registering vars - sessions.php] /* Format Date & Time */ $hour = (date("H:i:s")); $day = (date("d")); $date = (date("F $day, Y")); /* Register vars */ $_SESSION['date'] = $date; [Main script - index.php] session_start() require 'scripts/sessions.php'; echo $_SESSION['date']; //This is not showing up in browser? Any help is appreciated... Jas -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Remote computer name?
I am at a loss here but doesn't $_SERVER['HTTP_HOST'] return the remote computer name? [Snippit used] $ipaddy = $_SERVER['REMOTE_ADDR']; $host = $_SERVER['HTTP_HOST']; // as of now it is getting the name of the server (i.e. localhost, 168.2.2.1) jas -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] eregi function?
Not sure how to do this but I have a call to a database which pulls the contents of a table into an array and I need a eregi string which will sift through the contents and put a line break (i.e. \n or ) after each ";", "}" or "{". here is what I have so far... while($b = mysql_fetch_array($sql)) { list($id,$date,$user,$level,$global,$vlan01,$hosts01,$vlan02,$hosts02,$vlan03,$hosts03,$vlan04,$hosts04,$vlan05,$hosts05,$vlan06,$hosts06,$vlan07,$hosts07,$vlan08,$hosts08,$vlan09,$hosts09,$vlan10,$hosts10) = $b; } if(!eregi("^[{]+[}]+[;]$", $id,$date,$user,$level,$global,$vlan01,$hosts01,$vlan02,$hosts02,$vlan03,$hosts03,$vlan04,$hosts04,$vlan05,$hosts05,$vlan06,$hosts06,$vlan07,$hosts07,$vlan08,$hosts08,$vlan09,$hosts09,$vlan10,$hosts10)) // insert line break here } Any help with this would be appreciated Jas -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] function problems...
I call this function it checks a session variable then displays 1 of 3 menus... for some reason it will only display the first menu regardless of the results of my decoded session var. Any help or just a new pair of eyes would help. Thanks in advance. jas function menu() { $lvl = base64_decode($_SESSION['lvl']); echo $lvl; if (($lvl != "admin") || ($lvl != "user") || ($lvl == "view")) { $_SESSION['menu'] = ""; } elseif (($lvl != "admin") || ($lvl == "user") || ($lvl != "view")) { $_SESSION['menu'] = "Manage hosts Update DHCP "; } elseif (($lvl == "admin") || ($lvl != "user") || ($lvl != "view")) { $_SESSION['menu'] = "Global DHCP config. Manage VLANS Manage hosts Update DHCP Users Logs"; } else { $_SESSION['menu'] = ""; } } -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: function problems...
Nevermind, I got it to work... cheers Jas wrote: I call this function it checks a session variable then displays 1 of 3 menus... for some reason it will only display the first menu regardless of the results of my decoded session var. Any help or just a new pair of eyes would help. Thanks in advance. jas function menu() { $lvl = base64_decode($_SESSION['lvl']); echo $lvl; if (($lvl != "admin") || ($lvl != "user") || ($lvl == "view")) { $_SESSION['menu'] = ""; } elseif (($lvl != "admin") || ($lvl == "user") || ($lvl != "view")) { $_SESSION['menu'] = "Manage hosts Update DHCP "; } elseif (($lvl == "admin") || ($lvl != "user") || ($lvl != "view")) { $_SESSION['menu'] = "Global DHCP config. Manage VLANS Manage hosts Update DHCP Users Logs"; } else { $_SESSION['menu'] = ""; } } -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Regular expression assistance...
I am trying to match data from a database that would like like host dhcp-01 { hardware ethernet 00:D0:B7:BD:D2:8D; fixed-address 155.97.1.190; } Using this expression if eregi("^[host]\s+[{]\s+[hardware ethernet]\s+[fixed-address]\s+[}]$",$b) { echo "Put into array"; } Any help would be great, or maybe some insight into the various characters used (besides the basic, ^, $, +, etc). Thanks in advance. Jas -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: password protection/encryption
Some questions to ask yourself... 1. Am I storing personally identifiable information (eg. Names, addresses, phone numbers, email addresses, credit card data)? 2. Will this data be stored in a text file or database? 3. Is this text file or database directly connected to the internet? 4. What type of data am I trying to protect? Answer these questions and you will know if you need to use public/private key encryption technology in your application. You are currently interested (from your post) in encrypting the data link layer of your website using SSL (Secure Socket Layer). The SSL or lock icon as you pointed out only encrypts data in a streaming manner (eg. when I click the submit button my username / password combination gets passed to the SSL protocol and wrapped in a layer of encryption to be decoded on the server). If you are storing data in a text file / database that would be a "yes" answer to the 4 quesitons listed above I would recommend using some sort of public / private key encrytion. PHP has several encryption functions for your use and links are listed below. When in doubt consult the manual at php.net. http://us4.php.net/manual/en/function.base64-encode.php http://us4.php.net/manual/en/function.base64-decode.php http://us4.php.net/manual/en/function.crypt.php http://us4.php.net/manual/en/ref.mcrypt.php Also a great recommendation... google.com is your friend you can find all sorts of good tips locating information on various encryption techniques and definitions. A great primer on public / private encrytion vs. one-way encryption can be found here... http://www.webopedia.com/TERM/e/encryption.html This site gives you basics of encryption and how it works. http://computer.howstuffworks.com/encryption.htm SSL information can be found here. http://www.webopedia.com/TERM/S/SSL.html Hope this helps Jas Chris Mach wrote: Greetings, I'm working on a project that involves a password protected area of a website. Some one also involved brought up the point that this area should be secure (Whit the lock icon indicating it is encrypted). In this particular project the password protected area will be a quote generating system for a company. Users would log in and choose the products they are interested in purchasing and the site would generate a quote depending on what they selected from the list of products. So my question is.. At what point is encryption necessary? I've always thought encryption was only needed when dealing with stuff like credit card information, am I wrong? How secure is a password protected page done with just PHP? Thanks Chris -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] new set of eyes?
I think I am loosing my mind this afternoon... could someone review this snippit and tell me why it isn't working? $sql = mysql_query("SELECT $i FROM $table WHERE $i = $i",$db)or die(mysql_error()); while($b = mysql_fetch_array($sql)) { while($ar = current($b) != 0) { $v = array(); list($v) = explode("}",$ar); } print_r($v); } I am hoping to get something like array([0]=>first row of data[1]=>second row of data) Any help would be great... Jas -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] new set of eyes?
I should probably clarify a bit more on the data in the field and what I am trying accomplish.. First the data: host dhcp-01 { hardware ethernet 00:D0:B7:BD:D2:8D; fixed-address 155.97.1.190; } host dhcp-02 { hardware ethernet 00:02:B3:A2:B6:FD; fixed-address 155.97.1.191; } Second the plan: Trying to break up (only one row in database & always will be only one row to retrieve) contents of field into an array so I can break it down into individual editable fields (eg. etc.) the explode() is so I can separate numerous static dhcp hosts into one big array of each setting. eg. $hosts = array("0" => "host", "1" => "dhcp-02", "2" => "{", "3" => "hardware", "4" => "ethernet", "5" => "00:02:B3:A2:B6:FD", "6" => ";", etc... I hope this clarifies my problem. I have tried a few things such as a eregi statement, explode etc. and so far explode has done what i need it to by separating one db entry into multiple components for editing. Jas David Otton wrote: On Sat, 06 Dec 2003 11:38:18 -0700, you wrote: I think I am loosing my mind this afternoon... could someone review this snippit and tell me why it isn't working? $sql = mysql_query("SELECT $i FROM $table WHERE $i = $i",$db)or die(mysql_error()); while($b = mysql_fetch_array($sql)) { while($ar = current($b) != 0) { $v = array(); list($v) = explode("}",$ar); } print_r($v); } I am hoping to get something like array([0]=>first row of data[1]=>second row of data) Your code doesn't have any context, so I can't be sure whether you're doing something very smart or very dumb with the SQL statement. The explode() is kinda weird, too. Try running this: $rs = mysql_query ($sql, $db) or die (mysql_error ()); $result = array(); while ($row = mysql_fetch_array ($rs)) { $result[] = $row; } print_r ($result); ?> and let us know how close it comes. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] new set of eyes?
Ok well I think I have it partially solved... $table = "settings"; $db_vlans = array("hosts01","hosts02","hosts03","hosts04","hosts05","hosts06","hosts07","hosts08","hosts09","hosts10"); $vlans = array("VLAN-22","VLAN-27","VLAN-29","VLAN-56","VLAN-57","VLAN-151","VLAN-314","Empty-01","Empty-02","Empty-03"); $i = str_replace($vlans,$db_vlans,$_POST['dhcp_hosts']); $_SESSION['dhcp_table'] = $i; $sql = mysql_query("SELECT $i FROM $table WHERE $i = $i",$db)or die(mysql_error()); $result = array(); while($b = mysql_fetch_array($sql)) { $result[] = explode(" ",$b); print_r($result); $num = count($result); print $num; for ($x = 0; $x < $num; $x++) { print "$result[$x]\n"; } ?> On data in "one" field that looks like: host dhcp-01 { hardware ethernet 00:D0:B7:BD:D2:8D; fixed-address 155.97.1.190; } host dhcp-02 { hardware ethernet 00:02:B3:A2:B6:FD; fixed-address 155.97.1.191; } Is returning this: Array ( [0] => Array ( [0] => Array ) ) 1Array So it sees 1 array and inside are two indexes both containing a new array... now I need to know how to pull the contents out of the second arrays. Sorry, still trying to figure out arrays. Jas -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Array problem....
Not very good at arrays so I figured i would look here $sql_subs = mysql_query("SELECT * FROM $t_02",$db)or die(mysql_error()); while(list($id,$sub,$msk,$dns01,$dns02,$rtrs,$rnge) = mysql_fetch_row($sql_subs)) { print $sub; print ""; print $msk; print ""; print $dns01; print ""; print $dns02; print ""; } ?> This pulls each row form a table and assigns a variable to each field, but what I need to do is something like this... $sql_subs = mysql_query("SELECT * FROM $t_02",$db)or die(mysql_error()); while(list($id,$sub,$msk,$dns01,$dns02,$rtrs,$rnge) = mysql_fetch_row($sql_subs)) { $_session[''] = "$sub+$msk+$dns01... } I have been scouring the various functions and as of yet have yet to accomplish what I need. Any help would be great. Thanks in advance, jas -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Array problem....
having no idea you could use numbers as session variable names I kinda feel like a retard right now. You solution worked, thank you very much. Jas Chris W. Parker wrote: Jas <mailto:[EMAIL PROTECTED]> on Wednesday, December 10, 2003 3:21 PM said: while(list($id,$sub,$msk,$dns01,$dns02,$rtrs,$rnge) = mysql_fetch_row($sql_subs)) { $_session[''] = "$sub+$msk+$dns01... } No exactly sure what you mean but here goes: $iCtr = 0; while(list(...)) = mysql_fetch_row(...)) { $_SESSION[$iCtr] = "$sub+$msk..."; $iCtr++; } HTH, Chris. -- Don't like reformatting your Outlook replies? Now there's relief! http://home.in.tum.de/~jain/software/outlook-quotefix/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Array problem....
Well just so you understand "why" I needed something like that here is the finished result below function show() { require 'path/to/dbconnector.inc'; $sql_subs = mysql_query("SELECT * FROM $t_02",$db)or die(mysql_error()); $i = 0; while(list($id,$sub,$msk,$dns01,$dns02,$rtrs,$rnge) = mysql_fetch_row($sql_subs)) { $_SESSION[$i] = "subnet $subnetmask $msk {option domain-name-servers $dns01, $dns02;option routers $rtrs;range $rnge;}"; $i++; } ?> Then ... And you get... subnet 128.110.22.110 netmask 255.255.255.0 { option domain-name-servers 128.110.22.4, 128.110.29.3; option routers 128.110.22.1; range ; } Which allows for easy reading of configuration variables and the ability to modify the individual vars using a form etc. Thanks again for all who gave me some pointers on using numbers instead of names for my session vars. Jas Chris W. Parker wrote: Jas <mailto:[EMAIL PROTECTED]> on Wednesday, December 10, 2003 3:44 PM said: having no idea you could use numbers as session variable names I kinda feel like a retard right now. You solution worked, thank you very much. It's an array just like any other which you probably realize now. ;) Also, unless you're doing some math or something with those variables you might to split them up into their own cells (I don't really know if this is going to be useful for you or not): { $_SESSION[$iCtr]['var1'] = $var1; $_SESSION[$iCtr]['var2'] = $var2; $_SESSION[$iCtr]['var3'] = $var3; $_SESSION[$iCtr]['var4'] = $var4; $_SESSION[$iCtr]['var5'] = $var5; ... } HTH, Chris. -- Don't like reformatting your Outlook replies? Now there's relief! http://home.in.tum.de/~jain/software/outlook-quotefix/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: How to reduce CPU usage in a cycle? [ag]
Can we get the code posted so we know what is going on? Sometimes there are a dozen different ways to accomplish the same objective and looking at what your code is doing may assist us in assisting you. Jas Taualex wrote: Hello! I'm having a problem with my php script on my linux web server. In that script there is a cycle with some math calculations (about ~30 steps), the execution time is less 1 second, but the script loads the server CPU up to 90%... I've optimized script already to the minimum math function, anyway, it still overloads the CPU. How can I reduce the CPU load? It seems that usleep() does not help much, especially in Windows (it's not supported). How can I give system a portion of time in the end of each step (I don't mind if it will increase the job time)? Is there a solution for both Windows and Linux? For instance, in C++ under Windows I would do this: do { [... math calculations ...] while(::PeekMessage(&message,NULL,0,0,PM_NOREMOVE)) if (!theApp.PumpMessage()) break; } while(!quit); This gives system to redraw screen, process any other events during long cycles... Is there similar approach in PHP for web server programming? p.s. Would be nice to know other techniques to reduce CPU load ;) Thank you! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Array problem....
Yeah I understand that and it would be perfect if I only had to call this type of function once on a page... and on any other pages that need something like this I will do it that way but with the counter set to 0 or whatever number I choose which is a sort of view all page so your solutions works better for this page. Thanks again. Jas Chris W. Parker wrote: Jas <mailto:[EMAIL PROTECTED]> on Thursday, December 11, 2003 7:21 AM said: Well just so you understand "why" I needed something like that here is the finished result below [snip] $i = 0; while(list(...) = mysql_fetch_row(...)) { $_SESSION[$i] = "..."; $i++; } I want to change my suggestion and recommend that you go along with what John Holmes suggested a little after my post. Read his post again and see if it is helpful to you. Keep note of the following aspect: You can remove the $i = 0; and the $i++; by changing $_SESSION[$i] = "..."; to $_SESSION[] = "...";. i.e. The following two code blocks perform the same task: Current: $i = 0; while(list(...) = mysql_fetch_row(...)) { $_SESSION[$i] = "..."; $i++; } New: while(list(...) = mysql_fetch_row(...)) { $_SESSION[] = "..."; } Chris. -- Don't like reformatting your Outlook replies? Now there's relief! http://home.in.tum.de/~jain/software/outlook-quotefix/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] How to reduce CPU usage in a cycle? [ag]
Well have you tried to define one function to include the for all variables that require mt_rand()? Jas Brent Baisley wrote: Personally, I wouldn't worry about it unless it is actually interfering with other processes. The OS will give any process or thread 100% of the CPU if there is nothing else that needs the CPU. What does you context switching numbers look like? If there is a lot of context switching, then your processes or threads are getting kicked off the CPU before they can accomplish much. And that's a problem. The duration of your script is less than a second, so that's not really a long enough time have an affect on other parts of the system. Heck, it may even being completing within just a couple of time slices (the length of time the OS allows a process/thread to use the CPU). You could always adjust the priority level (nice value in Unix) of whatever PHP is running under (i.e. Apache). Although you should understand what you are doing if you are adjusting nice values. On Dec 11, 2003, at 10:03 AM, TauAlex wrote: Hello! I'm having a problem with my php script on my linux web server. In that script there is a cycle with some math calculations (about ~30 steps), the execution time is less 1 second, but the script loads the server CPU up to 90%... I've optimized script already to the minimum math function, anyway, it still overloads the CPU. How can I reduce the CPU load? It seems that usleep() does not help much, especially in Windows (it's not supported). How can I give system a portion of time in the end of each step (I don't mind if it will increase the job time)? Is there a solution for both Windows and Linux? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] How to reduce CPU usage in a cycle? [ag]
ex. function rand($attack,$skills,$damage,$armor) { $do = array($attack,$skills,$damage,$armor); finish=false while (!finish) { $do = mt_rand(mktime(microtime(1,100)); } while($do = list($attack,$skills,$damage,$armor)) { calculate total damage for opponent } } ?> I read that the use of mt_rand will produce the same results each time the page is called with a certain number... so I would recommend using microtime in conjunction with your mt_rand calls to ensure true random numbers. By throwing your vars into an array and looping through it applying your random points deduction then listing the contents of the array (with new values) it might improve cpu performance but then again. I am still fairly new to php. Jas Jas wrote: Well have you tried to define one function to include the for all variables that require mt_rand()? Jas Brent Baisley wrote: Personally, I wouldn't worry about it unless it is actually interfering with other processes. The OS will give any process or thread 100% of the CPU if there is nothing else that needs the CPU. What does you context switching numbers look like? If there is a lot of context switching, then your processes or threads are getting kicked off the CPU before they can accomplish much. And that's a problem. The duration of your script is less than a second, so that's not really a long enough time have an affect on other parts of the system. Heck, it may even being completing within just a couple of time slices (the length of time the OS allows a process/thread to use the CPU). You could always adjust the priority level (nice value in Unix) of whatever PHP is running under (i.e. Apache). Although you should understand what you are doing if you are adjusting nice values. On Dec 11, 2003, at 10:03 AM, TauAlex wrote: Hello! I'm having a problem with my php script on my linux web server. In that script there is a cycle with some math calculations (about ~30 steps), the execution time is less 1 second, but the script loads the server CPU up to 90%... I've optimized script already to the minimum math function, anyway, it still overloads the CPU. How can I reduce the CPU load? It seems that usleep() does not help much, especially in Windows (it's not supported). How can I give system a portion of time in the end of each step (I don't mind if it will increase the job time)? Is there a solution for both Windows and Linux? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] php .htaccess autologin
Combination of session vars and cookie vars... example... [login page] sets cookie with auth=0 (variable) sets session with auth=0 (variable) [logged in page(s)] sets cookie with auth=1 (variable -client side) sets session with auth=1 (variable -server side) hash of users password as client side var then just write a function to look on the users machine for a cookie from your site with auth=1, then if you see that present simply authenticate the user. HTH Jas Evan Nemerson wrote: On Thursday 11 December 2003 04:17 pm, ROBERT MCPEAK wrote: I've dug around quite a bit and can't figure out how I might use PHP to handle an .htaccess login. For example, if I wanted a script to log in the user, rather than the user logging in with the standard .htaccess dialog. Any ideas? I could be wrong, but I think this would be rather client-dependent. I don't think HTTP remembers who you throughout a session- i think the headers get sent every time. My only idea from PHP would be to set the $_SERVER['PHP_AUTH_*'] stuff, but i sincerely doubt that would do anything. I just don't think there's a way to ask the browser to set that info through http. Maybe ask @ javascript forum? If you find a solution, I'd love to hear it... Since the .htaccess vars are stored in the browser, should I be looking at a PHP/JavaScritpt 1-2 punch? Thanks, Bob -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] session var not being passed?
New set of eyes maybe or maybe I am indeed regressing... Page calling functions looks like such... require 'sessions.php'; require 'inc.php'; if (($_SESSION['user'] == "") || ($_SESSION['pass'] == "") || ($_SESSION['lvl'] == "")) { $_SESSION['msg_01'] = "You have not entered the correct authorization information. Please enter your user name, password & department ID."; $_SESSION['msg'] = $dberrors[1]; call_user_func("db_logs"); //call_user_func("exit_app"); } elseif (($_SESSION['user'] != "") || ($_SESSION['pass'] != "") || ($_SESSION['lvl'] != "")) { if ((strlen($_SESSION['user'] >= 255)) || (strlen($_SESSION['pass'] >= 255)) || (strlen($_SESSION['lvl'] >= 255))) { $_SESSION['msg'] = $dberrors[3]; call_user_func("db_logs"); call_user_func("exit_app"); } elseif ((strlen($_SESSION['user'] <= 255)) || (strlen($_SESSION['pass'] <= 255)) || (strlen($_SESSION['lvl'] <= 255))) { $_SESSION['msg'] = $dberrors[10]; call_user_func("db_logs"); call_user_func("menu"); } else { $_SESSION['msg'] = $dberrors[11]; call_user_func("db_logs"); call_user_func("exit_app"); } } else { $_SESSION['msg'] = $dberrors[8]; call_user_func("db_logs"); call_user_func("exit_app"); } ?> Then in body of page I call Now the contents of inc.php is below (at least the "menu" and "dhcp_vlans" functions) function menu() { $lvl = base64_decode($_SESSION['lvl']); if ($lvl == "view") { $_SESSION['menu'] = "custom menu 01"; $_SESSION['lvl'] = base64_encode($lvl); } elseif ($lvl == "user") { $_SESSION['menu'] = "custom menu 02"; $_SESSION['lvl'] = base64_encode($lvl); } elseif ($lvl == "admin") { $_SESSION['menu'] = "custom menu 03"; $_SESSION['lvl'] = base64_encode($lvl); } else { $_SESSION['menu'] = "custom menu 04"; } $_SESSION['lvl'] = base64_encode($lvl); // recreate session variable for more checks } function vlans_dhcp() { $lvl = base64_decode($_SESSION['lvl']); // this session variable is dissapearing from the second nested if / elseif statement? if ($lvl != "admin") { $_SESSION['lvl'] = base64_encode($lvl); $_SESSION['msg'] = $dberrors[12]; call_user_func("db_logs"); } elseif ($lvl == "admin") { $_SESSION['lvl'] = base64_encode($lvl); if ($_POST == "") { $_SESSION['lvl'] = base64_encode($lvl); session_unset($_SESSION['list']); ,create automatic form..."; $_SESSION['lvl'] = base64_encode($lvl); //unset($table,$sql,$db_vlans,$vlans,$x); } elseif ($_POST != "") || (isset(var)) { //What happened to my session 'lvl' var? ...creat different form... } elseif ($_POST != "") { session_unset($_SESSION['list']); require 'dbase.php'; $table = "subnets"; $_SESSION['list'] = "...different form again..."; //unset($table,$db_vlans,$vlans,$i,$x); } else { $_SESSION['lvl'] = base64_encode($lvl); header("Location: login.vlans.php"); } } else { $_SESSION['lvl'] = base64_encode($lvl); $_SESSION['msg'] = $dberrors[12]; call_user_func("db_logs"); } } ?> -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] (0/T) executeing script below public
LMAO, I am in concordance. Jas Ryan A wrote: One wonders how two retards got together to give birth to a bigger retard like you. Hi, I am a bit puzzled here, I have to wipe my a$$ after taking a $hit...but I have to wipe while i'm on the toilet! My usual way is to stand up and do it. I noticed one funny thing about this way, its hard to get all that crap in one swipe...what kind of $hit is this? According to the documentation, the a$$ should be wiped in one of two motions like so Place toilet paper at forward most side of anus and wipe backward (or) Place toilet paper at backward most side of anus and wipe forward How do I do that? Thanks, -Riene fyi- my toilet is a flush-master 3001, if that matters. -Original Message- From: Ryan A [mailto:[EMAIL PROTECTED] Sent: Friday, December 12, 2003 4:08 PM To: [EMAIL PROTECTED] Subject: [PHP] (0/T) executeing script below public Hi, Am a bit puzzled here, we have to run a script to start/stop a serverbut we have to run the script below the public folder! this is our structure /blah/theServer/public_html/ the script is located in /blah/theServer/ I noticed one funny thing about this script, it starts with: #!/bin/sh right on top but does not have a file extention...what kind of a file is this? According to the documentation the script has to be executed like so start (or) stop How do I do that? Thanks, -Ryan -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php __ Do you Yahoo!? New Yahoo! Photos - easier uploading and sharing. http://photos.yahoo.com/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] var check not working...
For some reason this will not work... my $_POST variables check for no form variables and display a form... if they choose an item from a select box it queries the database for a field matching the $_post var and builds a new form creating 8 separate $_post variables to check for.. so far it works except when selecting an item from the select box it will only display the first form when there are $_post vars present. I think I am missing something, could someone look over my code? Thanks in advance, Jas function vlans_dhcp() { $lvl = base64_decode($_SESSION['lvl']); if ($lvl != "admin") { $_SESSION['lvl'] = base64_encode($lvl); $_SESSION['msg'] = $dberrors[12]; call_user_func("db_logs"); } elseif ($lvl == "admin") { $_SESSION['lvl'] = base64_encode($lvl); if (($_POST == "") || (!isset($_POST['dhcp_vlans'])) || (!isset($_POST['sub'])) || (!isset($_POST['msk'])) || (!isset($_POST['dns01'])) || (!isset($_POST['dns02'])) || (!isset($_POST['rtrs'])) || (!isset($_POST['vlans']))) { create 1st form with dhcp_vlans as $_post var; } elseif (($_POST != "") || (isset($_POST['dhcp_vlans'])) || ($_POST['dhcp_vlans'] != "--") || (!isset($_POST['sub'])) || (!isset($_POST['msk'])) || (!isset($_POST['dns01'])) || (!isset($_POST['dns02'])) || (!isset($_POST['rtrs'])) || (!isset($_POST['vlans']))) { create 2nd form based on dhcp_vlans $_post var and create 8 different $_post vars...; } elseif (($_POST != "") || (!isset($_POST['dhcp_vlans'])) || (isset($_POST['id'])) || (isset($_POST['sub'])) || (isset($_POST['msk'])) || (isset($_POST['dns01'])) || (isset($_POST['dns02'])) || (isset($_POST['rtrs'])) || (isset($_POST['rnge'])) || (isset($_POST['vlans']))) { now put 8 $_post vars in database...; } else { $_SESSION['lvl'] = base64_encode($lvl); header("Location: help.php"); } } else { $_SESSION['lvl'] = base64_encode($lvl); $_SESSION['msg'] = $dberrors[12]; call_user_func("db_logs"); } } -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Q on RegExp & extended Char
Well have you thought about maybe an array of illegal or extended characters and simply replacing them? eg. $b = $_POST['whatever_variables_you_have']; $match = array("ö","ç","ä"); $replace = array("o","c","a"); $z = str_replace($match,$replace,$b); Might not be exactly what you want but hope it helps. Jas Jswalter wrote: I've hit my limit on regular expressions. I need to check a string to see if it contains legal characters... A thru Z [a-z], SPACE, PERIOD, DASH/HYPHEN, APOSTROPHE [\' -,\.] OK, this is not a problem. My problem comes in with extended characters, as these examples... González Vänligen före innehålla I'm trying to build a RegExp that will see if the string is a proper name format or not. Names only have A thru Z, extended characters for other languages (than English), SPACE, PERIOD, DASH/HYPHEN, APOSTROPHE Dr. Roger O'Malley Mrs. Sara Harris-Henderson I have a RegExp to do English letters, but not the extended set... Manuel González Försök Bokstäver Contém Espaço-Válido (Ok, these are not really names, but you get the idea) Any ideas on this? All I want to know is if a given string contains only these types of characters. anything else would give me a FALSE. Thanks Walter -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: var check not working...
Sven wrote: Jas schrieb: For some reason this will not work... my $_POST variables check for no form variables and display a form... if they choose an item from a select box it queries the database for a field matching the $_post var and builds a new form creating 8 separate $_post variables to check for.. so far it works except when selecting an item from the select box it will only display the first form when there are $_post vars present. I think I am missing something, could someone look over my code? Thanks in advance, Jas function vlans_dhcp() { $lvl = base64_decode($_SESSION['lvl']); if ($lvl != "admin") { $_SESSION['lvl'] = base64_encode($lvl); $_SESSION['msg'] = $dberrors[12]; call_user_func("db_logs"); } elseif ($lvl == "admin") { $_SESSION['lvl'] = base64_encode($lvl); if (($_POST == "") || (!isset($_POST['dhcp_vlans'])) || (!isset($_POST['sub'])) || (!isset($_POST['msk'])) || (!isset($_POST['dns01'])) || (!isset($_POST['dns02'])) || (!isset($_POST['rtrs'])) || (!isset($_POST['vlans']))) { create 1st form with dhcp_vlans as $_post var; } elseif (($_POST != "") || (isset($_POST['dhcp_vlans'])) || ($_POST['dhcp_vlans'] != "--") || (!isset($_POST['sub'])) || (!isset($_POST['msk'])) || (!isset($_POST['dns01'])) || (!isset($_POST['dns02'])) || (!isset($_POST['rtrs'])) || (!isset($_POST['vlans']))) { create 2nd form based on dhcp_vlans $_post var and create 8 different $_post vars...; } elseif (($_POST != "") || (!isset($_POST['dhcp_vlans'])) || (isset($_POST['id'])) || (isset($_POST['sub'])) || (isset($_POST['msk'])) || (isset($_POST['dns01'])) || (isset($_POST['dns02'])) || (isset($_POST['rtrs'])) || (isset($_POST['rnge'])) || (isset($_POST['vlans']))) { now put 8 $_post vars in database...; } else { $_SESSION['lvl'] = base64_encode($lvl); header("Location: help.php"); } } else { $_SESSION['lvl'] = base64_encode($lvl); $_SESSION['msg'] = $dberrors[12]; call_user_func("db_logs"); } } hi jas, the problem is, that your second form is only executed if your first condition is false (else if). but because of your or condition (||) only one of them has to be true. right? right! so it doesn't matter if your $_POST['dhcp_vlans'] is not set, when any other isn't set. a solution might be: hth SVEN Yah I figured that out.. those operators always throw me off... Thanks again. Jas -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: 4 project questions - help appreciated
1. MySQL is free, fairly easy to use and is way better than using a text file. 2. I would use something to effect of a 'id' field in the database and set that to be indexed, auto-incrementing and unique vs. using your 'public key' as the indexed portion of the database 3. Sounds like you already know what kind of function you need. If you need an example here is one. [snippit] function keys() { /* Connect to database */ $db = @mysql_pconnect('localhost','user_name','password') or die(mysql_error()); /* Select databse to use */ @mysql_select_db('keys') or die("Could not connect to remote database."); $tble = "messages"; /* Look for existing key */ $sql = mysql_query("SELECT * FROM $tble WHERE key = '$key'",$db)or die(mysql_error()); /* Create array of variables retrieved */ while ($row = mysql_fetch_array($sql)) { $id = $row["session"]; } /* Check to see if any results were returned */ if (mysql_num_rows($sql) == 0) { $insert = @mysql_query("INSERT INTO $tble VALUES ('','$var1','$var2','$var3','$var4','$var5')",$db)or die(mysql_error()); /* If key exists update data with form data */ } elseif (mysql_num_rows($sql) != 0) { $update = @mysql_query("UPDATE $tble SET var1=\"$var1\", var2=\"$var2\", var3=\"$var3\", var4=\"$var4\", var5=\"$var5\" WHERE key=\"$key\"",$db)or die(mysql_error()); } else { exit(); } } else { exit(); } } ?> [end snippit] 4. You are talking about a one way hash to be used as a public key right? If you are I generate a unique key in this manner (I really don't loop through any array's of numbers or letters) instead I pull an image randomly selected from a specified directory and then through it through a system of functions as illustrated below. You can record the key in the database and use it as a "public key" so to speak so the person your sending the secret message to would need to know that "public key". [snippit] /* Function to create array of images */ $rand_image = array(); $x = 0; $x++; $rand_image[$x] = "shared/image01.jpg"; $x++; $rand_image[$x] = "shared/image02.jpg"; $x++; $rand_image[$x] = "shared/image03.jpg"; $x++; $rand_image[$x] = "shared/image04.jpg"; /* Randomly select image to encrypt and use as session variable */ function random_image() { global $rand_image; srand ((double) microtime() * 100); print $rand_image[rand(1,sizeof($rand_image))]; } /* Encryption function for random image */ $hash = md5(uniqid(microtime($rand_image),1)); } echo $hash; ?> [end snippit] Hope that helps some... Jas Ryan A wrote: Hi, I am making a personal project like so: I enter something in the text box (eg. "PHP REALLY ROCKS!!!") then the program checks if that string already exists in the database, if no, then it should enter it into the database and also generate a "key" This key can be given to pals and they can read the "secret message" Key: Key should first be 1-1000 then a-z then A-Z then axxx (eg: a001, the xxx will always be numbers) once it reaches 999 it should become Axxx then b then B etc after a,A,b,B are done it should go for aaxx,AAxx etc always 4 characters A few questions: 1.Looking at the above (database part) I figured that doing this via a mysql database would be better rather than a text database...do you agree? 2.I was thinking of making the "key" field a primary key and unique and indexedright? 3.The way I see it theres 3 sql statements that need to be run, a) connect and see if string exists b)read the last key c)write to the database...anyway to break the above to 2 statements or am I following this wrong? 4. Logic for the key, I am coming up with crummy logic to make the "key", basically a block of code for 1-1000,another block for a-z another block for A-Z etc.. any ideas,links,URLs or code snippets off the top of your head would be greatly appreciated. Thanks in advance. Cheers, -Ryan -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: php compile error with mysql undefined reference to `mysql_real_escape_string'
You really should be subscribing to the php.install list when asking questions of this type. But it sounds like you need to first install mysql, then install apache, then install php. In that order and you should be ok. When in doubt read the manuals for each application for further information on the different options available for your ./configure. HTH Jas Ivone Uribe wrote: Hi all! I'm installing php4.3.3, apache 1.3.28 with mysql3.22.32 I'm using this option --with-mysql=/usr/local/mysql But when I compile the php code, I get this error: ext/mysql/php_mysql.o: In function `zif_mysql_client_encoding': /root/fuente/archivos/php-4.3.3/ext/mysql/php_mysql.c:1118: undefined reference to `mysql_character_set_name' ext/mysql/php_mysql.o: In function `zif_mysql_real_escape_string': /root/fuente/archivos/php-4.3.3/ext/mysql/php_mysql.c:1705: undefined reference to `mysql_real_escape_string' collect2: ld returned 1 exit status To solve it..I try the option --disable-cli on ./configure, and all ok. But now I have the same problem (/php-4.3.3/ext/mysql/php_mysql.c:1118: undefined reference to `mysql_character_set_name') when I try to compile the apache... Please!!! Does anybody know how to solve it? Thanks in advance!! __ Do you Yahoo!? Free Pop-Up Blocker - Get it now http://companion.yahoo.com/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Security Question
Does your php.ini have Globals set to off? Was your php installation compiled with session support? If your answer to both of those questions is yes (you can check your server config with a page containing this string ) Then use session to register a variable such as the example below... Then say on your authentication module you do something like this function authentication() { if (!empty($_POST['username'])) && (!empty($_POST['password'])) { // some code to check if username and password variables match database entries or file containing credentials // if a match is found do the rest of the code session_start(); $_SESSION['auth'] = base64_encode(1); //encoded var to deter session hijacking } else { header("location: login.html"); } ?> Hope this helps a bit... more info on stuff like this is available at google.com. =) Jas Thomas Andersen wrote: Hello, I'm trying to develop a secure web based application and my only tools are php, mysql, and a SSL connection. Does anyone know of any good references for this kind of development? What I really need to do is to make sure that given users only gain access to the parts of the application they are given rights to. I'm not sure if I need to pass their user information along from page to page or if I should set a cookie or whatever else would be appropriate. I also want people to be bounced back to the login page if they enter a direct URL to part of the application without logging in first, and I also want people to be able to log out. Thanks, Thomas Andersen -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Script timeout Problem
Have you tried setting a limit on your MySQL insert and update statements to limit the amount trying to be processed? Haseeb Iqbal wrote: hi, i need to update a mysql table with a dbf file, the dbf file contains more then 16 records. i knew that the script will not be able to update 16 records in 1 go so i am refreshing the page after speacific no of records. but still the same problem. the script timeout.i tried changing the timeout limit to 300 secs but to noavail. i am pasting the code here.plz take a look may by you can tell me what i am doing wrong define("_MySqlEnable",TRUE); set_time_limit(0); require_once(strPath."paths.php"); $strDBName=strPath."uploads/".Date("d-m-Y")."-products.dbf"; $DBPointer=dbase_open($strDBName,0) or die("Cannot open file for reading"); $nNoOfRecs=dbase_numrecords($DBPointer); $nLoopBreak=1500; $nConn=GetCon(); if (empty($nLoopStart)) { $nLoopStart=1; } if ($nNoOfRecs > $nLoopBreak) { $nLoopTill=$nLoopStart + $nLoopBreak; $nFinal=FALSE; } else { $nLoopTill=$nLoopBreak; $nFinal=TRUE; } for ($nCount=$nLoopStart;$nCount<=$nLoopTill;$nCount++) { $arrData=dbase_get_record($DBPointer,$nCount); $GRP=CheckString($arrData[0]); $CAT=CheckString($arrData[1]); $SUB=CheckString($arrData[2]); $VEND_CODE=CheckString($arrData[3]); $MANU_PART=CheckString($arrData[4]); $PART_NUM=CheckString($arrData[5]); $DESCR=CheckString($arrData[6]); $COST=CheckString($arrData[7]); $RETAIL=CheckString($arrData[8]); $QTY=CheckString($arrData[9]); $LIST_PRICE=CheckString($arrData[10]); $EFF_DATE=CheckString($arrData[11]); $TECH_FAX=CheckString($arrData[12]); $STATUS=CheckString($arrData[13]); $UPC=CheckString($arrData[14]); $strQuery="SELECT * FROM products WHERE grp='".$GRP."' AND cat='".$CAT."' AND sub='".$SUB."' AND vend_code='".$VEND_CODE."' AND manu_part='".$MANU_PART."' AND part_num='".$PART_NUM."'"; $nConn->doQuery($strQuery); if ($nConn->cntResult()==0) $strQuery="INSERT INTO products(products.grp,products.cat,products.sub,products.vend_code,products.manu_part,products.part_num,products.desc,products.cost,products.retail,products.qty,products.list_price,products.eff_date,products.tech_fax,products.status,products.upc) VALUES('".$GRP."','".$CAT."','".$SUB."','".$VEND_CODE."','".$MANU_PART."','".$PART_NUM."','".$DESCR."','".$COST."','".$RETAIL."','".$QTY."','".$LIST_PRICE."','".$EFF_DATE."','".$TECH_FAX."','".$STATUS."','".$UPC."')"; $strQuery="INSERT INTO products(products.grp,products.cat,products.sub,products.vend_code,products.manu_part,products.part_num,products.desc,products.cost,products.retail,products.qty,products.list_price,products.eff_date,products.tech_fax,products.status,products.upc) VALUES('".$GRP."','".$CAT."','".$SUB."','".$VEND_CODE."','".$MANU_PART."','".$PART_NUM."','".$DESCR."','".$COST."','".$RETAIL."','".$QTY."','".$LIST_PRICE."','".$EFF_DATE."','".$TECH_FAX."','".$STATUS."','".$UPC."' LIMIT 200)"; else $strQuery="UPDATE products SET products.part_num='$PART_NUM',products.desc='$DESCR',COST='$COST',retail='$RETAIL',qty='$QTY',list_price='$LIST_PRICE',eff_date='$EFF_DATE',tech_fax='$TECH_FAX',status='$STATUS',upc='$UPC' WHERE grp='".$GRP."' AND cat='".$CAT."' AND sub='".$SUB."' AND vend_code='".$VEND_CODE."' AND manu_part='".$MANU_PART."' AND part_num='".$PART_NUM."'"; $strQuery="UPDATE products SET products.part_num='$PART_NUM',products.desc='$DESCR',COST='$COST',retail='$RETAIL',qty='$QTY',list_price='$LIST_PRICE',eff_date='$EFF_DATE',tech_fax='$TECH_FAX',status='$STATUS',upc='$UPC' WHERE grp='".$GRP."' AND cat='".$CAT."' AND sub='".$SUB."' AND vend_code='".$VEND_CODE."' AND manu_part='".$MANU_PART."' AND part_num='".$PART_NUM."'LIMIT 200"; //echo "nCOunt - > $nCount -".$strQuery; $nConn->doQuery($strQuery); } $nCount++; $nLoopStart=$nCount; if ($nFinal==FALSE) { //1500 records updated so refresh the page ?> } else { // all records updated so redirst to calling page. ?> } ?> Haseeb That might help out with the timeouts too. Jas -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: picking up a form name
Do you mean a variable being passed to the next page from within a form ex. or If you are talking about the input name for a text box use this snippit... is(empty($_POST['variable_001']) { // Do negative result code } elseif(!empty($_POST['variable_001']) { // Do positive result code ... Or if it the name of the "actual form" you want try setting a hidden field with the same name as the form. ex. HTH Jas Php wrote: Hi, If I have more than one form on a page, how can I get the name of the form that was sent on the recieving page without using javascript? tia, Craig TOP DRAW INC. p 780.429.9993 f 780.426.1199 [EMAIL PROTECTED] www.topdraw.com 10210 - 111 Street, Edmonton, Alberta T5K 1K9 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Script timeout Problem
Let me know if that solves your problem if you would be so kind... I am sure it will but I just want to make sure. Jas Jas wrote: Have you tried setting a limit on your MySQL insert and update statements to limit the amount trying to be processed? Haseeb Iqbal wrote: hi, i need to update a mysql table with a dbf file, the dbf file contains more then 16 records. i knew that the script will not be able to update 16 records in 1 go so i am refreshing the page after speacific no of records. but still the same problem. the script timeout.i tried changing the timeout limit to 300 secs but to noavail. i am pasting the code here.plz take a look may by you can tell me what i am doing wrong define("_MySqlEnable",TRUE); set_time_limit(0); require_once(strPath."paths.php"); $strDBName=strPath."uploads/".Date("d-m-Y")."-products.dbf"; $DBPointer=dbase_open($strDBName,0) or die("Cannot open file for reading"); $nNoOfRecs=dbase_numrecords($DBPointer); $nLoopBreak=1500; $nConn=GetCon(); if (empty($nLoopStart)) { $nLoopStart=1; } if ($nNoOfRecs > $nLoopBreak) { $nLoopTill=$nLoopStart + $nLoopBreak; $nFinal=FALSE; } else { $nLoopTill=$nLoopBreak; $nFinal=TRUE; } for ($nCount=$nLoopStart;$nCount<=$nLoopTill;$nCount++) { $arrData=dbase_get_record($DBPointer,$nCount); $GRP=CheckString($arrData[0]); $CAT=CheckString($arrData[1]); $SUB=CheckString($arrData[2]); $VEND_CODE=CheckString($arrData[3]); $MANU_PART=CheckString($arrData[4]); $PART_NUM=CheckString($arrData[5]); $DESCR=CheckString($arrData[6]); $COST=CheckString($arrData[7]); $RETAIL=CheckString($arrData[8]); $QTY=CheckString($arrData[9]); $LIST_PRICE=CheckString($arrData[10]); $EFF_DATE=CheckString($arrData[11]); $TECH_FAX=CheckString($arrData[12]); $STATUS=CheckString($arrData[13]); $UPC=CheckString($arrData[14]); $strQuery="SELECT * FROM products WHERE grp='".$GRP."' AND cat='".$CAT."' AND sub='".$SUB."' AND vend_code='".$VEND_CODE."' AND manu_part='".$MANU_PART."' AND part_num='".$PART_NUM."'"; $nConn->doQuery($strQuery); if ($nConn->cntResult()==0) $strQuery="INSERT INTO products(products.grp,products.cat,products.sub,products.vend_code,products.manu_part,products.part_num,products.desc,products.cost,products.retail,products.qty,products.list_price,products.eff_date,products.tech_fax,products.status,products.upc) VALUES('".$GRP."','".$CAT."','".$SUB."','".$VEND_CODE."','".$MANU_PART."','".$PART_NUM."','".$DESCR."','".$COST."','".$RETAIL."','".$QTY."','".$LIST_PRICE."','".$EFF_DATE."','".$TECH_FAX."','".$STATUS."','".$UPC."')"; $strQuery="INSERT INTO products(products.grp,products.cat,products.sub,products.vend_code,products.manu_part,products.part_num,products.desc,products.cost,products.retail,products.qty,products.list_price,products.eff_date,products.tech_fax,products.status,products.upc) VALUES('".$GRP."','".$CAT."','".$SUB."','".$VEND_CODE."','".$MANU_PART."','".$PART_NUM."','".$DESCR."','".$COST."','".$RETAIL."','".$QTY."','".$LIST_PRICE."','".$EFF_DATE."','".$TECH_FAX."','".$STATUS."','".$UPC."' LIMIT 200)"; else $strQuery="UPDATE products SET products.part_num='$PART_NUM',products.desc='$DESCR',COST='$COST',retail='$RETAIL',qty='$QTY',list_price='$LIST_PRICE',eff_date='$EFF_DATE',tech_fax='$TECH_FAX',status='$STATUS',upc='$UPC' WHERE grp='".$GRP."' AND cat='".$CAT."' AND sub='".$SUB."' AND vend_code='".$VEND_CODE."' AND manu_part='".$MANU_PART."' AND part_num='".$PART_NUM."'"; $strQuery="UPDATE products SET products.part_num='$PART_NUM',products.desc='$DESCR',COST='$COST',retail='$RETAIL',qty='$QTY',list_price='$LIST_PRICE',eff_date='$EFF_DATE',tech_fax='$TECH_FAX',status='$STATUS',upc='$UPC' WHERE grp='".$GRP."' AND cat='".$CAT."' AND sub='".$SUB."' AND vend_code='".$VEND_CODE."' AND manu_part='".$MANU_PART."' AND part_num='".$PART_NUM."'LIMIT 200"; //echo "nCOunt - > $nCount -".$strQuery; $nConn->doQuery($strQuery); } $nCount++; $nLoopStart=$nCount; if ($nFinal==FALSE) { //1500 records updated so refresh the page ?> } else { // all records updated so redirst to calling page. ?> } ?> Haseeb That might help out with the timeouts too. Jas -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Script timeout Problem
Ok, I posted an example in the body of this for your time out limits but here it is again... At the end of each of your SQL statements for UPDATE or INSERT simply add ...LIMIT 2000"; That should limit the updating or inserting of database records until the page is refreshed to add more... HTH Jas Haseeb Iqbal wrote: how can i do that? btw the script runs on a local machine but updates the records on a webserver i mean live server. this is also a factor for the timeout. the script was running smoothly for 24000 recods before but now it suddenly timeout after 800records. i dont know what is heppening Haseeb - Original Message - From: "Jas" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Friday, December 19, 2003 3:16 AM Subject: [PHP] Re: Script timeout Problem Have you tried setting a limit on your MySQL insert and update statements to limit the amount trying to be processed? Haseeb Iqbal wrote: hi, i need to update a mysql table with a dbf file, the dbf file contains more then 16 records. i knew that the script will not be able to update 16 records in 1 go so i am refreshing the page after speacific no of records. but still the same problem. the script timeout.i tried changing the timeout limit to 300 secs but to noavail. i am pasting the code here.plz take a look may by you can tell me what i am doing wrong define("_MySqlEnable",TRUE); set_time_limit(0); require_once(strPath."paths.php"); $strDBName=strPath."uploads/".Date("d-m-Y")."-products.dbf"; $DBPointer=dbase_open($strDBName,0) or die("Cannot open file for reading"); $nNoOfRecs=dbase_numrecords($DBPointer); $nLoopBreak=1500; $nConn=GetCon(); if (empty($nLoopStart)) { $nLoopStart=1; } if ($nNoOfRecs > $nLoopBreak) { $nLoopTill=$nLoopStart + $nLoopBreak; $nFinal=FALSE; } else { $nLoopTill=$nLoopBreak; $nFinal=TRUE; } for ($nCount=$nLoopStart;$nCount<=$nLoopTill;$nCount++) { $arrData=dbase_get_record($DBPointer,$nCount); $GRP=CheckString($arrData[0]); $CAT=CheckString($arrData[1]); $SUB=CheckString($arrData[2]); $VEND_CODE=CheckString($arrData[3]); $MANU_PART=CheckString($arrData[4]); $PART_NUM=CheckString($arrData[5]); $DESCR=CheckString($arrData[6]); $COST=CheckString($arrData[7]); $RETAIL=CheckString($arrData[8]); $QTY=CheckString($arrData[9]); $LIST_PRICE=CheckString($arrData[10]); $EFF_DATE=CheckString($arrData[11]); $TECH_FAX=CheckString($arrData[12]); $STATUS=CheckString($arrData[13]); $UPC=CheckString($arrData[14]); $strQuery="SELECT * FROM products WHERE grp='".$GRP."' AND cat='".$CAT."' AND sub='".$SUB."' AND vend_code='".$VEND_CODE."' AND manu_part='".$MANU_PART."' AND part_num='".$PART_NUM."'"; $nConn->doQuery($strQuery); if ($nConn->cntResult()==0) $strQuery="INSERT INTO products(products.grp,products.cat,products.sub,products.vend_code,products. manu_part,products.part_num,products.desc,products.cost,products.retail,prod ucts.qty,products.list_price,products.eff_date,products.tech_fax,products.st atus,products.upc) VALUES('".$GRP."','".$CAT."','".$SUB."','".$VEND_CODE."','".$MANU_PART."','" $PART_NUM."','".$DESCR."','".$COST."','".$RETAIL."','".$QTY."','".$LIST_PRI CE."','".$EFF_DATE."','".$TECH_FAX."','".$STATUS."','".$UPC."')"; $strQuery="INSERT INTO products(products.grp,products.cat,products.sub,products.vend_code,products. manu_part,products.part_num,products.desc,products.cost,products.retail,prod ucts.qty,products.list_price,products.eff_date,products.tech_fax,products.st atus,products.upc) VALUES('".$GRP."','".$CAT."','".$SUB."','".$VEND_CODE."','".$MANU_PART."','" $PART_NUM."','".$DESCR."','".$COST."','".$RETAIL."','".$QTY."','".$LIST_PRI CE."','".$EFF_DATE."','".$TECH_FAX."','".$STATUS."','".$UPC."' LIMIT 200)"; else $strQuery="UPDATE products SET products.part_num='$PART_NUM',products.desc='$DESCR',COST='$COST',retail='$R ETAIL',qty='$QTY',list_price='$LIST_PRICE',eff_date='$EFF_DATE',tech_fax='$T ECH_FAX',status='$STATUS',upc='$UPC' WHERE grp='".$GRP."' AND cat='".$CAT."' AND sub='".$SUB."' AND vend_code='".$VEND_CODE."' AND manu_part='".$MANU_PART."' AND part_num='".$PART_NUM."'"; $strQuery="UPDATE products SET products.part_num='$PART_NUM',products.desc='$DESCR',COST='$COST',retail='$R ETAIL',qty='$QTY',list_price='$LIST_PRICE',eff_date='$EFF_DATE',tech_fax='$T ECH_FAX',status='$STATUS',upc='$UPC' WHERE grp='".$GRP."' AND cat='".$CAT."' AND sub='".$SUB."' AND vend_code='".$VEND_CODE."' AND manu_part='".$MANU_PART."' AND part_num='".$PART_NUM."'LIMIT 200"; //echo "nCOunt - > $nCount -".$strQuery; $nConn->doQuery($strQuery); } $nCount++; $nLoopStart=$nCount; if ($nFinal==FALSE) { //1500 records updated so refresh the page ?> Haseeb That might help out with the timeouts too. Jas -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] post var check failing?
Not sure why it isn't checking my post vars correctly... any help is appreciated. Thanks in advance Jas while($a = mysql_fetch_array($x)) { list($_SESSION['id01'],$hn,$ma,$i,$v) = $a; } $_SESSION['search'] = "...new form with listed vars..."; } elseif ((empty($_POST['hosts01'])) && (empty($_POST['search'])) && (!empty($_POST['hn'])) && (!empty($_POST['ma'])) && (!empty($_POST['i'])) && (!empty($_POST['v']))) { unset($_SESSION['search']); // FiX POST VAR CHECK ! $_SESSION['search'] = "... show posted vars as successful submission ..." -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] looping problem?
Problem with looping over a CSV file (3 results for each line)? Here is the CSV file contents... MTPC-01,00:02:B3:A2:9D:ED,155.97.15.11 MTPC-02,00:02:B3:A2:B6:F4,155.97.15.12 MTPC-03,00:02:B3:A2:A1:A7,155.97.15.13 MTPC-04,00:02:B3:A2:07:F2,155.97.15.14 MTPC-05,00:02:B3:A2:B8:4D,155.97.15.15 Here is the script... $row = 1; $file = "fa.csv"; $id = fopen("$file","r"); while($data = fgetcsv($id,100,",")) { $num = count($data); $row++; for($c = 0; $c < $num; $c++) { echo "host $data[0] {\nhardware ethernet $data[1];\nfixed-address $data[2];\n}\n"; } } fclose($id); ?> And this is the output... (notice 3 results for the first line in the CSV file) host MTPC-01 { hardware ethernet 00:02:B3:A2:9D:ED; fixed-address 155.97.15.11; } host MTPC-01 { hardware ethernet 00:02:B3:A2:9D:ED; fixed-address 155.97.15.11; } host MTPC-01 { hardware ethernet 00:02:B3:A2:9D:ED; fixed-address 155.97.15.11; } Any help is appreciated... Jas -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] function problem?
Not sure why the last section won't work... /* Function to search for hosts */ function search_dhcp() { if ((empty($_POST['search'])) && (empty($_POST['hosts01'])) && (empty($_POST['hn'])) && (empty($_POST['ma'])) && (empty($_POST['i'])) && (empty($_POST['v']))) { unset($_SESSION['search']); $_SESSION['search'] = "Search for individual computers to edit**This feature will search all VLAN's for individual machines to make host configuration changes to.ex. 10.10.0.255 or dhcp-client Wildcards are marked as a '%'."; } elseif ((!empty($_POST['search_name'])) && (empty($_POST['hosts01'])) && (empty($_POST['hn'])) && (empty($_POST['ma'])) && (empty($_POST['i'])) && (empty($_POST['v']))) { unset($_SESSION['search']); require 'dbase.inc.php'; $table = "hosts"; $x = @mysql_query("SELECT * FROM $table WHERE hostname LIKE '$_POST[search_name]'")or die(mysql_error()); $num = mysql_num_rows($x); if($num == "0") { $_SESSION['search'] = "Search for individual computers to edit by hostname**This feature will search all VLAN's for individual machines to make host configuration changes to.(ex. dhcp_client_003) Wildcards are marked as a '%'. No hosts matched your search for $_POST[search_name]."; } elseif ($num != 0) { $_SESSION['search'] .= "Here are your search results.**Please select the machine you wish to make changes to."; while($v = mysql_fetch_array($x)) { list($_SESSION['id'],$_SESSION['hn'],$_SESSION['ma'],$_SESSION['i'],$_SESSION['v']) = $v; $_SESSION['search'] .= "$_SESSION[hn] | $_SESSION[i] | $_SESSION[v]"; } $_SESSION['search'] .= ""; } else { $_SESSION['search'] = "Search for individual computers to edit by hostname(ex. dhcp_client_003)**This feature will search all VLAN's for individual machines to make host configuration changes to. No hosts matched your search for $_POST[search_name]."; } unset($_SESSION['id'],$_SESSION['hn'],$_SESSION['ma'],$_SESSION['i'],$_SESSION['v']); } elseif ((!empty($_POST['hosts01'])) && (empty($_POST['search'])) && (empty($_POST['hn'])) && (empty($_POST['ma'])) && (empty($_POST['i'])) && (empty($_POST['v']))) { unset($_SESSION['search']); require 'dbase.inc.php'; $table = "hosts"; $x = mysql_query("SELECT * FROM $table WHERE hostname = '$_POST[hosts01]' OR ip = '$_POST[hosts01]' OR mac = '$_POST[hosts01]'")or die(mysql_error()); $num = mysql_num_rows($x); if($num == "0") { unset($_SESSION['search']); $_SESSION['search'] = "Search for individual computers to edit by hostname(ex. dhcp_client_003)**This feature will search all VLAN's for individual machines to make host configuration changes to. You did not select a host to edit."; } elseif ($num != 0) { while($a = mysql_fetch_array($x)) { list($_SESSION['id01'],$hn,$ma,$i,$v) = $a; } $_SESSION['search'] = " You are about to make changes to $hn | $i** Please fill out all fields and be carefull when entering the MAC address. The proper format is as such XX:XX:XX:XX:XX Hostname MAC-Address IP-Address VLAN / Subnet: "; } elseif ((empty($_POST['hosts01'])) && (empty($_POST['search'])) && (!empty($_POST['hn'])) && (!empty($_POST['ma'])) && (!empty($_POST['i'])) && (!empty($_POST['v']))) { unset($_SESSION['search']); // Will not get to this point! $_SESSION['search'] = " Your changes to $_POST[hosts01] were successfull** To make your changes active you must use the \"UPDATE DHCP\" link on the left Hostname $_POST[hn] MAC-Address $_POST[ma] IP-Address $_POST[i] VLAN / Subnet: $_POST[v] "; } else { unset($_SESSION['search']); $_SESSION['search'] = " Something broke, please try again."; } } else { unset($_SESSION['search']); header("Location: login.hosts.php"); } } -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Checkboxes?
I am having a problem with checkboxes... $_SESSION['logs'] .= "DateTimeIP AddressPortLog MessageDetails?"; require 'database_script.php'; $table = "logs"; $sql = mysql_query("SELECT * FROM $table ORDER BY date",$db)or die(mysql_error()); while($row = mysql_fetch_array($sql)) { list($id,$date,$time,$ip,$host,$referer,$agent,$page,$pagecount,$message,$session) = $row; $_SESSION['logs'] .= "$date$time$ip$host$message"; } // Begin checking if variables are present... if (empty($_POST['id'])) { unset($_SESSION['details']); $_SESSION['details'] = " You must select an access log(s) to view the details of"; } elseif (!empty($_POST['id'])) { unset($_POST['details']); $_SESSION['details'] = "You have selected record number..."; } else { unset($_SESSION['details']); $_SESSION['details'] = " You must select an access log(s) to view the details of."; } ?> I think it has something to do with the naming or values of the checkboxes but if someone could shed some light on it that would be great. jas -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Looping problem?
require 'database.php'; $t_02 = "subnets"; $sql_subs = mysql_query("SELECT * FROM $t_02",$db)or die(mysql_error()); while(list($id,$sub,$msk,$dns01,$dns02,$rtrs,$rnge) = mysql_fetch_array($sql_subs)) { $num = mysql_num_rows($sql_subs); for($z = 0; $z < $num; $z++) { $vlans[] = "subnet $subnetmask $msk {option domain-name-servers $dns01, $dns02;option routers $rtrs;range $rnge;}"; } } // Write everything out formated... echo $vlans[$z]\n; Right now it only pulling the last record??? Jas -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Not working?
I think I must be missing something but this command isn't renaming the file specified... Pointers, tips appreciated! system("rename('/path/to/new.sh', '/path/to/old.$today')"); /to directory has permissions set to current user and is also owned by the current user (test_user)... I can write files into the directory and delete files form the directory using the 'unlink()' command but the rename function I am having problems with. Jas -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] permissions with bash scripts in php?
Something I have never tried... seems fairly straight-forward but I am running into problems. My problem is that I need to call system to restart a daemon service like so... $cmd = "/path/to/shell/script/script.sh"; system($cmd . " &> /tmp/error "); ?> Script contains this command... #!/bin/bash /path/to/dhcpd -cf /path/to/config/dhcpd So far so good right? I mean it works from a command line so why not from php. Lets check some permissions... httpd as Apache:Apache script.sh as Apache:Apache Upon inspection of 'error file' in /tmp I find this... unable to create icmp socket: Operation not permitted Can't create new lease file: Permission denied And... Can't bind to dhcp address: Permission denied Please make sure there is no other dhcp server running and that there's no entry for dhcp or bootp in /etc/inetd.conf. Also make sure you are not running HP JetAdmin software, which includes a bootp server. So lets set a sticky bit on the script.sh and /path/to/config/dhcpd $> chmod 1777 /path/to/config/dhcpd $> chmod 1777 script.sh So far so good but I am still recieving the same error, if anyone has some good tips on what would be the most efficient & SECURE way of starting this service please point me to the tutorial Thanks a ton. Jas -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] permissions with bash scripts in php?
Jake McHenry wrote: - Original Message - From: "Jas" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Monday, January 12, 2004 4:47 PM Subject: [PHP] permissions with bash scripts in php? Something I have never tried... seems fairly straight-forward but I am running into problems. My problem is that I need to call system to restart a daemon service like so... /tmp/error "); ?> Script contains this command... #!/bin/bash /path/to/dhcpd -cf /path/to/config/dhcpd So far so good right? I mean it works from a command line so why not from php. Lets check some permissions... httpd as Apache:Apache script.sh as Apache:Apache Upon inspection of 'error file' in /tmp I find this... unable to create icmp socket: Operation not permitted Can't create new lease file: Permission denied And... Can't bind to dhcp address: Permission denied Please make sure there is no other dhcp server running and that there's no entry for dhcp or bootp in /etc/inetd.conf. Also make sure you are not running HP JetAdmin software, which includes a bootp server. So lets set a sticky bit on the script.sh and /path/to/config/dhcpd $> chmod 1777 /path/to/config/dhcpd $> chmod 1777 script.sh So far so good but I am still recieving the same error, if anyone has some good tips on what would be the most efficient & SECURE way of starting this service please point me to the tutorial Thanks a ton. Jas -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php is the apache user and group able to run the script from the command line? I know under rh9, you have to be root to start / stop / restart just about all the services. Just an idea. Jake Just tried that and I am getting the same error. I guess what I am really looking for is a way to have apache restart the service without adding the apache user in the 'sudoers' file. Jas -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] permissions with bash scripts in php?
Jason Wong wrote: > On Tuesday 13 January 2004 06:46, Jas wrote: > > [Please trim your posts!] > > >>Just tried that and I am getting the same error. I guess what I am >>really looking for is a way to have apache restart the service without >>adding the apache user in the 'sudoers' file. > > > If you really must restart system services over insecure interfaces such as a > web browser then consider using something which was 'tailor-made' for the > purpose eg Webmin. Webmin is not ideal, but since you are having to ask the > question I would assume that it would be better than anything you could come > up with at this moment in time. > > If you still want develop your own, then have a look in the archives for > possible solutions using sudo, or cronjobs. > So instead of having a function to run a bash script which would restart the dhcp service after a new dhcpd.conf file has been written (which would run under the same user as the httpd service). You are suggesting to run a cron job which would maybe run every 5 or 10 minutes to run the bash script which restarts the service? Would this be the most secure method of accomplishing such a task? Or is there a way to put a hook in the bash script which php could execute as a privledged user? Thanks for the insight, Jas -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Dynamic Forms
Matt Matijevich wrote: [snip] Can anyone suggest a PHP solution to creating a form that gets built after a client enters a variable? [/snip] php runs on your server so to build the forms based on a user entered form field, the form has to be submitted, so you would have to use javascript to automatically submit the form or have the user push a submit button to susbmit the form so php can do its thing. I don't have a solution or tutorial per se'... Google might. Here is a small example of a self processing form, if it helps. "; } elseif((!empty($_POST['var01'])) || (!empty($_POST['var02']))) { $form = " "; } else { $form = "$_POST[var01] $_POST[var02]"; } echo $form; ?> Jas -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Ip Tracking Utilities
Rolf Brusletto wrote: Hey all - I've heard mention of Ip database/tracking utilities in the lists before, but I can't seem to find any mention when googling... does anybody know of a good app to track multiple Class C spaces or larger? Thanks, Rolf Brusletto -- http://www.phpExamples.net http://www.emailfeeds.com -- Have you tried using a system to ping a given range of IP's? http://us4.php.net/manual/en/function.system.php Something like... "192.168.0.2", "1" => "192.168.0.3", etc...); for($i = 0; $i > $network; $i++) { $result = system("ping $network[$i]") if($result != "") { echo "host $network[$i] responded"; } } HTH Jas -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Function for crypt and decript.
[EMAIL PROTECTED] wrote: Hi all, are in PHP, functions for crypt and decrypt string? I would to use this function in my script in PHP, how can I use this? I need of an example for use this and a list of this function. Thanks in advance. base64_decode() and base64_encode() http://us2.php.net/manual/en/ref.url.php crypt() http://us2.php.net/manual/en/function.crypt.php mcrypt() - Must have packages installed, but works very well http://us2.php.net/manual/en/ref.mcrypt.php openssl() - Also must have packages installed http://us2.php.net/manual/en/ref.openssl.php Hope this helps... Jas -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Suggestion on executing external programs from within php
Using system in this manner may work for small scripts/programs that only need authentication of the webserver. But for something like restarting a service I use a shell script run as a cron job then just call a system("touch /path/to/temp/file") which the cronjob looks at to see if it should restart a service. just 2 cents Jas Ammar Ibrahim wrote: maybe if you put Call1 and Call2 in seprate PHP files, and you call both of them. i guess it would work Ammar "John Clegg" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] Hi I would like to be able to execute 2 system calls simultaneously. I am not interested in the output and I would like to do the equivalent of a fork as these programs take a long time. eg system('/usr/local/bin/process_file file1'); system('/usr/local/bin/process_file file2'); Any suggestions on what to use??? Cheers John Clegg -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Tracking users...
I am fairly new to PHP and have setup a site that connects to a MySQL db to store different information from our users, however what I would like to setup is something that I could place on a few pages to track users for demographic purposes. What I need to do is as a page is visited I need to generate a random alpha numeric identifier to be used as a session variable for a cookie and also have that cookie's information be placed into a MySQL database for later retrieval. If anyone has a good resource tutorial on this type of function I would greatly appriciate it. Oh and yes I have done quite a bit of research on php.net on both the session() and the setcookie() functions. =) Thanks again. Jas -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP] Re: Basic Authentication with IIS
Yeah basically on an IIS server you have a default www group that you can use because it has read only permissions, if you need to add a user just go to administrative tools on the server and then computer management if not in a domain or active directory users and groups if the server is a member of a domain. Once you are in the control panel for adding users and groups you will want to find the default www user which in 2000 i believe is named IIS and you can use that user or create new users with passwords and then add them to the IIS group which by default gives minimal privlidges to web users. I hope this helps, let me know if you get stuck or dont understand something k? Jas "Spamsucks86" <[EMAIL PROTECTED]> wrote in message 000601c1a468$9c9c2f40$7f523944@cc1966780a">news:000601c1a468$9c9c2f40$7f523944@cc1966780a... > With apache, you can easily match up a L/P to an htpasswd file. With > IIS, the user has to be created as the windows level. I'm moving a site > from an apache server to an IIS server, and need to figure out an easy > way to do basic authentication. I guess putting a chunk of code at the > top of every script to check headers would be appropriate, but that > would be a lot of work for this site, plus I have PHP scripts that I > didn't write and are very complex and trying to edit them in order to > accomplish this would be hell. What other alternatives do I have for > basic authentication on IIS? Is there a way maybe to make users on the > O/S and just give them minimal permissions? If there's an article > somewhere on this, just give me the link =) Thanks for your help! > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP] general question...
Using php3 is there a way to have a page only be access if the user is coming from another page? I don't quite know how to word what I am thinking but for instance... Form <-- page that contains a form to submit an email address to a mailing list Confirm <-- page that confirms the users email address Submit <-- page that connects to database and submits users email address What I want to do is have users not be able to access the submit page unless they are refered from the confirm page... Using php is this possible? And if so could someone point out somewhere that has more info so I may begin incorporating this into my scripts. Thanks in advance... Jas -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] General question...
Ok I think I know what I need to learn... how can I do a redirect based on whether or not a user came from a certain page? For example... if a user comes from a page called confirm.php then it takes them to a page called thanks.php and if the user came from a different server or typed the url directly then it would redirect the user to the index.php page? Thanks in advance... Jas P.S. A tutorial on this would definately prevent me from posting the same question again. =) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Formatting problem
I feel kinda dumb for posting this but here it is... I am trying to query a table then format the results so it looks like the rest of the site and the darn delete button to remove db entries keeps showing up at the top. Here is the code... Thanks in advance. Jas Current Inventory"; $count = -1; while ($myrow = mysql_fetch_row($result)) { $count ++; echo "Type Of Car: "; printf(mysql_result($result,$count,"car_type")); echo "remove \n"; echo "Model Of Car: "; printf(mysql_result($result,$count,"car_model")); echo "\n"; echo "Year Of Car: "; printf(mysql_result($result,$count,"car_year")); echo "\n"; echo "Price Of Car: $"; printf(mysql_result($result,$count,"car_price")); echo "\n"; echo "VIN Of Car: "; printf(mysql_result($result,$count,"car_vin")); echo "\n"; } echo ""; ?> -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] eregi() problems...
I must be doing something wrong, for that solution did not work. "Robert Cummings" <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > jas wrote: > > > > // second selection for main image on main page > > $dir_name = "/path/to/images/directory/"; > > $dir = opendir($dir_name); > > $file_lost .= " > > "; > > while ($file_names = readdir($dir)) { > > if ($file_names != "." && $file_names !=".." && eregi('_[0-9]{4}.jpg$', > > $file_name)) { > > $file_lost .= " > NAME=\"$file_names\">$file_names"; > > } > > } > > $file_lost .= " > VALUE=\"select\">"; > > closedir($dir); > > > > My problem is with the eregi() function to filter out files without the > > following criteria *_.jpg, it must have an underscore followed by 4 > > numbers and then ending in .jpg file extension. I have tried a few > > different methods to try and get this to work however I think I am missing > > something. All of the documentation I have read on php.net states that this > > string should work as is... I have checked the contents of the directory and > > I only have files of these two types... > > filename_logo.jpg > > filename_0103.jpg > > Could anyone enlighten me on how this is not working? > > Thanks in advance, > > I hope I'm reading right... it seems you want to filter OUT files with > the extension '_.jpg' the above check appears to be filtering out > everything BUT these files. I think you want the following check: > > if( $file_names != "." > && > $file_names !=".." > && > !eregi( '_[0-9]{4}\.jpg$', $file_name) ) > > Cheers, > Rob. > -- > .-. > | Robert Cummings | > :-`. > | Webdeployer - Chief PHP and Java Programmer | > :--: > | Mail : mailto:[EMAIL PROTECTED] | > | Phone : (613) 731-4046 x.109 | > :--: > | Website : http://www.webmotion.com | > | Fax : (613) 260-9545 | > `--' -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Ereg ()
If you look on php.net and run a search on ereg() you will find examples on how to use regex. Your string would look like this: ereg('[a-z][A-Z][0-9]{7}') With your special characters I am not sure how that would work but check out php.net. hth Jas -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] file delete...
How can I delete a file in php? thanks in advance, Jas -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] verify file types when uploading to server...
I am wondering if any one has a good idea on how to do checking based on a files extension, what I am trying to accomplish is to be able to upload files to a webserver however I only want to have .jpg files uploaded. If anyone has a good way to do this please share. Thanks in advance, Jas -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: verify file types when uploading to server...
Nevermind... =) "Jas" <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > I am wondering if any one has a good idea on how to do checking based on a > files extension, what I am trying to accomplish is to be able to upload > files to a webserver however I only want to have .jpg files uploaded. If > anyone has a good way to do this please share. > Thanks in advance, > Jas > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: verify file types when uploading to server...
Oops... Hope this helps others, here is what I did: // This is your form... // this is the script to upload the file // Note: if you want to only upload certain file types... change the eregi('.jpg$ sting to whatever your file extension should be // Also the directory in question needs permissions set to 755 for it to work. "Michael Andersson" <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Maybe you want to share with the rest of us, or at least me how you did it? > :) > > /Micke > "Jas" <[EMAIL PROTECTED]> skrev i meddelandet > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > Nevermind... =) > > "Jas" <[EMAIL PROTECTED]> wrote in message > > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > > I am wondering if any one has a good idea on how to do checking based on > a > > > files extension, what I am trying to accomplish is to be able to upload > > > files to a webserver however I only want to have .jpg files uploaded. > If > > > anyone has a good way to do this please share. > > > Thanks in advance, > > > Jas > > > > > > > > > > > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: verify file types when uploading to server...
Could you explain that a little more? thanks, Jas "Miguel Cruz" <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Not sure what you're tring to achieve, but that only checks the file's > name. You might want to use file (man 1 file) to verify that it actually > is a JPEG, since people can put malicious data into a file named xxx.jpg > and perhaps fool IE into doing bad things. > > miguel > > On Wed, 17 Apr 2002, jas wrote: > > > Oops... Hope this helps others, here is what I did: > > // This is your form... > > > enctype="multipart/form-data"> > > > > > > > > > > > > > > // this is the script to upload the file > > // Note: if you want to only upload certain file types... change the > > eregi('.jpg$ sting to whatever your file extension should be > > // Also the directory in question needs permissions set to 755 for it to > > work. > > > if ($img1_name != "" && eregi('.jpg$', $img1_name)) { > > @copy("$img1", "/path/to/directory/$img1_name") or die ("Could not upload > > file, please try again after making sure the file is less than 2mb in size > > and the file name correct"); > > } else { > >die("No file selected for upload, or the file was not the correct type. > > Please only upload .jpg files."); > > } > > ?> > > > > "Michael Andersson" <[EMAIL PROTECTED]> wrote in message > > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > > Maybe you want to share with the rest of us, or at least me how you did > > it? > > > :) > > > > > > /Micke > > > "Jas" <[EMAIL PROTECTED]> skrev i meddelandet > > > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > > > Nevermind... =) > > > > "Jas" <[EMAIL PROTECTED]> wrote in message > > > > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > > > > I am wondering if any one has a good idea on how to do checking based > > on > > > a > > > > > files extension, what I am trying to accomplish is to be able to > > upload > > > > > files to a webserver however I only want to have .jpg files uploaded. > > > If > > > > > anyone has a good way to do this please share. > > > > > Thanks in advance, > > > > > Jas > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: verify file types when uploading to server...
Ok, I understand how it works at least, however I am not familiar enough with unix systems to know how to effectively use that command. Could you give me an example in code so I can mess around with it? Thanks again, Jas -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] file extension validation
Here is what I have currently to validate the file type on upload to a server: Right now it just checkes the file extension, I would like to know how I can use this piece of code and add the functionality of actually checking the file first. If anyone can point me in the right direction that would be great. Thanks in advance, Jas -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] verify file before linking to another
I am wondering if there is a good tutorial or example of code on how to verify that a page has been hit before linking to the next. For example say you have a form, the form once all fields have been filled links to a confirmation page then from there it links to a thank you page which inserts data to a text file, how can one verify that someone is not just typing in the name of the last page and therefore inserting a blank entry into the text file? Any help would be great. Thanks in advance, jas -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] sessions and outside of server root
I have been using a script for sessions and it has worked great until i decided to move everything outside of the server root for a little added security and everything works fine except for the sessions, I am wondering if I would need to specify the tmp directory on the server for the sessions to work, any help or pointers would be great. Thanks in advance, jas -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] arithimetic
This is a simple problem but for some reason it is eluding me... I have a form that has text fields and check boxes, the function checks the form, counts words, strips the slashes, then based on the number of words and number of checkboxes selected calculates a cost... I have added 4 new checkboxes and when i try to do the calculation $total *= $section; it will not count the four check boxes and multiply the total by the number selected... here is the code, any help would be great: 10) { # if the users ad has more than 10 words in it than $quarters = the extra words times .20 $subtractor = $num - 10; $quarters = $subtractor * .20; } $subtotal = $price + $quarters; # price plus the number of words over 10 $total = $papers * $subsubtotal; # new price multiplied by number of papers $total *= $weeks * $section; # this is where I am stuck, doesnt calculate the new checkboxes $total = sprintf ("%01.2f", $total); ?> -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] sessions
I am a little confused on how to keep a variable registered on more than one page. For example you log into a page which queries the database. Form code is as follows... User Name: Password: The auth_done.php then checks to see if the user entered anything for the username and password and if it doesnt it will re-direct them to the login page. If the un and pw has been entered it will then query the database for a valid entry, code is as follows... You have been authorized to make changes to the web site."; session_is_registered('u_name'); session_is_registered('p_word'); session_start(); } else { header("Location: index.php"); exit; } ?> edit pages The problem I am having is if the user clicks the link for edit.php the session variables "u_name" and "p_word" are not being passed and I can't do any other checking with out that. Please help, good tutorials on this are very appreciated! Thanks in advance, Jas -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] session problems...
Ok I think I am a little confused as to if this is working or not: I have commented in the places where I am confused... if someone could please point out why the variables "u_name & p_word" are not being registered that would help me out a ton... thanks in advance, Jas --- Form to log user in --- --- checks db to see if user exists --- You have been authorized to make changes to the web site."; session_start(); #session_register(u_name); //cant tell if this has been registered with a print statement #session_register(p_word); //can't tell if this is either $_session['u_name'] = $u_name; //this must be wrong too $_session['p_word'] = $p_word; //still wont register session variables } else { header ('Location: index.php'); exit; } ?> edit more pages --- page to see if variables are being passed to edit page --- success? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Reading dir contents...
here is a function to read the contents of a directory that then pulls it into a drop down select list. You may want to modify it for your needs but this should work for you. $dir_name = "/virtual/path/to/images/directory/"; $dir = opendir($dir_name); $file_list .= " "; while ($file_name = readdir($dir)) { if (($file_name != ".") && ($file_name !="..")) { $file_list .= "$file_name"; } } $file_list .= ""; closedir($dir); HTH Jas "Ashley M. Kirchner" <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > Take this function: > > function randomImg() { > $numargs = func_num_args(); > $ImgArray = array($numargs-1); > $arg_list = func_get_args(); > $ImgDir = $arg_list[0]; > srand((double)microtime()*1234567); > $img = $arg_list[rand(1,count($arg_list)-1)]; > while(!$img) { > $img = $ImgArray[rand(1,count($ImgArray))]; > } > return "$ImgDir/$img"; > } > > > ...it assumes two things: $arg_list[0] is a variable (which is always > passed) that ends up being $ImgDir, and then there's $arg_list[1-n] where 'n' > is >1 . Right now, I'm calling this function like so: > > > > However, I'd like to change it so that I don't have to specify the image > names ($arg_list[1..n]), but just the first variable. I'd like for it to grab > whatever it finds in that folder (passed as the variable), and use. This way I > can have any number of images in that folder without having to edit my pages > every time to add or remove more. And what if the image name changes, once > again I have to manually fix the function call in my pages. > > Can PHP do this; open that directory, read its contents and use it (if so, > how?) Or do I have to go to Perl for this? > > -- > W | I haven't lost my mind; it's backed up on tape somewhere. > + > Ashley M. Kirchner <mailto:[EMAIL PROTECTED]> . 303.442.6410 x130 > IT Director / SysAdmin / WebSmith . 800.441.3873 x130 > Photo Craft Laboratories, Inc.. 3550 Arapahoe Ave. #6 > http://www.pcraft.com . . .. Boulder, CO 80303, U.S.A. > > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] security checks with sessions...
I am wondering if someone can help me understand a good way to use sessions to check to see if a user has entered a user name and password before allowing them to view the rest of the page. I need to have this check on each page, just not sure how I can pass the sessions to each page, as of yet I can get the variables I have registered to pass from the login form to the login check, and from there it seems to drop the session variable I registered. Any pointers would be great! Thanks in advance, Jas -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] uh, oh errors?
Not sure how to resolve this, looked at php.net for the headers available and this is the error I am recieving: Warning: Cannot add header information - headers already sent by (output started at /path/to/connection/script/db.php:6) in /path/to/login/checking file/auth_done.php on line 13 Here is the code that is in auth_done.php: session_start(); require '/path/to/login/checking file/db.php'; $db_table = 'auth_users'; $sql = "SELECT * from $db_table WHERE un = \"$u_name\" AND pw = password(\"$p_word\")"; $result = @mysql_query($sql,$dbh) or die("Couldn't execute query"); $num = mysql_numrows($result); if ($num !=0) { session_register('u_name'); session_register('p_word'); $msg_success = "Good freakin job poindexter!!"; } else { header ("Location: index.php"); // This is line 13 that is my error generator } This is the code for the db.php script: Any help would be great! I am assuming there is another way to redirect users besides the header function, just not sure what it is or how to use it. Thanks in advance, Jas -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] uh, oh errors?
That worked, I had about 3 blank lines trailing my ?>. Thanks a ton! Jas "Rasmus Lerdorf" <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > What is on line 6 of the db.php file? Do you have a stray carriage return > at the end of this file? > > On Thu, 16 May 2002, Jas wrote: > > > Not sure how to resolve this, looked at php.net for the headers available > > and this is the error I am recieving: > > > > Warning: Cannot add header information - headers already sent by (output > > started at /path/to/connection/script/db.php:6) in /path/to/login/checking > > file/auth_done.php on line 13 > > > > Here is the code that is in auth_done.php: > > > > session_start(); > > require '/path/to/login/checking file/db.php'; > > $db_table = 'auth_users'; > > $sql = "SELECT * from $db_table WHERE un = \"$u_name\" AND pw = > > password(\"$p_word\")"; > > $result = @mysql_query($sql,$dbh) or die("Couldn't execute query"); > > $num = mysql_numrows($result); > > if ($num !=0) { > > session_register('u_name'); > > session_register('p_word'); > > $msg_success = "Good freakin job poindexter!!"; > > } else { > > header ("Location: index.php"); // This is line 13 that is my error > > generator > > } > > > > This is the code for the db.php script: > > > $dbh = mysql_connect('localhost','username','password') or die('Could not > > connect to database, please try again later'); > > mysql_select_db('db_name') or die('Could not select database, please try > > again later'); > > ?> > > > > Any help would be great! I am assuming there is another way to redirect > > users besides the header function, just not sure what it is or how to use > > it. Thanks in advance, > > Jas > > > > > > > > -- > > PHP General Mailing List (http://www.php.net/) > > To unsubscribe, visit: http://www.php.net/unsub.php > > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: List content of folders?
readdir(); search for that and you should find what you need. HTH Jas "Hawk" <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Is there some var that does this automaticly? I don't really know what to > search for on php.net.. :P > If there isn't, is there any other way to do this? I know it's possible with > asp but I have no plans on using asp :P > > Håkan > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] verify file against array?
I am trying to register an array containing file types, htm, jpg, jpeg, gif and pdf. I think I am missing something, if someone could look at this and tell me what I am doing wrong that would be awesome, thanks in advance. jas "1", ".jpg"=>"2", ".jpeg"=>"2", ".htm"=>"3", ".pdf"=>"4"); if ($img1_name != "" && eregi('$types', $img1_name)) { @copy("$img1", "/path/to/images/$img1_name") or die ("Could not upload file, please try again after making sure the file is less than 2mb in size and the file name correct"); } else { die("No file selected for upload, or the file was not the correct type. Please only upload .jpg files."); } ?> -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] in_array problems (another pair of eyes?)
I don't think I am using the syntax correctly, I have been looking at this function on php.net and everything I have seen says my code should be working. A form allows the user to upload a file: Resulting file (upload_done.php): And here is my error: Warning: Wrong datatype for first argument in call to in_array in upload_done.php on line 7 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php