Alessandro Rosa a écrit :
> how can one know which are all the parameters one can type after
> about: in Firefox 1.0.4 ?
By asking Google?
http://www.google.com/search?q=about+urls+in+mozilla+site%3Amozillazine.org
> about:config
> about:plugins
He would tell you [1] about
about:mozilla
about:c
Jochem Maas a écrit :
> if someone with access to the webserver hosting jnsolutions.co.uk could
> do a quick rm -rf /home/jnsoluti/.autorespond that would be great :-)
To that someone, here's the admin URL (cPanel 9) if you forgot it :)
http://jnsolutions.co.uk:2082/
Ch.
--
PHP General Mailing
Michael Satterwhite a écrit :
> in /etc/php4/apache, I have the setting
I guess you mean /etc/php4/apache/php.ini
> error_reporting = E_ALL & ~E_NOTICE
You'll get all errors but warnings (ex unused var). What you want is
error_reporting = E_ALL
Ch.
--
PHP General Mailing Lis
Andy Pieters a écrit :
> I am looking at where I can get my system tested for penetration.
Probably on the world "wild" web :-)
More seriously, there are companies doing that, but it can be expensive.
> http://www.vlaamse-kern.com/yourstore-0.0.2-beta1/admin/
>
> It is actually a kind of CMS sys
Robert S a écrit :
I am running a Woody server. I'd like to run php scripts from the command
line, but I note that the php/php4 executable is not in my PATH.
just install php4-cgi package (apt-get install php4-cgi)
and the PHP 4 CLI will be install : /usr/bin/php4
Next time, try to use 'apt-cache
Jason Barnett a Ãcrit :
trying to store data in MySQL in an unsupported encoding format.
MySQL only supports the UTF-8 encoding (of Unicode) since MySQL 4.1 IIRC
Ch.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Richard Lynch a écrit :
POST versus GET is an aesthetic choice, not Security, not Performance.
Of course, I agree it's not really a 'security' choice.
But another think you can think of can be found in the HTTP/1.1 spec
(rfc 2616) in the 'Safe Methods' section [1]. To summarize:
- GET (and HEAD) sh
Emil a écrit :
I'm creating a webmail interface for a pop3-server
Why not use one of the many webmail apps?
Ex written in PHP/Perl, with no particular order:
Neomail
http://neocodesolutions.com/software/neomail/
Openwebmail
http://openwebmail.org/
IMP (horde)
http://horde.org/imp/
IlohaMail
http://
Mailit, LLC a écrit :
$userName = $_POST[userName];
$passw= $_POST[passw];
(...)
$cmd = "SELECT * FROM theTable "
. "WHERE userName='$userName' ";
$res = mysql_query( $cmd ) or die( "Password search failed." );
Without validating userName in $_POST, that code is vulnerable
I dont know if it's the right place to post, but anyway...
(Sorry for the cross-post.)
I think the doc for the mail function [1] should be improved,
after reading bug 15841 [2], mail.c [3], skim some RFCs,
and after I had different problems with PHP mail()
Basicaly, the doc says to use
- \n in body
Greg Donald a écrit :
function encrypt( $string )
{
$key = '&[EMAIL PROTECTED]';
$result = '';
for( $i = 1; $i <= strlen( $string ); $i++ )
{
$char = substr( $string, $i - 1, 1 );
$keychar = substr( $key, ( $i % strlen( $key ) ) - 1, 1 );
Binoy AV a écrit :
Hi,
I have an html file containing a table. I applied
eregi(".*",$contents,$temp) through my Php.I am getting
> (...)
The code removing only the first and last <(/)tr>.
Expected behaviour : regex are 'greedy', ie
the .* matches the longuest string possible
How to do it usin
Ali a écrit :
if ( ( !isset( $PHP_AUTH_USER )) || (!isset($PHP_AUTH_PW))
|| ( $PHP_AUTH_USER != 'user' ) || ( $PHP_AUTH_PW != 'open' ) ) {
Better use $_SERVER['PHP_AUTH_USER'] instead of $PHP_AUTH_USER
and $_SERVER['PHP_AUTH_PW'] instead of $PHP_AUTH_PW.
Chapter 33. HTTP authentication with PH
Donald Tyler wrote:
I am looking for a guide on compiling PHP 4. I am a complete newbie to
compiling and have no idea where to start, so any links to guides and/or
other useful info would be much appreciated.
PHP is a scripting language, no need to compile it.
If you're really new, 2 links from t
symbulos partners wrote:
We would like to know about security issues with curl, before installing it.
If you're talking about curl extension used from PHP scripts, read on.
If bad guys can use curl PHP extension via some security hole in your scripts,
this mean they can make HTTP requests (GET, POS
symbulos partners wrote:
We would like to know about security issues with curl, before installing it.
hem, this is a PHP list. Perhaps you're talking about curl PHP extension?
We are using Debian Woody (some few packages from Sarge), and apache
1.3.29.0.2-6 and php 4.3.4-4.
For Debian security, che
Jonathan Duncan wrote:
I will also be doing a remote command to add a user to the remote
system (ServerB) from the same PHP script.
If you want to manage a server via web interface, dont reinvent
the wheel. Use webmin, by example.
Webmin runs a mini "webserver" as root (on port 1),
and uses mo
M. Sokolewicz wrote:
http://vim.sourceforge.net/tips/tip.php?tip_id=91
Thanks. It's a dictionary based completion.
Is there some way to get completion for user-defined functions,
variables etc, say in php files from/below current working directory?
Perhaps based on ctags? Some editors do it (PHPed
M. Sokolewicz wrote:
I prefer vim, which does have auto-completion, as an add-on.
Interesting. Where can this add-on be found?
(google/vim.org/debian.org, I guess, but...)
wouldn't call it an IDE... =/
Yes, but so usefull when edition html tags
Ex "ct>" to change to end of current tag
Ex "c/table"
Markus Mayer wrote:
I've searched for a tool that would translate, or at least mostly translate,
perl scripts into php, unfortunately with no success.
It's simply impossible. By example, a Perl script handling file uploads
cant be translated automatically : php4 handles file uploads _before_
the
[EMAIL PROTECTED] wrote:
is on a Linux-server, but when creating the textfile it is in Mac-mode.
If you mean different end of line coding, I guess you mean
dos = \r\n
*nix = \n
mac = \r
can convert the textfile to DOS-textfile through TextPad (An editor)
Good editors dont bother user with different
Josh Howe wrote:
> function that is crashing apache.
Seems soo unlikely. What do you mean exactly by this?
PHP doing infinte loop?
private function sort() {
Why not simply use the std sort function? Dont reinvent the wheel
http://www.php.net/manual/en/function.sort.php
>if ($val2 > $val
Nunners wrote:
I'm having some problems with using HTTP Auth in PHP5
IIRC, php 5.0 had a bug related to HTTP auth, corrected in php 5.0.1: [1]
"Fixed bug #29132 [http://bugs.php.net/29132]
($_SERVER["PHP_AUTH_USER"] isn't defined). (Stefan)"
Note, I cant access bugs.php.net right now.
If you use P
Jared wrote:
foo.php, I get "No input file specified." Instead of the standard 404
error. Is there a way to customize this?
Easy with Apache [1,2], with en ErrorDocument [1] directive.
Ex with this in a .htaccess (the FileInfo Override [3] is required)
containing this line:
ErrorDocument 404 /Lame
Daniel Schierbeck wrote:
return ($var > $min && $var < $max) ? TRUE : FALSE;
> (...)
> return in_array($needle, $haystack) ? TRUE : FALSE;
You can return booleans without comparing them to true/false:
return $var > $min && $var < $max;
return in_array($needle, $haystack);
Ch
Marek Kilimajer wrote:
That is not a bug in a php script, but in the php engine itself.
Indeed, and I found it very annoying.
Maybe if you lower the logrotate script's priority?
Process priority making php crash? I dont understand how.
Ok, I become a little out of topic,
but here's what my apache l
Olaf van der Spek wrote:
Are scripts allowed to cause a crash or fatal error of Apache/PHP itself?
Oh yes, at least with php4 as an apache module :(
On a Debian Woody server, php4 (4.1.2) sometimes crashes at logrotate time
(with apache doing gracefull restart) with the following error,
which makes
Wouter van Vliet wrote:
characters are being replaced by weird characters. EG: the ' single
quote is being replaced by a question mark
First check you use iso-8859-1 (latin-1) as encoding everywhere,
unless you really want to use unicode (utf-8 encoding):
- in html pages generated from php
- as
Wouter van Vliet a écrit :
Note: The valid range of a timestamp is typically from Fri, 13 Dec
1901 20:45:54 GMT to Tue, 19 Jan 2038 03:14:07 GMT. (These are the
dates that correspond to the minimum and maximum values for a 32-bit
signed integer.)
To avoid unix timestamps limits, dont reinvent the
In a word:
I'm looking for more detailed information about preg_replace
(and other perl regex functions) than in the php manual,
specifically about different escape rules interaction.
In more words:
PHP has it's own way of escaping strings [2]
Ex \ within '' is '\' (or '\\' if at the end or before
Andy Loftus a écrit :
Does anyone have any ideas as to why $_POST would be empty when
submitting a form to php?
I remember a post in this list about IE 6 not sending POST datas
some times (when reloading an html form).
If you use Mozilla or Firefox, the Livehttpheaders[1] extension
can help seeing
Shaun a écrit :
after lots of investigation it appears that it is just my laptop that won't
disply the variable, maybe because I am using Norton Firewall?
Possible. The REFERER HTTP field is OPTIONAL
-- See http1.1 spec (rfc2616) or this list archives.
So it's not a field anyone should rely upon.
Marek Kilimajer a écrit :
> it's not the fault of the imap protocol.
IMAP is a general file access protocol[1] (POP3 isnt)
So IMAP is more dangerous, by its very nature.
From a user perspective, this doesnt matters.
But it's very different when you're administrator
taking care of a site's security.
raditha dissanayake a écrit :
IMAP being a general file access protocol, there are inherent
security problems to be aware of. On some srv, you could easily
get /etc/passwd by simply knowing a single user/password.
Please explain how.
[sorry to be off-topic on a php list but I'll answer anyway]
Exam
Bert Slagter a écrit :
I'm looking for recent numbers of the PHP Market Penetration - if
possible compared to ASP/JSP. The netcraft survey only shows apache vs.
IIS, can't find anything about PHP there.
It seems you didnt search Google very long.
Simple google searches like
"number of sites runni
raditha dissanayake a écrit :
at the risk of starting a flame war: IMAP is the devine way of using
email. POP3 sux. :-)
IMAP being a general file access protocol, there are inherent
security problems to be aware of. On some srv, you could easily
get /etc/passwd by simply knowing a single user/pass
Markus Post a écrit :
DocumentRoot /srv/www
RewriteRule ^/(.*)/(.*)$/$1/$2
This redirects the request http://domain.de/dir1/dir2 to the local files
/srv/www/dir1/dir2/ and works fine.
No RewriteRule necessary to do this: '/dir1/dir2' becomes '/dir1/dir2'
btw RewriteRule ^/([^/]+)/(.
Ma Siva Kumar a écrit :
For example: One of the repeatedly discussed
question in the list is "Best PHP editor".
(...)
try this link :
http://phpeditors.linuxbackup.co.uk/
(contributed by Christophe Chisogne).
The link has now moved (http redirect)
http://www.thelinuxconsult
Pablo Gosse a écrit :
munging up the HTTP_REFERER for a page?
In HTTP, "Referer" is an OPTIONAL field in the HTTP/1.1 spec
(see rfc 2616). I saw many strange referers
(like 'Empty', 'bookmarks' 'XXX++', 'Removed by YYY', etc)
sent or modified by security assistants, browsers, spiders...
You can thr
Vincent Jansen wrote:
If you output a location header then I don't know what the browser will
do with text sent after that. Hopefully nothing!
Be carefull to exit() php code after header-location
(and some text, see below): otherwise code following
will be executed! It's a common error.
> I experi
csko wrote:
Is there a function to convert a ASCII char to decimal or binary?
See php functions
- ord & chr
- decbin, bindec, dechex, etc
or simply traditionnal C way (printf family)
to format and convert at the same time
(ex get '0A' and not 'a' for char with decimal code 10)
$char= '\n';
echo spr
Adam Bregenzer wrote:
You have to use javascript or
some other client side language to change anything on a page once it is
loaded in the browser.
Perhaps with a minor exception: with mozilla, you can select
a stylesheet to apply (menu view / use style).
From the CSS 1 spec [1]:
The 'LINK' element
Nabil wrote:
for ($i=0 ; $iwith n records you send n http GET requets, which take a long time,
using bandwith, and needs n executions of php script on webserver2.
Why not simply creating a csv file on the fly, with all your
3fields data, and send it to the php script on the other webserver?
You can
Chris Hayes wrote:
It takes a lot more of users to tamper with POST data than with GET
Not a lot more. Simply save the slightly modified form
on a webserver you have access to (hidden field)
-- or better create php code that generate the form
OK, aunt Annie cant do that, but she wouldnt ever thougt
Kelly Hallman wrote:
$is_secure = ($_SERVER['SERVER_PORT']==443) ? true : false ;
which can be written more simply
$is_secure = $_SERVER['SERVER_PORT']==443;
Christophe
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Prashant Akerkar wrote:
Is it Possible to extract the source code from .exe, ... .class(java) files.
[ I think you're way off-topic but... ]
Nope. But you can try to decompile binaries or java class files.
Try googling for decompilation tools
Note that decompiling softs can be prohibited by law en
Torsten Rosenberger wrote:
^M carachters in in
Classical pblm of representing "end of line" in text files between OS:
windows uses \r\n aka CRNL
*nixuses \n aka NL (newline)
mac uses \r aka CR (carriage return)
Good text editors dont care (win: wordpad, not notepad) and can
convert whil
jsWalter wrote:
setlocale(LC_TIME, "de_GR");
gives me 'October'?
setlocale(LC_TIME, "de");
gives me 'October'?
setlocale(LC_TIME, "d");
gives me 'oktober'?
I'm on a Win 2k box.
Because locales are really system dependant, as you could
clearly see using gettext translations. (I did fight wi
[EMAIL PROTECTED] wrote:
Please feel free to add more points and send to the list.
2 ideas come to my mind.
1. Add a link to the PHP FAQ in newbie guide item 1
http://www.php.net/manual/faq.php
Yes, it's part of the manual, but a frequent answer is
"Read the FAQ" or less polite ones ;-)
Steven Jarvis wrote:
>>>
RewriteEngine On
RewriteRule ^/([a-z]+)/([a-z]+)/$ paper.php?paper=$1§ion=$2 [L]
Try this (I'm no mod_rewrite expert, so no promises):
RewriteEngine On
RewriteRule /^([a-z]+)\/([a-z]+)$/ paper.php?paper=$1§ion=$2 [L]
The first try seemed better (in Apache config, '/' means
About performance issues surrounding i18n,
is gettext better than storing strings in a RDBMS ?
Can someone argue in favour or again opinion that say
the RDBMS way is faster ? [1]
[1] Re: [Phpgroupware-users] I18N: why not gettext?!
http://mail.gnu.org/archive/html/phpgroupware-users/2003-04/msg0020
daniel hahler wrote:
This works good, but if the .mo file gets changed the old content is
returned by calls to gettext, until I restart Apache.
gettext uses a caching method to speed up looking translation
strings, which explain why Apache must be reloaded [1]
Setting all LANG, LANGUAGE and LC_ALL
In the Unix world with PHP, you can do OS fingerprinting by calling
a system tool such as nmap (option: -O),
but this require root privileges, and
is not always perceived as well-behaviour by sysadmins.
Or you can do everything you want with PHP sockets.
I guess Netcraft use OS fingerprinting tool
Robert Cummings wrote:
can use a PHP script that opens a socket connection on port 80 to get
For these interactive things, Perl seems much more appropriate for me.
Using libwww aka LWP for the web client (LWP::UserAgent or LWP::RobotUA)
Using DBI for access to a DB to store/retreive results.
I'm do
And while we're at it, has anyone written a tool that will tell you
what's different between server setups?
I use diff on unix.
You may like tkdiff, with its additional GUI to diff
Christophe
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Simon Wistow <[EMAIL PROTECTED]> writes:
Is there an easy way to get the time taken to connect and the time taken
to respond to an HTTP request or am I going to have to go in and hack
around?
Be careful, there are problems with timeouts,
which dont work natively
(you can get 20sec timeout or mor
Curt Zirzow wrote:
a dialog that asks whether to open or save the document.
>>
Nope, unfortunately you don't have that power, and for good reasons.
I agree, a browser should NOT open document (dangerous macros?) without
asking. I remember Microsoft created a patch for IE (around version 5.5)
to
Wouter van Vliet wrote:
So, since I'm not quite a newbie I did not read all the guides .. RTFM (Read
The F*ck!ng Manual) and STFW (Search The [EMAIL PROTECTED] Web) I already knew, but
what does STFA stand for ;)..
In a "word" : s/STFA/STFAQ/
From ESR's Jargon File v4.4.4 (some hacker culture, yes
Christopher J. Crane wrote:
returning only like some of the data in the field.
What I am getting back
only 255 chars or so...
Perhaps a varchar(255) field which should be something
like "text" (MySQL) ?
--
Christophe
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://w
e_DE vs german).
So I simply copied the /de_DE dir to /german and so on.
(for french, I had fr/, fr_BE/ and french/ as dir for it to work
on 2 linux servers and 1 test NT server :(
Hope it helps,
--
Christophe Chisogne
Developper, Publicityweb sprl
http://www.publicityweb.com
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
der". sic.
Solution is of course emptying IE cache... or switching to mozilla ;-)
See M$ Knowledge base article Q306907
--
Christophe Chisogne
Developper, Publicityweb sprl
http://www.publicityweb.com
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
ding quotes.
See
http://www.creativyst.com/Doc/Articles/CSV/CSV01.htm
Hope it helps, but the CSV format isn't really a standard
(ex MySQL use escapes seq like \" for included " in fields)
--
Christophe Chisogne
Developper, Publicityweb sprl
http://www.publicityweb.com
--
PHP Gene
, set admindir var: " $admindir= './' "
3. create root/inc/config.php (all cfg vars for root/)
4. in config.php, set admindir var: " $admindir= './admin/' "
5. in 'lib01-type' files, use
require $admindir . './inc/lib02.php'
6. of c
n php.ini or in a .htaccess,
in particular safe_mode_exec_dir ...
Hope it helps
--
Christophe Chisogne
http://www.publicityweb.com
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
:-/
Of course, I restarted the webserver (apache reload) between tests,
to avoid problems with the gettext cache.
I think I'll simply copy ./locale/french to fr, fr_BE, fr_FR
And something similar for dutch and german. But I thought there
was some better and cleaner way to do it, in a more man
...) ? Is there a way
to do it for the code to work nearly everywhere ?
I'll use a class to hide that complexity.
Can someone help ? The PHP documentation is far from beeing
clear and precise enough in that particular field.
---
Christophe Chisogne
Developper, Publicityweb sprl
http://www.publicityweb.com
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
66 matches
Mail list logo
