2010/8/25 Paul M Foster :
> On Wed, Aug 25, 2010 at 01:05:12PM -0400, David Mehler wrote:
>
>> Hello,
>> Thanks to all who answered my quotes question. I've got another one.
>> I've got several combo boxes that are sticky, below is an example of
>> one and the function. Now i'd like to tighten it u
2010/8/27 Jan G.B. :
> But make sure the other code which we don't see
> - does not outpot any _POST / _GET / _REQUEST / _COOKIE variables
> without encoding the contents (f.e. htmlspecialchars), or
> - does not send and user supplied data without scaping the sb-related
>
2010/8/25 Marc Guay :
>> function html($text)
>> {
>> return htmlentities($text, ENT_QUOTES, 'UTF-8');
>> }
>>
>> function htmlout($text)
>> {
>> return html($text);
>> }
>
> Possibly irrelevant, and definitely not related to your questions, but
> is it just me or is htmlout() a usele
2010/8/24 Peter Lind :
> On 24 August 2010 16:25, Jan G.B. wrote:
>> 2010/8/24 Bob McConnell :
>>> From: Peter Lind
>>>
>>>> On 24 August 2010 15:43, Gary wrote:
>>>>> Jan G.B. wrote:
>>>>>
>>>>>> The
2010/8/24 Bob McConnell :
> From: Peter Lind
>
>> On 24 August 2010 15:43, Gary wrote:
>>> Jan G.B. wrote:
>>>
>>>> The weakness of MD5 is mainly because MD5 collisions are possible.
>>>> That means, that different strings can have the sam
2010/8/18 Daniel P. Brown :
> On Tue, Aug 17, 2010 at 15:19, tedd wrote:
>>
>> Bingo -- that worked.
>>
>> It's interesting that a space is optional between -u and user, but required
>> to be absent between -p and password. Seems not symmetrical to me.
>
> The command I sent was because - as I
2010/8/19 Andre Polykanine :
> Hello Nathan,
>
> Sorry, could you provide any links to read for a security noob?)
> Actually, I know that the md5 is decryptable (there are bases with
> words encrypted in md5), but I thought the SHA1 was secure...
> --
> With best regards from Ukraine,
> Andre
> ---
2010/6/1 Peter Lind :
> On 1 June 2010 17:33, Ashley Sheridan wrote:
>> On Tue, 2010-06-01 at 16:31 +0100, Richard Quadling wrote:
>>
>>> $re1 = '/^[a-z]++$/i';
>>> $re2 = '/^[a-z ]++$/i';
>>>
>>>
>>>
>>> --
>>> -
>>> Richard Quadling
>>> "Standing on the shoulders of some very clever giants!"
Hi there.
I'm also a User of the Netbeans IDE and I can tell you the following:
- Netbeans is the only IDE who can load very large PHP scripts (f.e.
>1mb PHP Script with a multiple of 10thousands of lines) with syntax
highlighting and SUPERB code completion. It works with include files,
you can
2010/5/6 David McGlone :
> On Wednesday 05 May 2010 16:19:35 Paul M Foster wrote:
>> On Wed, May 05, 2010 at 01:03:41PM -0400, David McGlone wrote:
>> > On Wednesday 05 May 2010 12:51:00 Ashley Sheridan wrote:
>> > > On Wed, 2010-05-05 at 12:55 -0400, David McGlone wrote:
>> > > > I've checked and
2010/4/25 Michelle Konzack :
> Hi,
>
> I have a code sniplet which does not work and I do not know why:
>
> 8<--
> $isfile=shell_exec("ls /tmp/tdphp-vserver/SESSION_" .
> $_SERVER['REMOTE_ADDR'] . "_" . $_COOKIE['VSERVER_AUTHUSER
You can also just send out the correct Header for plain text. But your
HTMl will not be interpreted then.. So this makes only sense if you
actually want plain text as the output format.
header("Content-type: text/plain; charset=utf8");
echo "foo\nbar";
Regards
2010/4/23 Nick Balestra :
> Thanks
Hi List,
I just figured, that the Browsers on my system do interpret '
inside href or onclick attribute as a plain '.
Imagine the user input is the following line:
param2" foo';);alert(document.cookie);alert('
Which is being written by the script like that:
test
USER_INPUT is sent through htm
2010/4/16 Adam Richardson :
> On Thu, Apr 15, 2010 at 5:55 PM, Jason Pruim
> wrote:
>
>>
>> On Apr 15, 2010, at 8:55 AM, tedd wrote:
>>
>> At 4:13 PM -0400 4/14/10, Al wrote:
>>>
Incidentally, about formatting scripts, one of the reasons I like phpEdit
is that it has a terrific code bea
s
> --
> With best regards from Ukraine,
> Andre
> Skype: Francophile; Wlm&MSN: arthaelon @ yandex.ru; Jabber: arthaelon @
> jabber.org
> Yahoo! messenger: andre.polykanine; ICQ: 191749952
> Twitter: m_elensule
>
> - Original message -
> From: Jan G.B.
2010/3/30 Nathan Rixham :
> Jan G.B. wrote:
>> 2010/3/29 Nathan Rixham
>>
>>> Jan G.B. wrote:
>>>> 2010/3/29 Nathan Rixham
>>>>
>>>>> Jan G.B. wrote:
>>>>>> Top posting sucks, so I'll answer the post somewher
2010/3/30 Alex Major
>
> Surely if it's not suitable for your situation, it's not the best? :)
>
> Mantis is what I'd recommend and believe has already been recommend to you.
> Runs using PHP and MySQL, it's flexible for public or private projects,
> multiple projects etc.
>
> I do agree with you
2010/3/29 Nathan Rixham
> Jan G.B. wrote:
> > 2010/3/29 Nathan Rixham
> >
> >> Jan G.B. wrote:
> >>> Top posting sucks, so I'll answer the post somewhere down there.
> >>>
> >>>
> >>> 2010/3/29 Devendra Jadhav
&g
2010/3/29 Nathan Rixham
> Jan G.B. wrote:
> > Top posting sucks, so I'll answer the post somewhere down there.
> >
> >
> > 2010/3/29 Devendra Jadhav
> >
> >> Then you can do file_get_contents within PHP. or any file handling
> >> mechanis
Top posting sucks, so I'll answer the post somewhere down there.
2010/3/29 Devendra Jadhav
> Then you can do file_get_contents within PHP. or any file handling
> mechanism.
> >> On Mon, Mar 29, 2010 at 1:00 AM, ebhakt wrote:
> >>> Hi
> >>> i am writing a web application in php
> >>> this webap
2010/3/29 Anshul Agrawal
> There is something new based on Trac but written in PHP.
>
> mtrack (http://bitbucket.org/wez/mtrack/wiki/Home)
>
> It is written by one of the PHP Core Developers (Wez Furlong). May be you
> want to try it out.
>
> And there's something quite new that's aimed to be lik
2010/3/24 Marten Lehmann
> Hello,
>
>
> dan...@daniel-laptop:~$ php test.php> /dev/null
>> Error 1
>> Error 2
>> dan...@daniel-laptop:~$ ./src/php-5.2.12/sapi/cli/php test.php>
>> /dev/null
>> Error 1
>> Error 2
>>
>
> well, using php-cli instead of php-cgi, this finally worked:
>
> fwrite(ST
2010/3/23 Daniel Egeberg
> On Tue, Mar 23, 2010 at 11:47, Marten Lehmann wrote:
> > Hello,
> >
> > I found different code examples like this, which use the file handle
> STDERR
> > just like this:
> >
> > > fwrite(STDERR, "hello\n");
> > ?>
> >
> > Also, the PHP documentation of input/output st
2010/3/23 Marten Lehmann
> Hello,
>
> I found different code examples like this, which use the file handle STDERR
> just like this:
>
> fwrite(STDERR, "hello\n");
> ?>
>
> Also, the PHP documentation of input/output streams (
> http://php.net/manual/de/wrappers.php.php) says:
>
> "It is recommen
2010/3/20 King Coffee
> Hi,
>
> I'm executing a third-parity standard PHP application on a Windows IIS 7
> shared hosting server.
>
> I need to convert, or use, a SMTP mailer service. I found two SMTP PHP
> scripts - I think may work.
>
> The sourceforge.net PHPMailer project and the pear.php.ne
2010/3/18 Ashley Sheridan
> On Thu, 2010-03-18 at 18:09 +0100, Jan G.B. wrote:
>
> 2010/3/18 Ashley Sheridan
>
> > I'd rather have short tags turned off than remember each time that I have
> > to keep breaking up the < and ?php before I output it in-c
2010/3/18 Ashley Sheridan
> I'd rather have short tags turned off than remember each time that I have
> to keep breaking up the < and ?php before I output it in-case the parser
> gets confused.
>
You don't need to break anything up. It's perfectly valid and without
problems:
'; ?>
2010/3/18 Ashley Sheridan
> Technically, PHP isn't embedded in any language; it's the other way around.
>
> XML and PHP are used together more often than you might realise. Consider
> Ajax and RSS, which are becoming more and more popular. Also, there are
> sites out there that are almost entirel
2010/3/18 tedd :
> Calling it "ranting" or "religious" unjustly demeans the discussion and is
> inflammatory.
> In all of this, I've simply said it's your choice.
What I said was:
*persons ranting about short open tags* *are just like some religious people
*
I did not address you.
On the other h
2010/3/18 Pete Ford :
> On 17/03/10 18:59, Tommy Pham wrote:
>>
>> On Wed, Mar 17, 2010 at 11:01 AM, Rene Veerman wrote:
>>>
>>> hmm.. seems easier to me to push a filetree of .php's with>> the str_replace(), than it is to get all the>> with your wishes, which may not apply to their situation ;-)
2010/3/12 Martine Osias
> Hi,
>
> My insert statements on this web page don't execute. The select statements
> do work. This tells me that the database connection is working. The username
> and password are the administrator's. What else could prevent the insert
> statements from executing?
>
> T
2009/7/14 Tom Chubb
> 2009/7/14 Eddie Drapkin
>
> > On Tue, Jul 14, 2009 at 2:29 AM, Tom Chubb wrote:
> > > Hi List,
> > > Just wanted to pick your brains please?
> > > I'm trying to standardise on the way I query databases and move away
> from
> > > the Dreamweaver built-in functions (which I k
2009/7/6 Isaac Dover
> Hi Chantale, as Bastien mentioned, a preconfigured package might be the
> best
> way to go. Wikipedia has more information:
>
> http://en.wikipedia.org/wiki/List_of_LAMP_Packages
>
> What are you wanting to build in your interface?
>
> - Isaac
>
> On Mon, Jul 6, 2009 at 9:
2009/7/4 tedd
>
> So, if you're having problems with Safari 4.0 on Mac OSX uploading files,
> you're not alone.
>
s/uploading files// ;)
To make this posting useful: The thing might be related to this Bug
http://www.webmasterworld.com/macintosh_webmaster/3300569.htm
But, since you did post o
2009/6/16 Andrew Ballard
> On Mon, Jun 15, 2009 at 7:24 PM, Shawn McKenzie
> wrote:
> > Brian Dunning wrote:
> >> Extra info, in case needed: my code says
> >>
> >> fopen('\\servername\sharename\folder\file.xml', 'w');
> >>
> >> and it returns "Failed to open stream, no such file or directory". I
2009/6/11 HallMarc Websites
>
>
> > -Original Message-
> > From: tedd [mailto:tedd.sperl...@gmail.com]
> > Sent: Thursday, June 11, 2009 9:28 AM
> > To: PHP-General List
> > Subject: Re: [PHP] Preventing XSS Attacks
> >
> > At 7:08 PM +0100 6/10/09, Ashley Sheridan wrote:
> > >
> > >So so
2009/6/10 Clancy
> On Tue, 09 Jun 2009 12:22:22 -0400, rob...@interjinn.com (Robert Cummings)
> wrote:
>
> >Craige Leeder wrote:
> >> I'm not sure I agree with NEVER using else. Sometimes else is a very
> >> logical way to organize code. However, it should not be used for data
> >> validation IE:
You could even make it shorter, if you don't need the line numbers anyway:
2009/5/14 Peter Ford :
> Moses wrote:
>> Hi Folks,
>>
>> I have a written a script in PHP which outputs the result from a text file.
>> The PHP script is as follows:
>>
>> > $alldata = file("result.txt");
>> echo "";
>>
2009/5/12 PJ :
> Could somebody please explain this?
> When the line - sort($category) is commented out, the output returns
> Notice: Undefined offset: in the line "36" for all the repeats (29 in
> this case)
Sure thing if you consider this:
> The code below:
> $SQL = "SELECT name
>FRO
What about declare, cast, unhex, exec etc.?
You Replace everything with "" isn't so good, I believe. Others
mentiond it before, that *, =, select, from ETC. are valid words and
characters in an other context.
Anayse some attacks before trying to defend them. Injections can be
heavily db-dependent,
Hi Gary,
2009/5/5 Gary :
> Jan
>
> Thanks for your note.
>
> So your wrote:
>
> $x = (3)*(2) makes no sense.
> $x = 3 * 2 works, as
> $x = (3 * 2) does, too.
> But this is not an error at all.
^^
>
> In the first example($x = (3)*(2) makes no sense.), which is
2009/5/5 tedd :
> At 10:13 AM -0400 5/5/09, Robert Cummings wrote:
>>
>> On Tue, 2009-05-05 at 10:05 -0400, Robert Cummings wrote:
>>>
>>> On Tue, 2009-05-05 at 09:49 -0400, tedd wrote:
>>> > At 2:57 PM -0400 5/4/09, Gary wrote:
>>> > >I am trying to get this to work, however it only reads the s
2009/5/5 Gary :
> This just keeps getting weirder, the results change sometimes even when the
> same info is entered..
>
> This is the revised code (after some helpful hints from some readers)
>
> Anyone help, I am supposed to show this tomorrow to client.
>
Hi there,
> Gary
>
> $_SESSION['sale
2009/4/28 Miller, Terion :
> Can someone help with how to make this work, trying to get the number of
> rows but am getting the "trying to get property of non-object"
>
> Code-
>
> $query = "select blah, blah, blah from table where ".$type." like
> '%".$name."%'";
>
> $result = mysq
2009/4/28 Luke :
>
>
> 2009/4/28 Jan G.B.
>>
>> 2009/4/28 Jay Blanchard :
>> > Our company wants to do e-mail verification and does not want to use the
>> > requests / response method (clicking a link in the e-mail to verify the
>> > address), which
2009/4/28 Jay Blanchard :
> Our company wants to do e-mail verification and does not want to use the
> requests / response method (clicking a link in the e-mail to verify the
> address), which as we all know is the only way you can be truly sure. I
> found this;
>
> http://verify-email.org/
>
> Whi
2009/4/26 Nathan Rixham :
> Deivys Delgado Hernandez wrote:
>>
>> Hi,
>> I'm having problems when i try to use the function scandir() in a Novell
>> Netware Volumen or a Windows Shared Folder
>> they both are mapped as a windows network drive, so i suppose i could
>> access them as local drive, bu
2009/4/24 Adam Williams :
>
>
> Jan G.B. wrote:
>>
>> You could try it with regular expression matching..
>> for example:
>> > preg_match_all('/([a-z]+|"[a-z ]+")/i', $searchstring, $resultarray);
>> ?>
>>
>>
>>
2009/4/24 Bastien Koert :
>
>
> On Fri, Apr 24, 2009 at 10:03 AM, tedd wrote:
>> Whereas, your opinion doesn't matter much because you haven't contributed
>> anything I can remember
Tedd, it's not my problem that your sight is limited.
I don't believe the Netiquette states that "whatever one say
2009/4/24 Adam Williams :
> I have a form where users submit search terms and it explodes the terms into
> an array based upon spaces. But, how can I have explode() keep words in
> quotation marks together? For example, if someone enters on the form:
>
> John Jill "Judy Smith"
>
> and I run $term
2009/4/24 Andrew Ballard :
> On Tue, Apr 21, 2009 at 1:20 PM, Jan G.B. wrote:
>> Do yourself a favour:
>>
>> * remopve that 1337 hax0r name - it makes you look like a dumbass
>
> This coming from someone whose e-mail address is ro0ot.w...@?
> Sounds a little ir
2009/4/24 Andrew Williams :
> Hi All,
>
> Does anyone know of any php grahp that will enable you to show/analyse more
> than one inputs like price versus time?
>
Hi Andrew,
we're using PEAR:Image_graph here and it's good for our needs. Maybe
you should check it out.
PEAR:Image_graph http://pea
2009/4/22 Daniel Brown :
> On Wed, Apr 22, 2009 at 12:31, Jan G.B. wrote:
>> I believe that you all should just overread the huge signature.
>> You've wasted a lot bandwidth with this discussion about the signature. :-)
>> It's not interesting.
>> You could ha
2009/4/22 tedd :
> At 6:31 PM +0200 4/22/09, Jan G.B. wrote:
>>
>> I believe that you all should just overread the huge signature.
>> You've wasted a lot bandwidth with this discussion about the signature.
>> :-)
>> It's not interesting.
>> You cou
I believe that you all should just overread the huge signature.
You've wasted a lot bandwidth with this discussion about the signature. :-)
It's not interesting.
You could have send your pointless replies to the person, skipping the
mailing list, so that we aren't annoyed by your drivel which is se
2009/4/21 Per Jessen :
> Jan G.B. wrote:
>
>> A web application that uses an external db server would be quite ...
>> uhm... slow! Anyone did this, yet? ;)
>
> Certainly, and it's not slow. It depends entirely on your connection to
> the public internet.
>
>
2009/4/21 Andrew Ballard :
> On Tue, Apr 21, 2009 at 8:34 AM, Grega Leskovsek wrote:
>> provided I want to store hash of a password in MySQL ... Using MySQL,
>> the whole check can be achieved with a SQL query, since the MD5
>> function is provided as part of the database query language ...
>> Can
2009/4/21 ®0L¥ :
> I have a littli application in PHP that I do with appserv, in my local
> server work ok but when I upload de page.php to the hosting server don't
> work, the hosting say in your page that support php and the web server is
> apache because the directory is httpdocs, and why my pag
2009/4/21 Chris :
>
How does one deal with that? Do you use mysql_real_escape_string?
e.g.
>>> $db_host = 'localhost';
$db_user = 'auser';
$db_pwd = 'apassword';
$database = 'adatabase';
$table = 'authorBook';
if (!mysql_connect($db_host, $db_user,
Excuse my bad spelling. I should have read the message again before
hitting send. :-)
2009/4/16 Jan G.B. :
>> I think the problem was with the $title. As above, you defined the private
>> variable $rtitle but you were trying to call the variable later as $title.
>>
>
>
&
r 16, 2009 at 2:41 PM, Thijs Lensselink
>> wrote:
>>
>> > Luke wrote:
>> > > 2009/4/16 Jan G.B.
>> > >
>> > >> 2009/4/16 Luke :
>> > >>> Hi guys,
>> > >>>
>> > >>> I've been l
2009/4/16 Luke :
> Hi guys,
>
> I've been learning about object oriented programming and I wrote this test
> class but it doesn't seem to be working, it throws no errors but doesn't
> insert anything to the database either. I have made sure that the data being
> sent when the class is instantiated
2009/4/13 René Fournier :
> "What was the unix timestamp of last week, Monday 12:00 am?"
>
Depends on when I read your message.
:-)
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
2009/4/13 PJ :
> I have already tried with several count and for schemes. None work
> because foreach ignores any counters once in the loop. Also, this
> foreach is nested within another foreach; don't know if that affects
> anything.
Have you heard of while()? You can use it in combination with
2009/4/12 Ron Piggott :
>
> At the very start of my index.php I have the following lines of code:
>
> foreach($_GET as $key => $val) {
> $$key = $_GET[$val];
> echo $_GET[$val] . "";
> }
>
> What I don't understand is why the output is
>
>
>
Well, this would happen if you open
/page.php?var=
tha
2009/4/9 tedd :
> Hi gang:
-.-
>
> I'm gathering information from a user, storing that data in a db, and then
> showing it back to the user. It's a simple process and can bee seen here in
> this address book demo (not real people):
>
> http://php1.net/a/edit-db-demo
>
> I gather information from
2009/4/9 Yannick Mortier :
> 2009/4/9 9el :
>> -- Forwarded message --
>> From: Sabrina Akter
>> Date: Thu, Apr 9, 2009 at 1:12 AM
>> Subject: codeigniter 'secure, non-secure content' pop up message in IE7
>> To: phpexpe...@yahoogroups.com
>>
>>
>> Hello Experts,
>>
>> I badly need
2009/4/7 Bastien Koert :
> On Tue, Apr 7, 2009 at 1:10 PM, Michael A. Peters wrote:
>
>> PJ wrote:
>>
>>> Bob McConnell wrote:
>>>
From: PJ
> First, let me thank you all for responding and offering suggestions. I
> appreciate it and I am learning things.
> However, it looks l
Well, you might want to do it with curl, you might want to write your
own socketscript, or your just check the return variable of
file_get_contents() - it'll be false on failure and it won't try to
get an invalid URL forever. Guess the error is somewhere else, when
your script continues indefinitel
Is it mandatory to annoy the whole list with your crap?
If you want to keep on informing me or insulting me or feel free to
send it directly to me. I'll add you to my killfile in no time.
get a life
2009/4/3 Igor Escobar :
> Better then READ is UNDERSTAND.
>
>> >> >> 2009/4/2 Igor Escobar :
>> >>
ng by the right way...can be sure that.
>
>
> Regards,
> Igor Escoar
> Systems Analyst & Interface Designer
>
> --
>
> Personal Blog
> ~ blog.igorescobar.com
> Online Portifolio
> ~ www.igorescobar.com
> Twitter
> ~ @igorescobar
>
>
>
>
>
>
2009/4/3 :
> Hi all,
>
> For any one following this thread, here is how I worked around the
> apache/php/chown limitation.
>
> script snippet (and if any one has a more elegant style, please share as I
> am an amateur script kiddie).
>
> $path = "/homes".$username;
> $chowncmd = "/usr/bin/sudo /bi
t; something.
>
> Have a nice day.
>
> Regards,
> Igor Escoar
> Systems Analyst & Interface Designer
>
> --
>
> Personal Blog
> ~ blog.igorescobar.com
> Online Portifolio
> ~ www.igorescobar.com
> Twitter
> ~ @igorescobar
>
>
>
>
>
> On
2009/4/3 Chris :
> Andrew Williams wrote:
>>
>> I want to created a window schedule a task that will run every 2 minutes
>> and
>> run my php script(www.domain.com/script.php). But I need to know how to
>> create a php.exe that I can select as a window schedule a task so that the
>> php.exe file c
Or even with CRONw if "via window" is an indicator for the evil OS.
http://cronw.sourceforge.net/
(I personally didn't test this software)
bye
2009/4/2 Michel OLIVIER :
> hi,
> with a cron and wget?
>
> 2009/4/2 Andrew Williams :
>> All,
>>
>> Please how can you run a timed php script file via win
2009/4/2 Igor Escobar :
> If you don't want change your form, do some function in Javascript witch
> control the last button you clicked.
>
Javascript is bad and you don't need it.
>> Delete
>> Delete
>> Delete
>
>
>
> I wanna make a advice to you learn more about HTML and Web Standards...
I wa
2009/3/31 Merlin Morgenstern :
> that php has trouble with files that are saved in UTF-8 with BOM. It is
> causing strange bahavior like adding extra headers. On the other hand most
> editors only save UTF-8 with BOM.
>
> Has somebody experienced the same problem? How did you overcome it?
>
Use an
That would be correct. but two things I have to add:
* it's called bad style to re-write (override) predefined vars like
_POST, _GET, _SERVER ...
* using strip_tags() to clean user-input for safe output ist not O.K.!
use htmlspecialchars(), at least.
Regards,
2009/3/28 Virgilio Quilario :
>> Hi
Erm, aren't "extends" what you're looking for?
To accomplish the auto-loading of needed subclasses?
example:
greeting = parent::$x;
}
}
$test = new BAR();
echo $test->greeting;
?>
Prints out "Hello World".
Sure - the if you put class FOO in a separate file, than you need to
require_once(it)
It won't take long until someone digs out the old joke... touch unzip,
strip ...
I can't read it anymore!
2009/3/24 Nick Cooper :
> echo 'won\'t it just end up as lots of echos and prints?';
>
> ?>
>
> 2009/3/24 abdulazeez alugo
>
>>
>> Hello guys,
>>
>> The list seems boring to me today so I've
2009/3/24 Toke Herkild :
> Hi All,
>
> I've an array() with approx 1200 items (list of id-mappings) that part works
> fine.
>
> Now I want to add this list to a query:
> $where = "id in (".$idList.")";
>
> To accomplish that i do an implode:
> $idList = implode(',', $TidList);
Are all of the Ids
2009/3/20 דניאל דנון :
> I'm a member of some forums about some topics,
> One of them include a programming forum.
>
> Now, I've visited there a week ago and saw a topic with the title "Free
> security",
> Someone who calls himself a PHP expert (and said that he could teach me PHP
> since my level
2009/3/21 Linda Stark :
>
>
> I’m not sure if I am
> in the right forum but thought I would give this a shot…
>
Sure, you are
>
> I just
> created a new mail form in Dreamweaver for a web site. I’m
> working on a form to mail script that I started after reading a few on line
> tutorials, and ca
well, echoing a file name and hashing this name with an added carriage
return is not the same as hashing the string you can see in your file.
bye
echo -n 123 | sha1sum && php -r 'echo sha1(123)." -\n";'
2009/3/20 bruce :
> hi...
>
> doing some testing with linux sha1sum, and php's sha1 function
Mantis is a pain in the a*** (for non technical persons).
We (we as in 'the IT department') are using mantis, but all other
persons in the firm fail to do so.
Not very useful. Most persons doesn't even get how the filters work.
byebye
2009/3/17 Micah Gersten :
> mike wrote:
>> http://www.redmin
Yes, recently the developer of "JotBug" anounced his project. I guess
the project still needs help.
All I have is the public CVS acces so far..
Check out
http://www.jotbug.org/projects
http://code.google.com/p/jotbug/
byebye
2009/3/17 mike :
> http://www.redmine.org/
>
> Looks pretty useful; I wa
2009/3/15 Martin Zvarík :
> I want to store the file's hash to the database, so I can check next time to
> see if that file was already uploaded (even if it was renamed).
>
> What would be the best (= fastest + small chance of collision) algorithm in
> this case?
>
> Is crc32 a good choice?
guess n
2009/3/15 Jason Pruim :
> Personally... I don't care who's code it is, if it was me, I'd still go
> out and validate it... If someone typed something out real quick and
> missed a period, it wouldn't be their fault :)
>
> As has been said by some big higher up's in this very mailing list... "Treat
2009/3/15 PJ :
>> -Original Message-
>> From: Jan G.B. [mailto:ro0ot.w...@googlemail.com]
>> so this is just wrong:
>> $x = " select *
>> // from foo
>> from bar";
>> and that query would be valid
>> "SELECT this/*, that*/
2009/3/15 PJ :
> Daniel Brown wrote:
>> On Sat, Mar 14, 2009 at 19:51, PJ wrote:
>>
>>> $sql1 = "SELECT b.id, b.title, b.sub_title, b.descr, b.comment,
>>> b.bk_cover, b.copyright, b.ISBN, b.language, b.sellers, c.publisher, <---
>>> CONCAT_WS(' ', first_name, last_name) AS Author
>>> FROM book AS
2009/3/15 Martin Zvarík :
> "The browser will only execute script in source files from the white-listed
> domains and will disregard everything else, including embedded and inline
> scripts. "
>
> wtf, can't you just take care of the INPUT and type
> strip_tags($_GET['my_name']) ??
>
> This won't b
2009/3/14 Jan G.B. :
> One side node.. you should apply addslashes() also to
> $_SERVER['REMOTE_ADDR'), because an evil person could manipulate the
> value of that variable to execute SQL-Injections.
forget that part - i didn't see that this var is only used in the
Gary,
you can check this by either creating a file containing this:
and putting it up on your webserver, then open in with your browser,
or you could look at the output of "php -i | less" on the command
line.
After you enabled the mysqli extension on your host, you might change
mysqli_connect('$v
2009/3/13 Heddon's Gate Hotel :
> The string function htmlentities seems to have very incomplete coverage of
> the HTML entities listed in the HTML 4 spec. For example, it does not know
> about rsquo, lsquo, rdquo, ldquo, etc. This is confirmed by looking at the
> output of get_html_translation_t
2009/3/11 Daniel Brown :
> On Wed, Mar 11, 2009 at 12:38, Jan G.B. wrote:
>> wrong:
>> "Location: file.txt"
>> and this is correct
>> "Location: http://www.x.x/file.txt";
>>
>> Not all clients behave like yours and accept the wro
2009/3/9 Tom Sparks :
>
> is there a php Fop (XSLFO)?
> if not are there any that are not java based and can be run o a website that
> has php support only?
>
>
> tom_a_sparks
Hi tom,
I do it the easy way:
system(sprintf('/usr/local/bin/fop -bleh %s', $param));
be sure to escape any shell op
Hi Dave (?)
2009/3/11 revDAVE :
> Hi Bastien - Stuart & Daniel
>
> Thanks for your help!
>
>
> On 3/10/2009 12:16 PM, "Bastien Koert" wrote:
>
>> Are you getting an error? What does 'not working' mean?
>
> No errors the page just stayed on the
> header('Location: show.php'); page - never went to:
2009/2/11 brian :
>
> hi nathan thanks for the response...
>
> looks like the rx is where it should be.
That doesn't sound like you're cocksure - check it again:
ls -ld /apps /apps/local /apps/local/php5 /apps/local/php5/lib
/apps/local/php5/lib/php.ini
Everything readable (r-x) *for the www-da
2009/2/9 Stuart :
> 2009/2/9 Jan G.B. :
>> 2009/2/9 Stuart :
>>> I would also advise against stripping and trimming
>>> anything from passwords.
>>>
>> Trimming could be left out but it minimizes user errors and users
>> pretending to know their pas
2009/2/9 Stuart :
> 2009/2/9 Michael Kubler :
>> These days SHA should really be used instead of MD5, and you should be
>> SALTing the password as well.
>> Here's a great guide : http://phpsec.org/articles/2005/password-hashing.html
>
> Good advice.
Absolutley. I used mysqls md5() function only as
1 - 100 of 106 matches
Mail list logo
