Ken
Do *not* use hidden form statements or cookies to store any SQL this is
extremely dangerous and a relatively simple hack could destroy your database
completely!
By all means use hidden form fields to store row ID values but your PHP
scripts should treat all user input data via $_GET/$_POST/$_
Try the system() or passthru() functions...
Rich
-Original Message-
From: Paul Marinas [mailto:[EMAIL PROTECTED]]
Sent: 23 November 2002 13:09
To: Rich Gray
Cc: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Subject: RE: [PHP] using cookies
dose anyone how to send a "ping" in loc
Is your register_globals setting set to Off? This is the default setting in
v4.2.x upwards.
Rich
-Original Message-
From: Craig Edgmon [mailto:[EMAIL PROTECTED]]
Sent: 23 November 2002 11:43
To: [EMAIL PROTECTED]
Subject: [PHP] Passing Variables
I am sure this question has been answered,
Answer is No. 2)
Use cron to run the mysqldump utility instead of a php script.
Let me know if you need more info.
Cheers
Rich
-Original Message-
From: See Kok Boon [mailto:[EMAIL PROTECTED]]
Sent: 23 November 2002 07:35
To: PHP
Subject: [PHP] getting mysql dump using php
hi,
can anyo
PHP v4.2.3
Win2K Sp2
Apache v1.3.24
I'm testing some file upload code for a image library type site and the file
upload keeps failing... here's some code to explain what the issue is...
Uploaded' :
'Not Uploaded');
?>
This outputs the following:-
Array ( [userpic] => Array ( [name] => garden.jp
Don't bother to respond people... worked out the issue - the double
backslashes in the name...
Cheers
Rich
-Original Message-
From: Rich Gray [mailto:[EMAIL PROTECTED]]
Sent: 26 November 2002 21:14
To: [EMAIL PROTECTED]
Subject: [PHP] File upload on Win2k ...
PHP v4.2.3
Win2K Sp2
A
Stephane
http://www.php.net/manual/en/security.registerglobals.php
http://www.php.net/manual/en/faq.php
Substitute 'fr' for 'en' if your prefer it en francais
Use: $_GET['id'] or $_REQUEST['id']
Ciao
Rich
-Original Message-
From: Stéphane Génin [mailto:[EMAIL PROTECTED]]
Sent: 27 Novem
Er yea - just call the mail() function at the appropriate time in your
script...
http://www.php.net/manual/en/function.mail.php
However IMO if you need to log this sort of information then using a
database is far more appropriate than sending emails - especially on a busy
site...
Rich
-Origi
I know I'm late in on this thread but
Ignoring cookies is easy - just don't set them and don't use any data in
$_COOKIE[]... or am I missing your point?
$_COOKIE[] data should be treated with far more caution than $_SESSION[]
i.e. it should be treated as hostile data. If you really have to r
Jason
session.cookie_lifetime set to 0 means the session cookie persists until the
client browser is closed...
I'm not clear if you are still having session problems now or the advice you
got earlier sorted it?
Rich
-Original Message-
From: Jason Romero [mailto:[EMAIL PROTECTED]]
Sent: 2
Hi James
There is a bug in PHP for the capitalisation problem
http://bugs.php.net/bug.php?id=14655
If you check the link then a workaround was posted by someone.
HTH
Rich
-Original Message-
From: James Coates [mailto:[EMAIL PROTECTED]]
Sent: 28 November 2002 13:11
To: [EMAIL PROTECTED]
Subj
Steve
Not quite clear on your problem - did you run an ALTER TABLE on your MySQL
table or just an INSERT of a new row? Assuming it was the former, all I can
say is look at the code that populates the $cat_array variable to see if the
underlying query would have been affected by the alter table comm
Does a print_r() of the superglobal arrays differ in any significant way
when posting the username/password from the troublesome client when compared
to the superglobals for a well behaved machine?
-Original Message-
From: 1LT John W. Holmes [mailto:[EMAIL PROTECTED]]
Sent: 09 December 200
A wild guess: Are you using a database abstraction class or configuration
file? Is it still pointing to the live server database instead of the
production server database?
Rich
-Original Message-
From: Steve Jackson [mailto:[EMAIL PROTECTED]]
Sent: 10 December 2002 12:34
To: PHP General
S
Er... but the original poster wanted a count of rows returned by a
particular query... your method just returns the number of rows in the
table...
Rich
-Original Message-
From: @ Edwin [mailto:[EMAIL PROTECTED]]
Sent: 10 December 2002 17:21
To: Jon Haworth; 'Diana Castillo'
Cc: [EMAIL PRO
probably register_globals is off on the client's machine - use $_FILES[][]
instead of $HTTP_POST_FILES[][] BTW I would upgrade your local Linux box
from v.4.0.3 it is pretty old now and unsupported...
Rich
-Original Message-
From: ppf [mailto:[EMAIL PROTECTED]]
Sent: 10 December 2002 13:21
Hi Steven
so what exactly is the problem then?
Rich
-Original Message-
From: Steven M [mailto:[EMAIL PROTECTED]]
Sent: 10 December 2002 14:25
To: [EMAIL PROTECTED]
Subject: [PHP] Can anyone help? PHP script/MySQL problem
Hi, i am trying to create a member login/authentication script to
a
Any error messages? You say it is not stored 'as it should be' does that
mean it *is* stored but incorrectly, or is the data just not there?
FWIW I just used your test form and it said I had registered ok I then
retried with the same info and I got 2 error messages as I would have
expected whic
What does print_r($_FILES) tell you? Is $_FILES['userfile']['error'] set to
a value?
Rich
-Original Message-
From: Somesh [mailto:[EMAIL PROTECTED]]
Sent: 18 December 2002 11:18
To: [EMAIL PROTECTED]
Subject: [PHP] How to upload a file
Hi,
I am using the following code to upload file;
As others have suggested does it make any difference if you up the script
timeout limit with set_time_limit() or via the max_execution_time in
php.ini?
-Original Message-
From: Somesh [mailto:[EMAIL PROTECTED]]
Sent: 18 December 2002 13:37
To: Rich Gray
Cc: [EMAIL PROTECTED]
Subject: RE
anything created in the upload directory after teh submit is clicked and
before it fails...?
-Original Message-
From: Somesh [mailto:[EMAIL PROTECTED]]
Sent: 18 December 2002 15:52
To: Rich Gray
Cc: [EMAIL PROTECTED]
Subject: RE: [PHP] How to upload a file
No difference
On Wed, 18 Dec 2002
Does it work if you put quotes around the array keys as follows...
echo $line['idn'];
echo $line['total'];
echo $line['idp'];
echo $line['position'];
echo $line['points'];
Rich
-Original Message-
From: Beauford.2002 [mailto:[EMAIL PROTECTED]]
Sent: 18 December 2002 20:28
To: PHP General
Shaun
Run getimagesize() on the uploaded file - if a valid jpeg the returned
array[2] will be set to 2...
http://www.php.net/manual/en/function.getimagesize.php
HTH
Rich
-Original Message-
From: shaun [mailto:[EMAIL PROTECTED]]
Sent: 19 December 2002 02:24
To: [EMAIL PROTECTED]
Subject:
And if you select a small file it works fine right?
-Original Message-
From: Somesh [mailto:[EMAIL PROTECTED]]
Sent: 20 December 2002 12:29
To: Rich Gray
Cc: [EMAIL PROTECTED]
Subject: RE: [PHP] How to upload a file
post_max_size 8M
upload_tmp_dir
It fails immediately after clicking
Sorry I'm a bit late in on this thread but I know there is a problem with
sessions with 4.1.2 with IIS 5 over Win2K... is that your platform? I
encountered it a while back and there is a hack/workaround which I can dig
up if you need it...
HTH
Rich
-Original Message-
From: Tim Thorburn [ma
PHP does not yet support private methods ... your problem with getValue() is
most probably because register_globals is off in your php.ini try
substituting $_POST[] for $HTTP_POST_VARS[] and it may start to work...
HTH
Rich
-Original Message-
From: Nicholas Wieland [mailto:[EMAIL PROTECTED
Mike
IIRC this is a known bug with IIS (not PHP) when it gets the http redirect
it junks the cookie - sorry I can't remember much more detail than that...
Workaround maybe is to spit out an HTML based META refresh redirect tag
instead of using the header() call.
HTH
Rich
-Original Message-
Phil
It should be as easy as ..
You'll need a session_start() on all pages that will be using the
$_SESSION[] array.
Is your session.save_path pointing to a writable directory? Do you see any
errors in the server logs when you try to start a session?
Rich
-Original Message-
From: Phil Sch
You are using the post method not get so $_GET[] should be empty.
Does this version of your code work?
Input yourname
Rich
-Original Message-
From: Frank Keessen [mailto:[EMAIL PROTECTED]]
Sent: 25 January 2003 11:33
To: Johannes Schlueter; [EMAIL PROTECTED]
Subject: Re: [PHP] If.
> -Original Message-
> From: Edward Peloke [mailto:[EMAIL PROTECTED]]
> Sent: 06 February 2003 13:56
> To: Php-General@Lists. Php. Net
> Subject: [PHP] session id
>
>
> Ok, I am sure this has been discussed but I have not been keeping up with
> the listserv. I am using sessions so to test,
>
> Any thoughts as to why this snippet:
>
> 25: if ($attach != "none")
> 26: {
> 27:$file = fopen($attach, "r");
> 28:$contents = fread($file, $attach_size);
> 29:$encoded_attach = chunk_split(base64_encode($contents));
> 30:fclose($file);
>
> would produce these errors:
>
> Warni
[snip]
> > >
> > > After upgrading from 4.0.6 to 4.3.0
> > >
> >
> > Most probably because with 4.3.0 register_globals is set to OFF
> by default -
> > where does $attach get set?
> >
>
>
> Nope, I do have register_globals on in php.ini
>
> Its being set in another file like this:
> method=POST>
>
> > Secondly for file uploads why are you not using the $_FILES[]
> > superglobal array?
>
> I did not write the app, just trying to figure out why it stopped
> working after upgrading PHP. You think that's the problem?
Well try ...
if (is_uploaded_file($_FILES['attach']['tmp_name'])) {
Er... well I've seen a lot worse code than that but maybe you could use ...
if (isset($_SESSION['username']) && !empty($_SESSION['username'])) {
echo 'Welcome '.$_SESSION['username'].', you are still logged in.';
}
else {
header... etc etc
}
Rich
> -Original Message-
> Fro
nal Message-
> From: Frank Keessen [mailto:[EMAIL PROTECTED]]
> Sent: 18 February 2003 12:15
> To: Rich Gray; [EMAIL PROTECTED]
> Subject: Re: [PHP] $_SESSIONS and printing off..
>
>
> Thanks,
>
> But then another question;
>
> if (isset($_SESSION['usern
[snip]
>
> if(isset($i))
> {
> //codeImageURL decodes $i into an image path that we can work with
> $link=codeImageURL($i);
> if($link!="" && (isAdmin() || !isThisFileBlocked($link)))
> {
> header("Cache-control: private");
> header("Content-type: image/jpg");
>
>
>
> dear all,
>
> i am a final year engineering student and have
> started studying PHP since last 10 days.
>
> can anybody suggest some good online tutorial for mastering PHP?
>
> regards,
> diksha.
>
Hi Diskha
try these urls...
http://www.zend.com/zend/tut/
http://www.php.net/manual/en/
> -Original Message-
> From: Matt Palermo [mailto:[EMAIL PROTECTED]
> Sent: 23 February 2003 09:46
> To: [EMAIL PROTECTED]
> Subject: [PHP] ftp browsing
>
>
> I have a php script that is like and ftp client, only is just browsers the
> server and displays file names and folders. If you cli
> I am using Windows XP Pro, and I am using Serv-U to run my FTP server.
> It is just a server running from my machine. Is it supposed to have PHP
> installed somewhere?
OK I've probably misunderstood - I assumed you were running your PHP scripts
locally - what platform are you running the PHP sc
> How can I display the script file name? Presumably something like-:
>
> echo $ScriptFileName;
> ?>
>
> While I'm learning php and developing various Web page versions, I want to
> be sure the that the display is from the appropriate script.
>
> Regards
> Stephen Ford, Surrey, UK
Try any of thes
Mike
Try ...
Rich
> -Original Message-
> From: rentAweek support [mailto:[EMAIL PROTECTED]
> Sent: 27 February 2003 17:32
> To: [EMAIL PROTECTED]
> Subject: [PHP] Counting table fields having specific values
>
>
> I have a table where the row named "hide" can have a value 0 or 1.
> I
> New to PHP, I was wondering if PHP, running as a module under Apache 2,
> had an automatically included script that would run prior to any/each
> PHP script served by Apache?
>
> Tks,
> Dwayne
Dwayne
Look into the auto_prepend_file directive that you can specify in php.ini -
this may suit your n
> When using the COM functions in PHP what is the equivalent of
> ASPs "set object=nothing"?
> I am using the Crystal Report objects and I cannot seem to
> destroy my Report object.
Have you tried setting it to NULL?
Rich
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit
> I'm trying to implement the following functionality into the file
> test.php:
>
> When I scroll down the page and then hit a button, the page
> should remember
> the scrolled position, refresh the page and then scroll down to the
> remembered position. I've almost managed to make this work, bu
>
> If I exec a command like ifconfig, I'd like to be able to parse. What is
> the best way to go about thihs? An example output from ifconfig is:
Check http://www.php.net/manual/en/function.passthru.php
Rich
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www
> I run the following script:
>
> phpinfo();
> ?>
>
> // the page loads o.k. when the semi-colon remains as in:
> ;extension=php_gd2.dll
>
> but if I remove the semicolon as in:
>
> extension=php_gd2.dll
>
> the page won't load and the server hangs up.
> ..
> hi there i am setting up a test replication slave server as a mysql db
> master backup if it fails , i would like to know how to
> dynamically connect
> to the slave if the master fails , something really strange i have set the
> host like localhost:3307 for the slave but is still connecting to
>
> Rich,
> I've checked my php.ini files on my drive and all I've got is one.
>
> The php_gd2.dll file is in:
>
> C:/PHP/extensions
>
> There was no default folder called extensions when I installed
> PHP so I made
> a directory called extensions under PHP.
>
> Everytime I take out the semicolon in
> Hi All,
>
> I'm trying to get a random record each time this script runs;
> Only it's giving me everytime the first record back.. No random at all..
>
> // generate and execute query
> $query = "SELECT stedenid, naamstad, stadomschrijvk FROM steden
> ORDER BY RAND() LIMIT 1";
> $result = mysql_qu
> I get these errors from a simple "session_start();" script.
>
> Warning: session_start() [function.session-start]:
> open(/tmp\sess_f4aa3ef3c537bb6327d5e7b991e91be7, O_RDWR) failed: No such
> file or directory (2) in c:\inetpub\wwwroot\picoblog\admin.php on line 2
>
> Warning: session_start() [fu
> Ok most all programs I see they use
> within the html.
> Now I have always used the shortened version Is
> there a reason
> why I should not use this? I've never had any problems with this way of
> doing things, but I just don't see anyone else using that format..
I think it's because the '=$
> just wondering... does smarty have to be installed on the server where the
> web site or php scripts it makes are going to be ran... or do you
> just make
> the stuff and put on the server like normal php files...
No, the Smarty classes and plugins will have to be installed/accessible on
the tar
> hi everybody,
>
> i have a PHP script by name registration.php
> in which i have a submit button at the bottom.
> the form in this script is sent to p.php by "GET".
> but on clicking the submit button, nothing happens
> attaching registration.php.
>
> p.php has only the following:
> echo "
> I'm very new to PHP, so I hope no one is offended by reading my very basic
> questions.
>
> I have created a web form that saves some data to a database and uploads
> three files, copies them to a new directory, and renames them. From my
> work machine and home machine, it works great for me - t
> Thanks!! I'll give that a try!
>
> On Thu, 6 Mar 2003, 1LT John W. Holmes wrote:
>
> > > Well, I have a statement that says:
> > >
> > > if ([EMAIL PROTECTED]($photo, $long_path . "speakers/" . $photo_name)) {
> > > echo an error
> > > }else{
> > > proceed with renaming the file
> > >
> Hi all,
>
> I have this query:
>
> SELECT a.area_name, b.area_name FROM tbl_1 x, tbl_2 a, tbl_2 b
> WHERE x.area_1 = a.id
> AND x.area_2 = b.id
>
> I am using PEAR DB to get my results as an ASSOC ARRAY. How do I echo
> the values for a.id and b.id?
>
> Thnks
> Charles
>
I presume you mean area_
>
> I have some sets of values that I have stored in several tables in a mySQL
> database. These don't often change, but are referenced on every
> single page
> view. While each call is quick, as a gross the load on the server is too
> high. I would like to know if there is a way to have these s
> hi all!
>
> i have a simple program to open and write a file.
> but the file is not getting created.
> can anyone please spot the mistake?
> giving the code below.
>
> thanks a lot,
> diksha.
>
> echo"hi?how are u doing??";
> $fp = fopen ("sandrew.html", "w");
> string="hii am
>
> fine";
> $cont
> Good day ,
>
> I have the following string.
> ,slideimages[0],slideimages[1],slideimages[2]
> Wich starts with a ','. No my problem is i want to strip
> this first and only the first ','.
>
> i've tried
> $string = ",slideimages[0],slideimages[1],slideimages[2]";
> $string = preg_replace('/^./
> $mydate = "20030328231154";
>
> $myPrintDate=date ("l dS of F Y h:i:s A",$mydate);
>
> echo "$myPrintDate";
>
> Whats wrong
$mydate should be a unix style timestamp not a MMDDHHMMSS type
date/time format...
Check the functions time() and mktime() to help you generate unix
timestamps.
HTH
R
> Hi There.
>
> I am using PHP 4.3.0 on WIN32 to query data from a Microsoft SQL Server.
> One field I am requesting is type VARCHAR size 500. For some reason, PHP
> is returning only the first 255 characters of the text from that field.
>
> If I change the field type to TEXT, all of the data in th
Hi
Some suggestions below...
Cheers
Rich
>This is a trivial question - what function can I use to automatically
>proceed to some link, one that can be executed without any user input.
header('Location: http://www.newurl.blah')
>How can we, most efficiently, send all the data (variables) from on
I don't know which version of PHP you are using but if v4.2.x upwards then
use session_start() and the $_SESSION[] superglobal array instead of
session_register(). Your warning is because you have either started output
of HTML or you have some blank lines in your PHP scripts before the session
rela
Hi
I'm running v4.2.3 on RedHat v7.0 and am getting some strange behaviour with
the $_SESSION superglobal... below is a script to demonstrate the problem...
Whenever the $_SESSION array gets re-created by session_start() the reloaded
test entry is set to -1 however at no time does this value ever
here?
Thx
Rich
> --- Rich Gray <[EMAIL PROTECTED]> wrote:
> > I'm running v4.2.3 on RedHat v7.0 and am getting some strange
> > behaviour with the $_SESSION superglobal...
> ...
> > It works fine on Win2K albeit v4.3.0 of PHP.
>
> Maybe you have register_glo
Jan
Sorry - no that doesn't help - as you can see from the code snippet I posted
the session_start() is at the very top of the code...
Thx anyway.
Rich
>
> You have to put session_start(); at the VERY TOP of your code.
> even before alle the tags.
> Hope that helps!
>
>
Jay
Thanks, but no I don't think so ... session_register() is deprecated ...
Quote PHP manual:
Caution:
If you want your script to work regardless of register_globals, you need to
instead use the $_SESSION array as $_SESSION entries are automatically
registered. If your script uses session_regis
Well a functon that doesn't work under certain conditions should be
deprecated IMO ... I haven't used it for a long time now...
To answer your question ... yep I've used print_r() and after the 1st form
submission the entry is set to -1 however at no time do I ever set
$_SESSION['test'] to -1 in m
So your telling me that all variables defined in the global scope are
automatically added to the $_SESSION array...?
Not true I think
> [snip]
> Well a functon that doesn't work under certain conditions should be
> deprecated IMO ... I haven't used it for a long time now...
>
> To answer your
>
> * Thus wrote Rich Gray ([EMAIL PROTECTED]):
> > Well a functon that doesn't work under certain conditions should be
> > deprecated IMO ... I haven't used it for a long time now...
>
> this makes absolutly no sense. So if I use a function improperly,
> it
> * Thus wrote Rich Gray ([EMAIL PROTECTED]):
> > So your telling me that all variables defined in the global scope are
> > automatically added to the $_SESSION array...?
> > Not true I think
> >
>
> no. read the documentation, in full.
you're righ
> First thing is, it's possible, i've done it in the past myself, it's just
> not working due to some reason. Second, functioning cann't be
> achieved with
> javascript, cauz it's DB related.
>
> anyway thanx for ur reply
> Nitin
>
Hi Nitin
If you mean exchanging data between PHP and javascript w
> I have a script that accepts large files (images) and inserts them into
> a MySQL table. The images are manipulated and whatnot, no problems at
> all getting the image into a string and running addslashes() on it.
> Then I go and use it with a mysql query. This is something I've coded
> dozens of
> I was wondering if there is a php / mysql function call that will
> increment an integer column in a database.
> ie. the equivalent to
> $foo++;
>
Hi John
Well you can specify the column as auto_increment to let MySQL handle the
incrementation else I suppose - mysql_query('update mytable set
Just a heads up on this change in array concatenation behaviour that
could cause a few probs for some people...
'Zero');
$arr2 = array(1 => 'One',2 => 'Two');
$arr2 = $arr1 + $arr2;
echo phpversion().'';
print_r($arr2);
?>
this code produces on our provider's server...
4.2.3
Array ( [0] => Zer
>
> Can't you sort the array?
>
>
>
Yes of course but that wasn't the point of my post I was trying to
show that the same code produces differing results on 2 different
versions of PHP ...
rich
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.p
Robert Cummings wrote:
[chop]
An IDE is not a framework, it's an IDE :)
Cheers,
Rob.
I think Rob is being unduly modest - correct me if I am wrong but he is
the core developer of the InterJinn php framework ->
http://interjinn.com - it's been out there for a while now (read:
robust, fully
Paul Novitski wrote:
If you go this route, perhaps you could enclose each member of your
original array in \b word boundary sequences using an array_walk
routine so that you don't have to muddy your original array
declaration statement.
IIRC str_replace() does not interpret or understand re
[chop]
How can I create new, other sesssion id (after I, for example, click on
'Log Out' button) without closing window?
Thanks for any help.
er .. session_regenerate_id()
hth
rich
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Try Zen cart http://www.zen-cart.com/modules/frontpage/ it is a fork of
osCommerce which is a very popular OS cart.
I've used it and customised it on a few sites without problems.
Cheers
Rich
Lisa A wrote:
I'm still looking for an inexpensive shopping cart to use on my client's
website. Somet
>if($userfile) {
> copy($userfile, '/home/sites/site176/web/makeit/$userfile_name');
> echo "Successfully Added!\n";
> }
> ?>
>
> File to Upload:
>
>
Hi Tom
Here's some quick comments..
. You need enctype="multipart/form-data" on your form for file uploads
. Watch out for max file size
> Notice: Undefined index: user_id in
> /home/pance/public_html/menu.php on line
> 13
>
> Has anybody else come accross this problem - and how did you solve it?
>
> Pance Stojkovski
are you using session_start() at start of each page that manipulates
$_SESSION ?
rich
--
PHP General Mailing List
> I do have a database and have considered using it in conjunction with
> cron. However, I don't like the disconnected nature of the solution.
> There could be up to a minute delay before cron picks up the request.
>
> There's got to be another method similar to using flush(), that causes
> the le
> Can anyone suggest a suitable means for detecting if a client browser
> has JavaScript enabled or not?
>
> I know this isn't exactly PHP related, but I need to make sure my PHP
> script offers an alternative in a friendly way and not a JS error, but
> I just wondered if there was a foolproof meth
84 matches
Mail list logo
