OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: php-general-digest-helplists.php.net
Date: Thu Feb 28 2002 - 13:18:52 CST

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    php-general Digest 28 Feb 2002 19:18:52 -0000 Issue 1199

    Topics (messages 86541 through 86645):

    Parsing Custom Codes Embedded in DB Text
            86541 by: Monty

    Re: Hosting companies that offer PHP?
            86542 by: Boaz Yahav

    errorr log
            86543 by: Erwien Samantha Y
            86566 by: Phillip Oertel

    PHP New zealand Mailing List
            86544 by: neeraj

    regex
            86545 by: Paul A. Procacci
            86546 by: CC Zona

    unsetting global variables from an function
            86547 by: Enrico Weigelt
            86548 by: Andrey Hristov
            86549 by: CC Zona

    Inserting leading 0 infront of a variable
            86550 by: Andy
            86551 by: Rasmus Lerdorf
            86552 by: Andrey Hristov

    Hi
            86553 by: dharmavatar
            86561 by: S.Murali Krishna
            86569 by: Simon Willison
            86620 by: Andy

    class effeciency
            86554 by: Nick Wilson
            86563 by: S.Murali Krishna
            86567 by: Nick Wilson
            86568 by: Simon Willison
            86571 by: Nick Wilson
            86643 by: Mika Tuupola

    char encoding question
            86555 by: Markus Straessle

    Re: Unable to display images on browser
            86556 by: joakim.andersson.cybercom.se

    d: Security problem with PHP
            86557 by: Nick Wilson
            86572 by: Simon Willison

    Array or SQL?
            86558 by: Kristjan Kanarik
            86575 by: Simon Willison
            86595 by: michael kimsal

    Help me!!!Can I use PHP to send SMS message???
            86559 by: hei
            86580 by: Simon Willison

    Can I use PHP to check server software????
            86560 by: hei
            86564 by: Phillip Oertel
            86592 by: Cal Evans

    Failing to get the semaphore
            86562 by: indrek siitan

    novice question
            86565 by: me us
            86590 by: Cal Evans
            86619 by: Jason Cox

    html output done without result of exec_shell
            86570 by: Gunther E. Biernat
            86586 by: Jason Wong
            86588 by: Gunther E. Biernat
            86606 by: Jason Wong
            86615 by: Gunther E. Biernat

    Problem unserialising a cookie -> beware the magic quotes !!!
            86573 by: Kearns, Terry

    Where can I learn?
            86574 by: Sean Kennedy
            86576 by: Simon Willison
            86578 by: Sean Kennedy

    Re: if(isset($submit))
            86577 by: Simon Willison
            86582 by: Adrian Murphy

    getting a files time and date.
            86579 by: Philip J. Newman
            86581 by: Simon Willison

    - not meant to scare people !
            86583 by: John Fishworld

    Re: Help with Array Walk
            86584 by: Ford, Mike [LSS]
            86587 by: Ford, Mike [LSS]

    just wanna know
            86585 by: eoghan
            86594 by: Simon Willison
            86618 by: Sean Kennedy

    Re: Did everybody see the security warning at php.net?
            86589 by: Bo Kleve

    Re: Can mysql add qty directly?
            86591 by: Cal Evans

    Web Services
            86593 by: Andrey Hristov
            86596 by: Robert V. Zwink

    Probably basic but seems advanced to me, PHP/SQL generation.
            86597 by: DARCY,MATTHEW (Non-HP-UnitedKingdom,ex2)
            86599 by: Bas Jobsen
            86600 by: DARCY,MATTHEW (Non-HP-UnitedKingdom,ex2)
            86617 by: Jason Cox
            86621 by: Bas Jobsen

    Reference problem
            86598 by: John English

    arithmatic operation inconsistant
            86601 by: Roy Cabaniss
            86623 by: Philip Hallstrom

    microtime.c build problem mentioned in FAQ
            86602 by: Frank Joerdens

    Re: arithmetic operation inconsistent
            86603 by: Cal Evans
            86607 by: Roy Cabaniss

    unzip with php
            86604 by: Thomas Franz
            86605 by: Jason Wong

    build problem in AIX 4.3.3
            86608 by: Dale Weaver

    excluding files
            86609 by: Craig Westerman
            86610 by: Henrik Hansen
            86612 by: Bas Jobsen

    BBEdit - URL Check
            86611 by: Josiah Wallingford
            86614 by: Chuck \"PUP\" Payne

    translate Mac charater to Unix
            86613 by: Laurent Patureau

    Applying The Patch (Mandrake)
            86616 by: Chris Hilbert

    working with word
            86622 by: libor matyas

    Stupid Question
            86624 by: PHP List
            86625 by: Greg Donald
            86626 by: Jackson Miller
            86627 by: DARCY,MATTHEW (Non-HP-UnitedKingdom,ex2)
            86629 by: Greg Donald
            86631 by: DARCY,MATTHEW (Non-HP-UnitedKingdom,ex2)
            86636 by: PHP List

    PNG Lib
            86628 by: PHP List
            86630 by: Greg Donald
            86637 by: PHP List

    Re: mysql php - while loops
            86632 by: bill

    PHP and passwords
            86633 by: webmaster

    URGENT: CERT Advisory CA-2002-05 Multiple Vulnerabilities in PHP fileupload
            86634 by: Bogdan Stancescu
            86641 by: Nathan Cassano

    Simple chat
            86635 by: Danilo Dias
            86638 by: Dean Householder

    Won't display session information
            86639 by: jeremy spielmann

    PHP and BrowserHawk
            86640 by: Richard Fox

    Re: Apache Server Side Includes mixed with PHP pages
            86642 by: Joel Boonstra

    regular expression; problem with '-' character
            86644 by: Lee P Reilly

    Re: fsockopen and HTTP Authorization
            86645 by: Mika Tuupola

    Administrivia:

    To subscribe to the digest, e-mail:
            php-general-digest-subscribelists.php.net

    To unsubscribe from the digest, e-mail:
            php-general-digest-unsubscribelists.php.net

    To post to the list, e-mail:
            php-generallists.php.net

    ----------------------------------------------------------------------

    attached mail follows:


    Hi Everyone,

    I'm new to PHP, and am learning a lot by reading posts here and two PHP
    books.

    I'm going to be writing some content management scripts, and one thing I
    want to do is allow writers to embed some simple codes in their text such
    as:

        [LINK=http://www.mysite.com]Click here for info.[/LINK]

    which, when pulled from the database (MySQL) will be parsed into a valid
    HTML "a href" command as follows:

        <a href = "http://www.mysite.com">Click here for info.</a>

    First of all, is this a wise thing to do, or will this drastically slow down
    the script if it has to parse several pages of text? Second, which of the
    various PHP commands would accomplish this the most efficiently? Is
    preg_replace() the way to go?

    I'm also going to have a database table called IMAGES that stores all image
    files (actually, just the URLs to the images on the server), each of which
    will be assigned an Article ID number so it can be associated with a
    particular article stored in the ARTICLE table. The IMAGE table will also
    contain a field called Position where I can indicate the order of the images
    for a particular article. I'd like to enter the following in the text of an
    article:

        [IMAGE=1]

    ...and have PHP parse this "code," grab the image URL from the IMAGE table
    where the Article ID = the current article being parsed and Position = 1, so
    it can replace the above code with an "img src" HTML command as follows:

        <img src=myimage.jpg>

    Could this also be accomplished with the preg_replace() command, or is there
    a better way to tackle this?

    Sorry for the long question. Hope it makes sense.

    Thanks!

     

    attached mail follows:


    Check out :

    http://www.weberdev.com/index.php3?GoTo=phenominet/prices.htm

    This is your one stop shop for hosting. WeberDev.com is hosted there
    and I can tell you that their service is amazing. They are fast,
    reliable
    and more than anything, very professional (specially in PHP / MySQL).

    Sincerely

          berber

    Visit http://www.weberdev.com Today!!!
    To see where PHP might take you tomorrow.

    -----Original Message-----
    From: Tom [mailto:bondpaperearthlink.net]
    Sent: Thursday, February 28, 2002 6:57 AM
    To: php-generallists.php.net
    Subject: [PHP] Hosting companies that offer PHP?

    I think I might be about to discover that our hosting company neither
    supports the GD-related functions in php, nor has any plans to do so.
    Consequently, I may very well be looking for another hosting company,
    and I'd be interested in any recommendations from the php community
    at large, preferably of hosts that offer shell accounts.

    Regards,

    Tom

    -- 
    PHP General Mailing List (http://www.php.net/)
    To unsubscribe, visit: http://www.php.net/unsub.php
    

    attached mail follows:


    Hello guys, anyone can help me with this kind of error log

    tail -f /www/log/error_log [ cut ]

    PHP Warning: Failed to write session data (files). Please verify that the current setting of session.save_path is correct (/tmp) in Unknown on line 0 PHP Warning: Failed to write session data (files). Please verify that the current setting of session.save_path is correct (/tmp) in Unknown on line 0 PHP Warning: Failed to write session data (files). Please verify that the current setting of session.save_path is correct (/tmp) in Unknown on line 0 PHP Warning: Failed to write session data (files). Please verify that the current setting of session.save_path is correct (/tmp) in Unknown on line 0 PHP Warning: Failed to write session data (files). Please verify that the current setting of session.save_path is correct (/tmp) in Unknown on line 0

    in every php script that i have , i didn't set any variable about session.save_path. I just set in my php.ini , and the past is coreect /tmp. But why in apache error log i got warning for session data (files). anyone experience with this problem too ?

    wIEn

    -- 
    -==  HonesT Is The BesT PoLicY ==-
             -----------------
    

    attached mail follows:


    Erwien Samantha Y wrote:

    does you webserver (apache?) and/or php have the rights needed to write to the /tmp directory? if not you have to chmod the permissions for the /tmp dir.

    an maybe better idea would be to make directory /tmp/php directory and chown that to wwwrun. but you should double-check the consequences of that by youself since i'm not a *nix expert.

    phil.

    attached mail follows:


    Hi Guys,

    Any one know of any new zealand php mailing list. Please do let me know. Or any one on this list working on php in New Zealand please let me know. Thanks in advance.

    Regards, Neeraj Rattu

    attached mail follows:


    Hey all, I'm been programming in php for a while, but I'm stumpt with this one. You know the funny thing? It's probably really simple. Anyway here it is. Assume I have this query string:

    ticket_id=3&change_name=status&change_value=3&ticket_id=3&2=&1=&

    And all I want is 2=&1=&. Well, the closest I came was :

    $string = preg_replace("/[^0-9]+\=/", "", $QUERY_STRING); Assuming QUERY_STRING was the data.

    Please help

    Thanks Much, Paul

    attached mail follows:


    In article <3C7D9668.5000302optonline.net>, paul79optonline.net (Paul A. Procacci) wrote:

    > ticket_id=3&change_name=status&change_value=3&ticket_id=3&2=&1=& > > And all I want is 2=&1=&. Well, the closest I came was : > > $string = preg_replace("/[^0-9]+\=/", "", $QUERY_STRING); Assuming > QUERY_STRING was the data.

    $string=preg_replace("/[^0-9]+=[^&]/", '', $QUERY_STRING);

    -- 
    CC
    

    attached mail follows:


    hi folks,

    is there a way for unsetting an global variable from an function ?

    global $var; unset ( $var );

    does not work since, unset only removes the reference in from local namespace. but i need to remove it from the global one.

    any chance to do it ?

    ~-n

    --
     Enrico Weigelt    ==   meTUX IT services 
     software development, IT service, internet security solutions
     www:     http://www.metux.de/        phone:     +49 36207 519931
     email:   contactmetux.de            cellphone: +49 174 7066481
    

    attached mail follows:


    Try unset($GLOBALS["var"]);

    Best regards, Andrey Hristov

    ----- Original Message ----- From: "Enrico Weigelt" <weigeltmetux.de> To: <php-generallists.php.net> Sent: Thursday, February 28, 2002 9:44 AM Subject: [PHP] unsetting global variables from an function

    > > hi folks, > > is there a way for unsetting an global variable from an function ? > > global $var; unset ( $var ); > > does not work since, unset only removes the reference in from > local namespace. but i need to remove it from the global one. > > any chance to do it ? > > ~-n > > -- > Enrico Weigelt == meTUX IT services > software development, IT service, internet security solutions > www: http://www.metux.de/ phone: +49 36207 519931 > email: contactmetux.de cellphone: +49 174 7066481 > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > >

    attached mail follows:


    In article <20020228084437.B1221metux.de>, weigeltmetux.de (Enrico Weigelt) wrote:

    > is there a way for unsetting an global variable from an function ? > > global $var; unset ( $var ); > > does not work since, unset only removes the reference in from > local namespace. but i need to remove it from the global one. > > any chance to do it ?

    Instead of using the 'global' keyword, use the $GLOBALS array:

    $var='foobar';

    function gUnset() { echo "BEFORE: {$GLOBALS['var']}"; unset($GLOBALS['var']); echo "AFTER: {$GLOBALS['var']}"; }

    gUnset();

    -- 
    CC
    

    attached mail follows:


    Hi guys,

    is there a possibility to add a string in front of a veriable like the .= commands adds it to the end? I would like to create a 6 digit number out of a e.g. 2 digit one. Underneath is my not working code. Maybe someone knows how to solve that.

    Thanx Andy

    # create topic number 6 digit while (strlen($myrow[topic_id]) < 6){ $leading_digits .= '0'; } $topic_id = $leading_digits.$myrow[topic_id] ;

    attached mail follows:


    $leading_digits = '0' . $leading_digits;

    although what you probably want is strpad() or sprintf()

    On Thu, 28 Feb 2002, Andy wrote:

    > Hi guys, > > is there a possibility to add a string in front of a veriable like the .= > commands adds it to the end? I would like to create a 6 digit number out of > a e.g. 2 digit one. Underneath is my not working code. Maybe someone knows > how to solve that. > > Thanx Andy > > # create topic number 6 digit > while (strlen($myrow[topic_id]) < 6){ > $leading_digits .= '0'; > } > $topic_id = $leading_digits.$myrow[topic_id] ; > > > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php >

    attached mail follows:


    This seems an endless loop for me. You do not alter the $myrowp[topic_id] so its length is untouched => if it is <6 you will never get away from the loop. May be you want this.

    # create topic number 6 digit $count=strlen($myrow[topic_id]) ; while ($count-- < 6){ $leading_digits .= '0'; } $topic_id = $leading_digits.$myrow[topic_id] ;

    Best regards, Andrey Hristov

    ----- Original Message ----- From: "Andy" <news.lettersgmx.de> To: <php-generallists.php.net> Sent: Thursday, February 28, 2002 9:56 AM Subject: [PHP] Inserting leading 0 infront of a variable

    > Hi guys, > > is there a possibility to add a string in front of a veriable like the .= > commands adds it to the end? I would like to create a 6 digit number out of > a e.g. 2 digit one. Underneath is my not working code. Maybe someone knows > how to solve that. > > Thanx Andy > > # create topic number 6 digit > while (strlen($myrow[topic_id]) < 6){ > $leading_digits .= '0'; > } > $topic_id = $leading_digits.$myrow[topic_id] ; > > > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > >

    attached mail follows:


    Hi everybody, I am new in this group,so could any one tell me how to start learn PHP? I had install PHP in IIS so where is good place to start. Thanks in advance. Regards Dharmavatar

    attached mail follows:


    Hi dharma Better go about PHP manual ( since I started with that ). when you finish that, you would have some idea on where to go further.

    On Thu, 28 Feb 2002, dharmavatar wrote:

    > Hi everybody, > I am new in this group,so could any one tell me how to start learn PHP? > I had install PHP in IIS so where is good place to start. > Thanks in advance. > Regards > Dharmavatar > > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php >

    <smk_bkyahoo.com> ------------------------------------------------------------------- We must use time wisely and forever realize that the time is always ripe to do right." -- Nelson Mandela -------------------------------------------------------------------

    attached mail follows:


    dharmavatar wrote:

    >Hi everybody, >I am new in this group,so could any one tell me how to start learn PHP? >I had install PHP in IIS so where is good place to start. >Thanks in advance. >Regards >Dharmavatar > www.devshed.com has some excellent beginners tutorials in their PHP section (the PHP 101 series). Also check out this post I made on a web forum a while ago, it has a large number of beginners resources listed:

    http://www.sitepointforums.com/showthread.php?s=&threadid=18699

    attached mail follows:


    http://www.phpbuilder.com is an excellent site. Features articles and tutorials!

    Good luck

    Andy

    "Simon Willison" <cs1spwbath.ac.uk> schrieb im Newsbeitrag news:3C7E0FBD.6000404bath.ac.uk... > dharmavatar wrote: > > >Hi everybody, > >I am new in this group,so could any one tell me how to start learn PHP? > >I had install PHP in IIS so where is good place to start. > >Thanks in advance. > >Regards > >Dharmavatar > > > www.devshed.com has some excellent beginners tutorials in their PHP > section (the PHP 101 series). Also check out this post I made on a web > forum a while ago, it has a large number of beginners resources listed: > > http://www.sitepointforums.com/showthread.php?s=&threadid=18699 >

    attached mail follows:


    -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

    Hi all, I have an application that spits out a contact form in either English or Danish. Someone suggested I use a 'class factory' like the PEAR db abstraction layer and that is what I'm doing.

    So I choose the language like this:

    $form = Form::GetFormObject($lang); //different class for each lang

    No problem.

    My question is related to the efficiency of this.

    It is only the *properties* that are different in each language class not the methods so I'm including all the same methods twice! That doesn't seem terribly efficient.

    I thought maybe I could init properties with a constructor in a single class like this:

    <? class test { function test($lang) { if($lang=="en") { var $lang="English"; } else if($lang="dk") { var $lang="Danish"; } } } ?>

    But it fails.

    Is there a better way? It just seems like overkill to include 6-700 lines of methods /twice/

    Many thanks....

    - -- - ----------------------------------------------------------- www.explodingnet.com | Projects, Forums and + Articles for website owners - -- Nick Wilson -- | and designers.

    -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux)

    iD8DBQE8fe0UHpvrrTa6L5oRAgh5AJ9oXAQ4kMwj/neprZOQx1KZmpOWXACdFTiP WAFmmGoE60Y079p39i+pCnQ= =290x -----END PGP SIGNATURE-----

    attached mail follows:


    Hi I too suggested a way for your previous problem. What you are doing is right here, but some corrections are there.

    You cannot use 'var' to declare variables inside constructors rather you could use them only before constructor, and intialize them inside constructor, look out the below code.

    <?php class form { var $lang ; function constructor($language) { $lang = $language //...... other stuffs } }

    In addition you can't intialize them too before constructor.

    I hope it will work for you.

    On Thu, 28 Feb 2002, Nick Wilson wrote:

    > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Hi all, > I have an application that spits out a contact form in either English or > Danish. Someone suggested I use a 'class factory' like the PEAR db > abstraction layer and that is what I'm doing. > > So I choose the language like this: > > $form = Form::GetFormObject($lang); //different class for each lang > > No problem. > > My question is related to the efficiency of this. > > It is only the *properties* that are different in each language class > not the methods so I'm including all the same methods twice! That > doesn't seem terribly efficient. > > I thought maybe I could init properties with a constructor in a single > class like this: > > <? > function test($lang) { > if($lang=="en") { > var $lang="English"; > } else if($lang="dk") { > var $lang="Danish"; > } > } > } > ?> > > But it fails. > > Is there a better way? It just seems like overkill to include 6-700 > lines of methods /twice/ > > Many thanks.... > > - -- > - ----------------------------------------------------------- > www.explodingnet.com | Projects, Forums and > + Articles for website owners > - -- Nick Wilson -- | and designers. > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.0.6 (GNU/Linux) > > iD8DBQE8fe0UHpvrrTa6L5oRAgh5AJ9oXAQ4kMwj/neprZOQx1KZmpOWXACdFTiP > WAFmmGoE60Y079p39i+pCnQ= > =290x > -----END PGP SIGNATURE----- > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php >

    <smk_bkyahoo.com> ------------------------------------------------------------------- We must use time wisely and forever realize that the time is always ripe to do right." -- Nelson Mandela -------------------------------------------------------------------

    attached mail follows:


    -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

    * and then S.Murali Krishna declared.... > > Hi > I too suggested a way for your previous problem. > What you are doing is right here, but some corrections are there. > > You cannot use 'var' to declare variables inside constructors > rather you could use them only before constructor, and intialize > them inside constructor, look out the below code.

    Doh! what an idiot. I completely missed that. Now I see it it's obvious, thanks once again for your help S. - -- - ----------------------------------------------------------- www.explodingnet.com | Projects, Forums and + Articles for website owners - -- Nick Wilson -- | and designers.

    -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux)

    iD8DBQE8fg/oHpvrrTa6L5oRAkxnAJ9KJW8jGUaXAQ9TI2NNIF/Mfuu8CQCfVMJf CvJbklp8n3O0fOBS95YCzuM= =MCqF -----END PGP SIGNATURE-----

    attached mail follows:


    Nick Wilson wrote:

    >Is there a better way? It just seems like overkill to include 6-700 >lines of methods /twice/ > Use inheritance. Define a "base" class with all of the methods in it. Then define the two other classes to extend this base class, meaning they will have all of the methods you have defined but can implement their own variables:

    http://www.php.net/manual/en/keyword.extends.php

    attached mail follows:


    -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

    * and then Simon Willison declared.... > Nick Wilson wrote: > > >Is there a better way? It just seems like overkill to include 6-700 > >lines of methods /twice/ > > > Use inheritance. Define a "base" class with all of the methods in it. > Then define the two other classes to extend this base class, meaning > they will have all of the methods you have defined but can implement > their own variables: > > http://www.php.net/manual/en/keyword.extends.php

    Hmmm.... another good answer, I'll get right on it. Thanks Simon. - -- - ----------------------------------------------------------- www.explodingnet.com | Projects, Forums and + Articles for website owners - -- Nick Wilson -- | and designers.

    -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux)

    iD8DBQE8fhCbHpvrrTa6L5oRArgpAJ9XdY4eyY2rK+I1lesFEbS96Z/CMgCgn+8f UdoP8r3CoAly+Rubr08VltY= =e07I -----END PGP SIGNATURE-----

    attached mail follows:


    On Thu, 28 Feb 2002, Nick Wilson wrote:

    > It is only the *properties* that are different in each language class > not the methods so I'm including all the same methods twice! That > doesn't seem terribly efficient.

    There is no need to rewrite the methods. See:

    http://www.php.net/manual/en/keyword.extends.php

    -- 
    Mika Tuupola                      http://www.appelsiini.net/~tuupola/
    

    attached mail follows:


    Dear list

    I run a php Version on my win2k with MySQL.

    I have a database runnning keeping address records.

    I do offer a form-html page to edit certain records.

    On a PC I can enter any character of the German language and it appears right in the db.

    On a MAC I can only enter the correct chars on Internet Explorer, not on Netscape.

    Does anyone out there have any idea what this could be caused by ?!? and how to avoid this ?

    thanks for any help.

    markus

    attached mail follows:


    You need to insert the following lines after this line: Header("Content-type: image/gif");

    $im = ImageCreateFromString ($fileContent); ImageGif ($im);

    and then remove this line: echo $fileContent; That should do it.

    /Joakim

    -----Original Message----- From: Narvaez, Teresa [mailto:Teresa.NarvaezDynCorp.com] Sent: Wednesday, February 27, 2002 8:32 PM To: 'joakim.anderssoncybercom.se'; php-generallists.php.net Subject: RE: [PHP] Unable to display images on browser

    Hello, Thanks for your help. This is what I have for file1.php and ddownloadfile.php. What I want is to click on "Donwnload now" link and be able to get the file out of the database and display it on the browser. Thank you in adavance, -Teresa file1.php ----------- <?php while ($row = mysql_fetch_array($result)) { ?> SOME_HTLM_CODE_TO_DISPLAY_DB_FIELDS_GOES_HERE; // <img src=\"ddownloadfile.php?fileId=<?php echo $row["PicNum"]; ?>\" > <a href="ddownloadfile.php?fileId=<?php echo $row["PicNum"]; ?>" > Download Now </a></font> </td> </tr> <?php

    ddownloadfile.php ------------------ <? $dbQuery = "Select PicNum, size, type, description, Image"; $dbQuery .= " FROM Images WHERE PicNum = $fileId"; $result = mysql_query($dbQuery) or die ("Could not get file list: " . mysql_error() ); echo "Sent Query successfully<br>"; if ( mysql_num_rows($result) == 1) { $fileType = mysql_result($result,0, "type"); $fileContent = mysql_result($result, 0, "Image"); $filedesc = mysql_result($result,0, "description"); $filenum = mysql_result($result,0, "PicNum"); Header("Content-type: image/gif"); echo $fileContent; } else { echo "Record does not exist"; } // else ?>

    attached mail follows:


    -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

    Hi everyone, a potential client just sent me this. Is it an old problem? or a new one?

    - ----------begin forwarded worrier-----------

    Hi Nick

    Did you mention that you use PHP?

    I subscribe to a photo gallery site and they stopped uploads due to the following problem.

    "Feb 27, 2002, 10:11 PM] Emergency Security Update Within the last 24 hours, details of a vulnerability in PHP which can be exploited remotely have been made public. The vulnerability allows any attacker to send a malformed POST request to a PHP-enabled Web server in a manner that will allow remote access as the user running the Web server processes. In the general case on our servers, this means the "nobody" user.

    Although the "nobody" user has limited privileges, any such access is a potential launching point for other nefarious activities. Moreover, some customers may be using a PHP with cgiwrap, meaning that their actual account is vulnerable because of this weakness. We are working to deploy and test a new build of Apache that will include PHP 4.1.2, the version created specifically to address this vulnerability. However, this requires careful testing and can not be deployed immediately. In the interim, therefore, we have disabled the file upload feature of PHP on our servers. This is the quick workaround recommended by PHP developers and the CERT advisory. We are also contacting all customers who are using custom PHP builds, and recommending that they take similar steps until such time as they can deploy PHP 4.1.2. We understand that this change interferes with functionality for some customer sites. We will have the new Apache+PHP build in place as soon as possible, and will post a further notice at that time. We ask that our customers respect our insistence on treating security vulnerabilities as problems no less critical than system outages. For more information, please visit: <http://www.cert.org/advisories/CA-2002-05.html> <http://security.e-matters.de/advisories/012002.html>

    regards

    Steve Pickering

    SimCorp Financial Training A/S Indiakaj 1, 2100 Copenhagen O Denmark Phone: +45 35 44 68 00, Direct: +45 35 44 68 17, Mobile: +45 40 86 41 13, Fax: +45 35 44 68 11 mailto:steve.pickeringsimcorp.com Homepage: http://www.simcorp.com

    This message, and any associated files, is intended only for the use of the individual or entity to which it is addressed and may contain information that is confidential, privileged, subject to copyright or which constitutes a trade secret. If you are not the intended recipient you are hereby notified that any dissemination, copying, or distribution of this message or files associated with this message is strictly prohibited. If you have received this message in error, please notify us immediately or forward this message immediately to infoSimCorp.com. Thank You

    - ----- End forwarded message -----

    - -- - ----------------------------------------------------------- www.explodingnet.com | Projects, Forums and + Articles for website owners - -- Nick Wilson -- | and designers.

    -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux)

    iD8DBQE8fgF7HpvrrTa6L5oRAlz3AJ9O0FG+5JQrkSFfRYrD+NuKnUnkUQCdFkSM ZpnF/f9HI/AtHeZAV7hPsPk= =3HmD -----END PGP SIGNATURE-----

    attached mail follows:


    It's a new problem - www.php.net has a fix available though.

    Nick Wilson (E-mail) wrote:

    >-----BEGIN PGP SIGNED MESSAGE----- >Hash: SHA1 > > >Hi everyone, a potential client just sent me this. Is it an old problem? >or a new one? > >- ----------begin forwarded worrier----------- > >Hi Nick > >Did you mention that you use PHP? > >I subscribe to a photo gallery site and they stopped uploads due to the >following problem. > >"Feb 27, 2002, 10:11 PM] Emergency Security Update > Within the last 24 hours, details of a vulnerability in PHP which >can be exploited remotely have been made public. The vulnerability allows >any attacker to send a malformed POST request to a PHP-enabled Web server in >a manner that will allow remote access as the user running the Web server >processes. In the general case on our servers, this means the "nobody" user. > > Although the "nobody" user has limited privileges, any such access >is a potential launching point for other nefarious activities. Moreover, >some customers may be using a PHP with cgiwrap, meaning that their actual >account is vulnerable because of this weakness. > We are working to deploy and test a new build of Apache that will >include PHP 4.1.2, the version created specifically to address this >vulnerability. However, this requires careful testing and can not be >deployed immediately. In the interim, therefore, we have disabled the file >upload feature of PHP on our servers. This is the quick workaround >recommended by PHP developers and the CERT advisory. We are also contacting >all customers who are using custom PHP builds, and recommending that they >take similar steps until such time as they can deploy PHP 4.1.2. > We understand that this change interferes with functionality for >some customer sites. We will have the new Apache+PHP build in place as soon >as possible, and will post a further notice at that time. We ask that our >customers respect our insistence on treating security vulnerabilities as >problems no less critical than system outages. > For more information, please visit: > <http://www.cert.org/advisories/CA-2002-05.html> > <http://security.e-matters.de/advisories/012002.html> > >regards > > >Steve Pickering > >SimCorp Financial Training A/S >Indiakaj 1, 2100 Copenhagen O >Denmark >Phone: +45 35 44 68 00, Direct: +45 35 44 68 17, Mobile: +45 40 86 41 13, >Fax: +45 35 44 68 11 >mailto:steve.pickeringsimcorp.com Homepage: http://www.simcorp.com > > > >This message, and any associated files, is intended only for the use of the >individual or entity to which it is addressed and may contain information >that is confidential, privileged, subject to copyright or which constitutes >a trade secret. If you are not the intended recipient you are hereby >notified that any dissemination, copying, or distribution of this message or >files associated with this message is strictly prohibited. If you have >received this message in error, please notify us immediately or forward this >message immediately to infoSimCorp.com. Thank You > >- ----- End forwarded message ----- > >- -- >- ----------------------------------------------------------- > www.explodingnet.com | Projects, Forums and > + Articles for website owners >- -- Nick Wilson -- | and designers. > >-----BEGIN PGP SIGNATURE----- >Version: GnuPG v1.0.6 (GNU/Linux) > >iD8DBQE8fgF7HpvrrTa6L5oRAlz3AJ9O0FG+5JQrkSFfRYrD+NuKnUnkUQCdFkSM >ZpnF/f9HI/AtHeZAV7hPsPk= >=3HmD >-----END PGP SIGNATURE----- >

    attached mail follows:


    Hi,

    I've never had reason to get deeply into array functions, but now it is very likely needed. I'm working on a small search engine (to search text from articles) and I'm not sure wheter I will be able to complete it without any external help.

    Here is a snip of code:

    /* I'm using MySQL 3.23.37 together with 4.0.6 on a FreeBSD box */

    $article_query = mysql_query("select article_name, article_text from articles where article_name LIKE '%$q%'") or die (mysql_error()); /* $q is the search query with a space added in front */

    while ($results = mysql_fetch_array($article_query)) { $art_name = $results["article_name"]; $art_text = $results["article_text"]; $q_count = substr_count($art_text, "$q"); }

    </end_of_code>

    What I'd like to do is to get the results displayed and ORDERED by q_count - this number shows how many times the search query accoures in the article text. Now, this could probably be done in two ways:

    1) redefining the SQL query to something like this: article_query = mysql_query("select article_name, article_text from articles where article_name LIKE '%$q%' ORDER BY $q ACCOURANCE IN ARTICLE_TEXT DESC") or die (mysql_error());

    What I am not sure of is how to write the 'ORDER BY $q ACCOURANCE IN ARTICLE_TEXT DESC' part.

    2) building a two-dimensional array (one dimension is the $art_name and $art_text, another the $q_count), sort it by $q_count and then display the members of this array.

    I feel very uncomfortable both with array's and complicated SQL queries, therefore I wonder if somebody could show me the way? The solution letting MySQL to do the job is probably faster and therefore prefered... I guess. Or not?

    TIA, Kristjan

    P.S. Pls. CC me as well, I am only on the digest.

    attached mail follows:


    Here is a way of doing it with arrays - I don't know enough advanced mySQL syntax to see how it could be done just in mySQL:

    $resultsArray = array();

    while ($results = mysql_fetch_array($article_query)) { $art_name = $results["article_name"]; $art_text = $results["article_text"]; $q_count = substr_count($art_text, "$q"); $resultsArray[$q_count] = $art_text; }

    // $resultsArray is now a 2D array of results - order it

    arsort($resultsArray); reset($resultsArray);

    // Now display the results

    $list = '<ul>'; while (list($name, $score) = each($resultsArray)) { $list .= "<li><b>$name</b> - score $score</li>\n"; } $list .= '</ul>';

    echo $list;

    Kristjan Kanarik wrote:

    >Hi, > >I've never had reason to get deeply into array functions, but now it is >very likely needed. I'm working on a small search engine (to search >text from articles) and I'm not sure wheter I will be able to complete it >without any external help. > >Here is a snip of code: > > /* I'm using MySQL 3.23.37 together with 4.0.6 on a FreeBSD box */ > > $article_query = mysql_query("select article_name, article_text from >articles where article_name LIKE '%$q%'") or die (mysql_error()); > /* $q is the search query with a space added in front */ > >while ($results = mysql_fetch_array($article_query)) > { > $art_name = $results["article_name"]; > $art_text = $results["article_text"]; > $q_count = substr_count($art_text, "$q"); > } > > ></end_of_code> > >What I'd like to do is to get the results displayed and ORDERED by q_count >- this number shows how many times the search query accoures in the >article text. Now, this could probably be done in two ways: > >1) redefining the SQL query to something like this: >article_query = mysql_query("select article_name, article_text from >articles where article_name LIKE '%$q%' ORDER BY $q ACCOURANCE IN >ARTICLE_TEXT DESC") or die (mysql_error()); > >What I am not sure of is how to write the 'ORDER BY $q ACCOURANCE IN >ARTICLE_TEXT DESC' part. > >2) building a two-dimensional array (one dimension is the $art_name and >$art_text, another the $q_count), sort it by $q_count and then display the >members of this array. > > >I feel very uncomfortable both with array's and complicated SQL queries, >therefore I wonder if somebody could show me the way? The solution letting >MySQL to do the job is probably faster and therefore prefered... I guess. >Or not? > >TIA, >Kristjan > >P.S. Pls. CC me as well, I am only on the digest. >

    attached mail follows:


    Kristjan Kanarik wrote: > Hi, > > I've never had reason to get deeply into array functions, but now it is > very likely needed. I'm working on a small search engine (to search > text from articles) and I'm not sure wheter I will be able to complete it > without any external help. > <snip> > > I feel very uncomfortable both with array's and complicated SQL queries, > therefore I wonder if somebody could show me the way? The solution letting > MySQL to do the job is probably faster and therefore prefered... I guess. > Or not?

    You are right to let MySQL handle the job. If you've a moderately recent version of MySQL, you should investigate the idea of 'FULLTEXT' searching. Basically you create a FULLTEXT index on one or more columns in a table, and have MySQL do a 'match' of a phrase against that index. It'll handle multiple words in a phrase, and filter out stop words, etc. It's pretty handy, and can return 'relevance', although it won't be '# of times word occured' as you're looking for.

    Contact me if you want more info.

    Michael Kimsal http://www.phphelpdesk.com 734-480-9961

    attached mail follows:


    Help me!!!Can I use PHP to send SMS message???If yes, how can I use it???

    (((Please e-mail the answer to me ---waiwingheiyahoo.com.hk)))

    attached mail follows:


    hei wrote:

    >Help me!!!Can I use PHP to send SMS message???If yes, how can I use it??? > > >(((Please e-mail the answer to me ---waiwingheiyahoo.com.hk))) > One very cheeky way of doing this would be to sign up to one of the free SMS services on the web (such as lycos mobile) and set up a PHP script that can "pretend" to be a browser, log in to your account and post a message to the "send SMS" form. You could do this using something along the lines of CURL or Snoopy (I recommend Snoopy as it doesn't require anything to be installed on your web server):

    http://snoopy.sourceforge.net/

    You would have to figure out how the authentication scheme for your chosen web-based SMS service works (most of them use cookies). The main disadvantage is that it's a bit of a dirty hack and it would stop working if the free web service went down or changed the way its authentication / SMS form worked. Free services also tend to limit you to a certain number of messages a day.

    The professional alternative is to invest in some kind of web to SMS gateway, but I think that's quite an expensive option.

    attached mail follows:


    Can I use PHP to check server software??? example : If I input http://yahoo.com , it will appear Apache If I input http://microsoft.com , it will appear IIS6

    attached mail follows:


    Hei wrote: > Can I use PHP to check server software???

    you can use curl, see the func below. needs the php-curl libary enabled.

    phil.

    <title>showHeader - lese HTTP Header Antwort des entfernten Servers</title> <form action="<?php echo $PHP_SELF ?>"> <input type="text" name="url" value="<?php echo $url ?>" style="width:300px;"> <input type="submit" name="submit" value="showHeader"> </form>

    <pre> <?php

    include_once("getHttpHeader.php");

    if ($url == "" || ereg("^[ ]{1,}$",$url)) // string leer oder aus nur einem oder mehreren leerzeichen // url ungesetzt oder nur leerzeichen { echo "<p>... waiting for url</p>"; exit; } else { echo "<p><b>$url</b><br />returned the following header:</p>"; echo getHttpHeader($url); } ?> </pre>

    -----------------------------

    <?php

    function getHttpHeader($url) { ob_start(); // send all output to a buffer instead of being displayed $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url); #curl_setopt($ch, CURLOPT_USERPWD, $user.":".$password); curl_setopt($ch, CURLOPT_HEADER, 1); curl_setopt($ch, CURLOPT_NOBODY, 1); #curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "HEAD / HTTP/1.0"); curl_exec($ch); curl_close ($ch); $header = ob_get_contents(); // put all buffered output into $header ob_end_clean(); return $header; }

    ?>

    attached mail follows:


    you COULD...actually, you would need to either open a socket or use the curl functions to talk to the server, retrieve a page, examine the headers and find the type.

    Might just be easier to go to www.netcraft.com =C=

    * * Cal Evans * Journeyman Programmer * Techno-Mage * http://www.calevans.com *

    -----Original Message----- From: hei [mailto:waiwingheiyahoo.com.hk] Sent: Thursday, February 28, 2002 4:23 AM To: php-generallists.php.net Subject: [PHP] Can I use PHP to check server software????

    Can I use PHP to check server software??? example : If I input http://yahoo.com , it will appear Apache If I input http://microsoft.com , it will appear IIS6

    --
    PHP General Mailing List (http://www.php.net/)
    To unsubscribe, visit: http://www.php.net/unsub.php
    

    attached mail follows:


    Hi,

    Has anyone any idea, what the following error might mean: Warning: semget() failed for key 0x219c: No space left on device

    What space am I out of?

    FreeBSD 4.4-STABLE, PHP 4.1.1.

    Rgds, Indrek

    --
    For technical support contracts, goto https://order.mysql.com/
       __  ___     ___ ____  __
      /  |/  /_ __/ __/ __ \/ /    Indrek Siitan <tfrmysql.com>
     / /|_/ / // /\ \/ /_/ / /__   MySQL AB, The Web Guru
    /_/  /_/\_, /___/\___\_\___/   Tallinn, Estonia
           <___/   www.mysql.com
    

    attached mail follows:


    Hi Id reeeeeeaaaaaaaally like to know the syntax for returning results from a called function to the program that called it;)

    <? program

    add($a,$b); echo"$ab"; ?>

    =============== <?

    function add($a,$b) { $ab =$a+$b; } return??????????????????????????

    ?>

    Many many thanks

    JD

    _________________________________________________________________ Chat with friends online, try MSN Messenger: http://messenger.msn.com

    attached mail follows:


    Sumthin like this...

    <?PHP

    $a=10; $b=20; echo add($a,$b)

    function($one, $two){ return $one + $two } // function($one, $two) ?>

    * * Cal Evans * Journeyman Programmer * Techno-Mage * http://www.calevans.com *

    -----Original Message----- From: me us [mailto:durameenhotmail.com] Sent: Wednesday, February 27, 2002 3:23 PM To: php-generallists.php.net Subject: [PHP] novice question

    Hi Id reeeeeeaaaaaaaally like to know the syntax for returning results from a called function to the program that called it;)

    <? program

    add($a,$b); echo"$ab"; ?>

    =============== <?

    function add($a,$b) { $ab =$a+$b; } return??????????????????????????

    ?>

    Many many thanks

    JD

    _________________________________________________________________ Chat with friends online, try MSN Messenger: http://messenger.msn.com

    --
    PHP General Mailing List (http://www.php.net/)
    To unsubscribe, visit: http://www.php.net/unsub.php
    

    attached mail follows:


    JD,

    This is how you would do it:

    <? $ab = add($a,$b); echo"$ab"; ?> - or you could do it directly like this - <? echo add($a,$b); ?> - or my personal preference - <?=add($a,$b)?> =============== <? function add($a,$b) { $ab =$a+$b; return $ab; } ?>

    A quick read of the section on functions in the online manual would be a great resource. In fact, I recommend checking the manual before posting to this list. It's a great tool and contains user comments. Chances are that if you have a problem, someone else has already run into it and posted the solution in the manual. Here's a link: http://www.php.net/manual/en/functions.php

    Regards, Jason Cox ----- Original Message ----- From: "me us" <durameenhotmail.com> To: <php-generallists.php.net> Sent: Wednesday, February 27, 2002 2:23 PM Subject: [PHP] novice question

    > Hi > Id reeeeeeaaaaaaaally like to know the syntax for returning results from a > called function to the program that called it;) > > <? > program > > add($a,$b); > echo"$ab"; > ?> > > > =============== > <? > > function add($a,$b) > { > $ab =$a+$b; > } > return?????????????????????????? > > > ?> > > > Many many thanks > > JD > > _________________________________________________________________ > Chat with friends online, try MSN Messenger: http://messenger.msn.com > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > >

    attached mail follows:


    Guys,

    I'm trying to output the result of a shell command within a page. Problem is, when it's a command with short execution time like echo shell_exec("ls -la"); it works fine, but the command I'm really trying to execute takes 2-3 seconds before having calculated the response and by then, the page is already done and the output of the command isn't included.

    I played around with the settings in php.ini, but none of them changed the problem. Maybe an Apache problem?

    What am I missing?

    Thanks in advance.

    Regards,

    Gunther E. Biernat

    attached mail follows:


    On Thursday 28 February 2002 19:09, Gunther E. Biernat wrote: > Guys, > > I'm trying to output the result of a shell command within a page. Problem > is, when it's a command with short execution time like echo shell_exec("ls > -la"); > it works fine, but the command I'm really trying to execute takes 2-3 > seconds before having calculated the response and by then, the page is > already done and the output of the command isn't included. > > I played around with the settings in php.ini, but none of them changed the > problem. Maybe an Apache problem? > > What am I missing?

    The shell_exec() function *waits* for the output from the command. I tried:

    echo shell_exec("find / -name *.doc");

    which takes nearly 2 minutes to complete and I still got the complete output.

    Are you sure your command returns some output? Have you tried it within a real shell?

    -- 
    Jason Wong -> Gremlins Associates -> www.gremlins.com.hk
    

    /* Desist from enumerating your fowl prior to their emergence from the shell. */

    attached mail follows:


    Hmm, yes, did so, even as the user that the webserver is running as. Switched to another webserver software (caudium) on the same machine and had the script running there, works fine, takes the 2-3 seconds and the output is included as intended. Huh?

    On Thu, 28 Feb 2002 20:13:24 +0800, Jason Wong wrote:

    >On Thursday 28 February 2002 19:09, Gunther E. Biernat wrote: >> Guys, >> >> I'm trying to output the result of a shell command within a page. Problem >> is, when it's a command with short execution time like echo shell_exec("ls >> -la"); >> it works fine, but the command I'm really trying to execute takes 2-3 >> seconds before having calculated the response and by then, the page is >> already done and the output of the command isn't included. >> >> I played around with the settings in php.ini, but none of them changed the >> problem. Maybe an Apache problem? >> >> What am I missing? > >The shell_exec() function *waits* for the output from the command. I tried: > > echo shell_exec("find / -name *.doc"); > >which takes nearly 2 minutes to complete and I still got the complete output. > >Are you sure your command returns some output? Have you tried it within a >real shell? > > > >-- >Jason Wong -> Gremlins Associates -> www.gremlins.com.hk > >/* >Desist from enumerating your fowl prior to their emergence from the shell. >*/ > >-- >PHP General Mailing List (http://www.php.net/) >To unsubscribe, visit: http://www.php.net/unsub.php >

    Regards

    Gunther E. Biernat Lead Program Manager Consumer Systems, Europe ______________________________________________________________

    RealNetworks GmbH Tel.: +49-40-415204-24 Weidestraße 128 Fax.: +49-40-415204-11 22083 Hamburg Mail: GEBiernatreal.com Germany URL : http://de.real.com ______________________________________________________________

    attached mail follows:


    On Thursday 28 February 2002 20:30, Gunther E. Biernat wrote: > Hmm, yes, did so, even as the user that the webserver is running as. > Switched to another webserver software (caudium) on the same machine and > had the script running there, works fine, takes the 2-3 seconds and the > output is included as intended. Huh?

    Can't think of anything else. Could you post your code? You never know, it might be a silly little mistake you're overlooking.

    -- 
    Jason Wong -> Gremlins Associates -> www.gremlins.com.hk
    

    /* More are taken in by hope than by cunning. -- Vauvenargues */

    attached mail follows:


    Weird, built a newer apache version, and it runs like hell. Thanks for your help.

    On Thu, 28 Feb 2002 22:45:52 +0800, Jason Wong wrote:

    >On Thursday 28 February 2002 20:30, Gunther E. Biernat wrote: >> Hmm, yes, did so, even as the user that the webserver is running as. >> Switched to another webserver software (caudium) on the same machine and >> had the script running there, works fine, takes the 2-3 seconds and the >> output is included as intended. Huh? > >Can't think of anything else. Could you post your code? You never know, it >might be a silly little mistake you're overlooking. > > >-- >Jason Wong -> Gremlins Associates -> www.gremlins.com.hk > >/* >More are taken in by hope than by cunning. > -- Vauvenargues >*/ > >-- >PHP General Mailing List (http://www.php.net/) >To unsubscribe, visit: http://www.php.net/unsub.php >

    Regards

    Gunther E. Biernat Lead Program Manager Consumer Systems, Europe ______________________________________________________________

    RealNetworks GmbH Tel.: +49-40-415204-24 Weidestraße 128 Fax.: +49-40-415204-11 22083 Hamburg Mail: GEBiernatreal.com Germany URL : http://de.real.com ______________________________________________________________

    attached mail follows:


    OK, I don't have the problem any more but I decided to go ahead with the post anyway (since I already wrote it up). I solved the problem by turning off magic quotes in the php.ini file. I made this file for the purposes of a training course I'm writing.

    At the bottom of this email I've included the source.

    The error is: Warning: unserialize() failed at offset 8 of 157 bytes in [blah].php on line 17

    I'm running PHP 4.1.1 on win2k testing with IE5.5 and also Netscape 6.2.1 There shouldn't be an issue with setting the cookie since I can successfully display the serialised cookie (see debug line).

    Thanks in advance. [TK]

    Here comes the code.

    <?php $needARefresh = FALSE ; if(isset($frmAction)){ $token = array( 'name' => $frmName, 'food' => $frmFood, 'colour' => $frmColour, 'petHate' => $frmPetHate, 'joke' => $frmJoke ) ; $safeToken = serialize($token); setcookie("personalisedInfo",$safeToken); $needARefresh = TRUE ; } if(isset($_COOKIE["personalisedInfo"])){ echo $_COOKIE["personalisedInfo"] ; //debug $arrayBack = unserialize($_COOKIE["personalisedInfo"]); $name = $arrayBack['name']; $food = $arrayBack['food']; $colour = $arrayBack['colour']; $petHate = $arrayBack['petHate']; $joke = $arrayBack['joke']; } else { $name = NULL ; $food = NULL ; $colour = NULL ; $petHate = NULL ; $joke = NULL ; } ?> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">

    <html> <head> <title>PHP tutorial: serialize/unserialize</title> <?php if($needARefresh) { ?> <meta http-equiv="Refresh" content="0;URL=<?= $PHP_SELF ?>"> <?php } ?> </head>

    <body> <h1>The serializer()</h1> <table> <caption>A survey</caption> <form action="<?= $PHP_SELF ?>" method="post"> <tr> <td align="right">your name:</td> <td><input type="text" name="frmName" value="<?= $name ?>"></td> </tr> <tr> <td align="right">favourite food:</td> <td><input type="text" name="frmFood" value="<?= $food ?>"></td> </tr> <tr> <td align="right">favourite colour:</td> <td><input type="text" name="frmColour" value="<?= $colour ?>"></td> </tr> <tr> <td align="right">pet hate:</td> <td><input type="text" name="frmPetHate" value="<?= $petHate ?>"></td> </tr> <tr> <td align="right">tell me a joke:</td> <td><textarea cols="" rows="" name="frmJoke"><?= $joke ?></textarea></td> </tr> <tr> <td>&nbsp;</td> <td><input type="submit" name="frmAction" value="send"></td> </tr> </form> </table> </body> </html>

    attached mail follows:


    Hello everyone,

    I know the basic basics of PHP that I learned from the PHP 4 Bible book, but I would like to learn ALOT more. I'm going to continue in my book, but does anyone have a suggestion on where to learn more?

    Is there any very experienced PHP programmer out there who has MSN Messenger? If do my MSN email is kennedy_sean_mhotmail.com.

    THANKS ALOT!

    -Sean Kennedy -http://www.gdesigns.vcn.com

    attached mail follows:


    Sean Kennedy wrote:

    >I know the basic basics of PHP that I learned from the PHP 4 Bible book, but I >would like to learn ALOT more. I'm going to continue in my book, but does >anyone have a suggestion on where to learn more? > Read EVERY article in the archive of www.phpbuilder.com - it'll take a while but you'll learn a huge amount about PHP. www.zend.com and www.devshed.com also have some great articles for learning more about PHP.

    attached mail follows:


    Thank you Simon.

    -Sean -http://www.gdesigns.vcn.com

    ----- Original Message ----- From: "Simon Willison" <cs1spwbath.ac.uk> To: "Sean Kennedy" <gdesignsvcn.com> Cc: <php-generallists.php.net> Sent: Thursday, February 28, 2002 4:20 AM Subject: Re: [PHP] Where can I learn?

    > Sean Kennedy wrote: > > >I know the basic basics of PHP that I learned from the PHP 4 Bible book, but I > >would like to learn ALOT more. I'm going to continue in my book, but does > >anyone have a suggestion on where to learn more? > > > Read EVERY article in the archive of www.phpbuilder.com - it'll take a > while but you'll learn a huge amount about PHP. www.zend.com and > www.devshed.com also have some great articles for learning more about PHP. > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php >

    attached mail follows:


    jtjohnston wrote:

    >I can't get this to work: >if(isset($submit)) > >with: > ><input type=\"image\" name=\"submit\" value=\"submit\" >src=\"next.gif\" border=\"0\" align=\"ABSCENTER\"> > >I'm not coding correctly? > If you are testing for $submit a work around is to have a hidden field in your form that looks like this:

    <input type="hidden" name="submit" value="yes">

    That way any tests for $submit will come up as true once the form has been submitted, but you can still use an image for the actual button.

    attached mail follows:


    just use an input type=hidden and call it submit,thats what i do ----- Original Message ----- From: "jtjohnston" <taylorjocollegesherbrooke.qc.ca> To: <php-generallists.php.net> Sent: Thursday, February 28, 2002 5:32 AM Subject: Re: [PHP] if(isset($submit))

    > So I can forget using type="image" :( > Waaaaaaaaah, it's not fair! > > :) J > > Martin Towell wrote: > > > I used this code > > > > <form action="/inetpub/wwwroot/top.html" method="get"> > > <input type="image" src="none.gif" width="125" height="25" name="submit" > > value="submit"> > > </form> > > > > when I clicked on the image, I got this url > > > > file:///C:/inetpub/wwwroot/top.html?submit.x=118&submit.y=20 > > > > so php would get this as $submit_x and $submit_y > > > > HTH > > Martin > > > > -----Original Message----- > > From: jtjohnston [mailto:taylorjocollegesherbrooke.qc.ca] > > Sent: Thursday, February 28, 2002 4:17 PM > > To: php-generallists.php.net > > Subject: [PHP] if(isset($submit)) > > > > Has anyone tried: > > > > <input type=\"image\" name=\"submit\" value=\"submit\" > > src=\"next.gif\" border=\"0\" align=\"ABSCENTER\"> > > > > instead of : > > > > <input type=\"submit\" name=\"submit\" value=\">>\"> > > > > I can't get this to work: > > if(isset($submit)) > > > > with: > > > > <input type=\"image\" name=\"submit\" value=\"submit\" > > src=\"next.gif\" border=\"0\" align=\"ABSCENTER\"> > > > > I'm not coding correctly? > > > > -- > > PHP General Mailing List (http://www.php.net/) > > To unsubscribe, visit: http://www.php.net/unsub.php > > -- > John Taylor-Johnston > --------------------------------------------------------------------------

    ---
    >
    >   ' ' '   Collège de Sherbrooke:
    >  ô¿ô   http://www.collegesherbrooke.qc.ca/languesmodernes/
    >    -     Université de Sherbrooke:
    >           http://compcanlit.ca/
    >           819-569-2064
    >
    >
    

    attached mail follows:


    Is there any way that PHP can grab the time and date of a file ??

    attached mail follows:


    Philip J. Newman wrote:

    >Is there any way that PHP can grab the time and date of a file ?? > If you mean a file's last-access and last-modified date then yes, you need the stat() function:

    www.php.net/stat

    For example:

    $stat = stat('file.txt'); $modified = date('l, F dS', $stat[9]); $lastaccess = date('l, F dS', $stat[8]);

    attached mail follows:


    Maybe of interest !

    http://security.e-matters.de/advisories/012002.html

    attached mail follows:


    > -----Original Message----- > From: Vidyut Luther [mailto:vlutherlinuxpowered.com] > Sent: 28 February 2002 01:27 > > but when i do. > > > array_walk ($fieldname, '$check->is_allletters'); > > I get the error. > Warning: Unable to call $check->is_allletters() - function does not > exist .

    RTFM: http://www.php.net/manual/en/function.array-walk.php, right near the beginning, contains the following:

    > Note: Instead of a function name, an array containing an object > reference and a method name can also be supplied.

    So you want: array_walk ($fieldname, array($check,'is_allletters');

    Cheers!

    Mike

    --------------------------------------------------------------------- Mike Ford, Electronic Information Services Adviser, Learning Support Services, Learning & Information Services, JG125, James Graham Building, Leeds Metropolitan University, Beckett Park, LEEDS, LS6 3QS, United Kingdom Email: m.fordlmu.ac.uk Tel: +44 113 283 2600 extn 4730 Fax: +44 113 283 3211

    attached mail follows:


    > -----Original Message----- > From: Ford, Mike [LSS] [mailto:M.Fordlmu.ac.uk] > Sent: 28 February 2002 12:16 > > So you want: > array_walk ($fieldname, array($check,'is_allletters');

    OOPS! Make that: array_walk ($fieldname, array($check,'is_allletters'));

    But you'd have figured that out from the syntax error message, right?

    Cheers!

    Mike

    --------------------------------------------------------------------- Mike Ford, Electronic Information Services Adviser, Learning Support Services, Learning & Information Services, JG125, James Graham Building, Leeds Metropolitan University, Beckett Park, LEEDS, LS6 3QS, United Kingdom Email: m.fordlmu.ac.uk Tel: +44 113 283 2600 extn 4730 Fax: +44 113 283 3211

    attached mail follows:


    hi

    whats the difference between print and echo ?

    thanks

    attached mail follows:


    eoghan wrote:

    >whats the difference between >print and echo ? > From memory, print() is a function while echo is a language construct. The major difference is that you can use echo with a comma seperated list of arguments, while print requires you to concatenate strings. For example:

    echo "hello ", "world"; print "hello "."world";

    Of these two the echo command is more efficient. The print statement requires PHP to create a new string in memory and copy "hello " and "world" into it, then display that string. The echo command does not require the new string creation step - instead it sends "hello " to the browser, then sends "world" to the browser without needing to stick them together in memory first.

    The difference in performance however is minimal to the point of being completely un-noticable.

    I think that's the difference anyway :)

    Simon

    attached mail follows:


    As far as the output in the browser there is no differnece between echo " "; and print(" "); .

    -Sean ----- Original Message ----- From: "eoghan" <eoghancinehub.com> To: <php-generallists.php.net> Sent: Thursday, February 28, 2002 5:17 AM Subject: [PHP] just wanna know

    > hi > > whats the difference between > print and echo ? > > thanks > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php >

    attached mail follows:


    Is this vulnerability exploitable only if I have an upload page or is it also possible to use it other ways? From reading the pages I have found I guess it's only the first way, but I want to be sure.

    /BoK

    >http://www.php.net/ > >[27-Feb-2002] Due to a security issue found in all versions of PHP >(including 3.x and 4.x), a new version of PHP has been released. Details >about the security issue are available here. All users of PHP are strongly >encouraged to either upgrade to PHP 4.1.2, or install the patch (available >for PHP 3.0.18, 4.0.6 and 4.1.0/4.1.1). > >http://security.e-matters.de/advisories/012002.html

    -------------------------------------------------- Bo Kleve Mail: BoKUNIT.LiU.SE Linkoping University Phone: +46 13 281761 Sweden Fax: +46 13 284400

    attached mail follows:


    Assuming soldQty is a number and not a string:

    "UPDATE products SET soldqty=soldqty+$sqty WHERE articelno='$articleno'";

    If ArticleNo is a number you might want to remove the quotes there too.

    =C= * * Cal Evans * Journeyman Programmer * Techno-Mage * http://www.calevans.com *

    -----Original Message----- From: Jan Grafström [mailto:jangrafstrom.net] Sent: Thursday, February 28, 2002 1:05 AM To: php-generallists.php.net Subject: [PHP] Can mysql add qty directly?

    Hi! I have a product table and want to update the qty. $insert = "UPDATE products SET soldqty='$sqty' WHERE articelno='$articleno'"; $result = mysql_query ($insert); I want the code to automatically add $sqty to soldqty and not overwrite it like I do above.

    Do I need to first make a separate query on soldqty or is there an easyer way?

    Thanks in advance.

    --
    Regards,
    Jan Grafström
    

    Härnösand Sweden

    -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php

    attached mail follows:


    Hi, Is there someone who knows good places with information about Web Services? Such as SOAP, XML-RPC, WSDL etc. TIA Andrey Hristov

    attached mail follows:


    >Is there someone who knows good places with information about Web >Services? Such as SOAP, XML-RPC, WSDL etc.

    http://www.nusphere.com/releases/2002/012802.htm

    I'm not sure how useful it will be, but the above link may be a good starting place.

    They have a PDF available titled "An Introduction to Web Services Enabled with PHP" http://www.nusphere.com/products/library/webservices_whitep_012502.pdf

    http://www.nusphere.com/products/tech_library.htm

    Might be a good place to start, if you find additional links, please consider sending them my way. Good luck!

    Robert Zwink

    http://www.zwink.net/daid.php -----Original Message----- From: Andrey Hristov [mailto:ahristovicygen.com] Sent: Thursday, February 28, 2002 7:55 AM To: php-generallists.php.net Subject: [PHP] Web Services

    Hi, Is there someone who knows good places with information about Web Services? Such as SOAP, XML-RPC, WSDL etc. TIA

    Andrey Hristov

    --
    PHP General Mailing List (http://www.php.net/)
    To unsubscribe, visit: http://www.php.net/unsub.php
    

    attached mail follows:


    Hello PHP'ers.

    First of all - scince joining this list I have got some great help and it is really helping my build me site so a BIG thank you to all.

    Now back to the help..........

    I have a table with cols, and say 20 rows in this table.

    col: 1 2 3 4 5 6 7 8 9 10 row: notnull stuff 4 test blah duh dud notnull stuf blah blah test duh dud

    as you can see col 1 is ALWAYS populated as it is notnull the rest are/aren't populated.

    I want to search on this table (in real life it has hundreds of rows)

    so select * from testable;

    I then want to generate a HTML table in php DEPENDING on how many rows are populated

    so for example the table for row 1 would look like this

    1 notnull 4 stuff 5 4 7 test 8 blah 9 duh 10 dud

    while row 2 would look

    1 notnull 3 stuff 5 blah 6 blah 7 blah 9 duh 10 dud

    I am thinking I would have to do some sort of while loop on an array of all fields, but how would I single out the null fields in the array and generate everything else ????

    thanks

    Matt

    attached mail follows:


    while ($row=mysql_fetch_row($result)) { echo "1 $row[0]" for($x=1; $x<count($row); $x++) if(!empty($row[$x])) { echo $x+1; echo " ".$row[$x]; } }

    Op donderdag 28 februari 2002 14:40, schreef DARCY,MATTHEW (Non-HP-UnitedKingdom,ex2): > Hello PHP'ers. > > First of all - scince joining this list I have got some great help and it > is really helping my build me site so a BIG thank you to all. > > Now back to the help.......... > > I have a table with cols, and say 20 rows in this table. > > > col: 1 2 3 4 5 6 7 8 9 10 > row: notnull stuff 4 test blah duh dud > notnull stuf blah blah test duh dud > > > as you can see col 1 is ALWAYS populated as it is notnull the rest > are/aren't populated. > > I want to search on this table (in real life it has hundreds of rows) > > so select * from testable; > > I then want to generate a HTML table in php DEPENDING on how many rows are > populated > > so for example the table for row 1 would look like this > > 1 notnull > 4 stuff > 5 4 > 7 test > 8 blah > 9 duh > 10 dud > > while row 2 would look > > 1 notnull > 3 stuff > 5 blah > 6 blah > 7 blah > 9 duh > 10 dud > > I am thinking I would have to do some sort of while loop on an array of all > fields, but how would I single out the null fields in the array and > generate everything else ???? > > thanks > > Matt

    attached mail follows:


    Hi Baz,

    Thanks for mailing back, would you care to explain this a little more so I understand whats going on and how to use it

    I can see that you are fetching the results of select * from - into and array. and while there is records in the array you are echoing data, but I am not sure on whats going on, and how to generate the table from these results.

    thanks,

    Matt.

    -----Original Message----- From: Bas Jobsen [mailto:basstartpunt.cc] Sent: Thursday, February 28, 2002 1:59 PM To: DARCY,MATTHEW (Non-HP-UnitedKingdom,ex2); php-generallists.php.net Subject: Re: [PHP] Probably basic but seems advanced to me, PHP/SQL generation.

    while ($row=mysql_fetch_row($result)) { echo "1 $row[0]" for($x=1; $x<count($row); $x++) if(!empty($row[$x])) { echo $x+1; echo " ".$row[$x]; } }

    attached mail follows:


    Matt,

    Perhaps I could elaborate for you. When you run a mysql query through php the function returns a result variable. This is not unlike a cursor that you would use in oracle programming. This result set contains all the rows returned by the query but you must take it a step further to gather the values from the result set. A call to mysql_fetch_row() will return a different "row" from the result set each time it is called until it is empty. It's commonly placed in a while() loop so the function will continue to be called until mysql_fetch_row() returns false. For each interation of the loop an array is returned into $row my mysql_fetch_result() that is indexed numerically by row number. These row numbers will match the order of the columns as specified in your select clause or by column order in the database if you did a select *. An alternative to mysql_fetch_row would be mysql_fetch_array or mysql_fetch_assoc. These functions return an array as well but it is associative meaning the elements can be accessed by column name. For example: $row['name']. I personally prefer this method because it makes the code a bit easier to read and I don't have to remember the order of columns. The numerically indexed arrays are handy for dumping table structures though because you can loop off the array size and don't have to change your code if you change your database schema. This latter technique is the one used by Bas in his example.

    Hope that clears things up a bit.

    Jason Cox ----- Original Message ----- From: "DARCY,MATTHEW (Non-HP-UnitedKingdom,ex2)" <matthew_darcynon.hp.com> To: <php-generallists.php.net> Sent: Thursday, February 28, 2002 6:55 AM Subject: RE: [PHP] Probably basic but seems advanced to me, PHP/SQL generation.

    > > Hi Baz, > > Thanks for mailing back, would you care to explain this a little more so I > understand whats going on and how to use it > > I can see that you are fetching the results of select * from - into and > array. and while there is records in the array you are echoing data, but I > am not sure on whats going on, and how to generate the table from these > results. > > thanks, > > Matt. > > > -----Original Message----- > From: Bas Jobsen [mailto:basstartpunt.cc] > Sent: Thursday, February 28, 2002 1:59 PM > To: DARCY,MATTHEW (Non-HP-UnitedKingdom,ex2); php-generallists.php.net > Subject: Re: [PHP] Probably basic but seems advanced to me, PHP/SQL > generation. > > > while ($row=mysql_fetch_row($result)) > { > echo "1 $row[0]" > for($x=1; $x<count($row); $x++) > if(!empty($row[$x])) > { > echo $x+1; > echo " ".$row[$x]; > } > } > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > >

    attached mail follows:


    Hi Matt,

    > couple of questions (I like to understand what I am doing to that I don't > need to ask again) Well, okay, i understand and will try. Please take a look in the manuel too.

    each() will return a array and sets the array pointer to the next element of the input array. The returned array contains the key and the value of the input array element. This function returns false when the end of the array reached. List() makes a list of the values of an array.

    So we do list($key,$value)=each($row) to walk trought the whole array we put this statement in a while loop.

    > the the value is not null then ??? don't understand the || $i==0

    The first time you walk trought this while loop $i is 0, all other loops it is not 0 (cause the $i++ in the loop)

    We need this, cause you said in your explanation. that you would the first element always ($i==0) and the other element only when there are not null values (empty($value))

    > where are the column title being displayed for each row ?? the function mysql_fetch_row($database_result) return an array with the column title/name (more exactly the name you have used in your query, SELECT column1, column2, so i mean column1 here ) as key en the fieldvalue assinged to it as value. The result pointer is also set to the next row.

    BE:

    --
    $result=mysql_query=("SELECT name, address FROM users");
    $row=mysql_fetch_row($result);
    will be the same as:
    $row["name"]="Matt";
    $row["address"]="The Street 1";
    --
    

    So $key above is the same as your column title.

    > as I see it there should be a seperate table per record.

    Yepp

    > Each table containing the field name on the left and then the data on the > right.

    Yepp.

    Op donderdag 28 februari 2002 17:11, schreef u: > great bit of php....... > > couple of questions (I like to understand what I am doing to that I don't > need to ask again) > > what does this section do ??? > > $i=0; > while(list($key,$value)=each($row)) > { > if(!empty($value) || $i==0) > { > ?> > > I think it is while there are rows in the array list the table key and data > for each row, > > the the value is not null then ??? don't understand the || $i==0 > > > where are the column title being displayed for each row ?? > > as I see it there should be a seperate table per record. > > Each table containing the field name on the left and then the data on the > right. > > Is that clear to you ? > > Matt. > > > > -----Original Message----- > From: Bas Jobsen [mailto:basstartpunt.cc] > Sent: Thursday, February 28, 2002 3:05 PM > To: DARCY,MATTHEW (Non-HP-UnitedKingdom,ex2) > Subject: Re: [PHP] Probably basic but seems advanced to me, PHP/SQL > genera tion. > > > > while($row=mysql_fetch_row($result)) > { > echo"<TABLE BGCOLOR=#191970 WIDTH=400 HEIGHT=20>"; > $i=0; > while(list($key,$value)=each($row)) > { > if(!empty($value) || $i==0) > { > ?> > <TR HEIGHT=14> > <TD> <FONT FACE=arial SIZE=4 COLOR=ff9900> <? > echo $key; ?> </FONT> </TD> > </TR> > > <TR HEIGHT=14> > <TD> <FONT FACE=arial SIZE=4 COLOR=ff9900> <? > echo $value; ?> </FONT> </TD> > </TR> > <? > } > $i++; > } > echo "</TABLE>"; > } > > Op donderdag 28 februari 2002 15:39, schreef u: > > glad you understand, > > > > i had a hard time putting what I wanted into an email. > > > > > > > > -----Original Message----- > > From: Bas Jobsen [mailto:basstartpunt.cc] > > Sent: Thursday, February 28, 2002 2:45 PM > > To: DARCY,MATTHEW (Non-HP-UnitedKingdom,ex2) > > Subject: Re: [PHP] Probably basic but seems advanced to me, PHP/SQL > > genera tion. > > > > > > Hi Matt, > > > > Okay, i understand give me minutes....... > > > > Op donderdag 28 februari 2002 15:27, schreef u: > > > Hi baz, thanks for the reply. > > > > > > I was thinking like this. > > > > > > > > > TABLE LAYOUT. > > > > > > > > > COLS: POSITION_TITLE POSITION_REFERENCE > > POSITION_CONTACT > > > > POSITION_SALARY POSITION_GRADE etc etc > > > ROWS Support Operator 11212 > > jim > > > > davies B > > > ben the boffin ATJR dean taylor > > > £12 PA C+ > > > toilet Cleaner BOGS Kelly the > > > cleaner U > > > > > > > > > as you can see there are fields which will always be populated like > > > POSITION TITLE and POSITION_REFERENCE but things like salary and grade > > > may not be (there are more fields) > > > > > > when say salary is empty I would not like to display it > > > > > > Here is how the HTML would look for displaying rows 2 and 1 > > > ie for row 2 > > > > > > <HTML> > > > <HEAD> > > > <TITLE> YOUR SEARCH RESULTS </TITLE> > > > > > > > > > <TABLE BGCOLOR=#191970 WIDTH=400 HEIGHT=20> > > > <TR WIDTH=400 HEIGHT=6 BGCOLOR=#ff9900> > > > <TD WIDTH=400> <FONT FACE=arial SIZE=4 > > > COLOR=#191970><CENTER> <? ($row{"POSITION_TITLE") ?> </FONT></TD> > > > </TR> > > > <TR HEIGHT=14> > > > <TD> <FONT FACE=arial SIZE=4 COLOR=ff9900> <? > > > ($row["POSITION_REFERENCE"] ?> </FONT> </TD> > > > </TR> > > > > > > <TR HEIGHT=14> > > > <TD> <FONT FACE=arial SIZE=4 COLOR=ff9900> <? > > > ($row["POSITION_CONTACT"] ?> </FONT> </TD> > > > </TR> > > > > > > <TR HEIGHT=14> > > > <TD> <FONT FACE=arial SIZE=4 COLOR=ff9900> <? > > > ($row["POSITION_SALARY"] ?> </FONT> </TD> > > > </TR> > > > > > > <TR HEIGHT=14> > > > <TD> <FONT FACE=arial SIZE=4 COLOR=ff9900> <? > > > ($row["POSITION_GRADE"] ?> </FONT> </TD> > > > </TR> > > > > > > </TABLE> > > > > > > # for row 1 > > > <TABLE BGCOLOR=#191970 WIDTH=400 HEIGHT=20> > > > <TR WIDTH=400 HEIGHT=6 BGCOLOR=#ff9900> > > > <TD WIDTH=400> <FONT FACE=arial SIZE=4 > > > COLOR=#191970><CENTER> <? ($row{"POSITION_TITLE") ?> </FONT></TD> > > > </TR> > > > <TR HEIGHT=14> > > > <TD> <FONT FACE=arial SIZE=4 COLOR=ff9900> <? > > > ($row["POSITION_REFERENCE"] ?> </FONT> </TD> > > > </TR> > > > > > > <TR HEIGHT=14> > > > <TD> <FONT FACE=arial SIZE=4 COLOR=ff9900> <? > > > ($row["POSITION_CONTACT"] ?> </FONT> </TD> > > > </TR> > > > > > > <TR HEIGHT=14> > > > <TD> <FONT FACE=arial SIZE=4 COLOR=ff9900> <? > > > ($row["POSITION_GRADE"] ?> </FONT> </TD> > > > </TR> > > > > > > </TABLE> > > > > > > > > > > > > > > > </HTML> > > > > > > > > > > > > The bottom line is I want to select all the fields from the table, and > > > display in a html form ALL the fields that are not null. > > > > > > So if each record has 15 fields, I would like the 5 populated fields > > > for row2 displayed and the 4 populated fields for row 1 displayed - I > > > don't want to display empty fields. > > > > > > > > > thanks, > > > > > > Matt. > > > > > > > > > > > > > > > > > > > > > -----Original Message----- > > > From: Bas Jobsen [mailto:basstartpunt.cc] > > > Sent: Thursday, February 28, 2002 2:16 PM > > > To: DARCY,MATTHEW (Non-HP-UnitedKingdom,ex2) > > > Subject: Re: [PHP] Probably basic but seems advanced to me, PHP/SQL > > > genera tion. > > > > > > > > > Hi Matt, > > > > > > How have your table to look? > > > one big table or like in your first email > > > 1 value > > > numer value > > > etc. > > > each row apart? > > > > > > Bas

    attached mail follows:


    I'm trying to build a tree of objects using PHP4, but I'm getting tangled in reference problems. Some test code that illustrates the problem:

    class X { var $parent; var $ident; var $kids; function X (&$parent,$number) { $this->parent = $parent; $this->ident = $number; $this->kids = array(); } }

    $root = new X($here,1); $here =& $root; for ($i = 2; $i < 5; $i++) { $elem = new X($here,$i); $here->kids[] = $elem; $here =& $elem; #--- ??? } print_r($root);

    I'm hoping for a structure where each node has a link to the parent node and an array of child nodes. Instead I get a recursive set of trees; removing the & on the line marked "???" means I get an empty kids array in the first child node. I've been sprinkling &'s around (and unsprinkling them ;-) and my head is starting to hurt.

    Can anyone tell me what I'm doing wrong here?

    TIA,

    ----------------------------------------------------------------- John English | mailto:jebrighton.ac.uk Senior Lecturer | http://www.it.bton.ac.uk/staff/je Dept. of Computing | ** NON-PROFIT CD FOR CS STUDENTS ** University of Brighton | -- see http://burks.bton.ac.uk -----------------------------------------------------------------

    attached mail follows:


    I have a very simple php page which I am creating an accounting tutorial from. I am writing all of the equations on an include file and then calling the file at the beginning of the appropriate pages

    My problems lie in inconsistant arithmatic operations. For some reason the equation for $gm1 does not always act as though $ns1 has a value. Only about 30% of the time does $gm1 give the number I expect to see. The rest of the time what I get is a negative (-$cogs1 +1). As if you had taken 1 and subtracted $cogs1. All help MUCH appreciated.

    srand ((double) microtime() * 1000000); #### Income statement $ns1=number_format(rand(900,1200)*1000) ; $cogs1=number_format(rand(450,600)*1000) ; $gm1=number_format (($ns1 - $cogs1) * 1000);

    Dr. Roy F. Cabaniss Associate Professor of Business University of Arkansas Monticello http://cabanisspc.uamont.edu/~rcaban

    attached mail follows:


    The reason that $ns1 is getting set to 1 so many times is because you are doing this:

    picking a random number between 900000 and 1200000. using number_format to convert that number into a string such as 900,000 or 1,200,000. Then using that *string* in a mathmatical operation.

    So, for as soon as $ns1 is greater than 1,000,000 it is *always* going to evaluate to 1 in your third line.

    At least I think so... on my machine if I do this:

    $x = number_format("1,234 + 5");

    $x gets set to "1".

    Take out all but the last number_format() function and see what happens.

    -philip

    On Thu, 28 Feb 2002, Roy Cabaniss wrote:

    > I have a very simple php page which I am creating an accounting tutorial > from. I am writing all of the equations on an include file and then calling > the file at the beginning of the appropriate pages > > My problems lie in inconsistant arithmatic operations. For some reason the > equation for $gm1 does not always act as though $ns1 has a value. Only about > 30% of the time does $gm1 give the number I expect to see. The rest of the > time what I get is a negative (-$cogs1 +1). As if you had taken 1 and > subtracted $cogs1. All help MUCH appreciated. > > > srand ((double) microtime() * 1000000); > #### Income statement > $ns1=number_format(rand(900,1200)*1000) ; > $cogs1=number_format(rand(450,600)*1000) ; > $gm1=number_format (($ns1 - $cogs1) * 1000); > > > > > > Dr. Roy F. Cabaniss > Associate Professor of Business > University of Arkansas Monticello > http://cabanisspc.uamont.edu/~rcaban > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php >

    attached mail follows:


    I've got the microtime.c build problem mentioned in the FAQ with PHP 4.1.2 on Redhat 6.1:

    [rootsuperfly /root]# uname -a Linux superfly 2.4.13 #1 SMP Sun Nov 25 18:39:15 CET 2001 i686 unknown

    [rootsuperfly /root]# ldd --version ldd (GNU libc) 2.1.2

    And my symlinks form the kerneldir to /usr/include are OK. Running the test mentioned in the FAQ gives warnings but no errors:

    [rootsuperfly php-4.1.2]# gcc -E test.c >/dev/null In file included from /usr/include/sys/resource.h:25, from test.c:1: /usr/include/bits/resource.h:109: warning: `RLIM_INFINITY' redefined /usr/include/asm/resource.h:26: warning: this is the location of the previous definition

    The workaround described by Lukas on 23-Jan-2002 06:49 works for me too, i.e. commenting out

    #ifdef HAVE_SYS_RESOURCE_H (and the corresponding #endif)

    in microtime.c to make sure that sys/resource.h gets included.

    My question is: Is this a bug or am I screwing something up by commenting out those 2 lines?

    Regards, Frank

    attached mail follows:


    Hmmmmm...you may be on to something. If you run this code you will see that about 30% of the time $ns1 IS actually 1. the funny thing is that if you remove the doubleval calls, $ns1 purports to have a value > than 1.

    Interesting... <?PHP srand ((double) microtime() * 1000000); #### Income statement $ns1 = doubleval(number_format(rand(900,1200)*1000)) ; $cogs1 = doubleval(number_format(rand(450,600)*1000)) ; $gm1 = doubleval(number_format (($ns1 - $cogs1) * 1000)); echo '1:'.$ns1."\n"; echo '2:'.$cogs1."\n"; echo '3:'.$gm1."\n"; ?>

    * * Cal Evans * Journeyman Programmer * Techno-Mage * http://www.calevans.com *

    -----Original Message----- From: Roy Cabaniss [mailto:rcabancabanisspc.uamont.edu] Sent: Thursday, February 28, 2002 8:17 AM To: php-generallists.php.net Subject: [PHP] arithmatic operation inconsistant

    I have a very simple php page which I am creating an accounting tutorial from. I am writing all of the equations on an include file and then calling the file at the beginning of the appropriate pages

    My problems lie in inconsistant arithmatic operations. For some reason the equation for $gm1 does not always act as though $ns1 has a value. Only about 30% of the time does $gm1 give the number I expect to see. The rest of the time what I get is a negative (-$cogs1 +1). As if you had taken 1 and subtracted $cogs1. All help MUCH appreciated.

    srand ((double) microtime() * 1000000); #### Income statement $ns1=number_format(rand(900,1200)*1000) ; $cogs1=number_format(rand(450,600)*1000) ; $gm1=number_format (($ns1 - $cogs1) * 1000);

    Dr. Roy F. Cabaniss Associate Professor of Business University of Arkansas Monticello http://cabanisspc.uamont.edu/~rcaban

    --
    PHP General Mailing List (http://www.php.net/)
    To unsubscribe, visit: http://www.php.net/unsub.php
    

    attached mail follows:


    On Thursday 28 February 2002 08:35, Cal Evans wrote: > Hmmmmm...you may be on to something. If you run this code you will see that > about 30% of the time $ns1 IS actually 1. the funny thing is that if you > remove the doubleval calls, $ns1 purports to have a value > than 1. > > Interesting... > <?PHP > srand ((double) microtime() * 1000000); > #### Income statement > $ns1 = doubleval(number_format(rand(900,1200)*1000)) ; > $cogs1 = doubleval(number_format(rand(450,600)*1000)) ; > $gm1 = doubleval(number_format (($ns1 - $cogs1) * 1000)); > echo '1:'.$ns1."\n"; > echo '2:'.$cogs1."\n"; > echo '3:'.$gm1."\n"; > ?> >

    It is supposed to always have a value > 1. If it did what it was supposed to, it would always have a value between 900,000 and 1,200,000. In the original code, it does. What I can't figure out is why, even though there is a value > 1 for $ns1, about 70% of the time, it thinks that value is one for the calculation of $gm1.

    > * > * Cal Evans > * Journeyman Programmer > * Techno-Mage > * http://www.calevans.com > * > > > -----Original Message----- > From: Roy Cabaniss [mailto:rcabancabanisspc.uamont.edu] > Sent: Thursday, February 28, 2002 8:17 AM > To: php-generallists.php.net > Subject: [PHP] arithmatic operation inconsistant > > > I have a very simple php page which I am creating an accounting tutorial > from. I am writing all of the equations on an include file and then > calling > the file at the beginning of the appropriate pages > > My problems lie in inconsistant arithmatic operations. For some reason the > equation for $gm1 does not always act as though $ns1 has a value. Only > about > 30% of the time does $gm1 give the number I expect to see. The rest of the > time what I get is a negative (-$cogs1 +1). As if you had taken 1 and > subtracted $cogs1. All help MUCH appreciated. > > > srand ((double) microtime() * 1000000); > #### Income statement > $ns1=number_format(rand(900,1200)*1000) ; > $cogs1=number_format(rand(450,600)*1000) ; > $gm1=number_format (($ns1 - $cogs1) * 1000); > > > > > > Dr. Roy F. Cabaniss > Associate Professor of Business > University of Arkansas Monticello > http://cabanisspc.uamont.edu/~rcaban > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > >

    -- 
    Dr. Roy F. Cabaniss
    Associate Professor of Business
    University of Arkansas Monticello
    http://cabanisspc.uamont.edu/~rcaban
    

    attached mail follows:


    Hi to everyone,

    i think i have an interesting question. Situation: I have a lot of zip Word Documents. Of the unzipped word docs i must create an txt file. This is no Problem, if the docs are unzipped. (I use word2txt).

    Problem: I tested the whole with pkunzip under dos, but everybody knows that are only 8 characters allowed for the docname. My docnames are longer and often the first 8 characters are the same. I think i need an other zip-program.

    Is there anybody who can help me or give an idea.

    Thanx

    Thomas

    attached mail follows:


    On Thursday 28 February 2002 22:34, Thomas Franz wrote: > Hi to everyone, > > i think i have an interesting question.

    Perhaps, but nothing to do with PHP.

    > Situation: > I have a lot of zip Word Documents. Of the unzipped word docs i must create > an txt file. This is no Problem, if the docs are unzipped. (I use > word2txt). > > Problem: > I tested the whole with pkunzip under dos, but everybody knows that are > only 8 characters allowed for the docname. My docnames are longer and often > the first 8 characters are the same. I think i need an other zip-program. > > Is there anybody who can help me or give an idea.

    Goto google and search for: unzip long filename

    -- 
    Jason Wong -> Gremlins Associates -> www.gremlins.com.hk
    

    /* Just because the message may never be received does not mean it is not worth sending. */

    attached mail follows:


    Using the following: freeware.gnu.gcc.g++ 2.95.2.0 C GNU Compiler Collection Extras freeware.gnu.gcc.info 2.95.2.0 C GNU Compiler Infor files freeware.gnu.gcc.rte 2.95.2.0 C GNU Compiler Collection freeware.gnu.gawk.rte 3.0.5.0 C GNU Awk freeware.gnu.bison.rte 1.25.0.0 C GNU Bison (yacc replacement) freeware.gnu.make.rte 3.79.1.0 C GNU Make Utility

    to attempt to build PHP 4.1.2 on AIX 4.3.3 for DSO support of Apache 1.3.23 with mod_ssl.

    Used ./configure --with-apxs=/usr/local/apache/bin/apxs --without-mysql

    Make works fine. There are no errors reported, however, make install reports: cp libs/libphp4.so /usr/local/apache/libexec/libphp4.so cp: libs/libphp4.so: A file or directory in the path name does not exist.

    Scanned the entire system and could not find a file named libphp4.so ANYWHERE! Any help would be appreciated.

    Thanks.

    --
    ---------------------------------------------------------------------
    

    "The book didn't say anything about talking Aztec dogs." -- The Tick ___

    Dale Weaver dalemail.wake.tec.nc.us UNIX Systems Administrator (919) 662-3508 Wake Technical Community College fax (919) 779-3360

    attached mail follows:


    while ($file_name = readdir($dir))

    if (($file_name != ".") && ($file_name != ".."))

    $file_list .= "$file_name"; }

    This excludes . and .. files. How would I exclude files that contained pv.

    Thus filenamepv.html would be excluded, but filename.html would not?

    Thanks

    Craig ><> westermanchanuteks.com

    attached mail follows:


    westermanchanuteks.com (Craig Westerman) wrote:

    > while ($file_name = readdir($dir)) > > if (($file_name != ".") && ($file_name != "..")) > > $file_list .= "$file_name"; > } > > > This excludes . and .. files. How would I exclude files that contained > pv. > > Thus filenamepv.html would be excluded, but filename.html would not?

    look at the strstr() function, that can check if pv is there and not like pcomethingv, then you prolly need a regexp for that.

    -- 
    Henrik Hansen
    

    attached mail follows:


    if (($file_name != ".") && ($file_name != "..") && !eregi("[a-z0-9]+pv\.html",$file))

    Op donderdag 28 februari 2002 16:32, schreef Craig Westerman: > while ($file_name = readdir($dir)) > > if (($file_name != ".") && ($file_name != "..")) > > $file_list .= "$file_name"; > } > > > This excludes . and .. files. How would I exclude files that contained > pv. > > Thus filenamepv.html would be excluded, but filename.html would not? > > Thanks > > Craig ><> > westermanchanuteks.com

    attached mail follows:


    Right now I am on a Mac running OSX. I used to run Windows. When I was running windows I had a program called Xenu, found at http://home.snafu.de/tilman/xenulink.html. This program KICKED BUTT because it will look at any url or any folder and tell you every link that is broken including subdirectories and all of the external links that are broken as well. It would then ask you if you would like to email the list of broken link or display them now. If you wanted to display them now it would generate a nice html file where you can view the broken links in all kinds of displays. By broken link, by folder.... ext. If there a function like this in bbedit or does anybody know of any program that will do that for the mac?

    attached mail follows:


    Dreamweaver does this but it cost. I am sure there are some shareware or freeware programs. Check versiontracker.com this is the best site to find MacOSX software.

    Chuck Payne Magi Design and Support

    on 2/28/02 10:37 AM, Josiah Wallingford at josiahwsofast.net wrote:

    > Right now I am on a Mac running OSX. I used to run Windows. When I was > running windows I had a program called Xenu, found at > http://home.snafu.de/tilman/xenulink.html. This program KICKED BUTT > because it will look at any url or any folder and tell you every link > that is broken including subdirectories and all of the external links > that are broken as well. It would then ask you if you would like to > email the list of broken link or display them now. If you wanted to > display them now it would generate a nice html file where you can view > the broken links in all kinds of displays. By broken link, by folder.... > ext. If there a function like this in bbedit or does anybody know of any > program that will do that for the mac? >

    attached mail follows:


    Hi,

    I have to translate Mac special character in a file that a receive on my server from a Mac to standard Unix in PHP.

    Is anybody know how to do ?

    Regards,

    Laurent Patureau.

    attached mail follows:


    I'm running mandrake 8.1 with PHP 4.1.1 (RPM install) on my system and was wondering how to apply this patch. I know I need to use patch [destination] [source] but I'm ont sure if this patch works with RPM based installation.

    Any help would be greatly appreciated.

    Thanks,

    Chris Hilbert

    attached mail follows:


    hi, could anyone spare a sample code that would do the following:

    let's have a link do makedoc.php file

    i want the script to open an existing doc file, change it and send it back to the browser.

    regards libor

    attached mail follows:


    Yes, this is probably in the manual, but I can't find it.

    If I want to upgrade from 4.0.6 to 4.1.2, do I have to re-compile apache as well?

    Thanks

    Chris

    attached mail follows:


    > Yes, this is probably in the manual, but I can't find it. > > If I want to upgrade from 4.0.6 to 4.1.2, do I have to re-compile apache as > well?

    No. I just upgraded 3 machines this morning, and left Apache the same on all of them.

    ------------------------------------------------------------------------ Greg Donald - http://destiney.com/ http://phprated.com/ | http://phplinks.org/ | http://phptopsites.com/ ------------------------------------------------------------------------

    attached mail follows:


    I thought that you do have to recompile if you are running PHP as a module, but not if you are running PHP as CGI. I could be wrong.

    -Jackson

    -----Original Message----- From: Greg Donald [mailto:gregascendantmedia.com] Sent: Thursday, February 28, 2002 12:28 PM To: PHP List; php Subject: Re: [PHP] Stupid Question

    > Yes, this is probably in the manual, but I can't find it. > > If I want to upgrade from 4.0.6 to 4.1.2, do I have to re-compile apache as > well?

    No. I just upgraded 3 machines this morning, and left Apache the same on all of them.

    ------------------------------------------------------------------------ Greg Donald - http://destiney.com/ http://phprated.com/ | http://phplinks.org/ | http://phptopsites.com/ ------------------------------------------------------------------------

    --
    PHP General Mailing List (http://www.php.net/)
    To unsubscribe, visit: http://www.php.net/unsub.php
    

    attached mail follows:


    if PHP is NOT a module axps and is build into apache then I was under the impression you had to recompile apache as PHP was built into apache.

    -----Original Message----- From: Jackson Miller [mailto:anythingjaxn.org] Sent: Thursday, February 28, 2002 5:46 PM To: Greg Donald; PHP List; php Subject: RE: [PHP] Stupid Question

    I thought that you do have to recompile if you are running PHP as a module, but not if you are running PHP as CGI. I could be wrong.

    -Jackson

    -----Original Message----- From: Greg Donald [mailto:gregascendantmedia.com] Sent: Thursday, February 28, 2002 12:28 PM To: PHP List; php Subject: Re: [PHP] Stupid Question

    > Yes, this is probably in the manual, but I can't find it. > > If I want to upgrade from 4.0.6 to 4.1.2, do I have to re-compile apache as > well?

    No. I just upgraded 3 machines this morning, and left Apache the same on all of them.

    ------------------------------------------------------------------------ Greg Donald - http://destiney.com/ http://phprated.com/ | http://phplinks.org/ | http://phptopsites.com/ ------------------------------------------------------------------------

    --
    PHP General Mailing List (http://www.php.net/)
    To unsubscribe, visit: http://www.php.net/unsub.php
    

    -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php

    attached mail follows:


    > I thought that you do have to recompile if you are running PHP as a module, > but not if you are running PHP as CGI. I could be wrong.

    No, you do not have to recompile apache. I did this on all three of my machines:

    ./configure --with-apxs=/usr/sbin/apxs --with-mysql make make install /usr/sbin/apachectl stop /usr/sbin/apachectl start

    ------------------------------------------------------------------------ Greg Donald - http://destiney.com/ http://phprated.com/ | http://phplinks.org/ | http://phptopsites.com/ ------------------------------------------------------------------------

    attached mail follows:


    so you are running with apxs and do not need to re-compile as I said.

    If you are running with PHP as an apxs then fine, if you have built PHP into apache then you should need to re-compile.

    Matt.

    -----Original Message----- From: Greg Donald [mailto:gregascendantmedia.com] Sent: Thursday, February 28, 2002 5:44 PM To: Jackson Miller; PHP List; php Subject: Re: [PHP] Stupid Question

    > I thought that you do have to recompile if you are running PHP as a module, > but not if you are running PHP as CGI. I could be wrong.

    No, you do not have to recompile apache. I did this on all three of my machines:

    ./configure --with-apxs=/usr/sbin/apxs --with-mysql make make install /usr/sbin/apachectl stop /usr/sbin/apachectl start

    ------------------------------------------------------------------------ Greg Donald - http://destiney.com/ http://phprated.com/ | http://phplinks.org/ | http://phptopsites.com/ ------------------------------------------------------------------------

    -- 
    PHP General Mailing List (http://www.php.net/)
    To unsubscribe, visit: http://www.php.net/unsub.php
    

    attached mail follows:


    RE: [PHP] Stupid QuestionThanks for all the responses.

    Just to be clear, I have php installed as a module, so I have to re-compile apache.

    ----- Original Message ----- From: Adam Plocher To: 'PHP List' Sent: Thursday, February 28, 2002 9:46 AM Subject: RE: [PHP] Stupid Question

    It depends on how you have php setup to begin with. If you have it setup to be used as a loadable module, then you can just recompile the php module and re-insert it (I don't remember how exactly). If you don't know how it's setup, I'm guessing it's not a loadable module and you will need to recompile apache.

    FYI. http://www.php.net/manual/en/installation.php <-- installation instructions.

    -----Original Message----- From: PHP List [mailto:php_listibcnetwork.net] Sent: Thursday, February 28, 2002 9:27 AM To: php Subject: [PHP] Stupid Question

    Yes, this is probably in the manual, but I can't find it.

    If I want to upgrade from 4.0.6 to 4.1.2, do I have to re-compile apache as well?

    Thanks

    Chris

    -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php

    attached mail follows:


    Hi, Does anyone know where the PNG library went? The manual points to cdrom.com/pub/png, but that does not exist anymore.

    Thanks for any help. Chris

    attached mail follows:


    > Does anyone know where the PNG library went? > The manual points to cdrom.com/pub/png, but that does not exist anymore.

    http://www.libpng.org/pub/png/

    ------------------------------------------------------------------------ Greg Donald - http://destiney.com/ http://phprated.com/ | http://phplinks.org/ | http://phptopsites.com/ ------------------------------------------------------------------------

    attached mail follows:


    Thanks, Sorry I asked, I should have just searched for it, but my clue-x-4 is broken.

    > > Does anyone know where the PNG library went? > > The manual points to cdrom.com/pub/png, but that does not exist anymore. > > http://www.libpng.org/pub/png/ > > ------------------------------------------------------------------------ > Greg Donald - http://destiney.com/ > http://phprated.com/ | http://phplinks.org/ | http://phptopsites.com/ > ------------------------------------------------------------------------ >

    attached mail follows:


    Keep track of rows, and add images at rows 4 & 8. See below

    Craig Westerman wrote:

    > The following lists 12 items from a fruits table. > > $results = mysql_query("SELECT ID, date, appleprice, orangeprice, pearprice > FROM fruits");

    $x=1;

    > > while ($data = mysql_fetch_array($results)) > { > ?> > <p><?=$data["date"]?> - <?=$data["appleprice"]?> - > <?=$data["orangeprice"]?> - <?=$data["pearprice"]?></p>

    $x++; if ($x==4) { // display first fruit images row } if ($x==8) { // display different fruit images }

    > > <? > } > > How would I modify the loop to display 4 items then a row of fruit images > then 4 more items then another row of different fruit images and then > finally finish the loop displaying the final 4 items? > > Thanks > > Craig ><> > westermanchanuteks.com

    attached mail follows:


    Is there a way to connect to your database using php without hard coding a password into the php file? We run PostgreSQL 7.1 on a Linux 7.2 server with the latest version of apache. I don't want to change the authentication within Postgres to not require a password. But I also, for security reasons, don't want to have passwords coded into the php scripts for accessing the database. I'm very new to php, but very excited about what I've learned so far. Any help would be appreciated.

    thanks,

    Elkan

    attached mail follows:


    Hello everybody!

    For whever's interested...

    < cert.org="">< cert.org="">CERT Advisory CA-2002-05 Multiple Vulnerabilities in PHP fileupload

    Original release date: February 27, 2002 Last revised: -- Source: CERT/CC

    A complete revision history can be found at the end of this file.

    Systems Affected

    * Web servers running PHP

    Overview

    Multiple vulnerabilities exist in the PHP scripting language. These vulnerabilities could allow a remote attacker to execute arbitrary code with the privileges of the PHP process.

    I. Description

    PHP is a scripting language widely used in web development. PHP can be installed on a variety of web servers, including Apache, IIS, Caudium, Netscape and iPlanet, OmniHTTPd and others. Vulnerabilities in the php_mime_split function may allow an intruder to execute arbitrary code with the privileges of the web server. For additional details, see

    http://security.e-matters.de/advisories/012002.html

    Web servers that do not have PHP installed are not affected by this vulnerability.

    The CERT/CC is tracking this set of vulnerabilities as VU#297363. At this time, these vulnerabilities have not been assigned a CVE identifier.

    II. Impact

    Intruders can execute arbitrary code with the privileges of the web server, or interrupt normal operations of the web server.

    III. Solution

    Apply a Patch

    Upgrade to PHP version 4.1.2, available from

    http://www.php.net/do_download.php?download_file=php-4.1.2.tar.gz

    If upgrading is not possible, apply patches as described at http://www.php.net/downloads.php: * For PHP 4.10/4.11 http://www.php.net/do_download.php?download_file=rfc1867.c.diff-4.1.x.gz * For PHP 4.06 http://www.php.net/do_download.php?download_file=rfc1867.c.diff-4.0.6.gz * For PHP 3.0 http://www.php.net/do_download.php?download_file=mime.c.diff-3.0.gz

    If you are using version 4.20-dev, you are not affected by this vulnerability. Quoting from http://security.e-matters.de/advisories/012002.htm:

    "[U]sers running PHP 4.2.0-dev from cvs are not vulnerable to any of the described bugs because the fileupload code was completly rewritten for the 4.2.0 branch."

    Disable fileuploads

    If upgrading is not possible or a patch cannot be applied, you can avoid these vulnerabilities by disabling fileupload support. Edit the PHP configuration file php.ini as follows:

    file_uploads = off

    Note that this setting only applies to version 4.0.3 and above. However, this will prevent you from using fileuploads, which may not be acceptable in your environment.

    Appendix A. - Vendor Information

    This appendix contains information provided by vendors for this advisory. When vendors report new information to the CERT/CC, we update this section and note the changes in our revision history. If a particular vendor is not listed below, we have not received their comments.

    Apache Software Foundation

    Information about this vulnerability is available from http://www.php.net

    FreeBSD

    FreeBSD does not include any version of PHP by default, and so is not vulnerable. However, the FreeBSD Ports Collection does contain both PHP3 and PHP4 packages. Updates to the PHP packages are in progress and corrected packages will be available in the near future.

    MandrakeSoft

    MandrakeSoft distributes PHP in all distributions and we are currently working on patching our versions of PHP for Linux-Mandrake 7.1 and 7.2; Mandrake Linux 8.0, 8.0/ppc, 8.1, and 8.1/ia64; Single Network Firewall 7.2; Corporate Server 1.0.1.

    We anticipate having the updates out by the end of the week.

    Microsoft

    We do not use PHP in any products.

    NCSA

    NCSA does not include PHP as an add-in or bundled component in any products distributed.

    Red Hat

    Red Hat was notified of this issue on 27th February 2002. All supported versions of Red Hat Linux ship with PHP packages that are affected by these vulnerabilities. We will shortly be releasing errata packages which contain patched versions that are not vulnerable. The errata packages and our advisory will be available on our web site at the URL below. At the same time users of the Red Hat Network will be able to update their systems to patched versions using the up2date tool.

    http://www.redhat.com/support/errata/RHSA-2002-035.html _________________________________________________________________

    The CERT Coordination Center thanks Stefan Esser, upon whose advisory this document is largely based. _________________________________________________________________

    Author: Shawn V. Hernan _________________________________________________________________

    Appendix B. - References

    1. http://www.kb.cert.org/vuls/id/297363 2. http://security.e-matters.de/advisories/012002.html 3. http://www.iss.net/security_center/static/8281.php ______________________________________________________________________

    This document is available from: http://www.cert.org/advisories/CA-2002-05.html ______________________________________________________________________

    CERT/CC Contact Information

    Email: certcert.org Phone: +1 412-268-7090 (24-hour hotline) Fax: +1 412-268-6989 Postal address: CERT Coordination Center Software Engineering Institute Carnegie Mellon University Pittsburgh PA 15213-3890 U.S.A.

    CERT/CC personnel answer the hotline 08:00-17:00 EST(GMT-5) / EDT(GMT-4) Monday through Friday; they are on call for emergencies during other hours, on U.S. holidays, and on weekends.

    Using encryption

    We strongly urge you to encrypt sensitive information sent by email. Our public PGP key is available from

    http://www.cert.org/CERT_PGP.key

    If you prefer to use DES, please call the CERT hotline for more information.

    Getting security information

    CERT publications and other security information are available from our web site

    http://www.cert.org/

    To subscribe to the CERT mailing list for advisories and bulletins, send email to majordomocert.org. Please include in the body of your message

    subscribe cert-advisory

    * "CERT" and "CERT Coordination Center" are registered in the U.S. Patent and Trademark Office. ______________________________________________________________________

    NO WARRANTY Any material furnished by Carnegie Mellon University and the Software Engineering Institute is furnished on an "as is" basis. Carnegie Mellon University makes no warranties of any kind, either expressed or implied as to any matter including, but not limited to, warranty of fitness for a particular purpose or merchantability, exclusivity or results obtained from use of the material. Carnegie Mellon University does not make any warranty of any kind with respect to freedom from patent, trademark, or copyright infringement. _________________________________________________________________

    Conditions for use, disclaimers, and sponsorship information

    Copyright 2002 Carnegie Mellon University.

    Revision History February 27, 2002: Initial release

    attached mail follows:


    I'm finished! Patched all my servers, recompiled and installed. We're safe.

    -----Original Message----- From: Bogdan Stancescu [mailto:mgvfx.ro] Sent: Thursday, February 28, 2002 9:58 AM To: php-generallists.php.net Subject: [PHP] URGENT: CERT Advisory CA-2002-05 Multiple Vulnerabilities in PHP fileupload

    Hello everybody!

    For whever's interested...

    CERT Advisory CA-2002-05 Multiple Vulnerabilities in PHP fileupload

    attached mail follows:


    I have 2 problems.

    Problem #1: I need to make a simple chat page. When a user logs in, he should be able to see everyone that is logged in, and send messages to all. Just that. Its not necessary that they send messages to a particular person. I need just one room. It may be simple, but I have no experience making web pages.

    Problem #2: The first one to enter the chat is redirected to another page, where he can make experiments. When he exits this page, a pop-up message should appear in the second to enter´s screen, asking if he wants to enter the experiment or not. If he answers yes, he will be redirected to the "another page", if not, he will go to the last place of the FIFO, and the pop-up message should appear to the next in the FIFO. And so on.

    If anybody could help me with any of this problems I would be grateful. Remember I have no experience with web pages, php, javascript, so it would be good if there is no difficult terms in the explanation. Thanx.

    Danilo Dias <dias100ig.com.br>

    _________________________________________________________ Oi! Você quer um iG-mail gratuito? Então clique aqui: http://registro.ig.com.br/censo/igmail

    attached mail follows:


    You can try a very cheesy solution. Totalsimplicity will host a free chat room without any installation. All you have to do is go to the following link: http://www.totalsimplicity.com/genchat.php?fromj=y and specify the name of the chat room you want to create and it will generate the code to add to a link on your website. It will come up with something like: <a href="" onClick="window.open('http://www.totalsimplicity.com/chat/?channel=Chat', 'chat', 'width=720,height=425,status=1,menubar=no,resizable=no,scrollbars=yes'); return false;">Come chat with us!</a>

    Very simple. Your chat room dies when there are noone is inside it. This requires no installing programs on your computer, or setting up an account somewhere.

    Dean Householder

    ----- Original Message ----- From: "Danilo Dias" <dias100ig.com.br> To: <php-generallists.php.net> Sent: Thursday, February 28, 2002 11:08 AM Subject: [PHP] Simple chat

    > I have 2 problems. > > Problem #1: > I need to make a simple chat page. When a user logs in, he should be able to > see everyone that is logged in, and send messages to all. Just that. Its not > necessary that they send messages to a particular person. I need just one > room. > It may be simple, but I have no experience making web pages. > > Problem #2: > The first one to enter the chat is redirected to another page, where he can > make experiments. When he exits this page, a pop-up message should appear in > the second to enter´s screen, asking if he wants to enter the experiment or > not. If he answers yes, he will be redirected to the "another page", if not, > he will go to the last place of the FIFO, and the pop-up message should > appear to the next in the FIFO. And so on. > > If anybody could help me with any of this problems I would be grateful. > Remember I have no experience with web pages, php, javascript, so it would > be good if there is no difficult terms in the explanation. Thanx. > > > Danilo Dias > <dias100ig.com.br> > > _________________________________________________________ > Oi! Você quer um iG-mail gratuito? > Então clique aqui: http://registro.ig.com.br/censo/igmail > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > >

    attached mail follows:


    I'm working on a simple session management program for logging in and I can't seem to get the information to properly display. I would really appreciate a second look from someone.

    Code is below

    <?

    //main line session_start() session_register("FirstName"); session_register("Email"); ConnectDB(); global $objConn;

    if ($_SESSION["FirstName"] == null && $_REQUEST["Email"]) { Login_Form(); } else { if ($_REQUEST["Email"] != null) { $strSQL = "SELECT * FROM users WHERE Email = '" .$_REQUEST["Email"]."' AND FirstName = '".$_REQUEST["FirstName"]."'"; $rs = $objConn->Execute($strSQL); if ($rs->EOF) { Access_Denied(); } else { $_SESSION["FirstName"] = $rs->fields["FirstName"]; $_SESSION["Email"] = $rs->fields["Email"]; //redirect at this point } } }

    //--------------------------------------------------------------------------------------------- function ConnectDB() { global $objConn;

    $db_type = "mysql"; $db_location = "localhost"; $db_uid = "xxx"; $db_pwd = "xxx"; $db_name = "login";

    include("wrapper/adodb.inc.php"); $objConn = NewADOConnection($db_type); $objConn->Connect($db_location, $db_uid, $db_pwd, $db_name); $objConn->debug = false; }

    I'm kind of lost here.... I'm new to PHP, but have developed in both Perl and TCL before so the syntax is familiar.

    Thanks for the help in advance,

    Jeremy

    attached mail follows:


    Hi Richard,

    I have finally got Java working with PHP. My Java is JSDK 1.4.0, the latest release of the SDK from Sun. How do I know it's working? I put

    $system = new Java("java.lang.System");

    print "Java version=".$system->getProperty("java.version")." <br>\n"; print "Java vendor=".$system->getProperty("java.vendor")." <p>\n\n"; print "OS=".$system->getProperty("os.name")." ". $system->getProperty("os.version")." on ". $system->getProperty("os.arch")." <br>\n";

    $formatter = new Java("java.text.SimpleDateFormat","EEEE, MMMM dd, yyyy 'at' h:mm:ss a zzzz"); print $formatter->format(new Java("java.util.Date"))."<br>\n\n<br>";

    into my PHP script and get:

    Java version=1.4.0 Java vendor=Sun Microsystems Inc. OS=Linux 2.4.2-2 on i386 Thursday, February 28, 2002 at 12:44:03 PM GMT-05:00

    Nice, huh? Now, next step is to test BrowserHawk. I do not have servlet support on my Apache webserver, but according to the BrowserHawk README file, and I quote

    BrowserHawk4J can be used anywhere server-side Java(tm) is available, including servlets, JavaServer Pages, server-side JavaScript, and even stand-alone Java applications. The only requirement is a Java Virtual Machine version 1.1.x or higher. Note that to use any of the extended properties of BrowserHawk4J (as defined below), you must use the BH4J bean from a servlet or JSP environment.

    So, I take this to mean that as long as I do not try to get extended properties, I should be able to use my current setup to use BrowserHawks basic capabilities. Fine, for the first step. My php.ini looks like

    [Java] java.class.path = /usr/local/lib/php/php_java.jar:/usr/local/BrowserHawk/lib/bhawk4j.jar:/usr/ local/BrowserHawk java.home = /usr/java/j2sdk1.4.0 java.library = libjava.so java.library.path = /usr/local/lib/php/extensions/no-debug-non-zts-20010901 extension_dir = /usr/local/lib/php/extensions/no-debug-non-zts-20010901 extension = libphp_java.so

    and my CLASSPATH and LD_LIBRARY_PATH are

    [rootcentauri /root]# echo $CLASSPATH /usr/local/BrowserHawk/lib/bhawk4j.jar:/usr/local/BrowserHawk [rootcentauri /root]# echo $LD_LIBRARY_PATH /usr/java/j2sdk1.4.0/jre/lib/i386:/usr/java/j2sdk1.4.0/jre/lib/i386/server:/ usr/local/lib/php:/usr/local/BrowserHawk/lib

    but, when I point my browser to http://localhost/BrowserHawk/examples/showbrow-ssjs.html I get:

    Browser Capabilities Test Page The following is information on your web browser's capabilities as detected by BrowserHawk4J using Netscape's Server-Side JavaScript technology.

    User agent: write(request.agent)

    if (b == null) { Browser information was null. This should never happen. In case of error, getBrowserInfo() throws a BrowserHawkException.

    }

    Has anyone else gotten BrowserHwk running under PHP using Java extension? Any suggestions would be appreciated. As far as I can tell (as my java is definitely working!) this should work.

    Thanks, Rich

    attached mail follows:


    > Thanks Martin - that does work. I was just thinking in ASP terms. But I > am curious as to whether Server Side Includes can work together with > php.

    Nope, at least not with Apache <= 2.0. Apache 2 will let you have multi-pass parsing, so your PHP could output SSI, which would then be parsed. Why you would want this, I don't know, since PHP is much more fully featured than SSI, and can do everything SSI can.

    Joel

    -- 
    [ joel boonstra | jboonstragospelcom.net ]
    

    attached mail follows:


    Hi,

    Could someone be kind enough to have a look at this regular expression and perhaps tell me why is returns false when a '-' character is included in the $center string?

    if (eregi("^[a-zA-Z0-9!#\$%^&\*\(\),/.//<>\?;':\"~`_\+\|\-\\\t\n\ ]*$", $center)) { return true; } else { return false; }

    This regular expression is just for making sure that the input contains only characters that are available on a standard (American-English) keyboard i.e. if the string contains a '©' it will return false. Maybe there's a better way to do this without using regular expressions?

    Thanks very much in advance for any help.

    - Best regards, Lee

    attached mail follows:


    On Thu, 28 Feb 2002, Bas Jobsen wrote:

    > I try to do a HTTP Authorization with a fsockopen, but it doesn't seem to > work. Who can help? > $user and $passwd are set well, my code:

    I think you can spy from PEAR HTTP_Request class how it can be done:

    http://chora.php.net/cvs.php/pear/HTTP_Request

    -- 
    Mika Tuupola                      http://www.appelsiini.net/~tuupola/