|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: php-general-digest-help
lists.php.netDate: Sat May 04 2002 - 00:28:53 CDT
php-general Digest 4 May 2002 05:28:53 -0000 Issue 1324
Topics (messages 95922 through 96018):
Re: Newbie - still working on my first script.
95922 by: Mike Eheler
95929 by: Miguel Cruz
Re: Secure user authentication
95923 by: Miguel Cruz
95924 by: Michael Kimsal
Re: phpMyAdmin
95925 by: Mike Eheler
95927 by: Kevin Stone
95928 by: Rodrigo
95940 by: Kevin Stone
95962 by: 1LT John W. Holmes
Re: mssql_prev_result()???
95926 by: Kevin Stone
95961 by: 1LT John W. Holmes
getting pages with FILE
95930 by: jyrgen.gmx.de
95935 by: Miguel Cruz
Re: Batch processing & HTML2PS
95931 by: Mrdini
Re: Export selected data to a text file
95932 by: Miguel Cruz
Re: How do I Install PHP on Apache 2, on win32
95933 by: Miguel Cruz
Re: Variables within variable names
95934 by: Fearless Froggie
Re: MySQL Set Type
95936 by: Jason Wong
Re: PHP and SOAP
95937 by: Cédric Veilleux
PHP to Excel, Quick Question
95938 by: Jay Blanchard
date wierdness
95939 by: ROBERT MCPEAK
95941 by: Miguel Cruz
95942 by: John S. Huggins
sendmail return-path (not 4 newbies)
95943 by: Anthony Rodriguez
95944 by: Stuart Dallas
Re: PHP to Excel, Quick Question, DONE
95945 by: Jay Blanchard
Controlling Word Files (FDA Concern)
95946 by: Gary
95948 by: Stuart Dallas
95969 by: Miguel Cruz
95973 by: heinisch.creaction.de
95975 by: Jay Blanchard
95977 by: Miguel Cruz
95986 by: Mike Eheler
Help php MySql link
95947 by: Rodrigo
95952 by: George Nicolae
95980 by: 1LT John W. Holmes
PHP vs JSP
95949 by: Paras Mukadam
95950 by: Michael Kimsal
IMG functions
95951 by: Morten Nielsen
95971 by: Miguel Cruz
unexpected T_ISSET
95953 by: Luke van Blerk
Ignore: unexpected T_ISSET
95954 by: Luke van Blerk
95955 by: Richard Baskett
Postnuke Anyone ?
95956 by: Ricardo Fitzgerald
95963 by: Kirk Babb
Libxslt
95957 by: Venu Reddy
Re: Virus I-Worm/Klez.H (Someone does not like me)
95958 by: Steve Buehler
Apache/PHP/Java problem
95959 by: Richard Fox
XML creation / edit class?
95960 by: David McInnis
96009 by: Manuel Lemos
Re: I-worm/Klez and a GIF query/question
95964 by: Maciej Uhlig
95965 by: Stuart Dallas
95972 by: Kevin Stone
95974 by: Miguel Cruz
95976 by: Stuart Dallas
95978 by: Hugh Bothwell
95979 by: Jason Wong
95983 by: Miguel Cruz
96006 by: r
php zip/store locator code.....
95966 by: Andras Kende
95981 by: 1LT John W. Holmes
Create Picture Thumbnails On the gly with PHP
95967 by: simos
95968 by: John S. Huggins
Re: PHP editing environment
95970 by: Paul Roberts
Re: ODBC number of rows?
95982 by: Andrew Hill
php_network_getaddresses
95984 by: Julian
95985 by: Miguel Cruz
if cant use header what should i use? or how to do this?
95987 by: Mantas Kriauciunas
95990 by: Jason Soza
95994 by: Mantas Kriauciunas
95997 by: Miguel Cruz
95999 by: Michael Kimsal
96003 by: 1LT John W. Holmes
96007 by: Mantas Kriauciunas
Another doubt in Solaris-PHP install
95988 by: Emiliano Marmonti
96008 by: Billy S Halsey
Re: Turning OFF 'auto_prepend_file' on a page by page basis
95989 by: Mike Eheler
Re: php/.htaccess/.htpasswd
95991 by: Mike Eheler
95995 by: serj
95996 by: Miguel Cruz
95998 by: serj
96000 by: Mike Eheler
96001 by: Mike Eheler
96004 by: 1LT John W. Holmes
96005 by: serj
96015 by: serj
96016 by: Mike Eheler
96017 by: Mike Eheler
SQL session handler problem
95992 by: Trond Arve Nordheim
95993 by: Trond Arve Nordheim
Function library
96002 by: Mrdini
I want to use a mailer other than sendmail
96010 by: Alex Shi
96011 by: 1LT John W. Holmes
96012 by: Rasmus Lerdorf
96013 by: Alex Shi
96014 by: Manuel Lemos
Apache-2.0.35 + 4.2.0RC4: not seeing index.php
96018 by: David Jackson
Administrivia:
To subscribe to the digest, e-mail:
php-general-digest-subscribelists.php.net
To unsubscribe from the digest, e-mail:
php-general-digest-unsubscribelists.php.net
To post to the list, e-mail:
php-generallists.php.net
----------------------------------------------------------------------
attached mail follows:
Seems to me that space in the file copy is what's causing problems. Try
changing "ads/ $File_name" to "ads/${File_Name}".
Just a note that doing things that way can cause big problems,
especially on unix systems.. imagine if you went to your website and type:
http://site/index.php?File=%2Fetc%2Fpasswd&File_name=hacked.txt
Also instead of copying then unlinking the file, you can avoid the above
problem by using move_uploaded_file().
See the documentation for this command here:
http://www.php.net/manual/en/function.move-uploaded-file.php
Mike
Tgl wrote:
> I got the file to upload to my folder. But when I go to download it to my PC
> using FTP, it tells me NO SUCH FILE, but I can see it in the folder. The
> folder has read, write, execute permissions. I included the script below.
>
> I would appreciate any help.
>
>
>
>
> <HTML>
> <HEAD>
> <TITLE>Advertisement Application</TITLE>
> </HEAD>
> <BODY>
> <?php
> error_reporting(E_ALL);
> /* This next conditional determines whether or not to handle the form,
> depending upon whether or not $File exists. */
> if (isset($File)) {
> print ("File name: $File_name<P>\n");
> print ("File size: $File_size<P>\n");
> if(copy ($File, "ads/ $File_name")) {
> print ("Your file was successfully uploaded!<P>\n");
> } else {
> print ("Your file could not be copied.<P>\n");
> }
> unlink ($File);
> }
>
> print ("Upload a file to the server:\n");
> print ("<FORM ACTION=\"ad_app.php\" METHOD=POST
> ENCTYPE=\"multipart/form-data\">\n");
> print ("File <INPUT TYPE=FILE NAME=\"File\" SIZE=20><BR>\n");
> print ("<INPUT TYPE=SUBMIT NAME=\"SUBMIT\" VALUE=\"Submit!\"></FORM>\n");
> ?>
> </BODY>
> </HTML>
>
>
>
attached mail follows:
On Fri, 3 May 2002, TGL wrote:
> I got the file to upload to my folder. But when I go to download it to my PC
> using FTP, it tells me NO SUCH FILE, but I can see it in the folder. The
> folder has read, write, execute permissions. I included the script below.
>
> if(copy ($File, "ads/ $File_name")) {
Do you really want that space after the slash? That sounds like a recipe
for trouble. Maybe the reason you can't download it with FTP is because
there's a space in the beginning of the name now.
Also, use 'move_uploaded_file' rather than 'copy' for files that have been
uploaded to temp space. It's more secure.
miguel
attached mail follows:
This would only work if some other user is able to create files that the
web server thinks are part of your domain (since the session cookies are
domain-specific). Sounds to me like your problem here is severe server
misconfiguration. If your server environment is that insecure, then
worrying about anything else is sort of a waste of time.
miguel
On Fri, 3 May 2002, Pedro Pontes wrote:
> I am considering doing that because any user can create a simple PHP script
> with his/her object with the authenticated flag set to "authorized",
> register that object with the session and then link to any of my pages,
> which if they don't make any kind of password test, they will unsuspectly
> accept the intrusion.
>
> What kind of test do you do in each of your pages? I just test if there is a
> user object registered and if its type (group), set upon successfully login,
> is allowed in the specified page. But if I create a separate script that
> just creates a simmilar object (with the same fields), artificially
> attribute a group and login to it, register it with the session and then
> link to any of my pages (without passing through the login page), they won't
> suspect that the access rights were forged.
>
> Thank you.
>
> --
>
>
> Pedro Alberto Pontes
>
> "Jon Haworth" <jhaworthwitanjardine.co.uk> wrote in message
> news:67DF9B67CEFAD4119E4200D0B720FA3F010C4017BOOTROS...
> > Hi,
> >
> > > The method I was thinking about before was to pass
> > > the md5 hash of the password around, as the passwords
> > > are already md5'ed in the DB. Your method seems more
> > > secure as you use a totally spiced-up and personalized
> > > encryption engine.
> >
> > *boggle*
> >
> > Why are you passing the password around, hashed or not, in the first
> place?
> > Just have a yes/no flag for whether the session is an authenticated user
> or
> > not.
> >
> > Is there any particular reason why you'd need to reauthenticate on every
> > page?
> >
> >
> > Cheers
> > Jon
>
>
>
>
attached mail follows:
Pedro Pontes wrote:
> Hi Jon,
>
> I am considering doing that because any user can create a simple PHP script
> with his/her object with the authenticated flag set to "authorized",
> register that object with the session and then link to any of my pages,
> which if they don't make any kind of password test, they will unsuspectly
> accept the intrusion.
>
> What kind of test do you do in each of your pages? I just test if there is a
> user object registered and if its type (group), set upon successfully login,
> is allowed in the specified page. But if I create a separate script that
> just creates a simmilar object (with the same fields), artificially
> attribute a group and login to it, register it with the session and then
> link to any of my pages (without passing through the login page), they won't
> suspect that the access rights were forged.
>
What I can't figure out is why you're allowing people to just randomly
put pages on your server. If someone was to randomly register a similar
user object, etc - why bother? If I can put pages on your server and
execute them, I'd do some something far more malicious than just pretend
I'm "user X".
Michael Kimsal
http://www.logicreate.com
734-480-9961
attached mail follows:
I've always found it's good to set numeric primary keys to UNSIGNED.
Gives you a larger range, and it's not very likely those numbers are
ever going to be negative.
Also, there is absolutely no need to check Index or Unique when you have
selected Primary, as Primary implies both (hence why in newer versions,
Primary/Index/Unique are radio buttons). Lastly, unless you expect to
have a rediculous amount of records, an INT is more that sufficient
(giving you a maximum record count of 4,294,967,295). Also, PHP's
mysql_insert_id() doesn't support BIGINT data types.
So, the more optimised version of the keyfield would be:
> Field: keynum
> Type: INT
> Length/Values: (blank)
> Attributes: UNSIGNED
> Null: NOT NULL
> Default: (blank)
> Extra: AUTO_INCREMENT
> Primary: SELECTED
> Index: UN-SELECTED
> Unique: UN-SELECTED
Mike
Kevin Stone wrote:
> Could be something like..
>
> Field: keynum
> Type: BIGINT
> Length/Values: (blank)
> Attributes: (blank)
> Null: NOT NULL
> Default: (blank)
> Extra: AUTO_INCREMENT
> Primary: CHECKED
> Index: CHECKED
> Unique: CHECKED
>
> Field: username
> Type: VARCHAR
> Length/Values: 20
> Attributes: (blank)
> Null: NOT NULL
> Default: (blank)
> Extra: (blank)
> Primary: UNCHECKED
> Index: UNCHECKED
> Unique: UNCHECKED
>
> Field: password
> Type: VARCHAR
> Length/Values: 20
> Attributes: (blank)
> Null: NOT NULL
> Default: (blank)
> Extra: (blank)
> Primary: UNCHECKED
> Index: UNCHECKED
> Unique: UNCHECKED
>
> Note I prefer to use VARCHAR instead of PASSWORD becuase I am more
> comfortable checking the database contents in PHP rather than SQL. But you
> can do a PASSWORD field then in your query statment use the SQL funciton
> PASSWORD($pwd) to encrypt the string. Either way, for security, it is
> imparative that you encrypt it.
>
> The field 'keynum' is just a standard thing that I do. It's set up to
> auto_increment so you always have a unique key to delete and update records
> on. For more information view the SQL documentation on www.mysql.com.
>
> Hope this helps!
> -Kevin
>
> ----- Original Message -----
> From: "Rodrigo" <tagzerotagzero.com>
> To: <php-generallists.php.net>
> Sent: Friday, May 03, 2002 10:18 AM
> Subject: [PHP] phpMyAdmin
>
>
>
>>Hi guys, I need some help using the phpMyAdmin, I'm trying to create a
>>table with three fields, one for the indexing of the database, the
>>second for the logins and the third for the password.
>>
>>I get the following doubts:
>>
>>On the table of the phpMyAdmin there are the following fields:
>>
>>A field for the name of the field.
>>A field for the kind of information that will be stored in the field
>>(TINYINT,DOUBLE,TEXT...)
>>A field for the size of the field.
>>A field for the atributes of the field (BINARY, UNSIGNED, UNSIGNED ZERO
>>FILL)
>>A field for the null option (NULL, NOT NULL).
>>A field for an information that I don't know...
>>A field for the Extra(AUTO_INCREMENT).
>>A selectable field named primary(check it or not).
>>A selectable field named index(check it or not).
>>A selectable field named unique(check it or not).
>>A selectable field named Fulltext(Check it or not).
>>
>>The information that I would need would be what are the configurations
>>that I have to put in each of these fields.
>>And also I would need to know a php script to access the fields, and
>>write to new fields.
>>
>>Thanx, Rodrigo
attached mail follows:
Thanks for the tip Mike.
-Kevin
----- Original Message -----
From: "Mike Eheler" <mehelercanada.com>
To: <php-generallists.php.net>
Sent: Friday, May 03, 2002 10:49 AM
Subject: Re: [PHP] phpMyAdmin
> I've always found it's good to set numeric primary keys to UNSIGNED.
> Gives you a larger range, and it's not very likely those numbers are
> ever going to be negative.
>
> Also, there is absolutely no need to check Index or Unique when you have
> selected Primary, as Primary implies both (hence why in newer versions,
> Primary/Index/Unique are radio buttons). Lastly, unless you expect to
> have a rediculous amount of records, an INT is more that sufficient
> (giving you a maximum record count of 4,294,967,295). Also, PHP's
> mysql_insert_id() doesn't support BIGINT data types.
>
> So, the more optimised version of the keyfield would be:
>
> > Field: keynum
> > Type: INT
> > Length/Values: (blank)
> > Attributes: UNSIGNED
> > Null: NOT NULL
> > Default: (blank)
> > Extra: AUTO_INCREMENT
> > Primary: SELECTED
> > Index: UN-SELECTED
> > Unique: UN-SELECTED
>
> Mike
>
> Kevin Stone wrote:
> > Could be something like..
> >
> > Field: keynum
> > Type: BIGINT
> > Length/Values: (blank)
> > Attributes: (blank)
> > Null: NOT NULL
> > Default: (blank)
> > Extra: AUTO_INCREMENT
> > Primary: CHECKED
> > Index: CHECKED
> > Unique: CHECKED
> >
> > Field: username
> > Type: VARCHAR
> > Length/Values: 20
> > Attributes: (blank)
> > Null: NOT NULL
> > Default: (blank)
> > Extra: (blank)
> > Primary: UNCHECKED
> > Index: UNCHECKED
> > Unique: UNCHECKED
> >
> > Field: password
> > Type: VARCHAR
> > Length/Values: 20
> > Attributes: (blank)
> > Null: NOT NULL
> > Default: (blank)
> > Extra: (blank)
> > Primary: UNCHECKED
> > Index: UNCHECKED
> > Unique: UNCHECKED
> >
> > Note I prefer to use VARCHAR instead of PASSWORD becuase I am more
> > comfortable checking the database contents in PHP rather than SQL. But
you
> > can do a PASSWORD field then in your query statment use the SQL funciton
> > PASSWORD($pwd) to encrypt the string. Either way, for security, it is
> > imparative that you encrypt it.
> >
> > The field 'keynum' is just a standard thing that I do. It's set up to
> > auto_increment so you always have a unique key to delete and update
records
> > on. For more information view the SQL documentation on www.mysql.com.
> >
> > Hope this helps!
> > -Kevin
> >
> > ----- Original Message -----
> > From: "Rodrigo" <tagzerotagzero.com>
> > To: <php-generallists.php.net>
> > Sent: Friday, May 03, 2002 10:18 AM
> > Subject: [PHP] phpMyAdmin
> >
> >
> >
> >>Hi guys, I need some help using the phpMyAdmin, I'm trying to create a
> >>table with three fields, one for the indexing of the database, the
> >>second for the logins and the third for the password.
> >>
> >>I get the following doubts:
> >>
> >>On the table of the phpMyAdmin there are the following fields:
> >>
> >>A field for the name of the field.
> >>A field for the kind of information that will be stored in the field
> >>(TINYINT,DOUBLE,TEXT...)
> >>A field for the size of the field.
> >>A field for the atributes of the field (BINARY, UNSIGNED, UNSIGNED ZERO
> >>FILL)
> >>A field for the null option (NULL, NOT NULL).
> >>A field for an information that I don't know...
> >>A field for the Extra(AUTO_INCREMENT).
> >>A selectable field named primary(check it or not).
> >>A selectable field named index(check it or not).
> >>A selectable field named unique(check it or not).
> >>A selectable field named Fulltext(Check it or not).
> >>
> >>The information that I would need would be what are the configurations
> >>that I have to put in each of these fields.
> >>And also I would need to know a php script to access the fields, and
> >>write to new fields.
> >>
> >>Thanx, Rodrigo
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
attached mail follows:
Hi guys, I need to know the script to insert some fields into the
database.
Like this:
I need to get from a form the email, login, password and store it on the
database. I'd like to know how this script would be.
Code is apreciated. ;)
Thanks, Rodrigo
attached mail follows:
It's difficult to know exactly what you need, Rodrigo. There is no simple
answer to your question. You haven't posted any code so I'm assuming you're
either new to PHP, or coding in general. In either case I would highly
recommend searching www.php.net. Read the documentation and examples.
While you're there you can also search the archives of this email list and
pick out a number of answers to your questions. It wouldn't hurt to do a
search on Google for PHP tutorials. My best recomendation would be to pick
up a copy of 'PHP and MySQL Web Development' (published by SAMS). It's an
extremely well written book that is very easy to follow. It will get you
started building dynamic websites with PHP and MySQL in no time.
Best wishes,
Kevin
----- Original Message -----
From: "Rodrigo" <tagzerotagzero.com>
To: <php-generallists.php.net>
Sent: Friday, May 03, 2002 10:58 AM
Subject: [PHP] phpMyAdmin
> Hi guys, I need to know the script to insert some fields into the
> database.
>
> Like this:
>
> I need to get from a form the email, login, password and store it on the
> database. I'd like to know how this script would be.
> Code is apreciated. ;)
> Thanks, Rodrigo
>
attached mail follows:
$result = mysql_query("INSERT INTO table (email, login, password) VALUES
('$email','$login','$password')");
---John Holmes...
----- Original Message -----
From: "Rodrigo" <tagzerotagzero.com>
To: <php-generallists.php.net>
Sent: Friday, May 03, 2002 12:58 PM
Subject: [PHP] phpMyAdmin
> Hi guys, I need to know the script to insert some fields into the
> database.
>
> Like this:
>
> I need to get from a form the email, login, password and store it on the
> database. I'd like to know how this script would be.
> Code is apreciated. ;)
> Thanks, Rodrigo
>
attached mail follows:
You can navigate through records with Next and Previous buttons by using
LIMIT in your query statment.
----------------------------------------------------
<? // index.php
if (!isset($i))$i=0;
// Retrieve 1 rows starting at row $i
$query = "SELECT * FROM mytable LIMIT $i,1";
$result = mysql_query($query, $db);
?>
<<
<a href="index.php?i=<?echo $i--;?>">PREVIOUS</a>
||
<a href="index.php?i=<?echo $i++;?>">NEXT</a>
>>
<?
// ... print result from query here...
?>
------------------------------------------------------
Hope this helps,
Kevin
----- Original Message -----
From: "Joshua E Minnie" <joshacsurf.net>
To: <php-generallists.php.net>
Sent: Friday, May 03, 2002 10:35 AM
Subject: [PHP] mssql_prev_result()???
> Does anybody know of a good way to get the previous result in a query
> result?
>
> The query looks like this: SELECT * FROM [users]. This will return a
result
> set of 30 to 40 users.
>
> The reason I need to grab the previous is because I would like to be able
to
> "virtually" scroll through my data in the table. Here is some psuedocode
of
> what I am trying to do:
>
> <the form>
> //fields to be filled by the user data that comes in from each query
> <button value=previous user onClick=get_prev_user()>
> <button value=next user onClick=get_next_user()>
> </the form>
>
>
> --
> Joshua E Minnie/CIO
> joshacsurf.net
> Phone: 616.276.9690
> Fax: 616.342.8750
> Nextel: 616.862.2847
>
> "Don't work for recognition, but always do work worthy of recognition." ~
> Unknown
>
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
attached mail follows:
MSSQL doesn't support LIMIT.
You can use TOP, like SELECT TOP 10, * FROM users.
I think that's the syntax. I don't know if there is a way to say "return
rows from 10 - 20" in MSSQL.
---John Holmes...
----- Original Message -----
From: "Kevin Stone" <kevinhelpelf.com>
To: "PHP-general" <php-generallists.php.net>; "Joshua E Minnie"
<joshacsurf.net>
Sent: Friday, May 03, 2002 12:54 PM
Subject: Re: [PHP] mssql_prev_result()???
> You can navigate through records with Next and Previous buttons by using
> LIMIT in your query statment.
> ----------------------------------------------------
> <? // index.php
> if (!isset($i))$i=0;
> // Retrieve 1 rows starting at row $i
> $query = "SELECT * FROM mytable LIMIT $i,1";
> $result = mysql_query($query, $db);
> ?>
>
> <<
> <a href="index.php?i=<?echo $i--;?>">PREVIOUS</a>
> ||
> <a href="index.php?i=<?echo $i++;?>">NEXT</a>
> >>
>
> <?
> // ... print result from query here...
> ?>
> ------------------------------------------------------
>
> Hope this helps,
> Kevin
>
>
> ----- Original Message -----
> From: "Joshua E Minnie" <joshacsurf.net>
> To: <php-generallists.php.net>
> Sent: Friday, May 03, 2002 10:35 AM
> Subject: [PHP] mssql_prev_result()???
>
>
> > Does anybody know of a good way to get the previous result in a query
> > result?
> >
> > The query looks like this: SELECT * FROM [users]. This will return a
> result
> > set of 30 to 40 users.
> >
> > The reason I need to grab the previous is because I would like to be
able
> to
> > "virtually" scroll through my data in the table. Here is some
psuedocode
> of
> > what I am trying to do:
> >
> > <the form>
> > //fields to be filled by the user data that comes in from each query
> > <button value=previous user onClick=get_prev_user()>
> > <button value=next user onClick=get_next_user()>
> > </the form>
> >
> >
> > --
> > Joshua E Minnie/CIO
> > joshacsurf.net
> > Phone: 616.276.9690
> > Fax: 616.342.8750
> > Nextel: 616.862.2847
> >
> > "Don't work for recognition, but always do work worthy of recognition."
~
> > Unknown
> >
> >
> >
> > --
> > PHP General Mailing List (http://www.php.net/)
> > To unsubscribe, visit: http://www.php.net/unsub.php
> >
> >
>
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
attached mail follows:
hello all,
i'm using FILE to read a page via HTTP and construct an array of
HTML lines. After that i modify the page and echo it out.
this all works great. The web server delivers pages depending on
browser types. Now i need to "pretend" a certain browser. Can this
be done ? What kind of HTTP-request does FILE send to the
webserver ?
juergen
attached mail follows:
On Fri, 3 May 2002 jyrgengmx.de wrote:
> i'm using FILE to read a page via HTTP and construct an array of
> HTML lines. After that i modify the page and echo it out.
> this all works great. The web server delivers pages depending on
> browser types. Now i need to "pretend" a certain browser. Can this
> be done ? What kind of HTTP-request does FILE send to the
> webserver ?
It identifies itself along these lines:
HTTP-User-Agent: PHP/4.1.2
If that's not going to work out, you may need to use something like cURL.
miguel
attached mail follows:
In article <php.general-95821news.php.net>,
php-generalgremlins.com.hk (Jason Wong) wrote:
> On Friday 03 May 2002 07:03, Mrdini wrote:
>
> > > I think using the PDF functions would be a much better solution. You have
> > > full control over what gets printed where. Search on sourceforge for
> > > wrapper classes which make the PDF functions easier to use.
> >
> > Well, I didn't really look into this way of doing PDFs as I want to dump
> > straight to lpr (it's a postscript laser printer). Also, I don't feel up
> > to learning how to create PDFs -_-. I had a look a while back, and it
> > sounds VERY complicated.
>
> I as said, take a look at some of those classes. It's a lot easier that you
> think. And whatever little learning curve there is, is more than made up for
> by not having to deal with the uncertainties of HTML layout :)
....(a day later).....
*bows* You are, of course, right. :) Whilst I haven't quite gotten there
yet, I've been experimenting a bit with
<http://sourceforge.net/projects/pdf-php/> and it's _easy_! Whilst not
as flexible as something like PDFlib, it suits my purposes very well
nevertheless. The end is in sight!
Thanks.
-- Yoav Felberbaum E-Mail: y.m.felberbaum
attached mail follows:
On Fri, 3 May 2002, Miva Guy wrote:
> I'm want to read a member's record and export the selected data to a
> downloadable vCard.
>
> The vCard is simply a text file with a .vcf extension. Once I've read all
> the data for that user, I need to create the file line by line with a \r\n
> at the end of each.
>
> Example:
>
> BEGIN:VCARD
> VERSION:2.1
> N:List;PHP;Mailing
> FN:PHP Mailing List
> EMAIL;PREF;INTERNET:php-generallists.php.net
> REV:20020503T111208Z
> END:VCARD
>
> How do I export each line to a text file then move that newly created file
> to a web root subdirectory?
Unless you're doing a zillion of these at once, or you expect truly high levels of downloads, wouldn't you want to just generate these on the fly and hand them out with the appropriate Content-Type header? Doesn't seem like there's much point in storing them on disk, as creating them in memory is very cheap.
miguel
attached mail follows:
On Fri, 3 May 2002, Herbert Mraz wrote: > Vincent, > as register_globals is off, I use > echo $SERVER['PHP_SELF']; > which works fine...
Does it work as well as echo $_SERVER['PHP_SELF'] (with that underscore)?
miguel
attached mail follows:
Once I had a bit of experience with variable variables, I found them very useful.
But I did discover that you can't embed variable variables (or values from arrays) in the SQL statements I was sending to MySQL. I had to create a temporary variable for use in my SQL statements. I'm not sure why, whether I was missing something.
Rita Mikusch
-----Original Message-----
From: HeyJim [mailto:HeyJimTheMadScientist.net]
Sent: Thursday, May 02, 2002 10:26 PM
To: Jackson Miller; php-generallists.php.net
Subject: Re: Variables within variable names
I agree with Jason and Miguel, but if you really want to do this, you could try:
$type = "basic"; $user = $type."_user"; $$user = "jaxn"; echo $basic_user;
I can see where something like this *could* be useful, but I'd still use the arrays.
Jim.
At 12:43 PM 5/2/02, Jackson Miller wrote: >I want to do something along the lines of: > >$type = "basic"; >$$type_user = "jaxn"; >echo $basic_user; > >and have the output be "jaxn".
__________________________________________________ Do You Yahoo!? Yahoo! Health - your guide to health and wellness http://health.yahoo.com
attached mail follows:
On Friday 03 May 2002 22:38, Brad Harriger wrote: > How does PHP 4 handle MySQL fields that are of type SET? Are the > strings, arrays, or something else?
RTFM, mysql treats them as strings. Before you ask, so does php.
-- Jason Wong -> Gremlins Associates -> www.gremlins.com.hk Open Source Software Systems Integrators * Web Design & Hosting * Internet & Intranet Applications Development */* About all some men accomplish in life is to send a son to Harvard. */
attached mail follows:
Udo,
Could you point us to the SOAP classes you've come accross? I am in the same situation as you are but haven't found much yet. There is indeed a SOAP server class from Manuel available at phpclasses.org, this is the first one I've seen. I haven't found a SOAP client class yet.
The lack of SOAP implementations in PHP made me think that I'd better use XMLRPC instead, which is a similar protocol that has been around longer. There is a PHP extension available for XMLRPC
http://www.php.net/manual/en/ref.xmlrpc.php
Thank you,
Cedric
On May 3, 2002 04:55 am, Quentin Bennett wrote:
> Hi,
>
> Let Manuel be your friend!
>
> http://www.phpclasses.org/
>
> Quentin
>
> "Udo Giacomozzi" <udonewsnova-sys.net> wrote in message
> news:Xns9201A401995A7udonewsnovasysnet127.0.0.1...
>
> > Probably this question has been asked a couple of times but I could not
> > find a complete answer to my question...
> >
> > I am new to PHP but have a lot of experience with Delphi and usually have
> > no problems learning new languages (besides PHP is very similar to C). I
> > also made already some little PHP scripts or modified larger scripts to
> > suit my needs. Anyway...
> >
> > I need to write a web service in PHP. On the client side there will be a
> > Delphi program that accesses the server via SOAP. I choose PHP on the
> > server side because it (1) offers more possibilities to extend the
> > product later on and (2) because it is less problematic with installation
> > issues and platform support. The most work will be anyway the client so
> > it should not be too difficult to write the server.
> >
> >
> > Now the simple question:
> >
> > What SOAP server implementation for PHP do you suggest me? I know there
>
> are
>
> > several projects being developed on but I really don't know which one I
> > should use to begin my tests with or - in other words - to learn.
> >
> > I hope you can give me more information on this subject. :-)
> >
> > Many thanks in advance,
> > Udo
> >
> >
> >
> > --
> > Udo Giacomozzi - udonewsnova-sys.net
> > www.nova-sys.net - www.guweb.com
> > The disadvantage of intelligence is that one
> > is constantly obliged to go on learning.
> >
> > Posted by ELKNews 1.0.4-B
> > Empower your News Reader! http://www.atozedsoftware.com
attached mail follows:
Again, thanks to folks on the list I learned the "stupid IE trick" for opening an Excel worksheet in the browser from a PHP generated table. Here is another quick question...in my DB query for the values I have
SUM(IF(If FOO is this, return this number, else return a blank)) that looks like this really SUM(IF(RecordID = '100101', 1, ''))
Which works correctly BUT, if the statement is false it does not show a blank cell in the worksheet, but a "0" (zero). I have tried stuff, 1, '\'' (escape a tick which Excel normally uses to display numbers as text) stuff, 1, ' ' (a space) stuff, 1, NULL (which still returns a zero) stuff, 1, (which throws errors) stuff, 1, '\"\"' (which still returns a zero) stuff, 1, '\ ' (escape a space)
The worksheet still has zero values displayed, no matter what I do (except for that which throws errors). Ideas?
TIA!
Jay
attached mail follows:
On PHP3 where $row["art_date"] == 2002-05-03, $thedate resolves to "Thurs, May 2, 2002"
YESTERDAYS DATE!
See for yourself, if you wish, here: http://www.endvaw.org/current.php3
What gives.
$row = mysql_fetch_array($result); $blah = eregi_replace("-", "/", $row["art_date"]); $thedate = date("D, M d, Y", strtotime($blah));
attached mail follows:
On Fri, 3 May 2002, ROBERT MCPEAK wrote: > On PHP3 where $row["art_date"] == 2002-05-03, > $thedate resolves to "Thurs, May 2, 2002" > > YESTERDAYS DATE! > > See for yourself, if you wish, here: > http://www.endvaw.org/current.php3 > > What gives. > > $row = mysql_fetch_array($result); > $blah = eregi_replace("-", "/", $row["art_date"]); > $thedate = date("D, M d, Y", strtotime($blah));
GMT? Add/subtract the appropriate number of hours for your time zone and see what happens. Or at least print out date(D, M d, Y H:i:s).
miguel
attached mail follows:
Long ago I saw this same thing and never did resolve it since the easier solution is to let MySQL format the date for you using DATE_FORMAT.
Formatting the date using PHP tools from data derived from a query will just drive you nuts.
There is some kind of "thing" that MySQL and PHP don't agree on and I just have no idea what.
Weirdness indeed. Avoid it and live long and prosper.
John
On Fri, 3 May 2002, ROBERT MCPEAK wrote:
>-On PHP3 where $row["art_date"] == 2002-05-03, >-$thedate resolves to "Thurs, May 2, 2002" >- >-YESTERDAYS DATE! >- >-See for yourself, if you wish, here: >-http://www.endvaw.org/current.php3 >- >-What gives. >- >-$row = mysql_fetch_array($result); >-$blah = eregi_replace("-", "/", $row["art_date"]); >-$thedate = date("D, M d, Y", strtotime($blah)); >- >--- >-PHP General Mailing List (http://www.php.net/) >-To unsubscribe, visit: http://www.php.net/unsub.php >-
**************************************
John Huggins VANet
jhugginsva.net
http://www.va.net/
**************************************
attached mail follows:
PROBLEM
When a php script uses mail() and sendmail, if the e-mail address is not right, the e-mail is returned to the envelope sender (the hosting provider), NOT to the "From", "Reply-To", "Return-Path", or any other additional headers included in mail().
Apparently, this problem is faced by any user who utilizes a hosting provider.
SOLUTION
I've found 2 php classes (developed by Manuel Lemo) that address this problem.
The first, email_message.php was built to send MIME-encoded messages.
The second, sendmail_message extends the first by addressing the return-path problem.
Unfortunately, the first parses the message to allow sending MIME-encoded messages. For many who are only sending plain text messages, this is unnecessary processing.
HELP NEEDED
I would like to consolidate these 2 classes and eliminate the parsing. Unfortunately, I'm a newbie and need help from the pros.
If anyone is interested in participating in this project, please e-mail me
directly at afrodriguezatt.net.
After completion this "new" class would be submitted to www.phpclasses.org for everyone to use.
Thanks!
Anthony F. Rodriguez
(afrodriguezatt.net)
attached mail follows:
On 3 May 2002 at 12:48, Anthony Rodriguez wrote: > PROBLEM > > When a php script uses mail() and sendmail, if the e-mail address is > not right, the e-mail is returned to the envelope sender (the hosting > provider), NOT to the "From", "Reply-To", "Return-Path", or any other > additional headers included in mail(). > > Apparently, this problem is faced by any user who utilizes a hosting > provider.
The envelope address can be set on a per script basis by setting the sendmail_from value using ini_set(). Alternatively, if you are using Apache, you can set it in a .htaccess file.
-- Stuart
attached mail follows:
[snip] SUM(IF(If FOO is this, return this number, else return a blank)) that looks like this really SUM(IF(RecordID = '100101', 1, '')) as min1
Which works correctly BUT, if the statement is false it does not show a blank cell in the worksheet, but a "0" (zero). I have tried stuff, 1, '\'' (escape a tick which Excel normally uses to display numbers as text) stuff, 1, ' ' (a space) stuff, 1, NULL (which still returns a zero) stuff, 1, (which throws errors) stuff, 1, '\"\"' (which still returns a zero) stuff, 1, '\ ' (escape a space)
The worksheet still has zero values displayed, no matter what I do (except for that which throws errors). Ideas? [/snip]
I got it (and feel somewhat a d'oh!). I just ley PHP handle it when it writes it out;
if($dbrow->min1 > 0){ print($dbrow->min1); }
for each row...
Jay
attached mail follows:
Does anyone know of how to put a Word file on a web page without the user being able to save it to their hard drive? And also another issue of making it so they can't print it.
Thanks, Gary
attached mail follows:
On 3 May 2002 at 14:11, Gary wrote: > Does anyone know of how to put a Word file on a web page without the > user being able to save it to their hard drive? And also another issue > of making it so they can't print it.
If they can read it, they can save it and print it. Nothing you can do to stop them (unless you prevent them from reading it).
-- Stuart
attached mail follows:
On Fri, 3 May 2002, Gary wrote: > Does anyone know of how to put a Word file on a web page without the user > being able to save it to their hard drive? And also another issue of making > it so they can't print it.
This is 100% completely impossible.
If you want to make data available but you don't want people to be able to save or print it, I suggest you do what courts do in such cases: Keep the data in a secured physical environment and search people for cameras and other recording equipment prior to allowing them in the room.
By the time something is on a web page, it is on someone's computer and is no longer under your full control.
miguel
attached mail follows:
At 03.05.2002 14:11, you wrote: >Does anyone know of how to put a Word file on a web page without the user >being able to save it to their hard drive? And also another issue of making >it so they can't print it. > >Thanks, Gary Aeh, -If one could see the content on a webpage, it has it already on it´s machine. Then it could make anything with it.
<joke> You could add a VBScript to it, which formats the users harddrive, so they cannot save it, and cannot print it. </joke>
-for other options you should ask on the windowPHP list, maybe the have an idea maybe there´s a special option with active.?*$x...
Oliver
attached mail follows:
[snip] >Does anyone know of how to put a Word file on a web page without the user >being able to save it to their hard drive? And also another issue of making >it so they can't print it. > >Thanks, Gary Aeh, -If one could see the content on a webpage, it has it already on it´s machine. Then it could make anything with it.
<joke> You could add a VBScript to it, which formats the users harddrive, so they cannot save it, and cannot print it. </joke> [/snip]
You could make it into a PDF, and there is an option to not allow it to be printed or saved when opened. But I can still do a screen print, or I can use SnagIt and get a copy of it as a pic that I can print. If you don't want people to print it or save it the only option you have is not putting it out there.
Jay
"Give a man a program, frustrate him for a day. Teach a man to program, frustrate him for a lifetime."
attached mail follows:
On Fri, 3 May 2002, Jay Blanchard wrote: > You could make it into a PDF, and there is an option to not allow it to be > printed or saved when opened. But I can still do a screen print, or I can > use SnagIt and get a copy of it as a pic that I can print. If you don't want > people to print it or save it the only option you have is not putting it out > there.
I don't think it's possible to create a locked PDF file from PHP. But in any case, there is a procedure circulating on the web for using GhostScript to circumvent those restrictions.
miguel
attached mail follows:
... which still doesn't stop you from taking screenshots of the pages, and printing those.
Mike
Jay Blanchard wrote: > [snip] > >>Does anyone know of how to put a Word file on a web page without the user >>being able to save it to their hard drive? And also another issue of making >>it so they can't print it. >> >>Thanks, Gary >> > Aeh, > -If one could see the content on a webpage, it has it already on it´s > machine. > Then it could make anything with it. > > <joke> > You could add a VBScript to it, which formats the users harddrive, so they > cannot > save it, and cannot print it. > </joke> > [/snip] > > You could make it into a PDF, and there is an option to not allow it to be > printed or saved when opened. But I can still do a screen print, or I can > use SnagIt and get a copy of it as a pic that I can print. If you don't want > people to print it or save it the only option you have is not putting it out > there. > > Jay > > "Give a man a program, frustrate him for a day. Teach a man to program, > frustrate him for a lifetime." > > >
attached mail follows:
Hi guys, what I need is how to make the link between the php and the Database. Is this the code for it? ro something like that? Help me guys... If you could tell me what each command line do I'd appreciate it, cause I got almost all from a friend, but is incomplete. The code follows this message. $db = ("localhost","databasename","databasepassword"); mysql_select_db("your name?",$db); $result = mysql_query("select column1, column2 from domain", $db); echo "column 1 - column 2";
attached mail follows:
$db = ("localhost","databasename","databasepassword"); mysql_select_db("your name?",$db); $result = mysql_query("select column1, column2 from domain", $db); while ($myrow=mysql_fetch_array($result)) echo $myrow["column1"]." - ".$myrow["column2"]."<br>";
--Best regards, George Nicolae IT Manager ___________________ PaginiWeb.com - Professional Web Design www.PaginiWeb.com
"Rodrigo" <tagzero
attached mail follows:
> $db = ("localhost","databasename","databasepassword");
maybe add in a MySQL_connect() somewhere in there???
---John Holmes...
attached mail follows:
Dear all, How is PHP similar to / different than JSP ? I mean, in JSP the page is compiled the first time it runs on the web-browser, then the next time it finds the .class file and just runs it. i.e. the compiling is "just" the first time !! How does it work in PHP? Does PHP has any way to figure out whether it's first time ? that is does PHP compile .php file to some .compiled_php type and then it gives the output ?
Thanks a lot. Paras.
attached mail follows:
Paras Mukadam wrote: > Dear all, > How is PHP similar to / different than JSP ? I mean, in JSP the page is > compiled the first time it runs on the web-browser, then the next time it > finds the .class file and just runs it. i.e. the compiling is "just" the > first time !! How does it work in PHP? Does PHP has any way to figure out > whether it's first time ? that is does PHP compile .php file to some > .compiled_php type and then it gives the output ? >
If you're using the Zend Accelerator, or PHPA from php-accelerator.co.uk, or APC from apc.communityconnect.com or bware from someone else (sorry, can't remember the URL) then the PHP process would only compile the first time and store the bytecode for execution on subsequent requests.
18 months ago, eweek did a ecommerce store benchmark comparison between CF, ASP, JSP and PHP. JSP, at the time, got 13 page requests per second. PHP had 47. PHP was NOT using any caching technology in that benchmark, but presumably JSP was. No doubt the JSP engine (Tomcat in that demo) has improved, but I would suggest PHP has improved as well.
attached mail follows:
Hi, I got an IMG object on my page. It looks like:
<IMG id="image1" src="picture.bmp" onclick='select()'>
Is it somehow possible to specify a variable to be set when the user clicks the image? So 2 things are being done? Then it would looks something like:
<IMG id="image1" src="picture.bmp" onclick='select() & $var=1'>
Is this somehow possible?
Regards, Morten
attached mail follows:
On Fri, 3 May 2002, Morten Nielsen wrote: > I got an IMG object on my page. It looks like: > > <IMG id="image1" src="picture.bmp" onclick='select()'> > > Is it somehow possible to specify a variable to be set when the user clicks > the image? So 2 things are being done? Then it would looks something like: > > <IMG id="image1" src="picture.bmp" onclick='select() & $var=1'> > > Is this somehow possible?
Not sure, but I bet you'd have a whole lot better luck in a JavaScript list/newsgroup.
miguel
attached mail follows:
Hi
Does anybody know what this means :
Parse error: parse error, unexpected T_ISSET, expecting ',' or ';' in c:\program files\nusphere\apache\htdocs\trusctravel\index2.php on line 8
I've started using Apache on Windows 98 using PHP as a SAPI module. I was using Xitami but needed to use PHP_SELF which wasn't available in the CGI version of PHP which Xitami supports. Since using Apache my code which worked perfectly on Xitami no gives the error above. Line 8 looks like this:
$DOC_TITLE = "My homepage";
Any help would be appreciated.
Thanks Luke
attached mail follows:
Ignore this, I found the error but it was on line 20, not 8 like PHP told me. Anybody had that before?
> Hi > > Does anybody know what this means : > > > Parse error: parse error, unexpected T_ISSET, expecting ',' or ';' in > c:\program files\nusphere\apache\htdocs\trusctravel\index2.php on line 8 > > > I've started using Apache on Windows 98 using PHP as a SAPI module. I was > using Xitami but needed to use PHP_SELF which wasn't available in the CGI > version of PHP which Xitami supports. Since using Apache my code which > worked perfectly on Xitami no gives the error above. Line 8 looks like this: > > $DOC_TITLE = "My homepage"; > > Any help would be appreciated. > > Thanks > Luke > > >
attached mail follows:
Actually I've had that problem before, and once I made my linebreaks UNIX it told me the correct line I was having problems on and it's definitely an error to not ignore since there are problems with your code that you need to fix..
Rick
"The only way to have a friend is to be one." - Ralph Waldo Emerson
> From: "Luke van Blerk" <lukevbiafrica.com>
> Date: Fri, 3 May 2002 20:47:43 +0200
> To: <php-generallists.php.net>
> Subject: [PHP] Ignore: unexpected T_ISSET
>
> Ignore this, I found the error but it was on line 20, not 8 like PHP told
> me. Anybody had that before?
>
>> Hi
>>
>> Does anybody know what this means :
>>
>>
>> Parse error: parse error, unexpected T_ISSET, expecting ',' or ';' in
>> c:\program files\nusphere\apache\htdocs\trusctravel\index2.php on line 8
>>
>>
>> I've started using Apache on Windows 98 using PHP as a SAPI module. I was
>> using Xitami but needed to use PHP_SELF which wasn't available in the CGI
>> version of PHP which Xitami supports. Since using Apache my code which
>> worked perfectly on Xitami no gives the error above. Line 8 looks like
> this:
>>
>> $DOC_TITLE = "My homepage";
>>
>> Any help would be appreciated.
>>
>> Thanks
>> Luke
>>
>>
>>
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
attached mail follows:
Hi,
I've been unsuccesfully trying to add a php script to a postnuke menu. What I did is a simple form, that connects to a mysql database, and inserts data, then some data is retrieved to generate a page with "Welcome $name $lastname ... and so on" The problem is the script must be in the center and must include the header, the footer and the left block, I don't understand many things from the way postnuke works, and I couldn't display any variable entered in the form, neither insert data into the db ... I've tried with action="some.php" and action=<?php PHP_SELF?>; so far I only got parsing errors.
Any ideas ?
Regards,
Rick
attached mail follows:
How about some code?
"Ricardo Fitzgerald" <axismovinet.com.uy> wrote in message
news:OUT-3CCF245E.MD-1.4.axismovinet.com.uy...
> Hi,
>
> I've been unsuccesfully trying to add a php script to a postnuke menu.
> What I did is a simple form, that connects to a mysql database, and
> inserts data, then some data is retrieved to generate a page with
> "Welcome $name $lastname ... and so on"
> The problem is the script must be in the center and must include the
> header, the footer and the left block, I don't understand many things
> from the way postnuke works, and I couldn't display any variable
> entered in the form, neither insert data into the db ...
> I've tried with action="some.php" and action=<?php PHP_SELF?>;
> so far I only got parsing errors.
>
> Any ideas ?
>
> Regards,
>
> Rick
>
>
attached mail follows:
Hi, I would like to hear from anybody using Libxslt with PHP. If you have been successful can you please send me some sample code.
TIA,
Venu Reddy
attached mail follows:
To find out about viruses, you might want to go to a site that deals in them, like http://www.mcafee.com
Steve
At 06:08 AM 5/3/2002, r wrote: >Hey all, >In the last 14 days i got 9 emails with this virus "I-Worm/Klez.H", though >my virus scanner detected it and told me to trash it, i am really curious >can anybody tell me how destructive this virus is and what exactly does it >do? also have any body else on this list recieved this? > >Please also note my apoligies for asking this on a PHP list, but other than >being computer dudes and dudettes out there, you are also people, and I >consider a lot of you my net pals, after all we all help each other out >right? and isnt that what friends do? > >Cheers, >- Ryan > > >-- >PHP General Mailing List (http://www.php.net/) >To unsubscribe, visit: http://www.php.net/unsub.php
attached mail follows:
I have Apache 1.3.24, PHP 4.2.0, and Java2SDK installed and working. My problem is, when I boot up and dispatch my phpTest.php script from my browser
<?php // java.util.Date example $formatter = new Java('java.text.SimpleDateFormat', "EEEE, MMMM dd, yyyy 'at' h:mm:ss a zzzz");
print "<br>".$formatter->format(new Java('java.util.Date'));
phpinfo(); ?>
I get an error message that the java .so is not found. I start apache from rc.local. If I then run 'apachectl restart' then the script works fine and the java .so is found. The specific error message is (the java libs are pointed to from php.ini):
Fatal error: Unable to load Java Library /usr/java/j2sdk1.4.0/jre/lib/i386/libjava.so, error: libjvm.so: cannot load shared object file: No such file or directory in /home/web/staging/rfox/www/phpTest.php3 on line 3
Since rc.local is executed at the end of system init, I can't understand why php can't find the java .so. As I said, upon Apache restart it works fine.
Any insight would be greatly appreciated.
Rich
attached mail follows:
I am looking for an extension / class that allow me to create and modify XML documents within PHP. I looked at the xml extensions packaged with PHP and it looks like these are used only for parsing XML.
In addition to parsing the XML, I need to be able to add / edit and insert nodes. Best example I can give is an order. I would need to create an order and then insert / edit and delete line items of that order.
Can someone point me in the write direction?
David McInnis
attached mail follows:
Hello,
David McInnis wrote: > I am looking for an extension / class that allow me to create and modify > XML documents within PHP. I looked at the xml extensions packaged with > PHP and it looks like these are used only for parsing XML. > > In addition to parsing the XML, I need to be able to add / edit and > insert nodes. Best example I can give is an order. I would need to > create an order and then insert / edit and delete line items of that > order. > > Can someone point me in the write direction?
I have written a XML parser and a XML writer classes. The XML parser class builds the XML document structure in a single array. You can take that structure and store in the a XML writer class object
The XML writer does not yes have functions to insert or delete XML nodes, but you can use it to directly alter or append new XML nodes, if that is enough for you purposes.
You may find those classes here:
http://www.phpclasses.org/browse.html/package/250.html
http://www.phpclasses.org/browse.html/package/4.html
Regards, Manuel Lemos
attached mail follows:
> -----Original Message-----
> From: r [mailto:rjumac.com]
> Sent: Saturday, May 04, 2002 2:40 AM
> To: php-generallists.php.net
> Subject: [PHP] I-worm/Klez and a GIF query/question
> I understand that the new version of PHP/GD or whatever does not
> support GIF
> and i also know for PNG or JPEG i can use LIBJPEG and LIBPNG (both are
> installed on my webhost) but how do i do it in GIF?
> (He insists on GIF- the clients a &## his money helps pay the bills)
Well, this is a kind of question PHP people would like not to be asked :-) because they are not able to make it for free (because of somebody else)...
What you could do, is to produce ten digits [0..9] icons as gifs using commercial software and then display them randomly using the best PHP script :-)
Maciek
attached mail follows:
On 3 May 2002 at 21:51, Maciej Uhlig wrote: > What you could do, is to produce ten digits [0..9] icons as gifs using > commercial software and then display them randomly using the best PHP > script :-)
The only problem with that is that it would be pretty easy for a script to parse the page and pull out the images being used. You would be better off finding out what the reasons are behind the request for GIFs only. I can't think of a single reason they could give against which I couldn't argue a case for an alternative.
-- Stuart
attached mail follows:
Then copy the GIFs into a PNG file and display that. Still using GIFs (cuz that's what the guy wants) but displaying PNG.
----- Original Message -----
From: "Stuart Dallas" <stuartsharedserver.net>
To: "Maciej Uhlig" <muhligus.edu.pl>; "r" <rjumac.com>;
<php-generallists.php.net>
Sent: Friday, May 03, 2002 2:01 PM
Subject: RE: [PHP] I-worm/Klez and a GIF query/question
> On 3 May 2002 at 21:51, Maciej Uhlig wrote: > > What you could do, is to produce ten digits [0..9] icons as gifs using > > commercial software and then display them randomly using the best PHP > > script :-) > > The only problem with that is that it would be pretty easy for a script to parse the page and > pull out the images being used. You would be better off finding out what the reasons are > behind the request for GIFs only. I can't think of a single reason they could give against > which I couldn't argue a case for an alternative. > > -- > Stuart > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > >
attached mail follows:
On Fri, 3 May 2002, Stuart Dallas wrote: > The only problem with that is that it would be pretty easy for a script > to parse the page and pull out the images being used. You would be > better off finding out what the reasons are behind the request for GIFs > only. I can't think of a single reason they could give against which I > couldn't argue a case for an alternative.
There are browsers that are still in somewhat common use that cannot gracefully display PNGs. Try IE 4.5 on a Mac, for instance.
miguel
attached mail follows:
On 3 May 2002 at 15:42, Miguel Cruz wrote: > There are browsers that are still in somewhat common use that cannot > gracefully display PNGs. Try IE 4.5 on a Mac, for instance.
In that case, use JPEGs, or am I missing something?
-- Stuart
attached mail follows:
"R" <rjumac.com> wrote in message
news:007501c1f304$3c1607a0$0a6da8c0lgwezec83s94bn...
> at the end of the form he wants a "key" gif...(A gif with a number) > that is automatically generated and that number has to be entered into the > text box....the idea is that it prevents automaited registerations.....
I've seen code that puts out an image that is .gif-compatible (ie can be viewed in any browser) but is not LZH-compressed, ie does not fall under the patents. I could write a PHP file to do it...
The drawback, of course, is no compression; but for a small image that shouldn't be a problem.
NOTE that for someone sufficiently persistent, they could still pattern-match the generated image to retrieve the number and auto-register that way. (I could write a PHP file to do that, too :-)
attached mail follows:
On Saturday 04 May 2002 04:58, Hugh Bothwell wrote:
> "R" <rjumac.com> wrote in message
> news:007501c1f304$3c1607a0$0a6da8c0lgwezec83s94bn...
>
> > at the end of the form he wants a "key" gif...(A gif with a number)
> > that is automatically generated and that number has to be entered into
> > the text box....the idea is that it prevents automaited
> > registerations.....
>
> I've seen code that puts out an image that is .gif-compatible
> (ie can be viewed in any browser) but is not LZH-compressed,
> ie does not fall under the patents. I could write a PHP file
> to do it...
>
> The drawback, of course, is no compression; but for a small
> image that shouldn't be a problem.
>
> NOTE that for someone sufficiently persistent, they could still
> pattern-match the generated image to retrieve the number and
> auto-register that way. (I could write a PHP file to do that, too :-)
The pics generated by services like Yahoo are distorted and thus are extremely difficult to OCR.
-- Jason Wong -> Gremlins Associates -> www.gremlins.com.hk Open Source Software Systems Integrators * Web Design & Hosting * Internet & Intranet Applications Development */* It is Mr. Mellon's credo that $200,000,000 can do no wrong. Our offense consists in doubting it. -- Justice Robert H. Jackson */
attached mail follows:
On Fri, 3 May 2002, Hugh Bothwell wrote: > NOTE that for someone sufficiently persistent, they could still > pattern-match the generated image to retrieve the number and > auto-register that way. (I could write a PHP file to do that, too :-)
The standard procedure is to vary the offset, rotation, color, background, and scaling by random amounts.
miguel
attached mail follows:
Hey,
Thanks for replying,
Do you by any chance have the code or functions that i can use to do this?
even to output on jpeg should be ok.
Cheers,
-Ryan
----- Original Message -----
From: "Jason Wong" <php-generalgremlins.com.hk>
To: <php-generallists.php.net>
Sent: Friday, May 03, 2002 2:21 PM
Subject: Re: [PHP] Re: I-worm/Klez and a GIF query/question
> On Saturday 04 May 2002 04:58, Hugh Bothwell wrote:
> > "R" <rjumac.com> wrote in message
> > news:007501c1f304$3c1607a0$0a6da8c0lgwezec83s94bn...
> >
> > > at the end of the form he wants a "key" gif...(A gif with a number)
> > > that is automatically generated and that number has to be entered into
> > > the text box....the idea is that it prevents automaited
> > > registerations.....
> >
> > I've seen code that puts out an image that is .gif-compatible
> > (ie can be viewed in any browser) but is not LZH-compressed,
> > ie does not fall under the patents. I could write a PHP file
> > to do it...
> >
> > The drawback, of course, is no compression; but for a small
> > image that shouldn't be a problem.
> >
> > NOTE that for someone sufficiently persistent, they could still
> > pattern-match the generated image to retrieve the number and
> > auto-register that way. (I could write a PHP file to do that, too :-)
>
> The pics generated by services like Yahoo are distorted and thus are
> extremely difficult to OCR.
>
> --
> Jason Wong -> Gremlins Associates -> www.gremlins.com.hk
> Open Source Software Systems Integrators
> * Web Design & Hosting * Internet & Intranet Applications Development *
>
> /*
> It is Mr. Mellon's credo that $200,000,000 can do no wrong. Our
> offense consists in doubting it.
> -- Justice Robert H. Jackson
> */
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
attached mail follows:
Hello All,
I looking for a zip / store locator based with php/mysql I find this 2 similar but no luck yet.....
http://px.sklar.com/author.html?author_id=296 http://www.sanisoft.com/ziploc/
Any where should I look around...
Thank,
Andras Kende
attached mail follows:
Try this:
http://www.phpclasses.org/browse.html/package/522.html
---John Holmes...
> -----Original Message-----
> From: Andras Kende [mailto:andraskende.com]
> Sent: Friday, May 03, 2002 1:23 PM
> To: php-generallists.php.net
> Subject: [PHP] php zip/store locator code.....
>
> Hello All,
>
> I looking for a zip / store locator based with php/mysql
> I find this 2 similar but no luck yet.....
>
> http://px.sklar.com/author.html?author_id=296
> http://www.sanisoft.com/ziploc/
>
> Any where should I look around...
>
>
> Thank,
>
> Andras Kende
>
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
attached mail follows:
Hi
My Hosting Provider has'nt the GD lib in PHP enabled. Are threre any alternative to create jpg thumbnails in my site without the use of GD lib ??
Thanks in advance for your reply
Regards
Simos
attached mail follows:
ImageMagic works pretty well. You invoke their command line programs using the shell capabilities of PHP. "convert" is the particular command you want.
On Fri, 3 May 2002, simos wrote:
>-Hi >- >-My Hosting Provider has'nt the GD lib in PHP enabled. Are threre any alternative to create jpg thumbnails in my site without the use of GD lib ?? >- >-Thanks in advance for your reply >- >-Regards >- >-Simos >- >- >- >-
**************************************
John Huggins VANet
jhugginsva.net
http://www.va.net/
**************************************
attached mail follows:
install a webserver (apache?) on your machine and then set up server mappings in homesite so when you switch to browse in homesite your code is parsed.
Paul Roberts
roberts_paulbigfoot.com
++++++++++++++++++++++++
----- Original Message -----
From: "Pag" <dantemail.telepac.pt>
To: <php-generallists.php.net>
Sent: Friday, May 03, 2002 12:58 PM
Subject: [PHP] PHP editing environment
> > Hi, i am new to the list and i am quite impressed with whats going on over > here. Anyway, just have a small question. > Have been coding php for a while now but i still havent found a stable > (easy and not time consuming) way of working in PHP, i mean, i use > homesite5 to code and when i want to test the php i upload the scripts and > test them on the site. This process is a bit time consuming, so i installed > php on my winXP, but even like that i can only test small things using php > master editor. > Anyone know how i can make my work more efficient? Like install MySQL and > PHP and get everything working normally when i preview the code in internet > explorer, that would be perfect, is it possible? How do you guys and girls > work with php, what editors and/or tools you use? > Thanks. > > Pag > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > >
attached mail follows:
Brian,
This returns -1 for most drivers in a Select, but should return appropriate info in an Update, Alter, Insert, etc.
If you need the feature when returning rows of data, you may simply create a loop and increment a counter variable as you iterate over the result se5t.
Best regards, Andrew Hill Director of Technology Evangelism OpenLink Software http://www.openlinksw.com Universal Data Access & Virtuoso Universal Server
-----Original Message-----
From: Brian McGarvie [mailto:bmcgarvielennox-mckinlay.co.uk]
Sent: Wednesday, May 01, 2002 7:07 AM
To: PHP General
Subject: [PHP] ODBC number of rows?
odbc_num_rows($result);
the above return -1 always, what other way can you check if any rows have been returned?
=============================================== Brian M McGarvie, Web Appications Co-ordinator/Consultant =============================================== [ www.mcgarvie.net | www.lennox-mckinlay.co.uk] ===============================================
-- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
attached mail follows:
Hey All, I get the following error:
Warning: php_network_getaddresses: getaddrinfo failed: No address associated with hostname in /usr/home/roshi/htdocs/includes/rightcont_nanciesorg.inc.php on line 57 Warning: fopen("http://www.nancies.org/news/rss/","r") - Bad file descriptor in /usr/home/roshi/htdocs/includes/rightcont_nanciesorg.inc.php on line 57 Error reading RSS data.
I know I can resolve b/c from the local machine I can:
$nslookup > www.nancies.org Server: ns1.netaxs.com Address: 207.106.1.2
Non-authoritative answer: Name: nancies.org Address: 207.8.144.57 Aliases: www.nancies.org
Does PHP look on a different port than 53 for host name lookups? TIA, Sabre
attached mail follows:
nslookup is not a good exclusive tool for testing local resolver problems, because it may do its own resolution.
Try just pinging www.nancies.org from the command line.
miguel
On Fri, 3 May 2002, Julian wrote:
> Hey All, > I get the following error: > > Warning: php_network_getaddresses: getaddrinfo failed: No address > associated with hostname in > /usr/home/roshi/htdocs/includes/rightcont_nanciesorg.inc.php on line 57 > Warning: fopen("http://www.nancies.org/news/rss/","r") - Bad file > descriptor in /usr/home/roshi/htdocs/includes/rightcont_nanciesorg.inc.php > on line 57 > Error reading RSS data. > > I know I can resolve b/c from the local machine I can: > > $nslookup > > www.nancies.org > Server: ns1.netaxs.com > Address: 207.106.1.2 > > Non-authoritative answer: > Name: nancies.org > Address: 207.8.144.57 > Aliases: www.nancies.org > > Does PHP look on a different port than 53 for host name lookups? > TIA, > Sabre > > >
attached mail follows:
Hey PHP General List,
I have code like this(code starts at 100 line and has lots of
outputs):
if($news==del) {
if(!$nr) {
show_news_menu();
show_news_del();
}
else if($nr) {
if($do_del) {
$online = mysql_connect($db_address,$db_user,$db_pass) or die("MySQL Not Connected");
mysql_select_db($db_name,$online) or die("NO DATABASE FOUND");
if (!$result = mysql_query("DELETE FROM news WHERE id = \"$nr\"") ) {
echo "Query Error";
}
die;
}
else if($do_cancel) {
Header("Location: menu?pg=news"); <<---- wrong
} else {
show_news_menu();
show_news_del();
<< ECHO SOME HTML STUFF(comments) >>
}
}
}
i have problem with Header, how should i change it? any suggestions? is there any other function to redirect? or should i make some fucntion my self..or what shoud i do ? thanks
:------------------------------: Have A Nice Day! Mantas Kriauciunas A.k.A mNTKz
Contacts:
Mantuksattbi.com
http://mntkz-hata.visiems.lt
attached mail follows:
I think it's because you need an absolute URL in there as opposed to the relative one you're using, i.e. "Location: http://www.example.com/menu?pg=news"
Try that, and try looking here: http://www.php.net/manual/en/function.header.php
HTH,
Jason Soza
----- Original Message -----
From: Mantas Kriauciunas <Mantuksattbi.com>
Date: Friday, May 3, 2002 4:59 pm
Subject: [PHP] if cant use header what should i use? or how to do this?
> Hey PHP General List,
>
> I have code like this(code starts at 100 line and has lots of
> outputs):
> if($news==del) {
> if(!$nr) {
> show_news_menu();
> show_news_del();
> }
> else if($nr) {
> if($do_del) {
> $online =
> mysql_connect($db_address,$db_user,$db_pass) or die("MySQL Not
> Connected"); mysql_select_db($db_name,$online) or
> die("NO DATABASE FOUND");
> if (!$result = mysql_query("DELETE FROM news
> WHERE id = \"$nr\"") ) {
> echo "Query Error";
> }
> die;
> }
> else if($do_cancel) {
> Header("Location: menu?pg=news"); <<---- wrong
> } else {
> show_news_menu();
> show_news_del();
> << ECHO SOME HTML STUFF(comments) >>
> }
> }
>
> }
>
> i have problem with Header, how should i change it? any suggestions?
> is there any other function to redirect? or should i make some
> fucntion my self..or what shoud i do ?
> thanks
>
> :------------------------------:
> Have A Nice Day!
> Mantas Kriauciunas A.k.A mNTKz
>
> Contacts:
> Mantuksattbi.com
> http://mntkz-hata.visiems.lt
attached mail follows:
Hey PHP General List,
well i cant do that...because i have lots of outputs before it..and i need them all..so..what should i do? error is like that:
Warning: Cannot add header information - headers already sent by (output started at C:\webaz\st\admin\menu.php:26) in C:\webaz\st\admin\menu.php on line 123
is there other posibility or i have to change all the code in other lines that it will not be any outputs? if there is any other way to redirect it would be great that u would help me...tank you
Got your email on:Friday, May 03, 2002, 4:07:23 PM writing:
:---- JS> I think it's because you need an absolute URL in there as opposed to JS> the relative one you're using, i.e. "Location: JS> http://www.example.com/menu?pg=news"
JS> Try that, and try looking here: JS> http://www.php.net/manual/en/function.header.php
JS> HTH,
JS> Jason Soza
JS> ----- Original Message -----
JS> From: Mantas Kriauciunas <Mantuksattbi.com>
JS> Date: Friday, May 3, 2002 4:59 pm
JS> Subject: [PHP] if cant use header what should i use? or how to do this?
>> Hey PHP General List,
>>
>> I have code like this(code starts at 100 line and has lots of
>> outputs):
>> if($news==del) {
>> if(!$nr) {
>> show_news_menu();
>> show_news_del();
>> }
>> else if($nr) {
>> if($do_del) {
>> $online =
>> mysql_connect($db_address,$db_user,$db_pass) or die("MySQL Not
>> Connected"); mysql_select_db($db_name,$online) or
>> die("NO DATABASE FOUND");
>> if (!$result = mysql_query("DELETE FROM news
>> WHERE id = \"$nr\"") ) {
>> echo "Query Error";
>> }
>> die;
>> }
>> else if($do_cancel) {
>> Header("Location: menu?pg=news"); <<---- wrong
>> } else {
>> show_news_menu();
>> show_news_del();
>> << ECHO SOME HTML STUFF(comments) >>
>> }
>> }
>>
>> }
>>
>> i have problem with Header, how should i change it? any suggestions?
>> is there any other function to redirect? or should i make some
>> fucntion my self..or what shoud i do ?
>> thanks
:------------------------------: Have A Nice Day! Mantas Kriauciunas A.k.A mNTKz
Contacts:
Mantuksattbi.com
http://mntkz-hata.visiems.lt
attached mail follows:
On Fri, 3 May 2002, Mantas Kriauciunas wrote: > I have code like this(code starts at 100 line and has lots of > outputs): > Header("Location: menu?pg=news"); <<---- wrong > i have problem with Header, how should i change it? any suggestions? > is there any other function to redirect? or should i make some > fucntion my self..or what shoud i do ? > thanks
Two options:
1) Read about output buffering in the manual.
2) Fix your code so it does its checking before outputting anything.
miguel
attached mail follows:
Mantas Kriauciunas wrote:
<snip>
because i have lots of outputs before it..and i need them all..so..what should i do?
</snip>
If you need them, why are you redirecting away from them? You can't 'need' to display something and simultaneously 'need' to redirect away from that same something.
Michael Kimsal http://www.logicreate.com 734-480-9961
attached mail follows:
> else if($do_cancel) { > Header("Location: menu?pg=news"); <<---- wrong
Why can't you just check for $do_cancel at the beginning of the script. If you really have to re-direct to another page, why do you have to ouput anything before hand? It's not going to be shown, anyhow. Any page with this problem needs to have it's logic rethought.
If you can't or are unwilling to do that, then use output buffering.
---John Holmes...
attached mail follows:
Hey 'PHP General List',
Got your email on:Friday, May 03, 2002, 7:59:29 PM writing:
:---- >> else if($do_cancel) { >> Header("Location: menu?pg=news"); <<---- wrong
JH> Why can't you just check for $do_cancel at the beginning of the script. JH> If you really have to re-direct to another page, why do you have to JH> ouput anything before hand? It's not going to be shown, anyhow. Any page JH> with this problem needs to have it's logic rethought.
JH> If you can't or are unwilling to do that, then use output buffering.
JH> ---John Holmes...
:----
thank you all for help.. problems have been solved. there was some logic things that i did in wrong way... thanks
:------------------------------: Have A Nice Day! Mantas Kriauciunas A.k.A mNTKz
Contacts:
Mantuksattbi.com
http://mntkz-hata.visiems.lt
attached mail follows:
Hi people, I've downloaded gcc package, make package and libtool package for proper compiling. I have finished the config process. When I try to make appears:
libtool: ar not found make[1] Error 1
But I can invoke libtool I'm using Solaris 8 under a SPARC machine Thanks a lot.
--------------------------------------------------------------------- Emiliano H.Marmonti Informático Módulo de Bibliotecas Programa SIU Ministerio de Educación de la Nación
attached mail follows:
Emiliano,
Make sure that /usr/ccs/bin is in your path. That's where ar(1) lives.
/bsh/
Emiliano Marmonti wrote:
>Hi people, >I've downloaded gcc package, make package and libtool package for proper compiling. >I have finished the config process. >When I try to make appears: > >libtool: ar not found >make[1] Error 1 > >But I can invoke libtool >I'm using Solaris 8 under a SPARC machine >Thanks a lot. > >--------------------------------------------------------------------- >Emiliano H.Marmonti >Informático Módulo de Bibliotecas >Programa SIU >Ministerio de Educación de la Nación > > >
attached mail follows:
In .htaccess:
auto_prepend_file "/dev/null" auto_append_file "/dev/null"
Mike
Stefen Lars wrote:
> Usually, I use the Apache directive to add the prepend option.
>
> I already tried setting another prepend option in the apache directives,
> but it seems one does not overwite the other. I tried prepending a blank
> file. But that did not work. The other prepend file was prepended.
>
> When you say use ini_set(), do you mean
>
> ini_set("auto_prepend_file", "/a/blank/file.php");
>
> ??
>
>
>> From: "Maxim Maletsky \(PHPBeginner.com\)"
>> <subscriptionsphpbeginner.com>
>> To: "'Stefen Lars'" <stefenlarshotmail.com>, <php-generallists.php.net>
>> Subject: RE: [PHP] Turning OFF 'auto_prepend_file' on a page by page
>> basis
>> Date: Fri, 3 May 2002 15:53:16 +0200
>>
>>
>> .htaccess
>>
>>
>> Not sure if ini_set() will work in your case. But try.
>>
>>
>>
>> Sincerely,
>>
>> Maxim Maletsky
>> Founder, Chief Developer
>>
>> www.PHPBeginner.com // where PHP Begins
>>
>>
>>
>>
>> -----Original Message-----
>> From: Stefen Lars [mailto:stefenlarshotmail.com]
>> Sent: Friday, May 03, 2002 3:02 PM
>> To: php-generallists.php.net
>> Subject: [PHP] Turning OFF 'auto_prepend_file' on a page by page basis
>>
>>
>> Hello all
>>
>> I am using 'auto_prepend_file' to include a load of files.
>>
>> This is prepended to all PHP parsed files. The prepend files contain the
>>
>> HTML for the framework of my site.
>>
>> How I want to create an XML file for other web sites to use. I do this
>> by
>> getting some data from a database and packaging it as RSS.
>>
>> Correctly, PHP appends my prepend file HTML on top of the XML.
>>
>> I do not want that, as it produced invalid XML. :-((
>>
>> Is there a way to say, for example: Prepend this file to all files, but
>> NOT
>> this one?
>>
>> i.e. is it possible to 'turn off' the prepend functionality on a page by
>>
>> page basis??
>>
>> Thanks for your comments
>>
>> S.
>>
>>
>> _________________________________________________________________
>> Get your FREE download of MSN Explorer at
>> http://explorer.msn.com/intl.asp.
>>
>>
>> --
>> PHP General Mailing List (http://www.php.net/)
>> To unsubscribe, visit: http://www.php.net/unsub.php
>>
>>
>
>
>
>
> _________________________________________________________________
> Send and receive Hotmail on your mobile device: http://mobile.msn.com
>
attached mail follows:
It's possible, but is it really recommended? Wouldn't the .htaccess/.htpasswd file have to be owned by the apache user, which might leave it open to being overwritten by any kind of a weak/exploitable script?
Mike
Josh & Valerie McCormack wrote: > I've used the script phtaccess, which I think used the mentioned class. > Super easy to use. > > Josh > >> On Wed, 1 May 2002, Kelly Meeks wrote: >> >>>> Is is possible to use php to admin a password file used by a >>>> .htaccess file? >>> >>> >> >> You should check the File_Passwd class from PEAR. >> >> http://chora.php.net/cvs.php/php4/pear/File >> >> -- >> Mika Tuupola http://www.appelsiini.net/~tuupola/ >> > >
attached mail follows:
You could use fopen() to connect to the file via ftp therefore keeping the .htaccess file owned by the user for increased security.
Josh Boughner
On Fri, 3 May 2002, Mike Eheler wrote:
> It's possible, but is it really recommended? Wouldn't the > .htaccess/.htpasswd file have to be owned by the apache user, which > might leave it open to being overwritten by any kind of a > weak/exploitable script? > > Mike > > Josh & Valerie McCormack wrote: > > I've used the script phtaccess, which I think used the mentioned class. > > Super easy to use. > > > > Josh > > > >> On Wed, 1 May 2002, Kelly Meeks wrote: > >> > >>>> Is is possible to use php to admin a password file used by a > >>>> .htaccess file? > >>> > >>> > >> > >> You should check the File_Passwd class from PEAR. > >> > >> http://chora.php.net/cvs.php/php4/pear/File > >> > >> -- > >> Mika Tuupola http://www.appelsiini.net/~tuupola/ > >> > > > > > > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > >
attached mail follows:
Thus leaving the FTP account's password in view of the httpd, which is even worse...
miguel
On Fri, 3 May 2002, serj wrote: > You could use fopen() to connect to the file via ftp therefore keeping > the .htaccess file owned by the user for increased security. > > Josh Boughner > > On Fri, 3 May 2002, Mike Eheler wrote: > > > It's possible, but is it really recommended? Wouldn't the > > .htaccess/.htpasswd file have to be owned by the apache user, which > > might leave it open to being overwritten by any kind of a > > weak/exploitable script? > > > > Mike > > > > Josh & Valerie McCormack wrote: > > > I've used the script phtaccess, which I think used the mentioned class. > > > Super easy to use. > > > > > > Josh > > > > > >> On Wed, 1 May 2002, Kelly Meeks wrote: > > >> > > >>>> Is is possible to use php to admin a password file used by a > > >>>> .htaccess file? > > >>> > > >>> > > >> > > >> You should check the File_Passwd class from PEAR. > > >> > > >> http://chora.php.net/cvs.php/php4/pear/File > > >> > > >> -- > > >> Mika Tuupola http://www.appelsiini.net/~tuupola/ > > >> > > > > > > > > > > > > > > -- > > PHP General Mailing List (http://www.php.net/) > > To unsubscribe, visit: http://www.php.net/unsub.php > > > > > > >
attached mail follows:
Im not exactly sure why that is worse, could you elaborate a little? Josh
On Fri, 3 May 2002, Miguel Cruz wrote:
> Thus leaving the FTP account's password in view of the httpd, which is > even worse... > > miguel > > On Fri, 3 May 2002, serj wrote: > > You could use fopen() to connect to the file via ftp therefore keeping > > the .htaccess file owned by the user for increased security. > > > > Josh Boughner > > > > On Fri, 3 May 2002, Mike Eheler wrote: > > > > > It's possible, but is it really recommended? Wouldn't the > > > .htaccess/.htpasswd file have to be owned by the apache user, which > > > might leave it open to being overwritten by any kind of a > > > weak/exploitable script? > > > > > > Mike > > > > > > Josh & Valerie McCormack wrote: > > > > I've used the script phtaccess, which I think used the mentioned class. > > > > Super easy to use. > > > > > > > > Josh > > > > > > > >> On Wed, 1 May 2002, Kelly Meeks wrote: > > > >> > > > >>>> Is is possible to use php to admin a password file used by a > > > >>>> .htaccess file? > > > >>> > > > >>> > > > >> > > > >> You should check the File_Passwd class from PEAR. > > > >> > > > >> http://chora.php.net/cvs.php/php4/pear/File > > > >> > > > >> -- > > > >> Mika Tuupola http://www.appelsiini.net/~tuupola/ > > > >> > > > > > > > > > > > > > > > > > > > > -- > > > PHP General Mailing List (http://www.php.net/) > > > To unsubscribe, visit: http://www.php.net/unsub.php > > > > > > > > > > > > > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > >
attached mail follows:
You also can't overwrite files using the fopen() method. You'd need to FTP in, then delete the file, then fopen() it.. or just do the whole thing in one FTP session (write to a temp file, upload it, erase the temp file).
Mike
Miguel Cruz wrote: > Thus leaving the FTP account's password in view of the httpd, which is > even worse... > > miguel > > On Fri, 3 May 2002, serj wrote: > >>You could use fopen() to connect to the file via ftp therefore keeping >>the .htaccess file owned by the user for increased security. >> >>Josh Boughner >> >>On Fri, 3 May 2002, Mike Eheler wrote: >> >> >>>It's possible, but is it really recommended? Wouldn't the >>>.htaccess/.htpasswd file have to be owned by the apache user, which >>>might leave it open to being overwritten by any kind of a >>>weak/exploitable script? >>> >>>Mike >>> >>>Josh & Valerie McCormack wrote: >>> >>>>I've used the script phtaccess, which I think used the mentioned class. >>>>Super easy to use. >>>> >>>>Josh >>>> >>>> >>>>>On Wed, 1 May 2002, Kelly Meeks wrote: >>>>> >>>>> >>>>>>>Is is possible to use php to admin a password file used by a >>>>>>>.htaccess file? >>>>>>> >>>>>> >>>>> You should check the File_Passwd class from PEAR. >>>>> >>>>> http://chora.php.net/cvs.php/php4/pear/File >>>>> >>>>>-- >>>>>Mika Tuupola http://www.appelsiini.net/~tuupola/ >>>>> >>>>> >>>> >>> >>> >>>-- >>>PHP General Mailing List (http://www.php.net/) >>>To unsubscribe, visit: http://www.php.net/unsub.php
attached mail follows:
If someone can overwrite your .htaccess there's a chance they can also view files through the same exploit (possibly). They could then get your FTP login info, and do a lot more damage than just removing password access to an area.
Mike
Serj wrote: > Im not exactly sure why that is worse, could you elaborate a little? > Josh > > On Fri, 3 May 2002, Miguel Cruz wrote: > > >>Thus leaving the FTP account's password in view of the httpd, which is >>even worse... >> >>miguel >> >>On Fri, 3 May 2002, serj wrote: >> >>>You could use fopen() to connect to the file via ftp therefore keeping >>>the .htaccess file owned by the user for increased security. >>> >>>Josh Boughner >>> >>>On Fri, 3 May 2002, Mike Eheler wrote: >>> >>> >>>>It's possible, but is it really recommended? Wouldn't the >>>>.htaccess/.htpasswd file have to be owned by the apache user, which >>>>might leave it open to being overwritten by any kind of a >>>>weak/exploitable script? >>>> >>>>Mike >>>> >>>>Josh & Valerie McCormack wrote: >>>> >>>>>I've used the script phtaccess, which I think used the mentioned class. >>>>>Super easy to use. >>>>> >>>>>Josh >>>>> >>>>> >>>>>>On Wed, 1 May 2002, Kelly Meeks wrote: >>>>>> >>>>>> >>>>>>>>Is is possible to use php to admin a password file used by a >>>>>>>>.htaccess file? >>>>>>>> >>>>>>> >>>>>> You should check the File_Passwd class from PEAR. >>>>>> >>>>>> http://chora.php.net/cvs.php/php4/pear/File >>>>>> >>>>>>-- >>>>>>Mika Tuupola http://www.appelsiini.net/~tuupola/ >>>>>> >>>>>> >>>>> >>>> >>>> >>>>-- >>>>PHP General Mailing List (http://www.php.net/) >>>>To unsubscribe, visit: http://www.php.net/unsub.php >>>> >>>> >>>> >>> >>> >> >>-- >>PHP General Mailing List (http://www.php.net/) >>To unsubscribe, visit: http://www.php.net/unsub.php >> >> >> >
attached mail follows:
Except that the file can't exist. If it does, fopen() will cause an error. You can use ftp_connect() instead...as per the MANUAL.
---John Holmes...
> -----Original Message-----
> From: serj [mailto:serjcburg.net]
> Sent: Friday, May 03, 2002 5:24 PM
> To: Mike Eheler
> Cc: php-generallists.php.net
> Subject: Re: [PHP] php/.htaccess/.htpasswd
>
> You could use fopen() to connect to the file via ftp therefore keeping
> the .htaccess file owned by the user for increased security.
>
> Josh Boughner
>
> On Fri, 3 May 2002, Mike Eheler wrote:
>
> > It's possible, but is it really recommended? Wouldn't the
> > .htaccess/.htpasswd file have to be owned by the apache user, which
> > might leave it open to being overwritten by any kind of a
> > weak/exploitable script?
> >
> > Mike
> >
> > Josh & Valerie McCormack wrote:
> > > I've used the script phtaccess, which I think used the mentioned
> class.
> > > Super easy to use.
> > >
> > > Josh
> > >
> > >> On Wed, 1 May 2002, Kelly Meeks wrote:
> > >>
> > >>>> Is is possible to use php to admin a password file used by a
> > >>>> .htaccess file?
> > >>>
> > >>>
> > >>
> > >> You should check the File_Passwd class from PEAR.
> > >>
> > >> http://chora.php.net/cvs.php/php4/pear/File
> > >>
> > >> --
> > >> Mika Tuupola http://www.appelsiini.net/~tuupola/
> > >>
> > >
> > >
> >
> >
> >
> > --
> > PHP General Mailing List (http://www.php.net/)
> > To unsubscribe, visit: http://www.php.net/unsub.php
> >
> >
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
attached mail follows:
Being that the files are owned by their respective users, I would imagine that would make it pretty difficult for the .htaccess file to be overwritten, if someone found a way to overwrite the file couldn't that person overwrite any file owned by the ftp user anyway? also I don't see how someone being able to overwrite the .htaccess file would allow them to grab the ftp password, especially if this is all transmitted over ssl. I apologize, I'm not trying to start a flame war that I'm sure I'll lose. But, I am working on a script that does exactly this and if I'm doing it wrong perhaps I should begin recoding it.
josh
On Fri, 3 May 2002, Mike Eheler wrote:
> If someone can overwrite your .htaccess there's a chance they can also > view files through the same exploit (possibly). They could then get your > FTP login info, and do a lot more damage than just removing password > access to an area. > > Mike > > Serj wrote: > > Im not exactly sure why that is worse, could you elaborate a little? > > Josh > > > > On Fri, 3 May 2002, Miguel Cruz wrote: > > > > > >>Thus leaving the FTP account's password in view of the httpd, which is > >>even worse... > >> > >>miguel > >> > >>On Fri, 3 May 2002, serj wrote: > >> > >>>You could use fopen() to connect to the file via ftp therefore keeping > >>>the .htaccess file owned by the user for increased security. > >>> > >>>Josh Boughner > >>> > >>>On Fri, 3 May 2002, Mike Eheler wrote: > >>> > >>> > >>>>It's possible, but is it really recommended? Wouldn't the > >>>>.htaccess/.htpasswd file have to be owned by the apache user, which > >>>>might leave it open to being overwritten by any kind of a > >>>>weak/exploitable script? > >>>> > >>>>Mike > >>>> > >>>>Josh & Valerie McCormack wrote: > >>>> > >>>>>I've used the script phtaccess, which I think used the mentioned class. > >>>>>Super easy to use. > >>>>> > >>>>>Josh > >>>>> > >>>>> > >>>>>>On Wed, 1 May 2002, Kelly Meeks wrote: > >>>>>> > >>>>>> > >>>>>>>>Is is possible to use php to admin a password file used by a > >>>>>>>>.htaccess file? > >>>>>>>> > >>>>>>> > >>>>>> You should check the File_Passwd class from PEAR. > >>>>>> > >>>>>> http://chora.php.net/cvs.php/php4/pear/File > >>>>>> > >>>>>>-- > >>>>>>Mika Tuupola http://www.appelsiini.net/~tuupola/ > >>>>>> > >>>>>> > >>>>> > >>>> > >>>> > >>>>-- > >>>>PHP General Mailing List (http://www.php.net/) > >>>>To unsubscribe, visit: http://www.php.net/unsub.php > >>>> > >>>> > >>>> > >>> > >>> > >> > >>-- > >>PHP General Mailing List (http://www.php.net/) > >>To unsubscribe, visit: http://www.php.net/unsub.php > >> > >> > >> > > > > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > >
attached mail follows:<