NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > PHP Discussion Digest> 2002-07

From: php-general-digest-helplists.php.net
Date: Fri Jul 05 2002 - 23:57:15 CDT

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

php-general Digest 6 Jul 2002 04:57:15 -0000 Issue 1447

Topics (messages 105685 through 105804):

Re: to remove html tags from a string.
105685 by: Philip Olson

Re: function for size of array
105686 by: Philip Olson
105697 by: Kondwani Spike Mkandawire

Re: localhost - passing variables
        105687 by: Martin Clifford
        105690 by: Philip Olson
        105714 by: Miguel Cruz
        105726 by: Lazor, Ed
        105766 by: Alberto Serra

Re: $_COOKIE
105688 by: Philip Olson
105689 by: Scott Fletcher

Session not expiring
        105691 by: Peter Atkins
        105694 by: Lazor, Ed
        105701 by: Lazor, Ed

Re: ./configure with register_globals turned on?
        105692 by: Scott Fletcher
        105698 by: Rasmus Lerdorf
        105699 by: Andre Dubuc
        105705 by: Scott Fletcher
        105706 by: Rasmus Lerdorf
        105769 by: Alberto Serra

How Do Y'all Secure your Sites... (Cookies vs. IP Number)...
        105693 by: Kondwani Spike Mkandawire
        105696 by: Lazor, Ed
        105710 by: Miguel Cruz
        105711 by: Scott Fletcher
        105713 by: Miguel Cruz
        105715 by: Scott Fletcher

Scheduling tasks
        105695 by: Frank S. Kicenko
        105700 by: Lazor, Ed
        105708 by: Miguel Cruz

I'm sorry, Test
105702 by: Skyhawk

Configuring the Session Function in php.ini for WinNT...
        105703 by: Kondwani Spike Mkandawire
        105704 by: Lazor, Ed
        105707 by: colin mcdonald

Re: HTTPS vs. HTTP ?
        105709 by: Jerome Houston
        105712 by: Miguel Cruz
        105718 by: Jerome Houston
        105728 by: Lazor, Ed
        105735 by: Scott Fletcher
        105739 by: Lazor, Ed
        105741 by: Scott Fletcher
        105743 by: Lazor, Ed
        105752 by: Chris Shiflett
        105765 by: Alberto Serra
        105767 by: Alberto Serra
        105772 by: Jonathan Rosenberg
        105773 by: Miguel Cruz
        105778 by: Miguel Cruz
        105780 by: Alberto Serra
        105781 by: Miguel Cruz

Re: Handling of constants in strings
105716 by: Miguel Cruz

Re: gc_probability: requests tallied per server or domain?
105717 by: Miguel Cruz

Stored Procedures
        105719 by: David Busby
        105720 by: Lazor, Ed
        105721 by: B i g D o g
        105722 by: Mark McCulligh
        105724 by: B i g D o g
        105725 by: Lazor, Ed
        105727 by: Mark McCulligh
        105768 by: Alberto Serra

Final notice about $_SESSION.
105723 by: Scott Fletcher

Re: Stored Procedures + Answer
105729 by: David Busby
105731 by: B i g D o g

Re: Uninitialized string offset
105730 by: Uri Even-Chen

$GLOBALS ???
        105732 by: Scott Fletcher
        105733 by: Lazor, Ed
        105736 by: Scott Fletcher
        105738 by: Scott Fletcher
        105740 by: Lazor, Ed
        105748 by: Lazor, Ed

Survey: MySQL vs PostgreSQL for PHP
        105734 by: Lazor, Ed
        105737 by: B i g D o g
        105742 by: Scott Fletcher
        105744 by: Lazor, Ed
        105745 by: Ray Hunter
        105747 by: João Paulo Vasconcellos
        105749 by: Glenn Sieb
        105751 by: Scott Fletcher
        105754 by: Ilia A.
        105756 by: Pete James
        105763 by: Alberto Serra

suppressing errors with ""
        105746 by: Uri Even-Chen
        105750 by: Scott Fletcher
        105787 by: Miguel Cruz

[OFF] Expiration Page
105753 by: Skyhawk
105760 by: val petruchek

strtr with array of transforms - how many passes thru string?
105755 by: Steve Magruder, D2 Director

total (slightly OT)
        105757 by: kim.jumac.com
        105759 by: Pete James
        105762 by: Alberto Serra

installing php-4.2.1 fails in make
105758 by: Chip Wiegand

Re: Is there an easy way to divid up HTTP_USER_AGENT?
105761 by: JJ Harrison

Re: PHP for AIX.5.1
105764 by: Alberto Serra

Re: i don't recive mail
105770 by: Rodolfo Contreras T.

don't want to receive but email please
105771 by: Rodolfo Contreras T.

upload file size
        105774 by: Norman Zhang
        105775 by: val petruchek
        105792 by: Jason Wong

autoresponder
105776 by: val petruchek

I am probably dumb but why isn't this inserting stuff into my DB?
        105777 by: JJ Harrison
        105779 by: Alberto Serra
        105788 by: Jason Wong
        105789 by: JJ Harrison
        105790 by: Jason Wong
        105791 by: Miguel Cruz
        105793 by: JJ Harrison
        105794 by: Julie Meloni

Re: Configuration problems concerning sessions.
105782 by: Richard Lynch
105796 by: Mannequin*

Re: opening pdf file in new window with a POST operation
105783 by: Richard Lynch
105784 by: Richard Lynch

help with eval problems...
105785 by: Kelly Meeks
105786 by: Miguel Cruz

Cannot enable extensions. Why?
        105795 by: George Hester
        105797 by: Julie Meloni
        105800 by: Julie Meloni
        105801 by: Julie Meloni
        105803 by: Alberto Serra
        105804 by: Miguel Cruz

I would like to ask about Photo Upload in mysql and reteive problem .
105798 by: Jimmy Lam
105802 by: Alberto Serra

Re: [PHP-GTK] Cannot enable extensions. Why?
105799 by: Steph

Administrivia:

To subscribe to the digest, e-mail:
php-general-digest-subscribelists.php.net

To unsubscribe from the digest, e-mail:
php-general-digest-unsubscribelists.php.net

To post to the list, e-mail:
php-generallists.php.net

----------------------------------------------------------------------

attached mail follows:

See http://www.php.net/strip_tags

On Fri, 5 Jul 2002, Anil Garg wrote:

> Hi,
> How to do whats written in the commented line(//) in the code below:
>
> <?php
> $term = ".<B>test</b>";
> if(stristr($term,"<") && stristr($term,">") && !stristr($term,"<br>") &&
> !stristr($term,"<p>") ){
> printf("its html tag");
> // here i want to remove the html tags from $term and then print
> it.(here it should print '.test')
> }
> else{
> printf("not a html tag.");
> }
> ?>
> Thanx and regards
> anil
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>

attached mail follows:

It's a term with many different meanings. See:

http://wombat.doc.ic.ac.uk/foldoc/foldoc.cgi?RTFM

On Fri, 5 Jul 2002, Scott Fletcher wrote:

> What is RTFM??
>
> "Jason Wong" <php-generalgremlins.com.hk> wrote in message
> news:200207052258.19337.php-generalgremlins.com.hk...
> > On Friday 05 July 2002 22:20, Scott Fletcher wrote:
> > > Ah! Thanks! By the way, it's "count()" with a "n". :-)
> >
> > That was to trick you into RTFM! Hey you were lucky that the 'o' wasn't
> left
> > out instead :)
> >
> > --
> > Jason Wong -> Gremlins Associates -> www.gremlins.com.hk
> > Open Source Software Systems Integrators
> > * Web Design & Hosting * Internet & Intranet Applications Development *
> >
> > /*
> > The shortest distance between two points is under construction.
> > -- Noelie Alito
> > */
> >
>
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>

attached mail follows:

Neat!...
"Philip Olson" <philipcornado.com> wrote in message
news:Pine.BSF.4.10.10207051644510.68593-100000localhost...
>
> It's a term with many different meanings. See:
>
> http://wombat.doc.ic.ac.uk/foldoc/foldoc.cgi?RTFM
>
>
> On Fri, 5 Jul 2002, Scott Fletcher wrote:
>
> > What is RTFM??
> >
> > "Jason Wong" <php-generalgremlins.com.hk> wrote in message
> > news:200207052258.19337.php-generalgremlins.com.hk...
> > > On Friday 05 July 2002 22:20, Scott Fletcher wrote:
> > > > Ah! Thanks! By the way, it's "count()" with a "n". :-)
> > >
> > > That was to trick you into RTFM! Hey you were lucky that the 'o'
wasn't
> > left
> > > out instead :)
> > >
> > > --
> > > Jason Wong -> Gremlins Associates -> www.gremlins.com.hk
> > > Open Source Software Systems Integrators
> > > * Web Design & Hosting * Internet & Intranet Applications Development
*
> > >
> > > /*
> > > The shortest distance between two points is under construction.
> > > -- Noelie Alito
> > > */
> > >
> >
> >
> >
> > --
> > PHP General Mailing List (http://www.php.net/)
> > To unsubscribe, visit: http://www.php.net/unsub.php
> >
>

attached mail follows:

If you're using one of the more recent releases of PHP4+, then register_globals is set to OFF by default in your php.ini file. Change this to ON or use $_GET['variable']/$_POST['variable'] to access the values.

Martin

>>> "Tony Tzankoff" <tzankofftzankoff.com> 07/05/02 12:43PM >>>
Is it possible to pass variables in PHP on the localhost server? Is there
some kind of setting or something that I need? I am new to this and am not
sure how to go about this. When I upload to a server, the script I have
works just fine; but when I work on it locally, it does not work. Please
help while I am still technically sane. Thanks. :oP

Tony Tzankoff
http://www.tzankoff.com
========================================

-- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php

attached mail follows:

A guess:

Your local server has different settings then the remote server. Specifically, the register_globals directive.

For example, take this url:

http://www.example.com/foo.php?id=3

If register_globals = off you can get this by:

// These methods work as of PHP 4.1.0 print $_GET['id']; print $_REQUEST['id']; import_request_variables('gpc', 'r_'); print $r_id;

// This works as of PHP 3 print $HTTP_GET_VARS['id'];

If register_globals = on, an additional method exists.

// Works if register_globals = on print $id;

It's preferred to not rely on register_globals = on. In fact, this directive is deprecated and may not work one day. As of PHP 4.2.0 this defaults to off in php.ini.

Regards, Philip Olson

On Fri, 5 Jul 2002, Tony Tzankoff wrote:

> Is it possible to pass variables in PHP on the localhost server? Is there > some kind of setting or something that I need? I am new to this and am not > sure how to go about this. When I upload to a server, the script I have > works just fine; but when I work on it locally, it does not work. Please > help while I am still technically sane. Thanks. :oP > > Tony Tzankoff > http://www.tzankoff.com > ======================================== > > > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php >

attached mail follows:

On Fri, 5 Jul 2002, Tony Tzankoff wrote: > Is it possible to pass variables in PHP on the localhost server? Is there > some kind of setting or something that I need? I am new to this and am not > sure how to go about this. When I upload to a server, the script I have > works just fine; but when I work on it locally, it does not work. Please > help while I am still technically sane. Thanks. :oP

Can you explain a little better what you're trying to do and what the symptoms you're observing are?

miguel

attached mail follows:

It almost sounds as if globals is turned off.

-----Original Message----- On Fri, 5 Jul 2002, Tony Tzankoff wrote: > Is it possible to pass variables in PHP on the localhost server? Is there > some kind of setting or something that I need? I am new to this and am not > sure how to go about this. When I upload to a server, the script I have > works just fine; but when I work on it locally, it does not work. Please > help while I am still technically sane. Thanks. :oP

Can you explain a little better what you're trying to do and what the symptoms you're observing are? **************************************************************************** This message is intended for the sole use of the individual and entity to whom it is addressed, and may contain information that is privileged, confidential and exempt from disclosure under applicable law. If you are not the intended addressee, nor authorized to receive for the intended addressee, you are hereby notified that you may not use, copy, disclose or distribute to anyone the message or any information contained in the message. If you have received this message in error, please immediately advise the sender by reply email and delete the message. Thank you very much.

attached mail follows:

Tony Tzankoff wrote: > Is it possible to pass variables in PHP on the localhost server? Is there > some kind of setting or something that I need? I am new to this and am not > sure how to go about this. When I upload to a server, the script I have > works just fine; but when I work on it locally, it does not work. Please > help while I am still technically sane. Thanks. :oP > > Tony Tzankoff > http://www.tzankoff.com > ========================================

ðÒÉ×ÅÔ!

Watch your php.ini on localhost. I would bet you got register_globals off. Then look in the online manual and try to have your stuff working on localhost with that parameter off. Sooner or later your provider will upgrade, too. If you don't solve it now you'll end up having your production site blocked later.

ÐÏËÁ áÌØÂÅÒÔÏ ëÉÅ×

-- 
-_=}{=_--_=}{=_--_=}{=_--_=}{=_--_=}{=_--_=}{=_--_=}{=_-
LoRd, CaN yOu HeAr Me, LiKe I'm HeArInG yOu?
lOrD i'M sHiNiNg...
YoU kNoW I AlMoSt LoSt My MiNd, BuT nOw I'm HoMe AnD fReE
tHe TeSt, YeS iT iS
ThE tEsT, yEs It Is
tHe TeSt, YeS iT iS
ThE tEsT, yEs It Is.......

attached mail follows:

For session id, use session_id() http://www.php.net/session_id

Regards, Philip Olson

On Fri, 5 Jul 2002, Scott Fletcher wrote:

> Not a problem! I noticed the "PHPSESSID" only showed up on $_COOKIE and > nothing else. I dont' want to use the $_COOKIE, so I may either assign it > to $_SESSION or $GLOBALS. > > FletchSOD > "Alberto Serra" <albertoserragala.net> wrote in message > news:3D25B1C7.8030603gala.net... > > Scott Fletcher wrote: > > > That is what I thought so! Thanks! > > > > > > To me, the $_COOKIE seem to get data from the browser in some way. > Correct > > > me if I'm wrong. Something like a communication between cookie. > > > > > > Thanks, > > > FletchSOD > > > > ðÒÉ×ÅÔ! > > > > Yes, that's the way it works. Once you do a setcookie() on the server > > you actually issue a sort of "delayed command" for the client, if you > > pardon me the expression :) In short, when you print out your HTML you > > also tell the client to save some data in its disk (or RAM when you use > > session cookies). > > > > This data will be presented back later to you with the next URL request. > > It is NOT saved on the server, it is just a sort of automatic add-on > > that you will have on all links pointing to you until the cookie > > expires. It will be presented to those URLs you specify when building > > the cookie (usually you will want to limit their action to some > > subdirectory to avoid having back data out of context). > > > > Sounds very nice, but... But the trouble is that in doing so you issue a > > command to a machine of which you know almost nothing. Most of all, you > > don't know whether it's capable of executing your order. Or willing to, > > since users may disable cookies. > > > > Sort of blind date, but the girl may actually not show up later... 99% > > she will, but you should not count on it. > > > > ðÏËÁ > > áÌØÂÅÒÔÏ > > ëÉÅ× > > > > > > > > > > "Alberto Serra" <albertoserragala.net> wrote in message > > > news:3D25A66A.8090904gala.net... > > > > > >>Scott Fletcher wrote: > > >> > > >>>I have a question! Since the $_COOKIE is on the server side, not on > the > > >>>client side. So, will the use of hte $_COOKIE be affected when the > > >> > > > user's > > > > > >>>browser disabled the cookie? I do not know how the $_COOKIE on the > > >> > > > server > > > > > >>>side work or get the information from. > > >>> > > >>>Thanks, > > >>> FletchSOD > > >>> > > >>> > > >>> > > >> > > >>ðÒÉ×ÅÔ! > > >> > > >>Yes, that's the problem with cookies :( In case they get disabled, or > > >>just manually canceled) $_COOKIE will not contain anything at all. Which > > >>is why I don't like cookies. > > >> > > >>áÌØÂÅÒÔÏ > > >>ëÉÅ× > > >> > > >>-- > > >> > > >> > > >>-_=}{=_--_=}{=_--_=}{=_--_=}{=_--_=}{=_--_=}{=_--_=}{=_- > > >> > > >>LoRd, CaN yOu HeAr Me, LiKe I'm HeArInG yOu? > > >>lOrD i'M sHiNiNg... > > >>YoU kNoW I AlMoSt LoSt My MiNd, BuT nOw I'm HoMe AnD fReE > > >>tHe TeSt, YeS iT iS > > >>ThE tEsT, yEs It Is > > >>tHe TeSt, YeS iT iS > > >>ThE tEsT, yEs It Is....... > > >> > > > > > > > > > > > > > > > > > > > > -- > > > > > > -_=}{=_--_=}{=_--_=}{=_--_=}{=_--_=}{=_--_=}{=_--_=}{=_- > > > > LoRd, CaN yOu HeAr Me, LiKe I'm HeArInG yOu? > > lOrD i'M sHiNiNg... > > YoU kNoW I AlMoSt LoSt My MiNd, BuT nOw I'm HoMe AnD fReE > > tHe TeSt, YeS iT iS > > ThE tEsT, yEs It Is > > tHe TeSt, YeS iT iS > > ThE tEsT, yEs It Is....... > > > > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php >

attached mail follows:

On every web pages or just the 1st page for initalizing the session?

FletchSOD

"Philip Olson" <philipcornado.com> wrote in message news:Pine.BSF.4.10.10207051647410.68593-100000localhost...

For session id, use session_id()

http://www.php.net/session_id

Regards, Philip Olson

On Fri, 5 Jul 2002, Scott Fletcher wrote:

attached mail follows:

All,

My session is not expiring and I believe that I set this correctly. I'm looking for a 15 minute expiration time.

My current setting:

session.cookie_lifetime = 900 ; lifetime in seconds of cookie ; or if 0, until browser is restarted

Is this the correct why to achieve this? If so what else can it be?

Thanks, -p

attached mail follows:

It looks like you're doing it correctly. Use phpinfo() to verify the php.ini file being used. Maybe the system's using one other than what you updated.

-----Original Message----- From: Peter Atkins [mailto:peter.atkinsNXCD.com] Sent: Friday, July 05, 2002 10:39 AM To: php-generallists.php.net Subject: [PHP] Session not expiring

All,

My session is not expiring and I believe that I set this correctly. I'm looking for a 15 minute expiration time.

My current setting:

session.cookie_lifetime = 900 ; lifetime in seconds of cookie ; or if 0, until browser is restarted

Is this the correct why to achieve this? If so what else can it be?

Thanks, -p

-- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php **************************************************************************** This message is intended for the sole use of the individual and entity to whom it is addressed, and may contain information that is privileged, confidential and exempt from disclosure under applicable law. If you are not the intended addressee, nor authorized to receive for the intended addressee, you are hereby notified that you may not use, copy, disclose or distribute to anyone the message or any information contained in the message. If you have received this message in error, please immediately advise the sender by reply email and delete the message. Thank you very much.

attached mail follows:

phpinfo reports session.cookie_lifetime as 900 (15 minutes), but sessions don't expire in 15 minutes. How are you running sessions? How are you setting cookies? How are you testing to see whether the session has expired?

-----Original Message----- From: Peter Atkins [mailto:peter.atkinsNXCD.com] Sent: Friday, July 05, 2002 11:17 AM To: 'Lazor, Ed' Subject: RE: [PHP] Session not expiring

This is what I get:

Directive Local Value Master Value session.auto_start Off Off session.cache_expire 180 180 session.cache_limiter nocache nocache session.cookie_domain no value no value session.cookie_lifetime 900 900 session.cookie_path / / session.cookie_secure Off Off session.entropy_file no value no value session.entropy_length 0 0 session.gc_maxlifetime 1440 1440 session.gc_probability 1 1 session.name PHPSESSID PHPSESSID session.referer_check no value no value session.save_handler files files session.save_path /tmp /tmp session.serialize_handler php php session.use_cookies On On session.use_trans_sid 1 1

**************************************************************************** This message is intended for the sole use of the individual and entity to whom it is addressed, and may contain information that is privileged, confidential and exempt from disclosure under applicable law. If you are not the intended addressee, nor authorized to receive for the intended addressee, you are hereby notified that you may not use, copy, disclose or distribute to anyone the message or any information contained in the message. If you have received this message in error, please immediately advise the sender by reply email and delete the message. Thank you very much.

attached mail follows:

I give up! It still won't turned on! I tried stopping and restarting Apache, rebooting the machine, checked phpinfo to see the php.ini file path is, etc. At least, my boss understand. I'm going to stick to upgrading the website to go without register global.

FletchSOD "Larry Rosenman" <lerlerctr.org> wrote in message news:1025881369.401.14.camellerlaptop.lerctr.org... > On Fri, 2002-07-05 at 10:04, Scott Fletcher wrote: > > What is the configure option that will turn on the register_globals? This > > is for ./configure option in UNIX / LINUX. > It's in php.ini. Look at the phpinfo() output, and modify to include > the register_globals=ON, then restart Apache (assuming it's in an apache > module). > > > > -- > Larry Rosenman http://www.lerctr.org/~ler > Phone: +1 972-414-9812 E-Mail: lerlerctr.org > US Mail: 1905 Steamboat Springs Drive, Garland, TX 75044-6749 >

attached mail follows:

So putting the line:

register_globals = on

In your php.ini file (path to it specified in your phpinfo() output) didn't work?

Check the following:

1. Are you sure there isn't a second "register_globals = off" entry somewhere in that file?

2. Does the web server have read access to the directory and the php.ini file itself?

3. Can you change other things and see the change in your phpinfo() output?

This really does work.

-Rasmus

On Fri, 5 Jul 2002, Scott Fletcher wrote:

> I give up! It still won't turned on! I tried stopping and restarting > Apache, rebooting the machine, checked phpinfo to see the php.ini file path > is, etc. At least, my boss understand. I'm going to stick to upgrading the > website to go without register global. > > FletchSOD > "Larry Rosenman" <lerlerctr.org> wrote in message > news:1025881369.401.14.camellerlaptop.lerctr.org... > > On Fri, 2002-07-05 at 10:04, Scott Fletcher wrote: > > > What is the configure option that will turn on the register_globals? > This > > > is for ./configure option in UNIX / LINUX. > > It's in php.ini. Look at the phpinfo() output, and modify to include > > the register_globals=ON, then restart Apache (assuming it's in an apache > > module). > > > > > > > > -- > > Larry Rosenman http://www.lerctr.org/~ler > > Phone: +1 972-414-9812 E-Mail: lerlerctr.org > > US Mail: 1905 Steamboat Springs Drive, Garland, TX 75044-6749 > > > > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php >

attached mail follows:

Hi Scott,

I've come to this post a little late, but I had exactly the same problem. No matter what I set php.ini, phpinfo() would not show changes.

If I recall correctly, the problem sort of 'disappeared' by itself. I finally resolved it by rebooting immediately after setting the new php.ini (this was on Linux-Mandrake 8.2). Further, if I recall, (and this was three months ago) I think I re-installed PHP, but it made no difference. Make sure Apache is 'off' before you attempt to change php.ini. Also, in my config, there was another php.ini hidden in /etc/httpd -- do a 'locate' to see if you have multiple copies!

I had a lot quirky things happen while trying to configure PHP 4.1.1. and a few with 4.1.2. For some odd reason, after a few attempts it does work. Try again, would be my advice. It'll work sooner or later :> You might want to run a test to see if globals are really 'on' or 'off' -- I really don't trust the phpinfo() output!

Not much help, but hth Andre

On Friday 05 July 2002 01:36 pm, you wrote: > I give up! It still won't turned on! I tried stopping and restarting > Apache, rebooting the machine, checked phpinfo to see the php.ini file path > is, etc. At least, my boss understand. I'm going to stick to upgrading > the website to go without register global. > > FletchSOD > "Larry Rosenman" <lerlerctr.org> wrote in message > news:1025881369.401.14.camellerlaptop.lerctr.org... > > > On Fri, 2002-07-05 at 10:04, Scott Fletcher wrote: > > > What is the configure option that will turn on the register_globals? > > This > > > > is for ./configure option in UNIX / LINUX. > > > > It's in php.ini. Look at the phpinfo() output, and modify to include > > the register_globals=ON, then restart Apache (assuming it's in an apache > > module). > > > > > > > > -- > > Larry Rosenman http://www.lerctr.org/~ler > > Phone: +1 972-414-9812 E-Mail: lerlerctr.org > > US Mail: 1905 Steamboat Springs Drive, Garland, TX 75044-6749

attached mail follows:

I tried following all of your suggestion and so far, still the same. I tried changing other feature in the php.ini and check the phpinfo and found that they haven't changed either. So, the problem lie with the file path in finding the php.ini file. I only have one php.ini file. The other are in the php source code. Oh well, I'm going to let it go and move on! Need to finish upgrading the website and if there time, start experiementing on moving the website to Linux. I'm going to try mySQL instead of IBM DB2.

Thanks, FletSOD

"Andre Dubuc" <aajdubucwebhart.net> wrote in message news:20020705181924.1C838200D7Elocalhost.localdomain... > Hi Scott, > > I've come to this post a little late, but I had exactly the same problem. No > matter what I set php.ini, phpinfo() would not show changes. > > If I recall correctly, the problem sort of 'disappeared' by itself. I finally > resolved it by rebooting immediately after setting the new php.ini (this was > on Linux-Mandrake 8.2). Further, if I recall, (and this was three months ago) > I think I re-installed PHP, but it made no difference. Make sure Apache is > 'off' before you attempt to change php.ini. Also, in my config, there was > another php.ini hidden in /etc/httpd -- do a 'locate' to see if you have > multiple copies! > > I had a lot quirky things happen while trying to configure PHP 4.1.1. and a > few with 4.1.2. For some odd reason, after a few attempts it does work. Try > again, would be my advice. It'll work sooner or later :> You might want to > run a test to see if globals are really 'on' or 'off' -- I really don't trust > the phpinfo() output! > > Not much help, but hth > Andre > > On Friday 05 July 2002 01:36 pm, you wrote: > > I give up! It still won't turned on! I tried stopping and restarting > > Apache, rebooting the machine, checked phpinfo to see the php.ini file path > > is, etc. At least, my boss understand. I'm going to stick to upgrading > > the website to go without register global. > > > > FletchSOD > > "Larry Rosenman" <lerlerctr.org> wrote in message > > news:1025881369.401.14.camellerlaptop.lerctr.org... > > > > > On Fri, 2002-07-05 at 10:04, Scott Fletcher wrote: > > > > What is the configure option that will turn on the register_globals? > > > > This > > > > > > is for ./configure option in UNIX / LINUX. > > > > > > It's in php.ini. Look at the phpinfo() output, and modify to include > > > the register_globals=ON, then restart Apache (assuming it's in an apache > > > module). > > > > > > > > > > > > -- > > > Larry Rosenman http://www.lerctr.org/~ler > > > Phone: +1 972-414-9812 E-Mail: lerlerctr.org > > > US Mail: 1905 Steamboat Springs Drive, Garland, TX 75044-6749

attached mail follows:

And the php.ini file you are changing is the one listed in your phpinfo() output? Looks to me like your php.ini file is in the wrong place.

On Fri, 5 Jul 2002, Scott Fletcher wrote:

> I tried following all of your suggestion and so far, still the same. I > tried changing other feature in the php.ini and check the phpinfo and found > that they haven't changed either. So, the problem lie with the file path in > finding the php.ini file. I only have one php.ini file. The other are in > the php source code. Oh well, I'm going to let it go and move on! Need to > finish upgrading the website and if there time, start experiementing on > moving the website to Linux. I'm going to try mySQL instead of IBM DB2. > > Thanks, > FletSOD > > "Andre Dubuc" <aajdubucwebhart.net> wrote in message > news:20020705181924.1C838200D7Elocalhost.localdomain... > > Hi Scott, > > > > I've come to this post a little late, but I had exactly the same problem. > No > > matter what I set php.ini, phpinfo() would not show changes. > > > > If I recall correctly, the problem sort of 'disappeared' by itself. I > finally > > resolved it by rebooting immediately after setting the new php.ini (this > was > > on Linux-Mandrake 8.2). Further, if I recall, (and this was three months > ago) > > I think I re-installed PHP, but it made no difference. Make sure Apache is > > 'off' before you attempt to change php.ini. Also, in my config, there was > > another php.ini hidden in /etc/httpd -- do a 'locate' to see if you have > > multiple copies! > > > > I had a lot quirky things happen while trying to configure PHP 4.1.1. and > a > > few with 4.1.2. For some odd reason, after a few attempts it does work. > Try > > again, would be my advice. It'll work sooner or later :> You might want to > > run a test to see if globals are really 'on' or 'off' -- I really don't > trust > > the phpinfo() output! > > > > Not much help, but hth > > Andre > > > > On Friday 05 July 2002 01:36 pm, you wrote: > > > I give up! It still won't turned on! I tried stopping and restarting > > > Apache, rebooting the machine, checked phpinfo to see the php.ini file > path > > > is, etc. At least, my boss understand. I'm going to stick to upgrading > > > the website to go without register global. > > > > > > FletchSOD > > > "Larry Rosenman" <lerlerctr.org> wrote in message > > > news:1025881369.401.14.camellerlaptop.lerctr.org... > > > > > > > On Fri, 2002-07-05 at 10:04, Scott Fletcher wrote: > > > > > What is the configure option that will turn on the register_globals? > > > > > > This > > > > > > > > is for ./configure option in UNIX / LINUX. > > > > > > > > It's in php.ini. Look at the phpinfo() output, and modify to include > > > > the register_globals=ON, then restart Apache (assuming it's in an > apache > > > > module). > > > > > > > > > > > > > > > > -- > > > > Larry Rosenman http://www.lerctr.org/~ler > > > > Phone: +1 972-414-9812 E-Mail: lerlerctr.org > > > > US Mail: 1905 Steamboat Springs Drive, Garland, TX 75044-6749 > > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php >

attached mail follows:

Scott Fletcher wrote: > I tried following all of your suggestion and so far, still the same. I > tried changing other feature in the php.ini and check the phpinfo and found > that they haven't changed either. So, the problem lie with the file path in > finding the php.ini file. I only have one php.ini file. The other are in > the php source code. Oh well, I'm going to let it go and move on! Need to > finish upgrading the website and if there time, start experiementing on > moving the website to Linux. I'm going to try mySQL instead of IBM DB2.

ðÒÉ×ÅÔ!

The problem is the same on old AIX (as far as I can remember). Distributions install Apache as httpd and NOT as /usr/local/apache. So you end up having multiple configuration files for everything.

Instead of upgrading, try eliminating the old installations first, then install as fresh from the tarball. Works for me. Remember checking httpd.conf and php.ini. Just a plain find / will make sure that you have no "ghosts" left around.

ÐÏËÁ áÌØÂÅÒÔÏ ëÉÅ×

-- 
-_=}{=_--_=}{=_--_=}{=_--_=}{=_--_=}{=_--_=}{=_--_=}{=_-
LoRd, CaN yOu HeAr Me, LiKe I'm HeArInG yOu?
lOrD i'M sHiNiNg...
YoU kNoW I AlMoSt LoSt My MiNd, BuT nOw I'm HoMe AnD fReE
tHe TeSt, YeS iT iS
ThE tEsT, yEs It Is
tHe TeSt, YeS iT iS
ThE tEsT, yEs It Is.......

attached mail follows:

Quick Question on Cookies vs. IP Number:

They appear to be easy to set (well at least in PHP), hence quite easily to get around (The user of your Site simply deletes the Cookie on his Hard Drive...) In Konqueror you are actually given the option of rejecting cookies... Using getenv($REMOTE_ADDR) to retrieve someones IP number isn't too reliable either in the case that someone is using Dial Up... I just want to get ideas from other PHP Coders as to how they secure their Sites and actually keep an accurate record as to who and how many people visit your sites.. coz even a combination of Cookies and IP would be easily by-passed...

Some Ideas if you may folks...

Spike...

attached mail follows:

I've typically seen the use of a login / cookie in tracking users and providing security.

-----Original Message----- Quick Question on Cookies vs. IP Number:

Some Ideas if you may folks... **************************************************************************** This message is intended for the sole use of the individual and entity to whom it is addressed, and may contain information that is privileged, confidential and exempt from disclosure under applicable law. If you are not the intended addressee, nor authorized to receive for the intended addressee, you are hereby notified that you may not use, copy, disclose or distribute to anyone the message or any information contained in the message. If you have received this message in error, please immediately advise the sender by reply email and delete the message. Thank you very much.

attached mail follows:

On Fri, 5 Jul 2002, Kondwani Spike Mkandawire wrote: > Quick Question on Cookies vs. IP Number: > > They appear to be easy to set (well at least in PHP), hence quite > easily to get around (The user of your Site simply deletes the > Cookie on his Hard Drive...) In Konqueror you are actually > given the option of rejecting cookies... Using > getenv($REMOTE_ADDR) to retrieve someones IP number > isn't too reliable either in the case that someone is using > Dial Up... I just want to get ideas from other PHP Coders as > to how they secure their Sites and actually keep an accurate > record as to who and how many people visit your sites.. > coz even a combination of Cookies and IP would be easily > by-passed...

IP numbers are pretty useless for this. A given user's IP address can change during a session, and multiple users can share IP addresses.

I'm not sure what your concerns about cookies are wrt security; they can be part of a pretty tight system. Perhaps you could elaborate. For people who don't accept session cookies, you'll have to pass a token around in the URL or in a hidden form item.

miguel

attached mail follows:

Well! The credit bureau website I maintain. We don't use cookie because it doesn't help when the user had it turned off. We do compile OpenSSL and Libmcrypt with PHP, so we can check to see if the web browser is 128 bits and not below that. The PHP code for that is "$_SERVER['SSL_CIPHER_USEKEYSIZE']". We also use the "$_SERVER['REMOTE_ADDR'] to allow only the credit bureau employee to log in to the administration website that is if the employee's machine is at the credit bureau place. This help with some security but not a full security because people outside of the credit bureau can easily change the IP address on his/her machine or is in a local network behind the the firewall with make up IP addreses since it won't be used in the internet or real network. We also use Session ID to keep track of hte user, so that the user can be logged of if idle for like 15 minutes and we also use it to prevent the direct access attempt without logging in. Etc. Hope this idea can be of a help.

FletchSOD "Ed Lazor" <ELazorprovidence.org> wrote in message news:C8891DEC2698D411A91B00508BF9898806E11898phsormsg04.phsor.org... > I've typically seen the use of a login / cookie in tracking users and > providing security. > > -----Original Message----- > Quick Question on Cookies vs. IP Number: > > They appear to be easy to set (well at least in PHP), hence quite > easily to get around (The user of your Site simply deletes the > Cookie on his Hard Drive...) In Konqueror you are actually > given the option of rejecting cookies... Using > getenv($REMOTE_ADDR) to retrieve someones IP number > isn't too reliable either in the case that someone is using > Dial Up... I just want to get ideas from other PHP Coders as > to how they secure their Sites and actually keep an accurate > record as to who and how many people visit your sites.. > coz even a combination of Cookies and IP would be easily > by-passed... > > Some Ideas if you may folks... > > **************************************************************************** > This message is intended for the sole use of the individual and entity to > whom it is addressed, and may contain information that is privileged, > confidential and exempt from disclosure under applicable law. If you are > not the intended addressee, nor authorized to receive for the intended > addressee, you are hereby notified that you may not use, copy, disclose or > distribute to anyone the message or any information contained in the > message. If you have received this message in error, please immediately > advise the sender by reply email and delete the message. Thank you very > much.

attached mail follows:

On Fri, 5 Jul 2002, Scott Fletcher wrote: > We also use the "$_SERVER['REMOTE_ADDR'] to allow only the credit bureau > employee to log in to the administration website that is if the > employee's machine is at the credit bureau place. This help with some > security but not a full security because people outside of the credit > bureau can easily change the IP address on his/her machine or is in a > local network behind the the firewall with make up IP addreses since it > won't be used in the internet or real network.

People outside cannot change their IP addresses to those used by machines behind your firewall (unless they are in your building and your firewall is horribly misconfigured). Well, they can change them but it serves little purpose. Return traffic would not be routed to them.

The best they can do is spoof those addresses, but that's a one-way street: If you pass a token, they won't receive it, so you can easily ignore them.

On the other hand, the IP address issue doesn't really add any security here; it's the token.

miguel

attached mail follows:

Well, the website use both port 80 and port 443. The public access the website freely, so blocking them is not an option beside they don't know the true IP address behind the firewall for them to access the administration website. We don't have Intranet for the administration website to be used.

"Miguel Cruz" <mncstoic.net> wrote in message news:Pine.LNX.4.44.0207051344130.544-100000stoic.net... > On Fri, 5 Jul 2002, Scott Fletcher wrote: > > We also use the "$_SERVER['REMOTE_ADDR'] to allow only the credit bureau > > employee to log in to the administration website that is if the > > employee's machine is at the credit bureau place. This help with some > > security but not a full security because people outside of the credit > > bureau can easily change the IP address on his/her machine or is in a > > local network behind the the firewall with make up IP addreses since it > > won't be used in the internet or real network. > > People outside cannot change their IP addresses to those used by machines > behind your firewall (unless they are in your building and your firewall > is horribly misconfigured). Well, they can change them but it serves > little purpose. Return traffic would not be routed to them. > > The best they can do is spoof those addresses, but that's a one-way > street: If you pass a token, they won't receive it, so you can easily > ignore them. > > On the other hand, the IP address issue doesn't really add any security > here; it's the token. > > miguel >

attached mail follows:

Hi, I couldn't find anything in the help files or the faq... but.

Are there any scheduling fuctions with PHP? What I'm looking for is something functionally close to a crontab.

Thanks

attached mail follows:

From what I've seen, people use crontab do call php scripts - effectively scheduling functions.

-----Original Message----- From: Frank S. Kicenko [mailto:frank.kicenkoamjack.ca] Sent: Friday, July 05, 2002 10:58 AM To: php-generallists.php.net Subject: [PHP] Scheduling tasks

Hi, I couldn't find anything in the help files or the faq... but.

Are there any scheduling fuctions with PHP? What I'm looking for is something functionally close to a crontab.

Thanks

attached mail follows:

On Fri, 5 Jul 2002, Frank S. Kicenko wrote: > I couldn't find anything in the help files or the faq... but. > > Are there any scheduling fuctions with PHP? What I'm looking for is > something functionally close to a crontab.

Crontab would work.

Or you could make a library that you include in often-requested files which checks and updates a task list to take care of anything that needs to be done. You may not get perfect Swiss-train timing but if your site has decent levels of traffic it should work.

miguel

attached mail follows:

Test __________________________________________________________________ Skyhawk ICQ#: 46195280 Current ICQ status: + More ways to contact me __________________________________________________________________

attached mail follows:

Does anyone know how to configure the session function in the php.ini File under WinNT... The Session Function appears to be generic to UNIX... What do I change the save_path variable to...

session.save_path = ?????

attached mail follows:

Any temp directory set aside for this purpose. You can create one "c:\temp" or "c:\temp\sessions"

-----Original Message----- From: Kondwani Spike Mkandawire [mailto:kondwanics.mun.ca] Sent: Friday, July 05, 2002 11:18 AM To: php-generallists.php.net Subject: [PHP] Configuring the Session Function in php.ini for WinNT...

Does anyone know how to configure the session function in the php.ini File under WinNT... The Session Function appears to be generic to UNIX... What do I change the save_path variable to...

session.save_path = ?????

attached mail follows:

I set it to:

session.save_path = c:\temp\

And it works great for me

Kondwani Spike Mkandawire wrote: > Does anyone know how to configure the session function in > the php.ini File under WinNT... The Session Function appears > to be generic to UNIX... What do I change the save_path > variable to... > > session.save_path = ????? > > >

attached mail follows:

If I could elaborate on colin's explanation.... Mainly so that there is a fairly recent one of these in the archives (not that anybody searches them :-)

Like miguel said encryption in an HTTP request/response pair is determined by your browser.

if the browser is making a request, and it sees an https:// at the beginning of the request URL, it will : 1. get the domain's public key from a public key server 2. encrypt the whole request with the domain's public key 3. submit it to the web server.

If the web server sees that this is an encrypted request, it will : 1. decrypt the request with it's private key 2. process it and generate a response (usually in the form of html) 3. encrypt the response with it's private key 4. send it back to the browser

When the browser gets the response, it: 1. decrypts it with the public key 2. displays the html to the client user 3. ***shows a lock icon at the bottom of the browser

Now, one of the things that many people are confused about is that they think there must be a lock icon at the bottom of the browser when they are entering sensitive info (like credit card numbers). Nope. The only important thing is that the form which takes the sensitive data SUBMITS to an https:// URL. Because (as above) it will encrypt the request (which includes the sensitive data) BEFORE it submits it over the internet. But most people don't know how to check that a form submits to an to an https:// URL. So, the standard practice is to have the page containing the form which takes the sensitive data ALSO be an https:// URL, so that the lock icon is already there when the client user is entering that oh-so-prized sensitive data, even though there's nothing really to protect in that HTTP request/response pair.

PHP is, in a way, completely separate from the HTTP/HTTPS layer. When PHP is started up by the web server, regardless of the encryption (or lack thereof) of the original request, PHP gets the non-encrypted (or already decrypted) request. When it sends its response output to the webserver to be sent to the client, it sends that output unencrypted. It's completely up to the web server to either encrypt the response, then send it out, or to just send it with no modification.

I hope that helps your understanding of what's going on with all this HTTP/HTTPS stuff. I also hope that i've been clear about it. It's kind of easy to get lost in terms.

Jerome

_________________________________________________________________ MSN Photos is the easiest way to share and print your photos: http://photos.msn.com/support/worldwide.aspx

attached mail follows:

On Fri, 5 Jul 2002, Jerome Houston wrote: > if the browser is making a request, and it sees an https:// at the beginning > of the request URL, it will : > 1. get the domain's public key from a public key server > 2. encrypt the whole request with the domain's public key > 3. submit it to the web server.

We have public key servers?

Around these parts the client and server use a self-contained process to handle the key exchange. The server's key has been signed by a certificate authority (Verisign, etc.) whose public key is already stored in the browser... or not, in which case the client alerts the user and generally continues nevertheless.

> If the web server sees that this is an encrypted request, it will : > 1. decrypt the request with it's private key > 2. process it and generate a response (usually in the form of html) > 3. encrypt the response with it's private key > 4. send it back to the browser

Sort of. The server's key is used to encrypt the exchange of a new key which lasts only for the lifetime of the transaction. This ephemeral key is what's used to encrypt the actual data. But this nuance is probably not very important to understanding the practical issues of working with PHP and HTTPs.

> Now, one of the things that many people are confused about is that they > think there must be a lock icon at the bottom of the browser when they > are entering sensitive info (like credit card numbers). Nope. The only > important thing is that the form which takes the sensitive data SUBMITS > to an https:// URL. Because (as above) it will encrypt the request > (which includes the sensitive data) BEFORE it submits it over the > internet. But most people don't know how to check that a form submits > to an to an https:// URL.

Yup. You'd think that the browser developers would come up with a way to indicate this (mouse pointer turning to a lock when hovering over a submit button, etc.).

miguel

attached mail follows:

Ah, miguel.... good to have you back. I missed your lovingly superior painstaking attention to detail :-)

jerome

>From: Miguel Cruz <mncstoic.net> > > if the browser is making a request, and it sees an https:// at the >beginning > > of the request URL, it will : > > 1. get the domain's public key from a public key server > > 2. encrypt the whole request with the domain's public key > > 3. submit it to the web server. > >We have public key servers? > >Around these parts the client and server use a self-contained process to >handle the key exchange. The server's key has been signed by a certificate >authority (Verisign, etc.) whose public key is already stored in the >browser... or not, in which case the client alerts the user and generally >continues nevertheless. > > > If the web server sees that this is an encrypted request, it will : > > 1. decrypt the request with it's private key > > 2. process it and generate a response (usually in the form of html) > > 3. encrypt the response with it's private key > > 4. send it back to the browser > >Sort of. The server's key is used to encrypt the exchange of a new key >which lasts only for the lifetime of the transaction. This ephemeral key >is what's used to encrypt the actual data. But this nuance is probably not >very important to understanding the practical issues of working with PHP >and HTTPs. > > > Now, one of the things that many people are confused about is that they > > think there must be a lock icon at the bottom of the browser when they > > are entering sensitive info (like credit card numbers). Nope. The only > > important thing is that the form which takes the sensitive data SUBMITS > > to an https:// URL. Because (as above) it will encrypt the request > > (which includes the sensitive data) BEFORE it submits it over the > > internet. But most people don't know how to check that a form submits > > to an to an https:// URL. > >Yup. You'd think that the browser developers would come up with a way to >indicate this (mouse pointer turning to a lock when hovering over a submit >button, etc.). > >miguel > > >-- >PHP General Mailing List (http://www.php.net/) >To unsubscribe, visit: http://www.php.net/unsub.php

_________________________________________________________________ Join the world’s largest e-mail service with MSN Hotmail. http://www.hotmail.com

attached mail follows:

I saw that Microsoft has a Certificate Authority server package that allows you to create your own key. Is there a way to do this in linux? In this particular instance, it's me accessing my own web site. I'd like to encrypt the session and I'm don't need someone to confirm anything.

-----Original Message----- Around these parts the client and server use a self-contained process to handle the key exchange. The server's key has been signed by a certificate authority (Verisign, etc.) **************************************************************************** This message is intended for the sole use of the individual and entity to whom it is addressed, and may contain information that is privileged, confidential and exempt from disclosure under applicable law. If you are not the intended addressee, nor authorized to receive for the intended addressee, you are hereby notified that you may not use, copy, disclose or distribute to anyone the message or any information contained in the message. If you have received this message in error, please immediately advise the sender by reply email and delete the message. Thank you very much.

attached mail follows:

You can do this in OpenSSL on Linux. But the web browser will give a warning message stating that the certificate is not issued by the certificate authority.

For Miguel Cruz posting back there. If I understand correctly, the private key are inside the public key. Is this correct?

"Ed Lazor" <ELazorprovidence.org> wrote in message news:C8891DEC2698D411A91B00508BF9898806E118A0phsormsg04.phsor.org... > I saw that Microsoft has a Certificate Authority server package that allows > you to create your own key. Is there a way to do this in linux? In this > particular instance, it's me accessing my own web site. I'd like to encrypt > the session and I'm don't need someone to confirm anything. > > -----Original Message----- > Around these parts the client and server use a self-contained process to > handle the key exchange. The server's key has been signed by a certificate > authority (Verisign, etc.) > > **************************************************************************** > This message is intended for the sole use of the individual and entity to > whom it is addressed, and may contain information that is privileged, > confidential and exempt from disclosure under applicable law. If you are > not the intended addressee, nor authorized to receive for the intended > addressee, you are hereby notified that you may not use, copy, disclose or > distribute to anyone the message or any information contained in the > message. If you have received this message in error, please immediately > advise the sender by reply email and delete the message. Thank you very > much.

attached mail follows:

I can always click passed the warning instead of paying $119 for the cert *grin*

-----Original Message----- You can do this in OpenSSL on Linux. But the web browser will give a warning message stating that the certificate is not issued by the certificate authority. **************************************************************************** This message is intended for the sole use of the individual and entity to whom it is addressed, and may contain information that is privileged, confidential and exempt from disclosure under applicable law. If you are not the intended addressee, nor authorized to receive for the intended addressee, you are hereby notified that you may not use, copy, disclose or distribute to anyone the message or any information contained in the message. If you have received this message in error, please immediately advise the sender by reply email and delete the message. Thank you very much.

attached mail follows:

:-) Don't tell me if you're gonna use it for production!!!

"Ed Lazor" <ELazorprovidence.org> wrote in message news:C8891DEC2698D411A91B00508BF9898806E118A9phsormsg04.phsor.org... > I can always click passed the warning instead of paying $119 for the cert > *grin* > > -----Original Message----- > You can do this in OpenSSL on Linux. But the web browser will give a > warning message stating that the certificate is not issued by the > certificate authority. > > **************************************************************************** > This message is intended for the sole use of the individual and entity to > whom it is addressed, and may contain information that is privileged, > confidential and exempt from disclosure under applicable law. If you are > not the intended addressee, nor authorized to receive for the intended > addressee, you are hereby notified that you may not use, copy, disclose or > distribute to anyone the message or any information contained in the > message. If you have received this message in error, please immediately > advise the sender by reply email and delete the message. Thank you very > much.

attached mail follows:

Well... production with myself as the only client =) I want to encrypt my webmail.

-----Original Message----- :-) Don't tell me if you're gonna use it for production!!!

attached mail follows:

Lazor, Ed wrote:

>I saw that Microsoft has a Certificate Authority server package that allows >you to create your own key. Is there a way to do this in linux? In this >particular instance, it's me accessing my own web site. I'd like to encrypt >the session and I'm don't need someone to confirm anything. >

I saw you've already received a couple of responses, but here's a suggestion.

Check out Ralph Engelschall's Web site (http://www.engelschall.com/). I seem to recall him having some good documentation on creating your own CA, issuing certificates, etc. He's the creator of a great deal of the software involved. Of course, you've been able to do this under Linux for a long time. I think Microsoft finally started offering this capability in Win2k?

Also, since you are the only user, it would be worth your time to go ahead and import the root certificate of your CA into your browser and click the boxes to trust it. This will make certificates issued by you be trusted by your browser, which will save you the hassle of even having to click past the warning every session.

Happy hacking.

Chris

attached mail follows:

Lazor, Ed wrote: > I saw that Microsoft has a Certificate Authority server package that allows > you to create your own key. Is there a way to do this in linux? In this > particular instance, it's me accessing my own web site. I'd like to encrypt > the session and I'm don't need someone to confirm anything. > > -----Original Message----- > Around these parts the client and server use a self-contained process to > handle the key exchange. The server's key has been signed by a certificate > authority (Verisign, etc.) >

ðÒÉ×ÅÔ!

just install the OpenSSL server. It's part of the installation procedures. watch here:

http://www.delouw.ch/linux/Apache-Compile-HOWTO/html/index.html

ÐÏËÁ áÌØÂÅÒÔÏ ëÉÅ×

-- 
-_=}{=_--_=}{=_--_=}{=_--_=}{=_--_=}{=_--_=}{=_--_=}{=_-
LoRd, CaN yOu HeAr Me, LiKe I'm HeArInG yOu?
lOrD i'M sHiNiNg...
YoU kNoW I AlMoSt LoSt My MiNd, BuT nOw I'm HoMe AnD fReE
tHe TeSt, YeS iT iS
ThE tEsT, yEs It Is
tHe TeSt, YeS iT iS
ThE tEsT, yEs It Is.......

attached mail follows:

Miguel Cruz wrote:

> Yup. You'd think that the browser developers would come up with a way to > indicate this (mouse pointer turning to a lock when hovering over a submit > button, etc.). >

ðÒÉ×ÅÔ!

Yes, it's a GREAT idea! would make our HTTPS processing traffic much better (that is, quicker). Besides, using an HTTPS server implies (correct me if I am wrong) consuming an IP number, which is why site owner pays extra money for the service, while having the address masked withinh a form would make it possible to use addresses such as HTTPS:www.providersite/com/namevirtualsite without loosing commercial image. And saving quite a lot of IP numbers from being spent just for a matter of commercial image.

We might just start putting on our sites some sort of "lock" button defined by CSS. If many of do it, maybe the idea will pass thru.

ÐÏËÁ áÌØÂÅÒÔÏ ëÉÅ×

-- 
-_=}{=_--_=}{=_--_=}{=_--_=}{=_--_=}{=_--_=}{=_--_=}{=_-
LoRd, CaN yOu HeAr Me, LiKe I'm HeArInG yOu?
lOrD i'M sHiNiNg...
YoU kNoW I AlMoSt LoSt My MiNd, BuT nOw I'm HoMe AnD fReE
tHe TeSt, YeS iT iS
ThE tEsT, yEs It Is
tHe TeSt, YeS iT iS
ThE tEsT, yEs It Is.......

attached mail follows:

-----Original Message----- > From: Alberto Serra [mailto:albertoserragala.net] > Sent: Friday, July 05, 2002 8:54 PM > Cc: php-generallists.php.net > Subject: Re: [PHP] HTTPS vs. HTTP ?

> Besides, using an HTTPS server implies > (correct me if I am wrong) consuming an IP number, > . . .

Ok ... you're wrong. HTTPS just uses a different port, same IP address.

> ÐÏËÁ > áÌØÂÅÒÔÏ > ëÉÅ×

-- JR

attached mail follows:

On Fri, 5 Jul 2002, Lazor, Ed wrote: > I saw that Microsoft has a Certificate Authority server package that allows > you to create your own key. Is there a way to do this in linux? In this > particular instance, it's me accessing my own web site. I'd like to encrypt > the session and I'm don't need someone to confirm anything.

Sure. OpenSSL comes with all the tools you need to become your own certificate authority.

http://www.openssl.org/

miguel

attached mail follows:

On Fri, 5 Jul 2002, Scott Fletcher wrote: > For Miguel Cruz posting back there. If I understand correctly, the private > key are inside the public key. Is this correct?

I'm not completely sure I understand your question. When you visit a site using HTTPS, here's basically what happens:

1. Your browser initiates the connection and sends the server information about which key types it supports.

2. The server sends you its certificate, which is the server's public key signed with a certificate authority's private key. It also sends a response to the client's list of supported key types, so that they can find some common ground.

3. Your browser verifies the certificate using the certificate authority's public key, which was distributed with the browser.

4. Based on its capabilities (as sent in step 1) and the server's capabilities (as received in step 2), the browser generates a new key to be used for this session. It's a symmetric key, no public or private stuff. The browser sends this to the server.

5. From here on, the browser and server use a key derived from this symmetric key to encode the data they send back and forth.

It's possible you were just asking whether, as a general matter, private keys are contained within public keys. No, with public-key cryptography as I understand it, that's not the case. They are related to each other but neither contains the other.

First, you need an algorithm which is relatively easy to operate in one direction, but is next to impossible in the other direction. As a silly example, "adding 5 to the number" is a bad algorithm for this application since it's easy to reverse - just subtract 5 instead.

A pretty common algorithm involves the product of two very large prime numbers and depends on the difficulty of guessing, from the product, what those two primes were. I'll spare you the math, but for a trivial example, see if you can figure out the two factors of 31,622,417 are (hint: they're both 4-digit numbers). The problem gets substantially harder as the numbers grow.

The public and private key are derived from the product and its prime factors. Either of these keys can be combined with arbitrary data to produce encoded data that can easily be decoded with the use of the other key. However, going the other way - for instance, arriving at the private key given the public key and encoded data - is next to impossible because the algorithm is difficult to reverse. Just like it was really easy for me to multiply those two prime numbers to get 31622417 but it'll take you a much longer time to figure out what they were, even though it's not a very big number and there's only a single right answer.

miguel

attached mail follows:

ðÒÉ×ÅÔ!

yes, but in that case your Apache is running just ONE web site. Most people buy VirtualDomains which are namebased and not IP based. And they cannot share an IP number with other sites with SSL, AFAIK. Or am I misunderstanding the docs?

ÐÏËÁ áÌØÂÅÒÔÏ ëÉÅ×

Jonathan Rosenberg wrote: > -----Original Message----- > >>From: Alberto Serra [mailto:albertoserragala.net] >>Sent: Friday, July 05, 2002 8:54 PM >>Cc: php-generallists.php.net >>Subject: Re: [PHP] HTTPS vs. HTTP ? > > >>Besides, using an HTTPS server implies >>(correct me if I am wrong) consuming an IP number, >>. . . > > > Ok ... you're wrong. HTTPS just uses a different port, same IP > address. > > >>ÐÏËÁ >>áÌØÂÅÒÔÏ >>ëÉÅ× > > > -- > JR > > >

-- 
-_=}{=_--_=}{=_--_=}{=_--_=}{=_--_=}{=_--_=}{=_--_=}{=_-
LoRd, CaN yOu HeAr Me, LiKe I'm HeArInG yOu?
lOrD i'M sHiNiNg...
YoU kNoW I AlMoSt LoSt My MiNd, BuT nOw I'm HoMe AnD fReE
tHe TeSt, YeS iT iS
ThE tEsT, yEs It Is
tHe TeSt, YeS iT iS
ThE tEsT, yEs It Is.......

attached mail follows:

On Sat, 6 Jul 2002, Alberto Serra wrote: > yes, but in that case your Apache is running just ONE web site. Most > people buy VirtualDomains which are namebased and not IP based. And they > cannot share an IP number with other sites with SSL, AFAIK. Or am I > misunderstanding the docs?

You're right, one IP number per HTTPs hostname. This is because the server sends its certificate - which contains the hostname - to the browser before the browser has told the server which hostname it is trying to reach.

miguel

attached mail follows:

On Fri, 5 Jul 2002, Uwe Birkenhain wrote: > Miguel Cruz schrieb ... >> On Tue, 2 Jul 2002, Uwe Birkenhain wrote: >>> A question - since english is not my first language - what do you mean >>> with >>> >>>> It's not all that common to bury constants in strings >>> >>> Is something bad about it? >> >> I think so. It would slow parsing down to a crawl and create a host of >> ambiguities if every letter that ever appeared in a string had to be >> compared against the list of defined constants (after all, you might >> have a constant called 'a'). With normal variables, it only has to >> worry about it when there's a $ before it or {} around it, which is >> much simpler. > > you are right about that! > > But since you have to take the constant out of the string (with {} or ". .") > it shouldn't be a problem to use constants. > Correct?

Correct.

miguel

attached mail follows:

On Fri, 5 Jul 2002, Johnson, Kirk wrote: >> On Tue, 2 Jul 2002, Johnson, Kirk wrote: >>> Is the number of requests (used for garbage collection), tallied on a >>> per server basis, or on a per domain basis? >> >> Pretty fair bet it's a per-server basis. > > Thanks, miguel. That would be my guess, too. If both of us guessed the same > thing, then we must be right. Right?!? ;)

Sounds good to me. Now let's move on to lottery numbers!

miguel

attached mail follows:

List, I'm using a postgres datbase for my PHP project, how do I make stored procedures? Or if no SPs then what would be recomendation for building simple/reuseable "Put" and "Get" procedures for my data?

attached mail follows:

I have no idea of how to create postgres stored procedures, but a search on Google brought up a lot of information that you might find helpful: http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=postgre+stored+proced ure

You can also visit their web site at http://www.postgresql.org

-----Original Message----- I'm using a postgres datbase for my PHP project, how do I make stored procedures? Or if no SPs then what would be recomendation for building simple/reuseable "Put" and "Get" procedures for my data? **************************************************************************** This message is intended for the sole use of the individual and entity to whom it is addressed, and may contain information that is privileged, confidential and exempt from disclosure under applicable law. If you are not the intended addressee, nor authorized to receive for the intended addressee, you are hereby notified that you may not use, copy, disclose or distribute to anyone the message or any information contained in the message. If you have received this message in error, please immediately advise the sender by reply email and delete the message. Thank you very much.

attached mail follows:

Try http://techdocs.postgresql.org or techdoc.postgresql.org

B i g D o g

----- Original Message ----- From: "David Busby" <busbypnts.com> To: "php-general" <php-generallists.php.net> Sent: Friday, July 05, 2002 1:30 PM Subject: [PHP] Stored Procedures

> List, > I'm using a postgres datbase for my PHP project, how do I make stored > procedures? Or if no SPs then what would be recomendation for building > simple/reuseable "Put" and "Get" procedures for my data? > > /B > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php

attached mail follows:

I think postgres doesn't support store procedure / triggers. Just like MySQL doesn't.

Mark.

-- _________________________________________ Mark McCulligh, Application Developer / Analyst Sykes Canada Corporation www.SykesCanada.com mmcculli

SykesCanada.com

"David Busby" <busbypnts.com> wrote in message news:3D25F3E5.9010006pnts.com... > List, > I'm using a postgres datbase for my PHP project, how do I make stored > procedures? Or if no SPs then what would be recomendation for building > simple/reuseable "Put" and "Get" procedures for my data? > > /B >

attached mail follows:

Actually,

Postgres supports stored procedures, triggers and views to name a few where mysql does not...

B i g D o g

----- Original Message ----- From: "Mark McCulligh" <mmccullisykescanada.com> To: <php-generallists.php.net> Sent: Friday, July 05, 2002 1:45 PM Subject: [PHP] Re: Stored Procedures

> I think postgres doesn't support store procedure / triggers. Just like > MySQL doesn't. > > Mark. > > -- > _________________________________________ > Mark McCulligh, Application Developer / Analyst > Sykes Canada Corporation www.SykesCanada.com > mmcculliSykesCanada.com > > "David Busby" <busbypnts.com> wrote in message > news:3D25F3E5.9010006pnts.com... > > List, > > I'm using a postgres datbase for my PHP project, how do I make stored > > procedures? Or if no SPs then what would be recomendation for building > > simple/reuseable "Put" and "Get" procedures for my data? > > > > /B > > > > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php

attached mail follows:

MySQL does in 4.0, but that's in alpha right now.

-----Original Message----- Postgres supports stored procedures, triggers and views to name a few where mysql does not... **************************************************************************** This message is intended for the sole use of the individual and entity to whom it is addressed, and may contain information that is privileged, confidential and exempt from disclosure under applicable law. If you are not the intended addressee, nor authorized to receive for the intended addressee, you are hereby notified that you may not use, copy, disclose or distribute to anyone the message or any information contained in the message. If you have received this message in error, please immediately advise the sender by reply email and delete the message. Thank you very much.

attached mail follows:

Sorry, didn't think they did.

Does someone have an example, I have never seen one.

--
_________________________________________
Mark McCulligh, Application Developer / Analyst
Sykes Canada Corporation www.SykesCanada.com
(888)225-6824 ex. 3262
mmcculliSykesCanada.com
"B I G D O G" <bigdogventicon.com> wrote in message
news:009201c2245d$9638ab90$330c0a0adigitalglobe.com...
> Actually,
>
> Postgres supports stored procedures, triggers and views to name a few
where
> mysql does not...
>
> B i g D o g
>
>
>
> ----- Original Message -----
> From: "Mark McCulligh" <mmccullisykescanada.com>
> To: <php-generallists.php.net>
> Sent: Friday, July 05, 2002 1:45 PM
> Subject: [PHP] Re: Stored Procedures
>
>
> > I think postgres doesn't support store procedure / triggers.  Just like
> > MySQL doesn't.
> >
> > Mark.
> >
> > --
> > _________________________________________
> > Mark McCulligh, Application Developer / Analyst
> > Sykes Canada Corporation www.SykesCanada.com
> > mmcculliSykesCanada.com
> >
> > "David Busby" <busbypnts.com> wrote in message
> > news:3D25F3E5.9010006pnts.com...
> > > List,
> > > I'm using a postgres datbase for my PHP project, how do I make stored
> > > procedures?  Or if no SPs then what would be recomendation for
building
> > > simple/reuseable "Put" and "Get" procedures for my data?
> > >
> > > /B
> > >
> >
> >
> >
> > --
> > PHP General Mailing List (http://www.php.net/)
> > To unsubscribe, visit: http://www.php.net/unsub.php
>

attached mail follows:

David Busby wrote: > List, > I'm using a postgres datbase for my PHP project, how do I make > stored procedures? Or if no SPs then what would be recomendation for > building simple/reuseable "Put" and "Get" procedures for my data? > > /B > >

ðÒÉ×ÅÔ!

Stored procedures ARE much better, (I have a long Oracle background so I am a biased source :)) BUT... If you want to make sure your code is fully portable you should take some cautions. That is:

1) don't use direct dbfunctions calls: (like mysql_something or pgsql_sothing). Make an insulation layer by calling DB_something, which is a function defined in a library of your own. If you have to move to another db engine you'll just change the redirection here and your SQL code will hold. 2) don't execute SPs directly, for the very same reason. In your insulation layer declare a procedure like DB_SP, which switches on the name of the SP you are calling and then calls the db. If you'll have to move to an engine that has no stored procedures you'll be able to write PHP functions (or whatever) that will substitute your SPs without killing your legacy stuff.

ÐÏËÁ áÌØÂÅÒÔÏ ëÉÅ×

-- 
-_=}{=_--_=}{=_--_=}{=_--_=}{=_--_=}{=_--_=}{=_--_=}{=_-
LoRd, CaN yOu HeAr Me, LiKe I'm HeArInG yOu?
lOrD i'M sHiNiNg...
YoU kNoW I AlMoSt LoSt My MiNd, BuT nOw I'm HoMe AnD fReE
tHe TeSt, YeS iT iS
ThE tEsT, yEs It Is
tHe TeSt, YeS iT iS
ThE tEsT, yEs It Is.......

attached mail follows:

Ah! Go figure!!!!!! The PHP.net documentation failed to mentioned that the numeric value are not supported and never will be. Somebody better go and update that STUPID php.net documentation!!!! I have been looking around and never saw it. Also, look at bug #17122, this is where I got the message that numeric value are not supported and never will be.

FletchSOD

attached mail follows:

List, I read the documentation on postgres site (http://techdocs.postgres.sql) and then also the Google search and came up with this:

The way PostgreSQL usees stored procedures is like this: "A stored procedure is really a function" It just does more...like INSERT/UPDATE/DELETE, multiple DELETE or whatever. So to write them use a function but just call it "stored procedure" fancy...

Heres some code that I've never tested or run before:

CREATE FUNCTION putData (char, varchar, varchar) RETURNS int AS ' DECLARE x ALIAS FOR $1; y ALIAS FOR $2; z ALIAS FOR $3; BEGIN INSERT INTO tableA (colX, colY, colZ) VALUES (x, y, z); RETURN 1; END ' LANGUAGE 'plpgsql';

Good Luck

attached mail follows:

also not the use of the procedural language plpgsql. This needs to be installed in the database that you are using. If you want it for all databases that you create you can do this...

template1 => createlang plpgsql template1; This then allow all subsequently created databases to have plpgsql... B i g D o g ----- Original Message ----- From: "David Busby" <busbypnts.com> To: "php-general" <php-generallists.php.net> Sent: Friday, July 05, 2002 2:16 PM Subject: Re: [PHP] Stored Procedures + Answer

> List, > I read the documentation on postgres site (http://techdocs.postgres.sql) > and then also the Google search and came up with this: > > The way PostgreSQL usees stored procedures is like this: > "A stored procedure is really a function" > It just does more...like INSERT/UPDATE/DELETE, multiple DELETE or > whatever. So to write them use a function but just call it "stored > procedure" fancy... > > Heres some code that I've never tested or run before: > > CREATE FUNCTION putData (char, varchar, varchar) RETURNS int > AS ' > DECLARE > x ALIAS FOR $1; > y ALIAS FOR $2; > z ALIAS FOR $3; > BEGIN > INSERT INTO tableA (colX, colY, colZ) VALUES (x, y, z); > RETURN 1; > END > ' LANGUAGE 'plpgsql'; > > Good Luck > > David Busby wrote: > > List, > > I'm using a postgres datbase for my PHP project, how do I make > > stored procedures? Or if no SPs then what would be recomendation for > > building simple/reuseable "Put" and "Get" procedures for my data? > > > > /B > > > > > > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php

attached mail follows:

Hi,

Actually, the error_reporting is set to E_ALL and was set to E_ALL in the previous version, too. I found out they added the Uninitialized string offset in Version 4.1.0 (see <http://www.php.net/ChangeLog-4.php>). I just wanted to know what this error means. Anyway, I think I'll just add a "" sign to supporess warnings.

Thanks! Uri. --------------------------------------------------------

Chris Hewitt wrote: > > Uri, > > Sounds like the error reporting is set to E_ALL on the new php version > and was set at a lower level before. The error indicates that the > variable has not specfically been assigned a value before being used. > > HTH > Chris > > Uri Even-Chen wrote: > > >After upgrading to Red Hat Linux 7.3 (which also includes a new PHP > >version), I saw this warning (Uninitialized string offset) on my apache > >error log files. It refers to a line which was perfectly legal before: > > > > if > >(isset($GLOBALS['SPEEDY_GLOBAL_VARS']['CURRENT_USER']['UserName'])) > > > >I always use isset to check if a variable is defined. Do you know why I > >get this warning?

--------------------------------------------------------

attached mail follows:

Let's say .....

--clip-- Page 1 ----- $data = "Yes!";

header("Location: test1.php");

Page 2 ----- $data = $GLOBALS['data'];

echo $data;

--clip--

This one does not work! Does this ever work at all or do I need to do the "header("Location: test1.php?data=Yes!");" into the script?

attached mail follows:

Correct.... you can add the data as a URL parameter. Or, you could set a cookie and use sessions.

-----Original Message-----

Let's say .....

--clip-- Page 1 ----- $data = "Yes!";

header("Location: test1.php");

Page 2 ----- $data = $GLOBALS['data'];

echo $data;

--clip--

This one does not work! Does this ever work at all or do I need to do the "header("Location: test1.php?data=Yes!");" into the script?

attached mail follows:

Oh boy! Alright! URL it is!!!!

"Ed Lazor" <ELazorprovidence.org> wrote in message news:C8891DEC2698D411A91B00508BF9898806E118A7phsormsg04.phsor.org... > Correct.... you can add the data as a URL parameter. Or, you could set a > cookie and use sessions. > > -----Original Message----- > > Let's say ..... > > --clip-- > Page 1 ----- > $data = "Yes!"; > > header("Location: test1.php"); > > Page 2 ----- > $data = $GLOBALS['data']; > > echo $data; > > --clip-- > > This one does not work! Does this ever work at all or do I need to do the > "header("Location: test1.php?data=Yes!");" into the script? > > > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > **************************************************************************** > This message is intended for the sole use of the individual and entity to > whom it is addressed, and may contain information that is privileged, > confidential and exempt from disclosure under applicable law. If you are > not the intended addressee, nor authorized to receive for the intended > addressee, you are hereby notified that you may not use, copy, disclose or > distribute to anyone the message or any information contained in the > message. If you have received this message in error, please immediately > advise the sender by reply email and delete the message. Thank you very > much.

attached mail follows:

What about PHPSESSID??? Can't use the $_COOKIE.

Thanks, FletchSOD

attached mail follows:

I don't understand. What do you mean?

-----Original Message----- What about PHPSESSID??? Can't use the $_COOKIE. **************************************************************************** This message is intended for the sole use of the individual and entity to whom it is addressed, and may contain information that is privileged, confidential and exempt from disclosure under applicable law. If you are not the intended addressee, nor authorized to receive for the intended addressee, you are hereby notified that you may not use, copy, disclose or distribute to anyone the message or any information contained in the message. If you have received this message in error, please immediately advise the sender by reply email and delete the message. Thank you very much.

attached mail follows:

Is this true? :

Session variables are tracked whether or not a visitor's browser supports cookies. The session id is automatically appeneded to each url on the site if the user's browser doesn't support cookies.

This represents one of the major differences between setting your own cookies and using sessions.

-----Original Message----- Haven't seen this post on PHP newsgroup. What I mean by that is, let's say I use the "header("Location: test.php?SID&data=Yes!");". I now know that I would have to use the data in the URL. But for SID, this will apply but I want to know is, is there any PHP code that will do this behind the scene without needing to use the URL. $_COOKIE can do this but I can't use $_COOKIE because if the user's browser had the cookie disabled, then it wouldn't do me any good. **************************************************************************** This message is intended for the sole use of the individual and entity to whom it is addressed, and may contain information that is privileged, confidential and exempt from disclosure under applicable law. If you are not the intended addressee, nor authorized to receive for the intended addressee, you are hereby notified that you may not use, copy, disclose or distribute to anyone the message or any information contained in the message. If you have received this message in error, please immediately advise the sender by reply email and delete the message. Thank you very much.

attached mail follows:

How many here feel PostgreSQL has surpassed MySQL as the better backend for PHP? This would be based on performance (speed, scalability, etc.) and features.

-Ed

attached mail follows:

I am there with you on PostgreSQL.

B i g D o g

----- Original Message ----- From: "Lazor, Ed" <ELazorprovidence.org> To: <php-generallists.php.net> Sent: Friday, July 05, 2002 2:59 PM Subject: [PHP] Survey: MySQL vs PostgreSQL for PHP

> How many here feel PostgreSQL has surpassed MySQL as the better backend for > PHP? This would be based on performance (speed, scalability, etc.) and > features. > > -Ed > > > > > > **************************************************************************** > This message is intended for the sole use of the individual and entity to > whom it is addressed, and may contain information that is privileged, > confidential and exempt from disclosure under applicable law. If you are > not the intended addressee, nor authorized to receive for the intended > addressee, you are hereby notified that you may not use, copy, disclose or > distribute to anyone the message or any information contained in the > message. If you have received this message in error, please immediately > advise the sender by reply email and delete the message. Thank you very > much. > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php

attached mail follows:

I dunno! Never tried it! I wonder which one is easier to work with?

"B I G D O G" <bigdogventicon.com> wrote in message news:00d201c22467$8c2e4830$330c0a0adigitalglobe.com... > I am there with you on PostgreSQL. > > B i g D o g > > > > > ----- Original Message ----- > From: "Lazor, Ed" <ELazorprovidence.org> > To: <php-generallists.php.net> > Sent: Friday, July 05, 2002 2:59 PM > Subject: [PHP] Survey: MySQL vs PostgreSQL for PHP > > > > How many here feel PostgreSQL has surpassed MySQL as the better backend > for > > PHP? This would be based on performance (speed, scalability, etc.) and > > features. > > > > -Ed > > > > > > > > > > > > > **************************************************************************** > > This message is intended for the sole use of the individual and entity to > > whom it is addressed, and may contain information that is privileged, > > confidential and exempt from disclosure under applicable law. If you are > > not the intended addressee, nor authorized to receive for the intended > > addressee, you are hereby notified that you may not use, copy, disclose or > > distribute to anyone the message or any information contained in the > > message. If you have received this message in error, please immediately > > advise the sender by reply email and delete the message. Thank you very > > much. > > > > -- > > PHP General Mailing List (http://www.php.net/) > > To unsubscribe, visit: http://www.php.net/unsub.php >

attached mail follows:

I've always used MySQL, I don't know either. I suspect they are equal in ease of use.

-----Original Message----- I dunno! Never tried it! I wonder which one is easier to work with? **************************************************************************** This message is intended for the sole use of the individual and entity to whom it is addressed, and may contain information that is privileged, confidential and exempt from disclosure under applicable law. If you are not the intended addressee, nor authorized to receive for the intended addressee, you are hereby notified that you may not use, copy, disclose or distribute to anyone the message or any information contained in the message. If you have received this message in error, please immediately advise the sender by reply email and delete the message. Thank you very much.

attached mail follows:

I wrote a small article for builder.com discussing "MySQL vs PostgreSQL". There is a great dicussion happening on that article. Many are voicing their opinions for mysql.

Here is the url: http://builder.com.com/article.jhtml?id=u00320020624gcn01.htm

In short PostgreSQL offers many advanced features like triggers and views.

Check it out and see what you think...

B i g D o g

----- Original Message ----- From: "Lazor, Ed" <ELazorprovidence.org> To: "'Scott Fletcher'" <scottabcoa.com>; <php-generallists.php.net> Sent: Friday, July 05, 2002 3:07 PM Subject: RE: [PHP] Survey: MySQL vs PostgreSQL for PHP

> I've always used MySQL, I don't know either. I suspect they are equal in > ease of use. > > -----Original Message----- > I dunno! Never tried it! I wonder which one is easier to work with? > > **************************************************************************** > This message is intended for the sole use of the individual and entity to > whom it is addressed, and may contain information that is privileged, > confidential and exempt from disclosure under applicable law. If you are > not the intended addressee, nor authorized to receive for the intended > addressee, you are hereby notified that you may not use, copy, disclose or > distribute to anyone the message or any information contained in the > message. If you have received this message in error, please immediately > advise the sender by reply email and delete the message. Thank you very > much. > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php

attached mail follows:

I don't feel that. I run a web site with a big deal of traffic, and in speed and scalability, MySQL is better than PGSQL or Sybase. I know because I tryed each one of these before getting to MySQL in definitive. Sybase is WAAAAAY too slow, and Postgres has a habit of melting down from time to time. In the features field, if you need referential integrity you can use InnoDB or BDB tables in MySQL, wich supports ON DELETE CASCADE and many things more, like row-level locking, blah, blah, blah. To keep your data secure, Sybase is a better option than PGSQL, because when PGSQL melts down, you lose some records as a gift. I had not seen this behavior mainly because I did not ran PGSQL long enough to see this, and the memory requirements of Sybase are just too much to stand. I prefer MySQL above every other, even lacking SP's. Of course, my business do not require anything more than standard MyISAM offers, so PGSQL may be a better option in some cases.

On Friday 05 July 2002 17:59, Lazor, Ed wrote: > How many here feel PostgreSQL has surpassed MySQL as the better backend for > PHP? This would be based on performance (speed, scalability, etc.) and > features. > > -Ed

-- João Paulo Vasconcellos Gerente de Tecnologia - NetCard Tel. 21 3852-9008 Ramal 31 jvasconcellos

netcard.com.br

attached mail follows:

Has anyone read: PHP and PostgreSQL Advanced Web Programming by Ewald Geschwinde and Hans-Juergen Schoenig yet? I'd been waiting for this book to come out... but would like to know if it's actually worth the $ first.

Back to the question at hand...

Personally I like PostgreSQL for a few reasons:

Scalability Ease of use SECURITY (yeah--well what can I say.. I work for a security company LOL--but seriously, Postgres has more security that MySQL does... and more flexible...) Variety of data types (for instance a CIDR block and IP data type...) Stored procedures Cleanup built in (vacuum) Unions Full Joins Constraints

But that's just me. :)

Glenn

---
Glenn E. Sieb
System Administrator
Lumeta Corporation
+1 732 357-3514 (V)
+1 732 564-0731 (Fax)

attached mail follows:

That's a really good articles!!!

"Ray Hunter" <rhunterventicon.com> wrote in message news:00f201c22469$99c78130$330c0a0adigitalglobe.com... > I wrote a small article for builder.com discussing "MySQL vs PostgreSQL". > There is a great dicussion happening on that article. Many are voicing > their opinions for mysql. > > Here is the url: > http://builder.com.com/article.jhtml?id=u00320020624gcn01.htm > > In short PostgreSQL offers many advanced features like triggers and views. > > Check it out and see what you think... > > B i g D o g > > > ----- Original Message ----- > From: "Lazor, Ed" <ELazorprovidence.org> > To: "'Scott Fletcher'" <scottabcoa.com>; <php-generallists.php.net> > Sent: Friday, July 05, 2002 3:07 PM > Subject: RE: [PHP] Survey: MySQL vs PostgreSQL for PHP > > > > I've always used MySQL, I don't know either. I suspect they are equal in > > ease of use. > > > > -----Original Message----- > > I dunno! Never tried it! I wonder which one is easier to work with? > > > > > **************************************************************************** > > This message is intended for the sole use of the individual and entity to > > whom it is addressed, and may contain information that is privileged, > > confidential and exempt from disclosure under applicable law. If you are > > not the intended addressee, nor authorized to receive for the intended > > addressee, you are hereby notified that you may not use, copy, disclose or > > distribute to anyone the message or any information contained in the > > message. If you have received this message in error, please immediately > > advise the sender by reply email and delete the message. Thank you very > > much. > > > > -- > > PHP General Mailing List (http://www.php.net/) > > To unsubscribe, visit: http://www.php.net/unsub.php >

attached mail follows:

I've recently had the 'pleasure' of porting a large MySQL application to support PostgreSQL, through that experience I've gained some insight into the differences between the two as well as how they are supported by PHP.

First allow me to point out that MySQL support in PHP is a lot more mature then PostgreSQL support. This can be seen through several factors, such as larger number of functions, which do more as well as the fact that only recently (php 4.2.0) did PostgreSQL interface functions got renamed to a more standard convention that MySQL functions already used since 3.0 days. For example, while using MySQL you can easily get properties of a field by simply using the mysql_field_type() function, pg_* has nothing similar. The only alternative is to run a query on the PostgreSQL internal tables, which contain the properties of a column. The biggest annoyance I've come across is the fact that while using PostgreSQL with PHP is that when you fetch a row you must specify the number of the result, while in MySQL, that is handled internally by PHP for you. This means that your PHP scripts must track the row numbers themselves.

PostgreSQL also has a number of things that it lacks when compared to MySQL. For example, it does not support unsigned integers, which forces you to use int8 to store timestamps, which will eventually reach 4.2 billion. In case you are wondering what is the big deal, int4 or int8, besides 4 more bytes of memory, well on x86 processors, which are 32 bit, 32 bit numbers are handled faster then their 64 bit counterparts. Now a days the performance drop as the result is quite small, but in the end everything adds up. PostgreSQL also does not support ENUM type, although you can port your ENUMs to PostgreSQL by using CONSTANTS.

Now we come to the actual database speed itself. In this regard in most applications MySQL is MUCH faster probably because it has to do allot less work then PostgreSQL does. For example, lets analyze the most common action performed in a database system, a SELECT. When you do a select in MySQL, MySQL internally locks the table for the duration of the select. PostgreSQL on the other hand does a row level lock, internally, for every row you select. PostgreSQL also does not optimize count(),max() and min() queries, which in MySQL are instant regardless of the table size since they are cached internally. PostgreSQL on the other hand needs to go every single row in the table. However, I should note that PostgreSQL developers I spoke to, told me that they plan to add this kind of functionality in the next release of PostgreSQL, whenever that happens. PostgreSQL also syncs any inserted or updated to disk right away to ensure that you don't loose any data should the computer crash on the other hand MySQL keeps memory buffers and will often not sync to disk right away to avoid disk IO. PostgreSQL offers greater data security, which would be important in a shopping cart, however it looses much speed in this approach compared to MySQL's approach which is ideal for programs where fast inserts are critical, like a web counter for example.

PostgreSQL does have a number of advantages that should not be overlooked and are certainly very important. Such as views, that allow you to create 'virtual tables' who's data is a combination of a complex join, which simplifies your selects to select * from table1_table2_view; PostgreSQL supports triggers and stored procedures which can be coded in perl, python, plsql and C. These triggers and functions can clean up not to mention speed up you code by moving various database code from PHP to PostgreSQL. PostgreSQL also supports various table locking implementations, which include row level locking. The benefit of using it is what while a certain row in a table is locked other users who do not require this row can still read from a table. In MySQL once a table is locked to write, no other user can read from the very same table until the lock is released. This in particular makes PostgreSQL much more scalable then MySQL. Unlike MySQL, PostgreSQL supports transactions with rollbacks, which allow you to actually make a bunch of queries and then with a single commit apply them to the database. The cool thing is that you can actually undo bad query by canceling the transaction.

Bottom line is that both MySQL and PostgreSQL have their 'markets'. IMHO in most cases MySQL is a simpler, faster and easier solution to use. However, if you require 100% data integrity and are dealing with sensitive data and in those case probably can spend a little more or hardware PostgreSQL should be your tool of choice.

Ilia FUDforum Core Developer iliaprohost.org

On July 5, 2002 04:59 pm, Lazor, Ed wrote: > How many here feel PostgreSQL has surpassed MySQL as the better backend for > PHP? This would be based on performance (speed, scalability, etc.) and > features. > > -Ed > > > > > > *************************************************************************** >* This message is intended for the sole use of the individual and entity to > whom it is addressed, and may contain information that is privileged, > confidential and exempt from disclosure under applicable law. If you are > not the intended addressee, nor authorized to receive for the intended > addressee, you are hereby notified that you may not use, copy, disclose or > distribute to anyone the message or any information contained in the > message. If you have received this message in error, please immediately > advise the sender by reply email and delete the message. Thank you very > much.

attached mail follows:

"Ilia A." wrote: > > The biggest annoyance I've come across is > the fact that while using PostgreSQL with PHP is that when you fetch a row > you must specify the number of the result, while in MySQL, that is handled > internally by PHP for you. This means that your PHP scripts must track the > row numbers themselves.

This is not so... see pg_fetch_array. Since PHP 4.1.0, you no longer need the row number.

> Now we come to the actual database speed itself. In this regard in most > applications MySQL is MUCH faster probably because it has to do allot less > work then PostgreSQL does. For example, lets analyze the most common action > performed in a database system, a SELECT. When you do a select in MySQL, > MySQL internally locks the table for the duration of the select. PostgreSQL > on the other hand does a row level lock, internally, for every row you > select.

Is this really what you want? Doesn't this mean that PostgreSQL would be more efficient for larger user volumes? Locking an entire table isn't usually a good thing.

Pete.

attached mail follows:

ðÒÉ×ÅÔ!

That's interesting. I actually never used Postgres on production environments, so... How often does it melt? And is there a known reason or it's just a matter of *luck*?

My opinion is that Mysql is after all nothing more than an ISAM file system, which can be queried by SQL. And it's more than enough for most small sized projects.

I dunno about InnoDB and BDB, but once referential integrity is the issue I'd move straight to Oracle and avoid the hassle of debugging some new engine features myself. At least, in a production environment. Oracle will also perform much better than anything else, if properly configured and maintained. But moving to such an environment requires a full time administrator if you do not want your performance to downgrade dramatically after some time.

In a web environment usually people do not want to spend that much money, so actually most of the stable stuff will probably remain on the ISAM file systems for a while more. After all it works, right?

ÐÏËÁ áÌØÂÅÒÔÏ ëÉÅ×

Joa~o Paulo Vasconcellos wrote: > I don't feel that. I run a web site with a big deal of traffic, and in speed > and scalability, MySQL is better than PGSQL or Sybase. I know because I tryed > each one of these before getting to MySQL in definitive. Sybase is WAAAAAY > too slow, and Postgres has a habit of melting down from time to time. In the > features field, if you need referential integrity you can use InnoDB or BDB > tables in MySQL, wich supports ON DELETE CASCADE and many things more, like > row-level locking, blah, blah, blah. To keep your data secure, Sybase is a > better option than PGSQL, because when PGSQL melts down, you lose some > records as a gift. I had not seen this behavior mainly because I did not ran > PGSQL long enough to see this, and the memory requirements of Sybase are just > too much to stand. I prefer MySQL above every other, even lacking SP's. Of > course, my business do not require anything more than standard MyISAM offers, > so PGSQL may be a better option in some cases. > > > > On Friday 05 July 2002 17:59, Lazor, Ed wrote: > >>How many here feel PostgreSQL has surpassed MySQL as the better backend for >>PHP? This would be based on performance (speed, scalability, etc.) and >>features. >> >>-Ed

-- 
-_=}{=_--_=}{=_--_=}{=_--_=}{=_--_=}{=_--_=}{=_--_=}{=_-
LoRd, CaN yOu HeAr Me, LiKe I'm HeArInG yOu?
lOrD i'M sHiNiNg...
YoU kNoW I AlMoSt LoSt My MiNd, BuT nOw I'm HoMe AnD fReE
tHe TeSt, YeS iT iS
ThE tEsT, yEs It Is
tHe TeSt, YeS iT iS
ThE tEsT, yEs It Is.......

attached mail follows:

Hi,

I tried to suppress warnings in isset expressions (Uninitialized string offset warnings). The original line was something like this:

if (!(isset($GLOBALS['SPEEDY_GLOBAL_VARS']['PAGE_NAME'])))

When I added the "" sign like this:

if (!(isset($GLOBALS['SPEEDY_GLOBAL_VARS']['PAGE_NAME'])))

My program stopped working, and I got errors like:

PHP Parse error: parse error, expecting `T_VARIABLE' or `'$'' ....

Eventually, I put the "" in this place:

if (!(isset($GLOBALS['SPEEDY_GLOBAL_VARS']['PAGE_NAME'])))

Which works, but why didn't it work the other way? Is it some kind of PHP bug?

I'm using PHP Version 4.1.2

Thanks, Uri. --------------------------------------------------------

attached mail follows:

No, it's not a PHP bug. The "" can not be used before a PHP variables, or PHP pre-defined variables like $GLOBALS, $_SESSION, $_GET, $HTTP_POST_VARS, etc. The "" is used only before the PHP function as far as I know of.

FletchSOD "Uri Even-Chen" <webmasterspeedy.co.il> wrote in message news:3D260D1F.51C8AEB8speedy.co.il... > Hi, > > I tried to suppress warnings in isset expressions (Uninitialized string > offset warnings). The original line was something like this: > > if (!(isset($GLOBALS['SPEEDY_GLOBAL_VARS']['PAGE_NAME']))) > > When I added the "" sign like this: > > if (!(isset($GLOBALS['SPEEDY_GLOBAL_VARS']['PAGE_NAME']))) > > My program stopped working, and I got errors like: > > PHP Parse error: parse error, expecting `T_VARIABLE' or `'$'' .... > > Eventually, I put the "" in this place: > > if (!(isset($GLOBALS['SPEEDY_GLOBAL_VARS']['PAGE_NAME']))) > > Which works, but why didn't it work the other way? Is it some kind of > PHP bug? > > I'm using PHP Version 4.1.2 > > Thanks, > Uri. > --------------------------------------------------------

attached mail follows:

On Sat, 6 Jul 2002, Uri Even-Chen wrote: > I tried to suppress warnings in isset expressions (Uninitialized string > offset warnings). The original line was something like this: > > if (!(isset($GLOBALS['SPEEDY_GLOBAL_VARS']['PAGE_NAME']))) > > When I added the "" sign like this: > > if (!(isset($GLOBALS['SPEEDY_GLOBAL_VARS']['PAGE_NAME']))) > > My program stopped working, and I got errors like: > > PHP Parse error: parse error, expecting `T_VARIABLE' or `'$'' .... > > Eventually, I put the "" in this place: > > if (!(isset($GLOBALS['SPEEDY_GLOBAL_VARS']['PAGE_NAME']))) > > Which works, but why didn't it work the other way? Is it some kind of > PHP bug?

It does seem to be a disagreement with the manual:

http://www.php.net/manual/en/language.operators.errorcontrol.php

There it says that you can stick before a variable name.

miguel

attached mail follows:

Please, How do I make for my webpage expires before time?

Thanks

I'm sorry my english, I'm brazilian.

attached mail follows:

FROM THE MANUAL:

header("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); // Date in the past header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT"); // always modified header("Cache-Control: no-store, no-cache, must-revalidate"); // HTTP/1.1 header("Cache-Control: post-check=0, pre-check=0", false); header("Pragma: no-cache"); // HTTP/1.0

--
Sincerely, val petruchek
"Skyhawk" <tecnicodoiscliques.com> ÓÏÏÂÝÉÌ/ÓÏÏÂÝÉÌÁ × ÎÏ×ÏÓÔÑÈ ÓÌÅÄÕÀÝÅÅ:
news:20020705223403.38852.qmailpb1.pair.com...
> Please, How do I make for my webpage expires before time?
>
> Thanks
>
> I'm sorry my english, I'm brazilian.
>
>

attached mail follows:

When I pass a string to strtr($TheText, $Transform_Array), where Transform_Array contains array elements like "a" => "b", I've been wondering, how many passes through the string are performed to accomplish all the string replacing? Is it one per transform, or just one total (I hope)? If it's not just one pass, is there another way I can accomplish this same thing just going through the string in one pass?

Thanks, Steve

--
Steve (www.stevemagruder.com)

attached mail follows:

Hey everyone, Am working late as usual before the weekend and so I fear i'm a bit braindead! Anyway,heres my problem I have fields named "total" and "avg" and no idea how many records.... how do I get the total and average? Do I use a function?

I know this is pretty simple but.....

Any help appreciated, -Kim.

attached mail follows:

more specific? What fields... from a database?

kimjumac.com wrote: > > Hey everyone, > Am working late as usual before the weekend and so I fear i'm a bit braindead! > Anyway,heres my problem > I have fields named "total" and "avg" and no idea how many records.... > how do I get the total and average? > Do I use a function? > > I know this is pretty simple but..... > > Any help appreciated, > -Kim.

attached mail follows:

ðÒÉ×ÅÔ!

watch out mysql (or whatever db you have) for SUM() and AVG functions, make sure you understand what a GROUP BY clause is.

ÐÏËÁ áÌØÂÅÒÔÏ ëÉÅ×

kimjumac.com wrote: > Hey everyone, > Am working late as usual before the weekend and so I fear i'm a bit braindead! > Anyway,heres my problem > I have fields named "total" and "avg" and no idea how many records.... > how do I get the total and average? > Do I use a function? > > I know this is pretty simple but..... > > > Any help appreciated, > -Kim. >

-- 
-_=}{=_--_=}{=_--_=}{=_--_=}{=_--_=}{=_--_=}{=_--_=}{=_-
LoRd, CaN yOu HeAr Me, LiKe I'm HeArInG yOu?
lOrD i'M sHiNiNg...
YoU kNoW I AlMoSt LoSt My MiNd, BuT nOw I'm HoMe AnD fReE
tHe TeSt, YeS iT iS
ThE tEsT, yEs It Is
tHe TeSt, YeS iT iS
ThE tEsT, yEs It Is.......

attached mail follows:

I am installing from source php-4.2.1 and have apache-2.0.39 installed and working. When I ran make on php I ended with this message:

------------------------- include/mysql -I/usr/local/php-4.2.1/ext/xml/expat -D_REENTRANT -D_THREAD_SAFE -I/usr/local/php-4.2.1/TSRM -g -O2 -pthread -DZTS -prefer-pic -c php_functions.c php_functions.c:93: syntax error *** Error code 1

Stop in /usr/local/php-4.2.1/sapi/apache2filter. *** Error code 1

Stop in /usr/local/php-4.2.1/sapi. *** Error code 1

Stop in /usr/local/php-4.2.1.

----------------------- Is there some issue here between the latest versions of apache and php?

-- Chip chip

wiegand.org www.wiegand.org

attached mail follows:

After A bit of research I wrote this(File is also attached in case e-mail programs/servers interfere with formatting):

<? // Browser Detection if( eregi("(opera) ([0-9]{1,2}.[0-9]{1,3}){0,1}",$_SERVER['HTTP_USER_AGENT'],$regs) || eregi("(opera/)([0-9]{1,2}.[0-9]{1,3}){0,1}",$_SERVER['HTTP_USER_AGENT'],$re gs)){$browser = "Opera $regs[2]";} elseif( eregi("(konqueror)/([0-9]{1,2}.[0-9]{1,3})",$_SERVER['HTTP_USER_AGENT'],$reg s) ){$browser = "Konqueror $regs[2]";} elseif( eregi("(omniweb/)([0-9]{1,2}.[0-9]{1,3})",$_SERVER['HTTP_USER_AGENT'],$regs) ){$browser = "OmniWeb $regs[2]";} elseif( eregi("(webtv/)([0-9]{1,2}.[0-9]{1,3})",$_SERVER['HTTP_USER_AGENT'],$regs) ) {$browser = "WebTV $regs[2]";} elseif( eregi("(lynx)/([0-9]{1,2}.[0-9]{1,2}.[0-9]{1,2})",$_SERVER['HTTP_USER_AGENT' ],$regs) ){$browser = "Lynx $regs[2]";} elseif( eregi("(links) \(([0-9]{1,2}.[0-9]{1,3})",$_SERVER['HTTP_USER_AGENT'],$regs) ){$browser = "Links $regs[2]";} elseif( eregi("(msie) ([0-9]{1,2}.[0-9]{1,3})",$_SERVER['HTTP_USER_AGENT'],$regs) ){$browser = "MSIE $regs[2]";} elseif( eregi("(netscape6)/(6.[0-9]{1,3})",$_SERVER['HTTP_USER_AGENT'],$regs) ){$bro wser = "Netscape $regs[2]";} elseif( eregi("mozilla/5",$_SERVER['HTTP_USER_AGENT']) ){$browser = "Netscape";} elseif( eregi("(mozilla)/([0-9]{1,2}.[0-9]{1,3})",$_SERVER['HTTP_USER_AGENT'],$regs) ){$browser = "Netscape $regs[2]";} elseif( eregi("w3m",$_SERVER['HTTP_USER_AGENT']) ){$browser = "w3m";} else{$browser = "Unknown";}

// OS Detection if(eregi("linux",$_SERVER['HTTP_USER_AGENT'])){$system = "Linux";} elseif(eregi("win32",$_SERVER['HTTP_USER_AGENT'])){$system = "Windows";} elseif(eregi("Win 9x 4.90",$_SERVER['HTTP_USER_AGENT'])){$system = "Windows Me";} elseif(eregi("windows 2000",$_SERVER['HTTP_USER_AGENT']) || eregi("(windows nt)( ){0,1}(5.0)",$_SERVER['HTTP_USER_AGENT']) ){$system = "Windows 2000";} elseif(eregi("(windows nt)( ){0,1}(5.1)",$_SERVER['HTTP_USER_AGENT']) ){$system = "Windows XP";} elseif( (eregi("(win)([0-9]{2})",$_SERVER['HTTP_USER_AGENT'],$regs)) || (eregi("(windows) ([0-9]{2})",$_SERVER['HTTP_USER_AGENT'],$regs)) ){$system = "Windows $regs[2]";}

elseif(eregi("(winnt)([0-9]{1,2}.[0-9]{1,2}){0,1}",$_SERVER['HTTP_USER_AGENT '],$regs) ){$system = "Windows NT $regs[2]";} elseif(eregi("(windows nt)( ){0,1}([0-9]{1,2}.[0-9]{1,2}){0,1}",$_SERVER['HTTP_USER_AGENT'],$regs) ){$system = "Windows NT $regs[3]";} elseif(eregi("mac",$_SERVER['HTTP_USER_AGENT'])){$system = "Macintosh";} elseif(eregi("(sunos) ([0-9]{1,2}.[0-9]{1,2}){0,1}",$_SERVER['HTTP_USER_AGENT'],$regs)){$system = "SunOS $regs[2]";} elseif(eregi("(beos) r([0-9]{1,2}.[0-9]{1,2}){0,1}",$_SERVER['HTTP_USER_AGENT'],$regs)){$system = "BeOS $regs[2]";} elseif(eregi("freebsd",$_SERVER['HTTP_USER_AGENT'])){$system = "FreeBSD";} elseif(eregi("openbsd",$_SERVER['HTTP_USER_AGENT'])){$system = "OpenBSD";} elseif(eregi("irix",$_SERVER['HTTP_USER_AGENT'])){$system = "IRIX";} elseif(eregi("os/2",$_SERVER['HTTP_USER_AGENT'])){$system = "OS/2";} elseif(eregi("plan9",$_SERVER['HTTP_USER_AGENT'])){$system = "Plan9";} elseif(eregi("unix",$_SERVER['HTTP_USER_AGENT']) || eregi("hp-ux",$_SERVER['HTTP_USER_AGENT']) || eregi("X11",$_SERVER['HTTP_USER_AGENT']) ){$system = "Unix";} elseif(eregi("osf",$_SERVER['HTTP_USER_AGENT'])){$system = "OSF";} else{$system = "Unknown";}

echo "You are using $browser on a $system system"; ?>

I seems to work quite well.

--
JJ Harrison
webmastertececo.com
www.tececo.com
P.S. My proxy seems to interfere with the Weberdev site. If Boaz Yahav
<berbernetvision.net.il> or someone else wants to post this to Weberdev or
any other similar site as long as it remains free/open source etc.
"Jj Harrison" <webmastertececo.com> wrote in message
news:20020705142146.7227.qmailpb1.pair.com...
> Because!
>
> Also the audiance that will probably see the site will highly likely not
> have the knowledge or intention to change the user agent var. So my Q
> remains.
>
> To add to my original Q is there seperate vars for browser and OS?
>
> JJ Harrison
> webmastertececo.com
> www.tececo.com
>
> "Alberto Serra" <albertoserragala.net> wrote in message
> news:3D256C1C.5080800gala.net...
> > JJ Harrison wrote:
> > > Is there an easy way to divide up $_SERVER['HTTP_USER_AGENT'] or do I
> have
> > > to use regular expressions(Which I have little experiance with)?
> >
> > Why would you want to use that? People write in their HTTP_USER_AGENT
> > whatever they want to, and many times you'll find there a set of 4
> > letter words instead of the info you look for. There is a nice add-on
> > for Mozilla to make that trick even easier.
> >
> > Alberto
> > Kiev
> >
> >
> > --
> >
> >
> > -_=}{=_--_=}{=_--_=}{=_--_=}{=_--_=}{=_--_=}{=_--_=}{=_-
> >
> > LoRd, CaN yOu HeAr Me, LiKe I'm HeArInG yOu?
> > lOrD i'M sHiNiNg...
> > YoU kNoW I AlMoSt LoSt My MiNd, BuT nOw I'm HoMe AnD fReE
> > tHe TeSt, YeS iT iS
> > ThE tEsT, yEs It Is
> > tHe TeSt, YeS iT iS
> > ThE tEsT, yEs It Is.......
> >
>
>
begin 666 eregi.php
M/#\-"B\O($)R;W=S97(1&5T96-T:6]N#0H):68H(&5R96=I*"(H;W!E<F$I
M("A;,"TY77LQ+#)]+ELP+3E=>S$L,WTI>S L,7TB+"1?4T525D526R=(5%10
M7U5315)?04=%3E0G72PD<F5G<RD?'P97)E9VDH(BAO<&5R82\I*%LP+3E=
M>S$L,GTN6S M.5U[,2PS?2E[,"PQ?2(L)%]315)615);)TA45%!?55-%4E]!
M1T5.5"==+"1R96=S*2E[)&)R;W=S97(/2 B3W!E<F$)')E9W-;,ETB.WT-
M"EE;'-E:68H(&5R96=I*"(H:V]N<75E<F]R*2\H6S M.5U[,2PR?2Y;,"TY
M77LQ+#-]*2(L)%]315)615);)TA45%!?55-%4E]!1T5.5"==+"1R96=S*2 I
M>R1B<F]W<V5R(#T(DMO;G%U97)O<B D<F5G<ULR72([?0T*"65L<V5I9B
M97)E9VDH(BAO;6YI=V5B+RDH6S M.5U[,2PR?2Y;,"TY77LQ+#-]*2(L)%]3
M15)615);)TA45%!?55-%4E]!1T5.5"==+"1R96=S*2 I>R1B<F]W<V5R(#T
M(D]M;FE796()')E9W-;,ETB.WT#0H)96QS96EF*"!E<F5G:2B*'=E8G1V
M+RDH6S M.5U[,2PR?2Y;,"TY77LQ+#-]*2(L)%]315)615);)TA45%!?55-%
M4E]!1T5.5"==+"1R96=S*2 I>R1B<F]W<V5R(#T(E=E8E16("1R96=S6S)=
M(CM]#0H)96QS96EF*"!E<F5G:2B*&QY;GI+RA;,"TY77LQ+#)]+ELP+3E=
M>S$L,GTN6S M.5U[,2PR?2DB+"1?4T525D526R=(5%107U5315)?04=%3E0G
M72PD<F5G<RD*7LD8G)O=W-E<B ]("),>6YX("1R96=S6S)=(CM]#0H)96QS
M96EF*"!E<F5G:2B*&QI;FMS*2!<*"A;,"TY77LQ+#)]+ELP+3E=>S$L,WTI
M(BPD7U-%4E9%4ELG2%144%]54T527T%'14Y4)UTL)')E9W,I("E[)&)R;W=S
M97(/2 B3&EN:W,)')E9W-;,ETB.WT-"EE;'-E:68H(&5R96=I*"(H;7-I
M92D*%LP+3E=>S$L,GTN6S M.5U[,2PS?2DB+"1?4T525D526R=(5%107U53
M15)?04=%3E0G72PD<F5G<RD*7LD8G)O=W-E<B ](")-4TE%("1R96=S6S)=
M(CM]#0H)96QS96EF*"!E<F5G:2B*&YE='-C87!E-BDO*#8N6S M.5U[,2PS
M?2DB+"1?4T525D526R=(5%107U5315)?04=%3E0G72PD<F5G<RD*7LD8G)O
M=W-E<B ](").971S8V%P92 D<F5G<ULR72([?0T*"65L<V5I9B97)E9VDH
M(FUO>FEL;&$O-2(L)%]315)615);)TA45%!?55-%4E]!1T5.5"==*2 I>R1B
M<F]W<V5R(#T(DYE='-C87!E(CM]#0H)96QS96EF*"!E<F5G:2B*&UO>FEL
M;&$I+RA;,"TY77LQ+#)]+ELP+3E=>S$L,WTI(BPD7U-%4E9%4ELG2%144%]5
M4T527T%'14Y4)UTL)')E9W,I("E[)&)R;W=S97(/2 B3F5T<V-A<&4)')E
M9W-;,ETB.WT-"EE;'-E:68H(&5R96=I*")W,VTB+"1?4T525D526R=(5%10
M7U5315)?04=%3E0G72D*7LD8G)O=W-E<B ](")W,VTB.WT-"EE;'-E>R1B
M<F]W<V5R(#T(E5N:VYO=VXB.WT-"D-"B\O($]3($1E=&5C=&EO;T*#0II
M9BAE<F5G:2B;&EN=7B+"1?4T525D526R=(5%107U5315)?04=%3E0G72DI
M>R1S>7-T96T/2 B3&EN=7B.WT-"EE;'-E:68H97)E9VDH(G=I;C,R(BPD
M7U-%4E9%4ELG2%144%]54T527T%'14Y4)UTI*7LD<WES=&5M(#T(E=I;F1O
M=W,B.WT-"EE;'-E:68H97)E9VDH(E=I;B Y>" T+CDP(BPD7U-%4E9%4ELG
M2%144%]54T527T%'14Y4)UTI*7LD<WES=&5M(#T(E=I;F1O=W,364B.WT-
M"B 96QS96EF*&5R96=I*")W:6YD;W=S(#(P,# B+"1?4T525D526R=(5%10
M7U5315)?04=%3E0G72D?'P97)E9VDH(BAW:6YD;W=S(&YT*2*7LP+#%]
M*#4N,"DB+"1?4T525D526R=(5%107U5315)?04=%3E0G72D*7LD<WES=&5M
M(#T(E=I;F1O=W,,C P,"([?0T*("!E;'-E:68H97)E9VDH(BAW:6YD;W=S
M(&YT*2*7LP+#%]*#4N,2DB+"1?4T525D526R=(5%107U5315)?04=%3E0G
M72D*7LD<WES=&5M(#T(E=I;F1O=W,6% B.WT-"EE;'-E:68H("AE<F5G
M:2B*'=I;BDH6S M.5U[,GTI(BPD7U-%4E9%4ELG2%144%]54T527T%'14Y4
M)UTL)')E9W,I*2!\?" H97)E9VDH(BAW:6YD;W=S*2 H6S M.5U[,GTI(BPD
M7U-%4E9%4ELG2%144%]54T527T%'14Y4)UTL)')E9W,I*2 I>R1S>7-T96T
M/2 B5VEN9&]W<R D<F5G<ULR72([?0T*"65L<V5I9BAE<F5G:2B*'=I;FYT
M*2A;,"TY77LQ+#)]+ELP+3E=>S$L,GTI>S L,7TB+"1?4T525D526R=(5%10
M7U5315)?04=%3E0G72PD<F5G<RD*7LD<WES=&5M(#T(E=I;F1O=W,3E0
M)')E9W-;,ETB.WT-"EE;'-E:68H97)E9VDH(BAW:6YD;W=S(&YT*2*7LP
M+#%]*%LP+3E=>S$L,GTN6S M.5U[,2PR?2E[,"PQ?2(L)%]315)615);)TA4
M5%!?55-%4E]!1T5.5"==+"1R96=S*2 I>R1S>7-T96T/2 B5VEN9&]W<R!.
M5" D<F5G<ULS72([?0T*"65L<V5I9BAE<F5G:2B;6%C(BPD7U-%4E9%4ELG
M2%144%]54T527T%'14Y4)UTI*7LD<WES=&5M(#T(DUA8VEN=&]S:"([?0T*
M"65L<V5I9BAE<F5G:2B*'-U;F]S*2 H6S M.5U[,2PR?2Y;,"TY77LQ+#)]
M*7LP+#%](BPD7U-%4E9%4ELG2%144%]54T527T%'14Y4)UTL)')E9W,I*7LD
M<WES=&5M(#T(E-U;D]3("1R96=S6S)=(CM]#0H)96QS96EF*&5R96=I*"(H
M8F5O<RD<BA;,"TY77LQ+#)]+ELP+3E=>S$L,GTI>S L,7TB+"1?4T525D52
M6R=(5%107U5315)?04=%3E0G72PD<F5G<RDI>R1S>7-T96T/2 B0F5/4R D
M<F5G<ULR72([?0T*"65L<V5I9BAE<F5G:2B9G)E96)S9"(L)%]315)615);
M)TA45%!?55-%4E]!1T5.5"==*2E[)'-Y<W1E;2 ](")&<F5E0E-$(CM]#0H)
M96QS96EF*&5R96=I*")O<&5N8G-D(BPD7U-%4E9%4ELG2%144%]54T527T%'
M14Y4)UTI*7LD<WES=&5M(#T(D]P96Y"4T0B.WT-"EE;'-E:68H97)E9VDH
M(FER:7B+"1?4T525D526R=(5%107U5315)?04=%3E0G72DI>R1S>7-T96T
M/2 B25))6"([?0T*"65L<V5I9BAE<F5G:2B;W,O,B(L)%]315)615);)TA4
M5%!?55-%4E]!1T5.5"==*2E[)'-Y<W1E;2 ](")/4R\R(CM]#0H)96QS96EF
M*&5R96=I*")P;&%N.2(L)%]315)615);)TA45%!?55-%4E]!1T5.5"==*2E[
M)'-Y<W1E;2 ](")0;&%N.2([?0T*"65L<V5I9BAE<F5G:2B=6YI>"(L)%]3
M15)615);)TA45%!?55-%4E]!1T5.5"==*2!\?"!E<F5G:2B:' M=7B+"1?
M4T525D526R=(5%107U5315)?04=%3E0G72D?'P97)E9VDH(EQ,2(L)%]3
M15)615);)TA45%!?55-%4E]!1T5.5"==*2 I>R1S>7-T96T/2 B56YI>"([
M?0T*"65L<V5I9BAE<F5G:2B;W-F(BPD7U-%4E9%4ELG2%144%]54T527T%'
M14Y4)UTI*7LD<WES=&5M(#T(D]31B([?0T*"65L<V5[)'-Y<W1E;2 ](")5
M;FMN;W=N(CM]#0H)#0H)96-H;R B66]U(&%R92!U<VEN9R D8G)O=W-E<B!O
9;B!A("1S>7-T96T<WES=&5M(CL-"C\^( ``
`
end

attached mail follows:

Scott Fletcher wrote: > Yea, it use the Linux Kernel. I had to download RPM stuffs from IBM. It > can not be from Red Hat or any other. IBM take the source code and put it > into RPM. IBM kept making error message about some RPMs, so that is why I > went back to non-linux kernal AIX. >

ðÒÉ×ÅÔ!

Try installing the RPMs with the --force parameter. It usually solves the problem on Linux and since the kernel is the same...

ÐÏËÁ áÌØÂÅÒÔÏ ëÉÅ×

-- 
-_=}{=_--_=}{=_--_=}{=_--_=}{=_--_=}{=_--_=}{=_--_=}{=_-
LoRd, CaN yOu HeAr Me, LiKe I'm HeArInG yOu?
lOrD i'M sHiNiNg...
YoU kNoW I AlMoSt LoSt My MiNd, BuT nOw I'm HoMe AnD fReE
tHe TeSt, YeS iT iS
ThE tEsT, yEs It Is
tHe TeSt, YeS iT iS
ThE tEsT, yEs It Is.......

attached mail follows:

don't want to receive but email please don't want to receive but email please

attached mail follows:

don't want to receive but email please don't want to receive but email please don't want to receive but email please don't want to receive but email please don't want to receive but email please don't want to receive but email please don't want to receive but email please don't want to receive but email please don't want to receive but email please don't want to receive but email please don't want to receive but email please don't want to receive but email please don't want to receive but email please don't want to receive but email please don't want to receive but email please don't want to receive but email please don't want to receive but email please don't want to receive but email please don't want to receive but email please don't want to receive but email please don't want to receive but email please don't want to receive but email please don't want to receive but email please don't want to receive but email please don't want to receive but email please don't want to receive but email please don't want to receive but email please don't want to receive but email please don't want to receive but email please don't want to receive but email please don't want to receive but email please don't want to receive but email please don't want to receive but email please don't want to receive but email please don't want to receive but email please don't want to receive but email please don't want to receive but email please don't want to receive but email please don't want to receive but email please don't want to receive but email please don't want to receive but email please don't want to receive but email please don't want to receive but email please don't want to receive but email please don't want to receive but email please don't want to receive but email please

attached mail follows:

Hi,

I can't seem to upload file bigger than 5M even if I set the upload_max_filesize to 20M in php.ini and MAX_FILE_SIZE to 20M in the script. What's am I missing here? Is the temporary upload directory won't handle file this size? Please give me some pointers here. TIA.

Regards, Norman

attached mail follows:

Check Apache limitations

--
Sincerely, val petruchek
"Norman Zhang" <nzhangarkon-group.com> ÓÏÏÂÝÉÌ/ÓÏÏÂÝÉÌÁ × ÎÏ×ÏÓÔÑÈ
ÓÌÅÄÕÀÝÅÅ: news:20020706020412.49744.qmailpb1.pair.com...
> Hi,
>
> I can't seem to upload file bigger than 5M even if I set the
> upload_max_filesize to 20M in php.ini and MAX_FILE_SIZE to 20M in the
> script. What's am I missing here? Is the temporary upload directory won't
> handle file this size? Please give me some pointers here. TIA.
>
> Regards,
> Norman
>
>

attached mail follows:

On Saturday 06 July 2002 10:04, Norman Zhang wrote: > Hi, > > I can't seem to upload file bigger than 5M even if I set the > upload_max_filesize to 20M in php.ini and MAX_FILE_SIZE to 20M in the > script. What's am I missing here? Is the temporary upload directory won't > handle file this size? Please give me some pointers here. TIA.

You may need to change the post_max_size (in php.ini) as well.

Manual > Handling file uploads > Common Pitfalls

-- Jason Wong -> Gremlins Associates -> www.gremlins.com.hk Open Source Software Systems Integrators * Web Design & Hosting * Internet & Intranet Applications Development *

/* Richard B. Johnson wrote: > The 'C' language can order structure members anyway it wants.

You are an idiot.

- Rusty Russell on linux-kernel */

attached mail follows:

I receive this sh!t everytime i post message here. Can we get him out of the list?

> Hello, > > > > I will be on vacation from 07/08/02 till 07/19/02 . If you need assistance with your website, please contact either Chris : chrisgbiswebdesign.com or Dave : davegbiswebdesign.com. > > > > Best Regards, > > ------------------------------------------------- > Victor Polyushko / Web Engineer > Great Basin Web Design > victorgbiswebdesign.com > www.gbiswebdesign.com > voice: 775.348.7299 > ------------------------------------------------- > >

attached mail follows:

Attached is the file.

It doesn't give any parse errors or anything. Just nothing is inserted into the DB.

What am I doing?

-- JJ Harrison webmaster

tececo.com www.tececo.com

attached mail follows:

JJ Harrison wrote: > Attached is the file. >

ðÒÉ×ÅÔ!

No attachment came :(

ðÏËÁ áÌØÂÅÒÔÏ ëÉÅ×

-- 
-_=}{=_--_=}{=_--_=}{=_--_=}{=_--_=}{=_--_=}{=_--_=}{=_-
LoRd, CaN yOu HeAr Me, LiKe I'm HeArInG yOu?
lOrD i'M sHiNiNg...
YoU kNoW I AlMoSt LoSt My MiNd, BuT nOw I'm HoMe AnD fReE
tHe TeSt, YeS iT iS
ThE tEsT, yEs It Is
tHe TeSt, YeS iT iS
ThE tEsT, yEs It Is.......

attached mail follows:

On Saturday 06 July 2002 10:37, Alberto Serra wrote: > JJ Harrison wrote: > > Attached is the file. > > ðÒÉ×ÅÔ! > > No attachment came :(

Don't attach a file, include your code inline. I for one will not open an attachment (too lazy).

-- Jason Wong -> Gremlins Associates -> www.gremlins.com.hk Open Source Software Systems Integrators * Web Design & Hosting * Internet & Intranet Applications Development *

/* If voting could change the system, it would be illegal. If not voting could change the system, it would be illegal. */

attached mail follows:

Here it is then:

<? function tececo_stat_cookie(){ setcookie ('tececo_stats', '1'); } // Browser Detection if( eregi("(opera) ([0-9]{1,2}.[0-9]{1,3}){0,1}",$_SERVER['HTTP_USER_AGENT'],$regs) || eregi("(opera/)([0-9]{1,2}.[0-9]{1,3}){0,1}",$_SERVER['HTTP_USER_AGENT'],$re gs)){$browser = "Opera $regs[2]";} elseif( eregi("(konqueror)/([0-9]{1,2}.[0-9]{1,3})",$_SERVER['HTTP_USER_AGENT'],$reg s) ){$browser = "Konqueror $regs[2]";} elseif( eregi("(omniweb/)([0-9]{1,2}.[0-9]{1,3})",$_SERVER['HTTP_USER_AGENT'],$regs) ){$browser = "OmniWeb $regs[2]";} elseif( eregi("(webtv/)([0-9]{1,2}.[0-9]{1,3})",$_SERVER['HTTP_USER_AGENT'],$regs) ) {$browser = "WebTV $regs[2]";} elseif( eregi("(lynx)/([0-9]{1,2}.[0-9]{1,2}.[0-9]{1,2})",$_SERVER['HTTP_USER_AGENT' ],$regs) ){$browser = "Lynx $regs[2]";} elseif( eregi("(links) \(([0-9]{1,2}.[0-9]{1,3})",$_SERVER['HTTP_USER_AGENT'],$regs) ){$browser = "Links $regs[2]";} elseif( eregi("(msie) ([0-9]{1,2}.[0-9]{1,3})",$_SERVER['HTTP_USER_AGENT'],$regs) ){$browser = "MSIE $regs[2]";} elseif( eregi("(netscape6)/(6.[0-9]{1,3})",$_SERVER['HTTP_USER_AGENT'],$regs) ){$bro wser = "Netscape $regs[2]";} elseif( eregi("mozilla/5",$_SERVER['HTTP_USER_AGENT']) ){$browser = "Netscape";} elseif( eregi("(mozilla)/([0-9]{1,2}.[0-9]{1,3})",$_SERVER['HTTP_USER_AGENT'],$regs) ){$browser = "Netscape $regs[2]";} elseif( eregi("w3m",$_SERVER['HTTP_USER_AGENT']) ){$browser = "w3m";} else{$browser = "Unknown";}

// Referer Detection. if(isset($_SERVER['HTTP_REFERER'])){ $referer = $_SERVER['HTTP_REFERER']; } else { $referer = $_SERVER['PHP_SELF']; }

// Remote DNS name $remote_dns = gethostbyaddr($_SERVER['REMOTE_HOST']); $remote_ip = $_SERVER['REMOTE_HOST']; // Sets Current time $time = time();

// Weather it is a person's first visit within session if(isset($_COOKIE['tececo_stats'])){ $visited = '1'; } else { $visited = '0'; tececo_stat_cookie(); }

$query = "INSERT INTO tececo_stats values ('', $id, $visited, $time, $remote_dns, $remote_ip, $referer, $browser, $system)"; mysql_query($query); ?>

JJ Harrison webmastertececo.com www.tececo.com

attached mail follows:

On Saturday 06 July 2002 11:12, JJ Harrison wrote: > Here it is then:

[snip]

> > $query = "INSERT INTO tececo_stats values ('', $id, $visited, $time, > $remote_dns, $remote_ip, $referer, $browser, $system)";

echo $query;

> mysql_query($query);

echo mysql_error();

And RFTM for examples on how to incorporate error checking in your db operations.

-- Jason Wong -> Gremlins Associates -> www.gremlins.com.hk Open Source Software Systems Integrators * Web Design & Hosting * Internet & Intranet Applications Development *

/* Any sufficiently advanced technology is indistinguishable from magic. -- Arthur C. Clarke */

attached mail follows:

On Sat, 6 Jul 2002, JJ Harrison wrote: > $query = "INSERT INTO tececo_stats values ('', $id, $visited, $time, > $remote_dns, $remote_ip, $referer, $browser, $system)"; > mysql_query($query);

You should always do the following if you are having trouble:

1) print out $query and try it yourself at the mysql command line.

2) print mysql_error(). In this case I think the problem is that you've failed to quote the strings in your INSERT. Try something like

INSERT INTO tececo_stats values ('', '$id', '$visited', '$time' ...

Also note that as it stands, I could potentially make big trouble for you by putting clever values into HTTP_REFERER (which is totally under my control as a visitor to your site). So make sure you mysql_escape_string or addslashes those values (unless you have magic_quotes turned on, in which case you can ignore this lecture).

miguel

attached mail follows:

OK,

I have magic_quotes on though so useless lecture thanks for the advice

--
JJ Harrison
webmastertececo.com
www.tececo.com
"Miguel Cruz" <mncstoic.net> wrote in message
news:Pine.LNX.4.44.0207052217030.3861-100000stoic.net...
> On Sat, 6 Jul 2002, JJ Harrison wrote:
> > $query = "INSERT INTO tececo_stats values ('', $id, $visited, $time,
> > $remote_dns, $remote_ip, $referer, $browser, $system)";
> > mysql_query($query);
>
> You should always do the following if you are having trouble:
>
> 1) print out $query and try it yourself at the mysql command line.
>
> 2) print mysql_error().
>
> In this case I think the problem is that you've failed to quote the
> strings in your INSERT. Try something like
>
>   INSERT INTO tececo_stats values ('', '$id', '$visited', '$time' ...
>
> Also note that as it stands, I could potentially make big trouble for you
> by putting clever values into HTTP_REFERER (which is totally under my
> control as a visitor to your site). So make sure you mysql_escape_string
> or addslashes those values (unless you have magic_quotes turned on, in
> which case you can ignore this lecture).
>
> miguel
>
>

attached mail follows:

JH> I have magic_quotes on though so useless lecture thanks for the advice

Having magic_quotes on doesn't preclude your query from being invalid. You should still:

JH> "Miguel Cruz" <mncstoic.net> wrote in message: >> 1) print out $query and try it yourself at the mysql command line. >> >> 2) print mysql_error().

Any time a query fails.

- Julie

--> Julie Meloni --> juliethickbook.com --> www.thickbook.com

Find "Sams Teach Yourself MySQL in 24 Hours" at http://www.amazon.com/exec/obidos/ASIN/0672323494/thickbookcom-20

attached mail follows:

>that's connected to the web, and it works. I went out and got the >php.ini that my user uses on that server and checked it with my local >copy. The only difference between the two were the lifetimes of >cookies, etc.

Details, please. :-)

>I've also tried passing the $PHPSESSID on to another page, and it >never 'remembers' the variables that I've declared. But when I upload >it to the server, it works. > >Is this the default configuration under Debian? My brother and his >wife also use Debian, and I asked them to check the script, and it >doesn't work on their machines, either. Could it be something with >apache?

Extremely unlikely...

I mean, *SOOO* many web-sites would break if Cookies didn't work...

If there *IS* a Debian Cookie issue, you'll find it much quicker on a Debian mailing list than here on PHP, though.

-- Like Music? http://l-i-e.com/artists.htm

attached mail follows:

"Richard Lynch" <richphpbootcamp.com> writes:

> >that's connected to the web, and it works. I went out and got the > >php.ini that my user uses on that server and checked it with my local > >copy. The only difference between the two were the lifetimes of > >cookies, etc. > > Details, please. :-) > > >I've also tried passing the $PHPSESSID on to another page, and it > >never 'remembers' the variables that I've declared. But when I upload > >it to the server, it works. > > > >Is this the default configuration under Debian? My brother and his > >wife also use Debian, and I asked them to check the script, and it > >doesn't work on their machines, either. Could it be something with > >apache? > > Extremely unlikely... > > I mean, *SOOO* many web-sites would break if Cookies didn't work... > > If there *IS* a Debian Cookie issue, you'll find it much quicker on a Debian > mailing list than here on PHP, though.

Actually, I've found the problem on a Debian mailing list. After all of this, I found out that under Debian with the PowerPC architecture Sessions do not work.

Thanks for all of your help, though.

-Mannequin*

PS. Sorry, I sent this by accident to Richard's email address.

attached mail follows:

>> >The GET method form works fine, while the POST method (which is what I >> >need to use) pops up a message about the page containing both secure and >> >nonsecure data. >> > >> >WTF? >> >> Well, the new browser window opens, but you're loading a PDF, not HTML, so >> it's not really getting any data at all. The data it's not getting isn't >> secure, by definition, since there's nothing there. > >I'm not sure that I understand what you're saying here... I'm loading a php >file, that is creating the pdf on-the-fly. This php file is the one >receiving the POST data, not the window - or do I not understand?

Here is how HTTP usually works:

1. Browser requests URL, possibly in new window. 2. Server sends content 3. Browser displays content

However, with a PDF, you have:

1. Browser requests URL, definitely in a new window 2. Server sends content, which happens to be a PDF file. 2a. Server does not send an HTML page 3. Browser has opened a new browser window, which is supposed to display an HTML page. 3a. Browser gets a PDF, which requires that it fire up a different application to view 3b. Browser has this nifty browser window, with no HTML to put into it, and it was supposed to get securely-delivered HTML, and it's pissed off you never securely-delivered the HTML you "promised" in 2. and didn't send in 2a. :-)

>BTW... This example is not how the application works. It's just a test that >I used to narrow down the problem, and recreate in a controlled situation. >The real application needs to have the pdf file pop up in a separate window >using POST vars, which, in the application, is done using Javascript - but I >digress...

Here's your fundamental problem:

By definition, the PDF file isn't supposed to be in a browser window *AT* *ALL*.

Yes, some funky-ass plug-in hacks will allow a PDF to be embedded inside of a browser window, but that's an add-on hack, long, long after HTTP protocol was defined.

You've *TOLD* the browser to open up a new HTML window, and you've told it to expect some HTML sent securely, but the server isn't *sending* any HTML data *AT* *ALL* -- Just PDF data, which is going somewhere else.

So, the *browser* sees this HTML window, you opened up, and it ain't got no secure HTML sent to it. Nothing. Nada. Zip.

Again I say, GET RID OF THE TARGET="_blank"

That's as close as you're going to get to having a new window with a PDF in it, for most surfers.

>How is the POST data not 'secure' but the GET data is? How is it not secure >'by definition'? There's nothing where? Please expand.

The server didn't send any HTML. There is no HTML to secure. If there's nothing there, nothing sent, it's rather difficult to send it securely.

The PDF got sent, but that's not HTML, and it can't be displayed in the browser window, so the browser window never got nothing. But it was told, in advance, to expect some secure HTML. That secure HTML never arrived. No HTML arrived. Only PDF arrived.

I think I need a picture/diagram and slow-motion animation to 'splain this properly...

Try to imagine this happening in slo-mo.

Browser is told: 1. Go get URL https://... 2. Put the HTML from that URL in a new window, and be sure it's secure.

Server responds with PDF file, which essentially tells browser: 3. Go run the PDF application viewer thingie to view this data.

Meanwhile, the browser has this HTML window, hanging around, waiting for securely-delivered HTML to arrive...

It's definitely a browser "bug" that you can't tell it to open up a new window, for an HTTPS connection, and that content might not actually *be* HTML, but there *might* be a plug-in that will handle it in that window. Or, there might not be a plug-in, but so what?

Unfortunately, that's not how the browsers are dealing with it, and I'm not sure they *can* deal with it properly, since there might *NOT* be a plug-in, so they might *not* get anything to put in that new window, so what are they supposed to do? Display a blank secure window?

I'm not saying it's not a bug. I'm saying it's not a PHP bug, and it's a browser bug, and there's nothing you can do (unless you can convince both Bill and the Mozilla guys to fix it tomorrow) and the *BEST* way to get get kinda close to what you want is to lost the TARGET="_blank"

It won't be a new window for people who did a PDF plug-in, but it will work the right way for everybody else...

That was the best solution I could come up with this for this issue when I ran into it.

Actually, you *MIGHT* be able to do this:

1. Force the new window to open up to some HTML page. 2. That HTML page, with JavaScript or META HTTP-EQUIV=REFRESH could *maybe* then suck down the PDF, and *maybe* you won't get that warning message...

The crux of the problem is you are forcing a new browser window to open up, which is expecting some securely-delivered HTML, but it never gets no HTML, it just gets some PDF stuff, and it gets cranky about not getting the securely-delivered HTML you "promised".

I just told the boss he couldn't have what he wanted, and we had to lose the pop-up window. But I hate pop-up windows anyway :-)

-- Like Music? http://l-i-e.com/artists.htm

attached mail follows:

>get data is insecure by nature so the whole page is insecure and no >warnings, as soon as you post you invoke the security.

No, no, no.

POST data is *NO* *MORE* *SECURE* than GET data! Period.

Okay, if you want to get picuyane -- A total idiot user can read the URL in their location bar, and a total idiot user can maybe figure out a way to munge it, and another total idiot, as webmaster, might build a web-site that lets something bad happen when that happens... And, technically, it's possible that the first total idiot user couldn't figure out how to forge a POST.

However, calling GET "less secure" than POST for that reason is, like, the worst (best?) example of the well-debunked "security by obscurity" concept. It does not take a genius to forge POST just as quickly and easily as GET. "Hiding" your data by POST and thinking it's "more secure" is just plain foolish.

POST data is *not* transmitted by any more inherently secure method. POST data is not significantly hidden from the end user. Unless you consider "View Source" as more tricky than reading the Location box in the browser... Which I'm just not willing to buy as "more secure".

There is *NO* inherent technical superiority to a POST data for security purposes.

>You probably have a >url on your page that is coming from an insecure server (http:// instead >of https://)

This would be correct, except:

He has no HTML page on the https:// URL. He has a PDF file. There can be no URL (images etc) on an HTML page that doesn't exist.

The *real* problem, as I said, is that he's forcing the browser to open a blank window, and that blank window is given an HTTPS URL, and that blank window is taking that HTTPS URL as a "promise" that some HTML will be delivered securely.

Then, the server responds, *not* with some securely-delivered HTML, but with some securely-delivered PDF data.

The *browser* fires up the PDF application (or plug-in) but *STILL* has this browser window, hanging around, waiting for the promised securely-delivered HTML that never arrived, never will arrive, and cannot arrive, since only one (1) piece of content (the PDF) can be (*) delivered.

Thus, by definition, the HTML data for the browser window was not transmitted securely, because no HTML was ever transmitted at all.

* Technically, the HTTP protocol could use keep-alive and deliver *TWO* pieces of content: some HTML, *and* the PDF file. I have no idea if keep-alive and spewing out HTML and PDF would make the browser happy, but I'm willing to bet a dollar it would break a bunch more browsers, and an extra HTML page isn't the desired behaviour in the first place.

Sorry for the repeat post, but I'm hoping I've stated it more succinctly this time...

-- Like Music? http://l-i-e.com/artists.htm

attached mail follows:

If I had this information stored in a database field, <img src="<? echo $content_output["site_logo"]; ?>">

how could I assign it to a variable and output it?

I've gone thru the info on eval() php.net, but it's not getting thru my skull very well. I keep getting errors I can't correct.

Can anyone give me some pointers?

Any good tutorials on eval for php out there?

Thanks!

attached mail follows:

On Fri, 5 Jul 2002, Kelly Meeks wrote: > If I had this information stored in a database field, > <img src="<? echo $content_output["site_logo"]; ?>"> > > how could I assign it to a variable and output it?

I'm not sure that you can eval() HTML.

Perhaps if your cell contained:

echo "<img src='{$content_output['site_logo']}'>"

you would have better luck. Don't quote me on it though.

miguel

attached mail follows:

In Windows 2000 SP2 IIS 5 this statement works without issue:

$myvar2 = strtoupper(substr(PHP_OS, 0, 3))

and myvar2 = WIN

but this statement right after it:

dl('php_gtk.dll');

leads to this error:

Fatal error: Dynamically loaded extentions aren't enabled. in c:\inetpub\scripts\could.php on line 17

why?

I have put php_gtk.dll in every damn directory I can think of. I've put it in C:\PHP; I've put it in C:\PHP\extensions; I've put it in C:\WINNT; I've put it in C:\WINNT\System32; The only place I haven't tried to put it is up my...

If I uncomment ANY of the extensions in php.ini I get this error:

Say I uncomment win32api.dll:

Then the above php script which worked just fine gives:

w32api: unable to initialize module Module compiled with module API=20010901, debug=0, thread-safety=1 PHP compiled with module API=20020429, debug=0, thread-safety=1 These options need to match.

Everything PHP is 4.2.1 the extensions are what they are calling 4.2.1.

What is going on with this PHP? Is it just lack of care on the part of:

http://www.php.net/

Thanks.

-- George Hester _________________________________

attached mail follows:

GH> but this statement right after it:

GH> dl('php_gtk.dll');

GH> leads to this error:

GH> Fatal error: Dynamically loaded extentions aren't enabled. in GH> c:\inetpub\scripts\could.php on line 17

From: http://www.php.net/manual/en/configuration.php#ini.sect.extension

Extension Loading Directives: enable_dl

Is it on in php.ini? Your error message would indicate that it is not.

- Julie

--> Julie Meloni --> juliethickbook.com --> www.thickbook.com

Find "Sams Teach Yourself MySQL in 24 Hours" at http://www.amazon.com/exec/obidos/ASIN/0672323494/thickbookcom-20

attached mail follows:

gh> That's the error I get when I do uncomment it. I thought I said that.

There was no mention of the status of enable_dl in your message. enable_dl is not something that is uncommented. it is either "on" or "off". If it is on -- and only if it is on -- can you use the dl() function.

And then, do what steph said.

- Julie

--> Julie Meloni --> juliethickbook.com --> www.thickbook.com

Find "Sams Teach Yourself MySQL in 24 Hours" at http://www.amazon.com/exec/obidos/ASIN/0672323494/thickbookcom-20

attached mail follows:

gh> Dang it was off. Sorry Julie but if that is not part of the install notes gh> then how the hell am I supposed to know? I'm not a mind reader.

and then...

gh> I know enough not to mix versions so if it don't help that issue it has to gh> be something like what you have just pointed out to me; that I was expected gh> to know without someone taking the time to fully explain the necessities.

and then...

gh> Julie look at wwhat it says in this php.ini:

gh> ; Whether or not to enable the dl() function. The dl() function does NOT gh> work gh> ; properly in multithreaded servers, such as IIS or Zeus, and is gh> automatically gh> ; disabled on them. gh> enable_dl = On

gh> I am running IIS. Don't you see that it says NOT to turn it on?

gh> No wonder!

Dude, stop emailing me each time you find something in the manual that you should have found in the first place.

If you were trying to use dl() and it wouldn't let you, it's because enable_dl() wasn't on. If it wasn't on (which you said it wasn't), and you're using IIS, and you just found that note in php.ini, well gosh then that's _definitely_ my fault. Uh huh.

The list is here to help, and point in the right direction, as Steph did with your version differences -- but don't jump all over us because you haven't read the manual and have no idea about any idiosyncracies for your specific OS/server/etc.

Lordy.

- Julie

--> Julie Meloni --> juliethickbook.com --> www.thickbook.com

Find "Sams Teach Yourself MySQL in 24 Hours" at http://www.amazon.com/exec/obidos/ASIN/0672323494/thickbookcom-20

attached mail follows:

ðÒÉ×ÅÔ!

> gh> ; Whether or not to enable the dl() function. The dl() function does NOT > gh> work > gh> ; properly in multithreaded servers, such as IIS or Zeus, and is > gh> automatically > gh> ; disabled on them. > gh> enable_dl = On

Solution is self-evident: format your hard-disk and install something like an operative system and a web-server on it :)) LOLOLOLOL You cannot expect to use Microsoft and have no problems, right? (not that I'd call Unix a paradise, but at least basic functions do work )

Don't fire back, today is Ivan Kupala Day and I am sitting here working while everyone else in town is having a drink, so I'm in the mood for cracking jokes a bit :))

ÐÏËÁ áÌØÂÅÒÔÏ ëÉÅ×

-- 
-_=}{=_--_=}{=_--_=}{=_--_=}{=_--_=}{=_--_=}{=_--_=}{=_-
LoRd, CaN yOu HeAr Me, LiKe I'm HeArInG yOu?
lOrD i'M sHiNiNg...
YoU kNoW I AlMoSt LoSt My MiNd, BuT nOw I'm HoMe AnD fReE
tHe TeSt, YeS iT iS
ThE tEsT, yEs It Is
tHe TeSt, YeS iT iS
ThE tEsT, yEs It Is.......

attached mail follows:

On Sat, 6 Jul 2002, Alberto Serra wrote: > Don't fire back, today is Ivan Kupala Day and I am sitting here working > while everyone else in town is having a drink, so I'm in the mood for > cracking jokes a bit :))

I can't believe it! I totally forgot it was Ivan Kupala Day!

miguel

attached mail follows:

Dear all ,

I am a new bie here and I would like to know more about coding in upload photo file by client side and store in mysql database. also , how can I show the photo in the HTML CODING embeded and get the image directly from the database ? thanks . could you mind provide some code to let me reference. ?? I am doing my project. I need this information in urgent. Please friendly give me advice here . thanks

Jimmy

attached mail follows:

Jimmy Lam wrote: > Dear all , > > I am a new bie here and I would like to know more about coding in upload photo file > > Jimmy >

ðÒÉ×ÅÔ!

just read the online manual. Everything is quite clear there about all sorts of uploads. Examples included.

ÐÏËÁ áÌØÂÅÒÔÏ ëÉÅ×

-- 
-_=}{=_--_=}{=_--_=}{=_--_=}{=_--_=}{=_--_=}{=_--_=}{=_-
LoRd, CaN yOu HeAr Me, LiKe I'm HeArInG yOu?
lOrD i'M sHiNiNg...
YoU kNoW I AlMoSt LoSt My MiNd, BuT nOw I'm HoMe AnD fReE
tHe TeSt, YeS iT iS
ThE tEsT, yEs It Is
tHe TeSt, YeS iT iS
ThE tEsT, yEs It Is.......

attached mail follows:

please follow the readme in the PHP-GTK download. You cannot mix the dlls from separate builds and expect them to work, you should in fact be keeping both versions of PHP completely separate if you're intending to use a gui and web installation side by side. Both php.ini's will need to be local to their respective version of php.exe.

----- Original Message ----- From: "George Hester" <hesterlolihotmail.com> To: <php-generallists.php.net>; <php-gtk-generallists.php.net> Sent: Saturday, July 06, 2002 3:37 AM Subject: [PHP-GTK] Cannot enable extensions. Why?

> In Windows 2000 SP2 IIS 5 > this statement works without issue: > > $myvar2 = strtoupper(substr(PHP_OS, 0, 3)) > > and myvar2 = WIN > > but this statement right after it: > > dl('php_gtk.dll'); > > leads to this error: > > Fatal error: Dynamically loaded extentions aren't enabled. in > c:\inetpub\scripts\could.php on line 17 > > why? > > I have put php_gtk.dll in every damn directory I can think of. I've put it in > C:\PHP; I've put it in C:\PHP\extensions; I've put it in C:\WINNT; I've put it > in C:\WINNT\System32; The only place I haven't tried to put it is up my... > > If I uncomment ANY of the extensions in php.ini I get this error: > > Say I uncomment win32api.dll: > > Then the above php script which worked just fine gives: > > w32api: unable to initialize module > Module compiled with module API=20010901, debug=0, thread-safety=1 > PHP compiled with module API=20020429, debug=0, thread-safety=1 > These options need to match. > > Everything PHP is 4.2.1 the extensions are what they are calling 4.2.1. > > What is going on with this PHP? Is it just lack of care on the part of: > > http://www.php.net/ > > Thanks. > > > -- > George Hester > _________________________________ > > > > -- > PHP-GTK General Mailing List (http://gtk.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php >

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]