|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: php-general-digest-help
lists.php.netDate: Mon Jul 08 2002 - 00:53:50 CDT
php-general Digest 8 Jul 2002 05:53:50 -0000 Issue 1451
Topics (messages 105965 through 106034):
Re: Problem with SQL query
105965 by: Mark Charette
105985 by: Alberto Serra
Re: Having more problems
105966 by: Chris Hewitt
newbie: a couple basic questions
105967 by: Alexander Ross
105969 by: john.elysium.ltd.uk
Re: Mailing all the elements of a form
105968 by: john.elysium.ltd.uk
configure breaks at return type of qsort...
105970 by: Alexander Skwar
105978 by: Alexander Skwar
Error: Unable to fork (PHP 4.21)
105971 by: Kevin Stone
mail function question
105972 by: Kirk Babb
105980 by: Manuel Lemos
105984 by: Kirk Babb
Re: HTTPS vs. HTTP ?
105973 by: Richard Lynch
105983 by: Mark Charette
105987 by: Chris Shiflett
105993 by: Justin French
105998 by: Tracker 1
105999 by: Alberto Serra
106001 by: Miguel Cruz
106005 by: Chris Shiflett
106006 by: Chris Shiflett
106007 by: Alberto Serra
Re: Plz help w/ global variables
105974 by: Richard Lynch
please I want them to erase me of their mail lists
105975 by: Rodolfo Contreras T.
105990 by: Miguel Cruz
flip function
105976 by: Garland Foster
105986 by: Alberto Serra
Printing Problem
105977 by: Chris Kay
105992 by: Miguel Cruz
106002 by: Chris Kay
Re: Calander with highlighting
105979 by: Peter
Re: Buy & Sell
105981 by: Peter
Re: suppressing errors with ""
105982 by: Martin Towell
Re: inserting linebrakes in multisite forms
105988 by: Miguel Cruz
Re: Linked drop down selection lists and dynamically generated links
105989 by: Miguel Cruz
PHP/mysql connection problem
105991 by: Jo
105995 by: Chris Shiflett
105997 by: Peter
Re: Retrieving/Displaying hyperlinked images with PHP
105994 by: Miguel Cruz
106011 by: markbm
106020 by: Miguel Cruz
106031 by: César Aracena
Re: Sockets & 'requested address is not valid in its context'
105996 by: Miguel Cruz
newbie: question about question marks
106000 by: Alexander Ross
106003 by: Miguel Cruz
MING
106004 by: Alberto Serra
ini_set() broken?
106008 by: Greg Donald
106009 by: Miguel Cruz
106012 by: Greg Donald
106013 by: Martin Towell
106015 by: Chris Shiflett
106017 by: Greg Donald
106018 by: Greg Donald
106019 by: Jason Wong
106022 by: Miguel Cruz
106023 by: Chris Shiflett
106025 by: Greg Donald
106026 by: Tom Rogers
106028 by: Jason Wong
106030 by: Tom Rogers
is their a jobs mailing list?
106010 by: Peter J. Schoenster
106033 by: Rasmus Lerdorf
compare variables from text fields...
106014 by: Jas
106021 by: Justin French
106024 by: Miguel Cruz
supportbignickel.net
106016 by: Jas
Re: Script Security: Best coding practices
106027 by: olinux
Re: Survey: MySQL vs PostgreSQL for PHP
106029 by: Analysis & Solutions
Re: Splitting up a timestamp?
106032 by: Analysis & Solutions
Referencing function return value
106034 by: Anas Mughal
Administrivia:
To subscribe to the digest, e-mail:
php-general-digest-subscribelists.php.net
To unsubscribe from the digest, e-mail:
php-general-digest-unsubscribelists.php.net
To post to the list, e-mail:
php-generallists.php.net
----------------------------------------------------------------------
attached mail follows:
LIMIT was not included in the SQL92 SQL standards and very few vendors
implement all of SQL99; the use of ANSI standards to promote "portable"
programs has always been beset by this kind of problems.
Mark Charette
Former ANSI X3H3.1 member
-----Original Message-----
From: Alberto Serra [mailto:albertoserragala.net]
SELECT
extract('year', time),
extract('month', time)
count(*) as monthly_views
FROM
visitors
group by
extract('year', time),
extract('month', time)
order by
monthly_view desc
limit 1
attached mail follows:
ðÒÉ×ÅÔ!
Mark Charette wrote:
> LIMIT was not included in the SQL92 SQL standards and very few vendors
> implement all of SQL99; the use of ANSI standards to promote "portable"
> programs has always been beset by this kind of problems.
Yes, and vendors just love to have proprietary standards to protect
their market shares. The basic idea is that since you cannot just switch
from an engine to another without seriously risking your application
stability you will tolerate the "yes, it's a known bug" answer, whenever
your 100 thousand dollars application cannot print a simple data report
because trying to set fonts size will crash the current job. Or when
real numbers are returned with a different values from the one you wrote
in.
Not talking about MeAndMyFriendJoe'sXperimentalSQLMachineGun 0.0, That
was Oracle 7.3 with Developer (fonts) and Oracle 8.something under WinNT
("floating" real number values).
Eventually they solved both the problems (I have to say they even did it
quick) but you can imagine the atmosphere when the final customer had to
be told that they had invested an overall amount of 25k$ a day for 2
years just not to be able to print a common report and that Oracle just
answered "yes, it's a known bug - bug precedence level: low".
Which actually meant: "go ** yourselves, we ain't got no time for your
stupid customers". If only they could switch engine... But they switched
to their lawyers in instead and kept the engine running, because no ANSI
was there (and because we all knew that no better stability was to be
found on other vendors anyway).
Some things in escaping the ANSI standard are useful, though. Things like
Oracle's DECODE and the LIMIT clause do make query sets smaller and
quicker.
And yet, IMHO most of the opposition to ANSI comes from a mere
commercial point of view.
This way vendors can keep releasing poor alpha stuff and call it a
"stable" release without having to worry about spending test money. Test
is something you are going to do yourself, paying for it with your own
money and your own professional credibility. No wonder vendors are happy
with it.
ÐÏËÁ
áÌØÂÅÒÔÏ
ëÉÅ×
--
LoRd, CaN yOu HeAr Me, LiKe I'm HeArInG yOu? lOrD i'M sHiNiNg... YoU kNoW I AlMoSt LoSt My MiNd, BuT nOw I'm HoMe AnD fReE tHe TeSt, YeS iT iS ThE tEsT, yEs It Is tHe TeSt, YeS iT iS ThE tEsT, yEs It Is.......
attached mail follows:
Shiloh,
It displays in my Mozilla browser, but maybe the missing <BODY> and </BODY> tags would mean it does not display in yours.
HTH Chris
Shiloh Madsen wrote:
> > The newbie is still having troubles heh. Maybe some kind soul can tell > me what im doing wrong this time. This is the code for a page I am > working on. When I try to bring up the page in a browser, I just get a > white page, instead of having the HTML display. Anyone able to tell me > why?
attached mail follows:
1) in a fuction, does a return statment automatically exit the function as well? 2) can someone give me a better explination of $HTTP_POST_VARS
attached mail follows:
Hi
Yes the return function exits the function - you can specify a return value to http://www.php.net/manual/en/function.return.php
HTTP_POST_VARS is depricated (still works though) $_POST has replaced:
http://www.php.net/manual/en/reserved.variables.php#reserved.variables.post
Basically $_POST is an associative array of form values submitted using the POST method - you should look at http://www.php.net/manual/en/reserved.variables.php#reserved.variables.get to.
Regards
John
---- Original Message ----
From: Alexander Ross
Date: Sun 7/7/02 21:33
To: php-generallists.php.net
Subject: [PHP] newbie: a couple basic questions
1) in a fuction, does a return statment automatically exit the function as well? 2) can someone give me a better explination of $HTTP_POST_VARS
-- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
attached mail follows:
Hi Jeremy
You might try the following:
1. set your form elements up so each input can be accessible as part of an associative array e.g.
<FORM ...> <input type="text" name="input_array[forename]" value=""> <input type="text" name="input_array[lastname]" value=""> </FORM>
2. create a trusted fields array in your mailing script:
$trusted_fields = array("forename", "surname");
order this array in the order you wish the form items to be mailed, e.g. forename, surname, address etc.
3. loop through each item in the trusted fields array and get the value of the corresponding field out of the input_array, build the body of your email and send as required - as you go through each field you can do form validation, and format the output as required, for example:
foreach ($trusted_fields as $trusted_field) { if (!empty($input_array[$trusted_field])) $body .= $trusted_fields[$trusted_field] . ":" . $input_array [$trusted_field] . "\n"; }
This in theory will build the body as field: field_value\n.. for each field in the the trusted_fields array that is not empty.
code untested - but concept should work.
Rgds
John
---- Original Message ----
From: Jeremy Bowen
Date: Sun 7/7/02 6:31
To: php-generallists.php.net
Subject: [PHP] Mailing all the elements of a form
Hey,
I have looked in PHP manual but I cannot seem to find what I am looking for.
I have a very large form that I need to be able to mail. I just don't want to have to code all of the field into my mail() function.
Thanks,
Jeremy
-- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
attached mail follows:
Hallo.
I'm trying to compile PHP 4.2.1 on a SuSE 7.2 server and can't go on because of the following error:
checking for MySQL support... yes checking size of char... 1 checking size of int... (cached) 4 checking size of long... (cached) 4 checking size of long long... 8 checking for size_t... (cached) yes checking whether time.h and sys/time.h may both be included... yes checking for uid_t in sys/types.h... (cached) yes checking for type ulong... yes checking for type uchar... no checking for type uint... yes checking for type ushort... yes checking for int8... no checking base type of last arg to accept... socklen_t checking return type of qsort... void configure: error: Cannot find header files under /usr/include/mysql Bad exit status from /home/askwar/RPM/tmp/rpm-tmp.64223 (%build)
config.log has these last lines:
configure:39891: checking base type of last arg to accept configure:39919: g++ -c -DEAPI_MM -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 -DHARD_SERV ER_LIMIT=2048 -DDYNAMIC_MODULE_LIMIT=128 -DLINUX=22 -DMOD_SSL=208103 -DEAPI -DUSE_EXPAT co nftest.C 1>&5 configure:39968: checking return type of qsort configure:39985: gcc -c -O2 -m486 -fno-strength-reduce -fPIC -DHAVE_LIBDL=1 -I/usr/includ e/gd -DEAPI_MM -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 -DHARD_SERVER_LIMIT=2048 -DDYNA MIC_MODULE_LIMIT=128 -DLINUX=22 -DMOD_SSL=208103 -DEAPI -DUSE_EXPAT conftest.c 1>&5 configure:39975: warning: garbage at end of `#ifdef' argument
I called configure with these parameters:
CFLAGS="-O2 -m486 -fno-strength-reduce -fPIC -DHAVE_LIBDL=1 \ -I/usr/include/gd" \ LDFLAGS= \ EXTRA_LIBS="-L/usr/X11R6/lib/ -lpng -lXpm -lssl -lncurses" \ ./configure i386-suse-linux --prefix=/usr/share --datadir=/usr/share/php --bindir=/usr/bin --libdir=/usr/share --includedir=/usr/include --with-config-file-path=/etc --with-exec-dir=/usr/lib/php/bin --with-mm --with-apxs=/usr/sbin/apxs --enable-versioning --enable-yp --enable-bcmath --enable-trans-sid --enable-inline-optimization --enable-track-vars --enable-magic-quotes --enable-safe-mode --enable-sockets --enable-sysvsem --enable-sysvshm --enable-shmop --enable-calendar --enable-mbstring --enable-mbstr-enc-trans --enable-exif --enable-memory-limit --enable-wddx --enable-filepro --enable-dbase --enable-ctype --disable-debug --enable-force-cgi-redirect --enable-discard-path --enable-sigchild --with-pear=/usr/share/php/pear --with-pgsql=/usr --with-mysql=/usr/include/mysql --with-imap=yes --with-imap --with-imap-ssl --with-curl --enable-cli --with-mhash --with-ming --with-recode --with-iconv --with-dom --with-dom-xslt --with-dom-exslt --with-gd=yes --enable-gd-native-ttf --enable-gd-imgstrttf --with-tiff-dir=/usr --with-jpeg-dir=/usr --with-png-dir=/usr --with-xpm-dir=/usr/X11R6 --with-ttf --with-freetype --with-freetype-dir=/usr/include/freetype2 --with-t1lib --with-zlib=yes --with-bz2 --with-gmp --with-mcal=/usr --with-sablot --with-ftp --enable-ftp --with-gdbm --with-ndbm --with-qtdom=/usr/lib/qt --with-openssl --with-snmp --enable-ucd-snmp-hack --with-gettext --with-mcrypt --with-ncurses --enable-dbx --enable-mbregex
When I use --with-mysql instead of --with-mysql=/usr/include/mysql, I can compile PHP with no errors. /usr/include/mysql contains:
host:/S.u.S.E. # ls -la /usr/include/mysql total 256 drwxr-xr-x 2 root root 4096 Jun 25 16:10 . drwxr-xr-x 57 root root 8192 Jul 7 22:02 .. -rw-r--r-- 1 root root 3864 Jun 18 2001 chardefs.h -rw-r--r-- 1 root root 3437 Jun 18 2001 dbug.h -rw-r--r-- 1 root root 1979 Jun 18 2001 errmsg.h -rw-r--r-- 1 root root 9263 Jun 18 2001 history.h -rw-r--r-- 1 root root 3449 Jun 18 2001 keymaps.h -rw-r--r-- 1 root root 5846 Jun 18 2001 m_ctype.h -rw-r--r-- 1 root root 7452 Jun 18 2001 m_string.h -rw-r--r-- 1 root root 19072 Jun 18 2001 my_config.h -rw-r--r-- 1 root root 30141 Jun 18 2001 my_global.h -rw-r--r-- 1 root root 1579 Jun 18 2001 my_list.h -rw-r--r-- 1 root root 1324 Jun 18 2001 my_net.h -rw-r--r-- 1 root root 1206 Jun 18 2001 my_no_pthread.h -rw-r--r-- 1 root root 21161 Jun 18 2001 my_pthread.h -rw-r--r-- 1 root root 24248 Jun 18 2001 my_sys.h -rw-r--r-- 1 root root 10562 Jun 18 2001 mysql.h -rw-r--r-- 1 root root 8598 Jun 18 2001 mysql_com.h -rw-r--r-- 1 root root 558 Jun 18 2001 mysql_version.h -rw-r--r-- 1 root root 6959 Jun 18 2001 mysqld_error.h -rw-r--r-- 1 root root 5836 Jun 18 2001 raid.h -rw-r--r-- 1 root root 24120 Jun 18 2001 readline.h -rw-r--r-- 1 root root 1605 Jun 18 2001 sslopt-case.h -rw-r--r-- 1 root root 1296 Jun 18 2001 slopt-longopts.h -rw-r--r-- 1 root root 1235 Jun 18 2001 sslopt-usage.h -rw-r--r-- 1 root root 1013 Jun 18 2001 sslopt-vars.h -rw-r--r-- 1 root root 2724 Jun 18 2001 tilde.h
These files belong to the SuSE mysql-devel-3.23.37-24 RPM.
Does anyone have an idea about why this error happens?
Thanks a lot,
Alexander Skwar
-- How to quote: http://learn.to/quote (german) http://quote.6x.to (en) Homepage: http://www.iso-top.de | Jabber: askwar
attached mail follows:
Alexander Skwar wrote:
> When I use --with-mysql instead of --with-mysql=/usr/include/mysql, I > can compile PHP with no errors. /usr/include/mysql contains:
Solved. I need to call --with-mysql=/usr and not use the full path to the mysql includes.
Alexander Skwar
-- How to quote: http://learn.to/quote (german) http://quote.6x.to (en) Homepage: http://www.iso-top.de | Jabber: askwar
attached mail follows:
I've searched the entire archives and google for a solution to this. There are plenty of references to the "Unable to fork" error.. most having to do with a bug in PHP 4.02. I writing the script for a remote Windows server running PHP 4.21 so the bug shouldn't be a problem.. I can only assume I am not doing it correctly. The script simply needs to convert a file using ImageMagick stored in c:\Program Files\ImageMagick...
I've tried.. $cmd = "c:\\Program Files\\ImageMagick\\convert -quality 80 -antialias -sample '".$x."x".$y."' '$obj' '$dest'"; system($cmd);
And on a tip that I found in the list archives I tried.. $cmd = "convert /c dir c:\\Program Files\\ImageMagick -quality 80 -antialias -sample '".$x."x".$y."' '$obj' '$dest'"; system($cmd);
Both return Unable to Fork errors.. Warning: Unable to fork [convert /c dir c:\Program Files\ImageMagick -quality 80 -antialias -sample '320x240' 'C:\PHP\uploadtemp\php43.tmp' 'e:/NLObjects/thumb.jpg'] in c:\inetpub\wwwroot\exchange_tmp\uploadtest.php on line 72
I have used ImageMagick successfully on a UNIX server. But I didn't have to specify the location of the convert tool. This is Windows server and I really don't have a clue if I am doing this correctly. Any help will be greatly appreciated.
-Kevin
attached mail follows:
I'm using argosoft's mailserver with SMTP authentication, and would like to know how to pass the usr & pwd inside php's mail() function. Please help me out here, I've RT*M without gaining an understanding of this.
TIA,
Kirk
attached mail follows:
Hello,
On 07/07/2002 07:49 PM, Kirk Babb wrote: > I'm using argosoft's mailserver with SMTP authentication, and would like to > know how to pass the usr & pwd inside php's mail() function. Please help me > out here, I've RT*M without gaining an understanding of this.
No, mail() function does not have any support for authentication.
You may want to try to use this SMTP client message sending class that supports most common forms of SMTP authentication automatically.
http://www.phpclasses.org/smtpclass
--Regards, Manuel Lemos
attached mail follows:
Thanks - I'm heading there now. I appreciate the help.
-Kirk
"Manuel Lemos" <mlemosacm.org> wrote in message
news:3D28CACA.5010904acm.org...
> Hello,
>
> On 07/07/2002 07:49 PM, Kirk Babb wrote:
> > I'm using argosoft's mailserver with SMTP authentication, and would like
to
> > know how to pass the usr & pwd inside php's mail() function. Please
help me
> > out here, I've RT*M without gaining an understanding of this.
>
> No, mail() function does not have any support for authentication.
>
> You may want to try to use this SMTP client message sending class that
> supports most common forms of SMTP authentication automatically.
>
> http://www.phpclasses.org/smtpclass
>
>
> --
>
> Regards,
> Manuel Lemos
>
attached mail follows:
>In public key cryptography, it is the *keys*, not the digital >certificate that encrypt/decrypt the communication.
Okay.
I break into his co-lo, I walk off with his computer, and I break into his office, I walk off with his computers, I kill the guy, and I kidnap his wife.
I have everything.
I have his Certs, his keys, his server, his domain, *EVERYTHING*.
This is not *IMPOSSIBLE*, no matter how "unlikely" it is painted.
But let me paint a more-likely scenario.
Some guy sets up a tiny on-line retail shop on his $20/month ISP. Whoo-Hooo!
He gets hacked, never even notices, and his Certs and keys are all stolen. Meanwhile, the guy good enough to do that is also good enough to routinely hijack his domain name for short periods of time.
Game Over.
How about another, even *easier* scenario.
I set up a nice little retail shop that specializes in hard-to-find items. I scour the 'net for things people can't seem to find anywhere else, not even eBay. Nothing big or really expensive, just odd parts and pieces of things.
I build a nice big web-site catalog shopping cart.
I buy a Cert for a whopping $119.
I collect the credit cards for a day or two, I charge them nine ways to Sunday, and I take off.
Game Over.
How about an even *easier* scenario:
I find a web-site that is storing the credit-card numbers in their database, and rip them off.
Game Over.
>that issued his certificate, he may as well let you run your rogue site >off of his server; it's the same difference.
Exactly!
Or, he may as well be the criminal and *GET* a C&A signed certificate for his criminal web-site.
I do not trust that a C&A Signed Cert is worth the bits its stored in.
If you trust Microsoft with Security, shop away.
>Think of it this way. Let's use https://www.amazon.com/ as an example. >Do you trust doing business with them? I sure do; at least I trust 100% >that my HTTP requests are going to get to the www.amazon.com server >safely. If someone stole their SSL certificate:
Forget amazon.com.
Real-world example from *MY* personal life: Stick with unknowncompany.com -- a site you do *NOT* know, you do *NOT* trust, but they are the only ones that have the power-supply you need to run your laptop.
You can: A) Throw away your laptop. B) Risk the fact that an unknown site with a "C&A Signed Certificate" (Ooooooh I'm impressed (not)) is the only one who can sell you the part you need to power the laptop. C) Try (and fail miserably) to find the part in "real" stores, and go back to A or B.
Yes, this really happened to me.
Yes, I really bought the thing on-line.
No, I had no trust that they weren't crooks or at least incompetents.
Yes, that's why the current system is insufficient.
Yes, that's why I think it is ridiculous that people have essentially been trained to trust that little lock icon in the browser, no matter how naive that is, and how untrustworthy it is.
>Now, on to "stealing" their domain name. All of a sudden, Amazon is >getting no traffic. Think they won't notice?
Again, forget Amazon.
There *ARE* on-line retailers who don't get any traffic, whose ISP's are so crappy their site is down all the time.
Think they would notice?
How quickly?
What's their response? Call up the ISP and complain, and the ISP says "Hmmm, it's working okay now. Probably just a network outage"
>Think it matters since the >HTTP requests you'll be receiving can't be decrypted by you anyway?
Assume I've also stolen their Cert and keys and whatever else it takes to steal your credit card number.
Yes, there are fewer sites where that's possible, but is it 0? No. Is it growing, as more and more mom-n-pop on-line stores are built on $20/month hosts with crappy Security?
Are you telling me you've never walked in to an eCommerce site to find major, huge, gaping holes in their security?
Are you telling me those sites don't exist?
Actually, assume the other way around -- I've hacked his server, stolen his Certs and private keys, and now...
Can I *sometimes* hijack his domain name, for brief periods of time? Say, a few minutes? Just long enough to steal a few CC numbers, and then "blip!" un-steal it?
Okay, *I* can't do it, but aren't there a fair number of hackers "out there" that can?
Who's gonna notice that? Some orders go missing? The site is mysteriously "down" or "off" the net for a few minutes, or maybe even *less* than a minute. A couple customer complaints. Maybe even a customer swears up and down that we must have "lost" his CC # because it's the only place he used it. *MAYBE* a good company will catch on. I bet against.
But let's even assume our site-owner *NOTICES* his stolen domain name, and maybe even knows he got hacked and the Certs and keys all got stolen.
Let's even give them the benefit of the doubt and assume they reported the hack within, oh 24 hours, to their C&A and they get a shiny new Certificate.
I, Richard Lynch, do *NOT* trust the C&A Signers (Microsoft, et al) to correctly respond to a security problem. I know that's shocking, that somebody on this planet doesn't trust Microsoft to respond to security matters in a timely fashion, but there it is.
Therefore, it is a foregone conclusion, that I simply have no more faith in that little locked icon than in an unlocked icon where it complains about an unsigned cert. There are *equally* untrusted to me.
Call me paranoid.
>>If I *really* trust the person who owns a domain name, they are going to >>take care of any hijack/theft just as quickly with an unsigned cert as they >>are with a signed cert. I don't trust the C&A people to facilitate that >>process any faster or better than somebody I actually *DO* trust in the >>first place -- The person I personally know who owns that domain name who is >>going to make damn sure they catch and rectify any hijacking with or without >>a signed Cert as fast as possible. I trust that person because I know them, >>not the C&A people I don't know personally, and who have *PROVEN* themselves >>untrustworthy. I trust people, not corporations, not technology, and >>*CERTAINLY* not the C&A Signers. >> > >This is the other major misunderstanding. How is your friend supposed to >"take care of any hijack/theft" exactly? If someone "hijacks" all of his >traffic, sure, he might notice a lack of traffic. However, what if only >a small audience is targetted? A few people mistakenly go to the wrong >www.friend.org site and do business. If there was no SSL warning letting >them know that something was wrong, they would happily do business.
If there was no SSL warning, they *STILL* don't know it's right.
And, in contrast, how do the C&A Signed Certs take care of it? Yes, I know the answer. Yes, I understand how it is *SUPPOSED* to work. No, I won't spend three paragraphs explaining it to prove it to you -- which you seem to require for everything. I don't trust in that system working. I don't trust Microsoft to get the right Cert when they revoke it. I don't trust them to revoke anything at all. I don't trust them period.
If I don't trust them, *WHY* *WHY* *WHY* do you think I should trust their little signing-scheme. Just pretend I actually understood it, which I do, but you refuse to believe -- If I don't trust the signers of the signature, why trust the signature?
>Your friend may be the best Web surfer in the world, but I doubt he can >keep up with every Web site on the Web at all times to make sure that no >one else is impersonating him. He has to rely on the technology, and >that technology is SSL.
*NOBODY* can be 100% certain that *RIGHT* *NOW* even Amazon.com hasn't been hacked *SOOOO* badly that they're being impersonated, complete with Certs, keys, and their entire database of stored credit card numbers on that second computer with only a land-line in a "secure" room hasn't been physically stolen. Might be "Mission Impossible" for that last bit, but you don't *know* it.
And you for sure don't know that joesbotique.com hasn't been stolen -- That's a no-brainer.
>That's all for me. I'm going to start charging you for more information >about SSL. :)
When you tell me something about SSL and HTTPS that I don't know, I'll pay.
Meanwhile, just because I don't spend 50 pages explaining how it works in glorious detail, don't assume I *don't* know how it works.
I know how it's supposed to work. I don't trust it will really be done right.
>I still strongly suggest you read a book. I even suggested >a single 50 page chapter that will probably clarify everything for you. >You seem to think you have a grasp about what is going on, but I can >assure you that you don't.
You have not said a single thing that is "new" to me. I've already *READ* that chapter, and many others. You are still assuming I don't know things that I do know.
Maybe I even know more than you (Not likely).
I know enough to know this: I do not trust the C&A Signers. Therefore, I do not trust the system which allegedly makes that little icon more secure for a signed Cert. They are equally untrusted.
>I don't know how much clearer I can get. I've got other work to do.
Same here.
-- Like Music? http://l-i-e.com/artists.htm
attached mail follows:
Or, even easier and "no tech", I get a low-paying job in some convenience store, and make copies of the credit card receipts.
Game Over.
Using a credit card anywhere involves trust. Period. End of story.
-----Original Message-----
From: Richard Lynch [mailto:richphpbootcamp.com]
How about an even *easier* scenario:
I find a web-site that is storing the credit-card numbers in their database, and rip them off.
Game Over.
attached mail follows:
I think I'm going to forget trying to explain the technical details, because somehow this conversation is completely missing the point now. :)
SSL allows you to be sure that your credit card number is getting safely and securely to the Web site identified by a certain domain name. That's all it does, but that is not something trivial. Are you trusting a domain name by trusting SSL? No, not exactly. You are trusting the system that I explained in great detail to ensure that your communication is reaching that domain name securely (not just encrypted). This is a significant thing, and it is a system that I have great respect for.
Everything else is no different than using your credit card at a physical establishment, so it's not really helpful to debate those points anyway.
Chris
P.S. - CA means Certificate Authority. C&A means Certification and Accreditation. The two cannot be used interchangeably.
attached mail follows:
on 08/07/02 10:48 AM, Mark Charette (charettewoodwind.org) wrote:
> Or, even easier and "no tech", I get a low-paying job in some convenience > store, and make copies of the credit card receipts. > > Game Over. > > Using a credit card anywhere involves trust. Period. End of story.
Couldn't agree more. Went out for lunch yesterday, and the waiter had my card for at least 5 minutes. Worse still, they've probably got 5 years of receipts and cc#'s (with signatures!!) stored in a cardboard box in their office.
I think the only difference (I guess) between the offline and online worlds is that 1000's of CC#'s stored online in a digital format (eg database) is a lot more enticing than 1000's of cc#'s stored on little bits of paper.
I guess to a "hacker" the thought of breaking a password is a little more enticing than breaking a window too!
Justin French
attached mail follows:
Personally, I think the concept of NEEDING https is a bit rediculous.
Generally, trying to get through the front door, would be the same as trying to get through a concrete wall with a baseball bat...
Now, finding a back door, and getting at THEIR database is the REAL key. people don't generally try and hack routers... most current router systems haven't been hacked.. there are attempts, same as anything else.. it just isn't very common.
if you can steal the keys, you can steal the database, which holds more than stealing a site for a few minutes.
-- ======================================================================= Michael J. Ryan - tracker1[*at*]theroughnecks.com Roughneck BBS: http://www.theroughnecks.net telnet://theroughnecks.net ======================================================================= Y!: aztracker1 - aim: azTracker1 - icq: 4935386 - msn: see email One program for aim/icq/yahoo/msn/irc - http://www.trillian.cc/"Richard Lynch" <rich
attached mail follows:
ðÒÉ×ÅÔ!
>> Chris Shiflett wrote: > it is very misleading and would indicate that I > have very little knowledge about PKI systems,
Come on, nobody here would ever think of that. Especially since most of us (put me as first one in the list) should know much more about PKI ourselves before judging anybody's knowledge :) Which is why we keep making questions that sometimes may be pretty absurd.
> I was trying to point out > how insecure this model would be if encryption were all that SSL > provided and the only trust involved was the trust of a domain name.
Yes, I've got it now.
> No government, as far as I know, can break the public key cryptography > currently being used by most SSL-enabled sites (using the strong > security - 128 bit certificates). This includes the United States.
I was saying this because I remember (maaany years ago, when the whole PGP thing started) reading some fire exchanges about RSA keys and the way the encrypting chips were going to be "friendly" to american eyes. Honestly, at that time I was not that interested to the issue and I just gave it a quick read, which left me with a wrong opinion.
> Now, SSL only encrypts your communication in transit, of course. I'm > sure your local government could find a way to make the entity you are > communicating with release the information in the communication to them. > This is, of course, outside the scope of SSL.
And outside the scope of my worries :) I am responsible for the software I deliver, whatever happens out of it is none of my bag :)
> However, it is adequate to know that one key is used to do the > encrypting, while the other is used for the decrypting. These are > generally referred to as public and private keys, because one is made > available to the public while the other is kept safely stored (in the > case of Web browsers, it is stored in the certificate repository of the > browser).
Yes, glad that I did use PGP sometimes :) this part is clear :) So Verisign is actually just "signing" the key as I did on PGP and that means anyone trusting me can trust you if they receive a message signed with your key, because when evaluating the message they will now it';s been signed by a key that I would trust myself. Right? Man, I don't even wanna imagine where and how Verisign password is kept LOLOL
> Digital certificates solve this problem. A digital certificate, as RSA > describes it, is a document that says: > > "I guarantee that this particular public key is associated with this > particular user; Trust me!"
So actually, when you spend your $200 what happens is: 1) Verisign (or whoever) starts a process to control they really wanna play with you (and this has nothing to do with IT or SSL, they will have their own policies) 2) Verisign (or whoever) starts a process to control your public key and possibly something else in your system 3) If the above has a positive answer they just sign your kay and hand it over to you. So there is no need for a central db. Trust is *in* the key and need not be searched for. The only thing to do is to verify that the trusting key has not been revoked.
That is, if it works like PGP. But this is probably too easy, as this way they would have no way to revoke my key without invalidating all keys on this planet. So this is a simplification. But just tell me if I got the basic message.
> So, assuming for the moment that we trust the certificate, we can assume > that a particular public key belongs to a particular user. For example, > you can be guaranteed that a public key belongs to me (Chris Shiflett) > and thus, only Chris Shiflett will be able to decrypt the communication. > If someone is trying to pose as me, you may send them encrypted > communication, but they won't be able to decrypt it.
Yes, because they have stolen the public key and could crypt the question but since they have not the private key they cannot open the answer.
> Well, I disagree that this has nothing to do with the SSL protocol > itself. Identification is a very important part of enabling secure > transactions to take place over the Web. Without this, there would be no > "ecommerce" as it has been dubbed. ... > Of course, as users of Web browsers such as Netscape and Internet > Explorer, we have to trust AOL/Time Warner and Microsoft, respectively, > (yeah, scary thought) to only trust CAs that have high integrity, > security, etc. An extensive C&A (Certification and Accredidation) > process is used to make this guarantee.
Yes, but this is the part I doubt. When I buy a certificate from Kiev, how on earth those guys sitting in Washington are to know who I am and what I do for a living? They will have to handle the job to someone else. This layering of delegations will include banks and governmental stuff, and there is no such thing as a government that will not accept bribery.
Chris, what me and Richard doubt is *NOT* the tech factor. That part is okay. But is a man taking the final decision as whether to sign the certificate or not. And everybody is for sale on this planet. Everybody. It just depends on the price you can pay. You are going to kill your own mother if I put 100 billion dollars on the table. You are, as I am and anybody is. It's easy to moral while the bucks are in the realm of examples, but once they are phisically on the table everybody is for sale. At least, that's my own life experience.
What we *do not* believe (correct me Richard if I misunderstood you) is that Verisign (or whoever in their place) will actually do more than verifying that www.goodguys.org is really existing and it's there. And this is just a protection against hackers but has nothing to with consumer's privacy or security. People at goodguys.org will not be checked anyway as far as they behaviour as a company is concerbed (that would cost *much* more than $200 and it would be way to easy for the crooks to buy themselves a virginity by doubling the money).
Which is why I still like better to transfer all credit card processing to banks and have my sites saying that "WE DO NOT PROCESS CREDIT CARDS AT ALL". When they want to pay they see a bank logo and domain, not mine. And if anything goes wrong it will be a bank problem, not mine.
But certifying is now clear. And that means that I can use the trust chain in order to allow secure communications myself. When all I need is protection from intrusions this will be just perfect. And yes, I can have my customers pay $200 for that. It looks good and it also *is* good.
> >> Now, there's a question regarding point 4). What if someone from >> www.goodguys.com >> gets the certified key pair and hands it over to some crook outside >> the company? I hope this is not just as easy as it sounds (the key >> pairs will probably check something in the environment before starting >> to shout "YEAAAH!! IT'S MEEE!!!") but still... > > This would be a scary thought. Luckily it's not possible. A key pair is > unique per Web server, right? Well, recall that the digital certificate > only guarantees that a certain public key belong to a certain entity (in > this case, a Web server).
There is a post saying the just transfered the keys. How? Maybe they just signed the new keys with the old ones? This is even *more* scary. But it can't be. The planet would be full of replicant keys. So what?
> So, for your above scenario to work, the crook outside the company would > have to be handed the actual Web server software as it is currently > compiled (for example, hand him the whole physical server) to be able to > use that digital certificate. In addition to this, the crook would also > need to trick someone's computer into resolving the domain name to be > *his* IP address rather than the real one.
Copy the stlen keys to the new server, do a small virus that will write the host table for a few hours a day and then restore it on any win32 machine and you have done that. No problems. And since you could copy the keys you will have no trouble in stealing away a full copy of the site. You might not get the data as usually they have different admins and this would require a bit too risky an intrusion (two people knowing you is way too much) but you can just redirect users to get the real output while you get the input as man-in-the-middle.
It's the keys that worry me, host table is just one click away on 99,99% of customers machines. Again, I am talking security on internal communications, not really ecommerce, as banks do ecommerce much better than I will be ever be able to do myself.
> In practice, however, not only is this extremely > hypothetical, but the people at www.goodguys.com would surely have found > out about this (their Web site is gone, all of a sudden)
Not if you use the host table on the client machine and do it as a man-in-the-middle. www.goodguys.com would not see anything at all (apart from users complaints about slow performance). I am afraid the only way is to revoke old keys and generate a new pair at short random intervals. To make sure no one can use stolen keys. Again, this is for internal communications, not for the Verisign thingy. Am I right?
But still... current communications would be still going on, because they use the key that was generated on the fly with the old pair. Or not? If it's so you could close the attack window by regenerating the key pair at *any* new session. Right?
ÐÏËÁ áÌØÂÅÒÔÏ ëÉÅ×
--
LoRd, CaN yOu HeAr Me, LiKe I'm HeArInG yOu? lOrD i'M sHiNiNg... YoU kNoW I AlMoSt LoSt My MiNd, BuT nOw I'm HoMe AnD fReE tHe TeSt, YeS iT iS ThE tEsT, yEs It Is tHe TeSt, YeS iT iS ThE tEsT, yEs It Is.......
attached mail follows:
On Mon, 8 Jul 2002, Alberto Serra wrote: > Chris Shiflett wrote: >> Of course, as users of Web browsers such as Netscape and Internet >> Explorer, we have to trust AOL/Time Warner and Microsoft, respectively, >> (yeah, scary thought) to only trust CAs that have high integrity, >> security, etc. An extensive C&A (Certification and Accredidation) >> process is used to make this guarantee. > > Yes, but this is the part I doubt. When I buy a certificate from Kiev, > how on earth those guys sitting in Washington are to know who I am and > what I do for a living? They will have to handle the job to someone > else. This layering of delegations will include banks and governmental > stuff, and there is no such thing as a government that will not accept > bribery.
We (in the USA) bought our corporate certificate from Thawte, a company in South Africa.
You wouldn't believe the amount of stuff they had me dredge up; it was like a scavenger hunt. I had to get the lawyers to dig out the official incorporation documents; I had to get accounting to dig out all sorts of tax bills; I had to get phone bills and executive signatures and who knows what else. When I sent them some Delaware incorporation document, they were familiar enough with the format to know that an (unnumbered) page was missing, and to ask me to find it and fax it to them.
> What we *do not* believe (correct me Richard if I misunderstood you) is > that Verisign (or whoever in their place) will actually do more than > verifying that www.goodguys.org is really existing and it's there. And > this is just a protection against hackers but has nothing to with > consumer's privacy or security. People at goodguys.org will not be > checked anyway as far as they behaviour as a company is concerbed (that > would cost *much* more than $200 and it would be way to easy for the > crooks to buy themselves a virginity by doubling the money).
Nobody thinks they're checking whether or not goodguys.com are good guys. It is your job as a consumer to research them. Once you have researched them and decided to do business with them, the certificate authority gives you a pretty solid basis for believing that you actually are dealing with the people you were prepared to trust. That's the point.
miguel
attached mail follows:
Alberto Serra wrote:
>> However, it is adequate to know that one key is used to do the >> encrypting, while the other is used for the decrypting. These are >> generally referred to as public and private keys, because one is made >> available to the public while the other is kept safely stored (in the >> case of Web browsers, it is stored in the certificate repository of >> the browser). > > > Yes, glad that I did use PGP sometimes :) this part is clear :) So > Verisign is actually just "signing" the key as I did on PGP and that > means anyone trusting me can trust you if they receive a message > signed with your key, because when evaluating the message they will > now it';s been signed by a key that I would trust myself. Right?
I have very little experience with PGP, so I can't confirm the similarities here. However, I think you may be still misunderstanding the role of VeriSign (I could easily be wrong). I'll explain it again briefly, just to be certain.
The asymmetric cryptography that guarantees your HTTP communication cannot be decrypted except by the final recipient is only half (or less than half) of the battle. You need to also have some sort of assurance that the final recipient is who they claim to be and not an imposter.
When you apply for a digital certificate from VeriSign, you must present a request in a specific format. Part of this process of purchase involves you proving that you are the holder of the public key (verified by the generation of the request by your Web server software) and the legitimate owner of the specific domain name the certificate is being used for. With this information, VeriSign will use the fact that pretty much every Web client on the planet trusts VeriSign to issue you a certificate that says:
"We, VeriSign, assure you that the following public key belongs to www.niceguy.org."
This means that nearly every Web client on the planet will trust that the public key mentioned in that digital certificate really belongs to www.niceguy.org, so any communication encrypted with it can only be decrypted by the private key of www.niceguy.org.
>> Digital certificates solve this problem. A digital certificate, as >> RSA describes it, is a document that says: >> >> "I guarantee that this particular public key is associated with this >> particular user; Trust me!" > > > So actually, when you spend your $200 what happens is: > 1) Verisign (or whoever) starts a process to control they really wanna > play with you (and this has nothing to do with IT or SSL, they will > have their own policies) > 2) Verisign (or whoever) starts a process to control your public key > and possibly something else in your system > 3) If the above has a positive answer they just sign your kay and hand > it over to you. So there is no need for a central db. Trust is *in* > the key and need not be searched for. The only thing to do is to > verify that the trusting key has not been revoked.
VeriSign doesn't do extensive checks on your use of the digital certificate, because that is all outside of the scope of SSL. Their methods are to ensure that the claim they are making in the digital certificate (mentioned above) is true. Since that's all they're guaranteeing, that's all they need to ensure.
Also, VeriSign does keep a central repository of all digital certificates it has issued. Next time you are on an SSL site, go into the security configuration menus specific to your browser and see if you can find a way to verify the certificate. This will manually kick off the process to verify the certificate with the CA. You can revoke a certificate to make it fail this check and pretty much render it useless, except that people can still use it to encrypt email.
>> So, assuming for the moment that we trust the certificate, we can >> assume that a particular public key belongs to a particular user. For >> example, you can be guaranteed that a public key belongs to me (Chris >> Shiflett) and thus, only Chris Shiflett will be able to decrypt the >> communication. If someone is trying to pose as me, you may send them >> encrypted communication, but they won't be able to decrypt it. > > > Yes, because they have stolen the public key and could crypt the > question but since they have not the private key they cannot open the > answer.
Actually, what I meant here is not that they will even use the public key, but that other people whose browsers are tricked into thinking they're really talking to www.niceguy.org will use niceguy.org's public key to encrypt the communication. Then, only niceguy.org will be able to decrypt the communication, regardless of who receives it.
The digital certificate is quite public itself. If you go to an SSL-enabled site, you can view theirs (since they have to present it to your browser). The statement it makes doesn't change, so it doesn't matter if the criminal has possession of it; it's public anyway (just like the key). The private key is the important part, and "stealing" this isn't nearly as trivial as it has been made to sound. It would take far too much time to explain why this is so difficult, and I would probably do a poor job anyway.
> What we *do not* believe (correct me Richard if I misunderstood you) > is that Verisign (or whoever in their place) will actually do more > than verifying that www.goodguys.org is really existing and it's > there. And this is just a protection against hackers but has nothing > to with consumer's privacy or security. People at goodguys.org will > not be checked anyway as far as they behaviour as a company is > concerbed (that would cost *much* more than $200 and it would be way > to easy for the crooks to buy themselves a virginity by doubling the > money).
This is mostly accurate. Like I said, VeriSign is only making a statement that you are the legitimate and sole owner of a particular public key. The job of the digital certificate is to remove the dangers of online commerce. It does not add protections that are unavailable in the "real" world.
Thinking of using a credit card online as analogous to mailing your credit card to a company using physical mail. SSL provides a way to guarantee that your credit card is safe and secure until it reaches its final destination. If you have to do business with a shady company because you depend on their service, no technology is going to help you, and no one has tried to claim that it can. SSL just removes the additional dangers that would be present doing business online.
> Which is why I still like better to transfer all credit card > processing to banks and have my sites saying that "WE DO NOT PROCESS > CREDIT CARDS AT ALL". When they want to pay they see a bank logo and > domain, not mine. And if anything goes wrong it will be a bank > problem, not mine.
I think this is a wise approach, personally. Some would argue that it is slightly less convenient, but if you are concerned with people trusting you, this might ease their worries and coerce them into doing business with you.
>> This would be a scary thought. Luckily it's not possible. A key pair >> is unique per Web server, right? Well, recall that the digital >> certificate only guarantees that a certain public key belong to a >> certain entity (in this case, a Web server). > > > There is a post saying the just transfered the keys. How? Maybe they > just signed the new keys with the old ones? This is even *more* scary. > But it can't be. The planet would be full of replicant keys. So what?
You can actually export a Web server's keys. I didn't want to bring this up before, because it adds unnecessary doubt to the security of the whole operation without adequate explanation, and I don't have the time nor the background to adequately explain this particular point. Perhaps someone else can.
Suffice it to say that exporting/importing a key is analogous to the "mv" command in UNIX, not the "cp" command. There will only be one copy of the key.
I think I'm going to compile all of my SSL explanations into a more clear and informative explanation and post it on the Web somewhere. I've ended up explaining a great deal about the technical details, because I somehow felt as if I were having to defend the legitimacy of the whole technology. :)
Happy hacking.
Chris
attached mail follows:
Miguel Cruz wrote:
>Nobody thinks they're checking whether or not goodguys.com are good guys. >It is your job as a consumer to research them. Once you have researched >them and decided to do business with them, the certificate authority gives >you a pretty solid basis for believing that you actually are dealing with >the people you were prepared to trust. That's the point. >
Miguel is absolutely right, and he probably did a better job at making this more clear, since I seem to be failing miserably. :)
attached mail follows:
ðÒÉ×ÅÔ!
This is for Chris and Miguel and all the people who threw in infos.
I just wanted to thank you all :) It's been really useful, and yes Chris, I guess you should post an explanation of the process somewhere. Most of us are prepared to use HTTPS but we can hardly explain our customers (and ourselves) what the hell we are doing.
ÐÏËÁ áÌØÂÅÒÔÏ ëÉÅ×
--
LoRd, CaN yOu HeAr Me, LiKe I'm HeArInG yOu? lOrD i'M sHiNiNg... YoU kNoW I AlMoSt LoSt My MiNd, BuT nOw I'm HoMe AnD fReE tHe TeSt, YeS iT iS ThE tEsT, yEs It Is tHe TeSt, YeS iT iS ThE tEsT, yEs It Is.......
attached mail follows:
>To test global variables, I wrote the following PHP script: > >(1)<?php >(2)session_start(); >(3)session_register("counter"); >(4)$counter++; >(5)echo "$counter"; >(6)// header ("location:statistics/contents.php"); > >PS: Richard, thank you for your reply, but I still don't understand why is >not passed.
Once you tell the browser to go somewhere else, *EVERYTHING* else you might have told it is ignored.
It might not be the way it ought to be, but that's the way it is.
One of the things it will ignore is the Cookies sent with session_start()
So if the browser ignores those Cookies, it doesn't them back on the next page, and PHP doesn't realize it's the same browser.
*IF* you alter your header() to include the SESSION ID that the cookies should have sent, you will achieve success:
header("Location: statistics/contents.php?PHPSESSID=", session_id());
-- Like Music? http://l-i-e.com/artists.htm
attached mail follows:
please I want them to erase me of their mail lists
sincerely
Rodolfo Contreras
attached mail follows:
On Sun, 7 Jul 2002, Rodolfo Contreras T. wrote: > please I want them to erase me of their mail lists
In every single message from the list it say:
list-unsubscribe: <mailto:php-general-unsubscribelists.php.net>
So why not send a message to php-general-unsubscribelists.php.net ? I
think you will like the results.
miguel
attached mail follows:
Hi all,
Call me crazy if you want but I'm programming Haskell Code in PHP :-). I need some help to find a way to implement the Haskell flip function. Let me introduce flip:
Flip receives two arguments: arg1 and arg2 arg1 must be the name of a function taking two arguments, name it f(x1,x2) arg2 is any variable
Flip returns a function taking one argument, name it g(x), if you call g(foo) then the result will be the same as calling f(foo,arg2).
Example: function add($x1,$x2) {return $x1+$x2;} $newfunc = flip("add",23); $result = $newfunc(12); // $result should be 23+12
I've tried with create function, for example:
function flip($f,$arg) { return create_function('$y','return '.$f."($arg".',$y);'); }
But if you use flip("foo",$o1) where o1 is an object then it won't work.
There should be some workaround using references and who knows what... but I'm too old to find it, ideas?
Garland.
attached mail follows:
ðÒÉ×ÅÔ!
> I've tried with create function, for example: > > function flip($f,$arg) { > return create_function('$y','return '.$f."($arg".',$y);'); > } > > But if you use flip("foo",$o1) where o1 is an object then it won't work.
Never tried that on Haskell coding, but it did solve most of my trouble with objects:
function &flip(&$f,&$arg) { return create_function('$y','return '.$f."(&$arg".',$y);'); }
then
flip("foo",&$o1)
I guess you will need same experimental work (and a lot of patience), but once you can fix the root problem usually everything else goes okay.
Just watch out for null returns. If you return an unassigned variable from an object member the most fantastic things begin to happen. And before reinstalling PHP from scratch (and exploring all of the 4 letters words you can think of) you should really check that you just simply did not end over an unassigned variable :)
ÐÏËÁ áÌØÂÅÒÔÏ
--
LoRd, CaN yOu HeAr Me, LiKe I'm HeArInG yOu? lOrD i'M sHiNiNg... YoU kNoW I AlMoSt LoSt My MiNd, BuT nOw I'm HoMe AnD fReE tHe TeSt, YeS iT iS ThE tEsT, yEs It Is tHe TeSt, YeS iT iS ThE tEsT, yEs It Is.......
attached mail follows:
I'll repeat my ealier question because some people can not think for themselves..
I want to run a print job of 200+ invoices
I have a javascript code to open a print dialog box and Then go to next invoice and do the loop..
Problem I am having is that I want it to pause if the ok button on the dialog Box is not pressed.. When I run the script it fly's throught and brings up a heap of printer Dialog boxes which causes me to ctrl+alt+del...
Anyway or pausing the script untill ok is pressed?
Thanks in advance..
(PS: I have sent this to this group because 1. The loop is done in php and NOT javascript 2. My question is regarding php and pausing the loop and not with the javascript code)
------------------------------------------------------------------------
--- Chris Kay Technical Support - Techex Communications Website: www.techex.com.au Email: chris.kay
attached mail follows:
On Mon, 8 Jul 2002, Chris Kay wrote: > I'll repeat my ealier question because some people can not think for > themselves..
Why insult people who are trying to help you? Nobody gets paid to read this list; they're doing it to be nice.
> I want to run a print job of 200+ invoices > > I have a javascript code to open a print dialog box and > Then go to next invoice and do the loop.. > > Problem I am having is that I want it to pause if the ok button on the > dialog Box is not pressed.. > When I run the script it fly's throught and brings up a heap of printer > Dialog boxes which causes me to ctrl+alt+del... > > Anyway or pausing the script untill ok is pressed?
You are running into client behavior that is out of your control. If I had to print that much stuff, I'd generate one big document containing all of them, and insert page breaks. Then it would go as a single print job. If your operator is using IE, Try something like <p style="page-break-before:always"> at the top of each new invoice. Otherwise, generate RTF or PDF.
miguel
attached mail follows:
Thank you
That's what I was asking for and needed to know, I had thought of something along those lines but was interested if anyone had found a Different way, I was not intending to insult anyone, was just implying that I not be made a fool When people have not real and thought about my email.
Sorry if I upset anyone.
------------------------------------------------------------------------
--- Chris Kay Technical Support - Techex Communications Website: www.techex.com.au Email: chris.kay-----Original Message----- From: Miguel Cruz [mailto:mnc
On Mon, 8 Jul 2002, Chris Kay wrote: > I'll repeat my ealier question because some people can not think for > themselves..
Why insult people who are trying to help you? Nobody gets paid to read this list; they're doing it to be nice.
> I want to run a print job of 200+ invoices > > I have a javascript code to open a print dialog box and > Then go to next invoice and do the loop.. > > Problem I am having is that I want it to pause if the ok button on the > dialog Box is not pressed.. > When I run the script it fly's throught and brings up a heap of printer > Dialog boxes which causes me to ctrl+alt+del... > > Anyway or pausing the script untill ok is pressed?
You are running into client behavior that is out of your control. If I had to print that much stuff, I'd generate one big document containing all of them, and insert page breaks. Then it would go as a single print job. If your operator is using IE, Try something like <p style="page-break-before:always"> at the top of each new invoice. Otherwise, generate RTF or PDF.
miguel
attached mail follows:
George, it's not quite what I'm looking for but it's very similar to what I am after & would go along way to acheiving what I am after.. > > > Take a look at http://www.bucharest-accommodation.ro/flat_univstudio.php > .That is what you want? > > -- > > > Best regards, > George Nicolae >
attached mail follows:
you could do some little modifcations to something like phpnuke ( http://phpnuke.org) that could work for you.. it's primarily a news style format where people can post things to .. but you can set it so the administrator has to aprove any posts to the site..
Cheers
> -----Original Message-----
> From: César Aracena [mailto:icaamicaam.com.ar]
> Sent: Friday, 28 June 2002 3:50 AM
> To: PHP General List
> Subject: [PHP] Buy & Sell
>
>
> Hi all.
>
> Have anyone used a PHP pre-made program before that can manage
> classifieds by only administrator managed? I want to set up a Buy & Sell
> site for houses, vehicles, etc… Pretty much like a Real State on-line
> site.
>
> Any help appreciated,
>
> Cesar Aracena <mailto:webmastericaam.com.ar>
> CE / MCSE+I
> Neuquen, Argentina
> +54.299.6356688
> +54.299.4466621
>
>
attached mail follows:
I use it in front of variables (never tried it on $GLOBALS, etc though)
eg: (using register_globals = on thingo - hey don't blame me, it's the tech guys who have it on, and there's too much legacy code to turn it off :( - anyway)
<?
if ($var) { echo "Yep, var is there"; } else { echo "nope"; }
?>
-----Original Message-----
From: Scott Fletcher [mailto:scottabcoa.com]
Sent: Saturday, July 06, 2002 7:32 AM
To: php-generallists.php.net
Subject: [PHP] Re: suppressing errors with ""
No, it's not a PHP bug. The "" can not be used before a PHP variables, or
PHP pre-defined variables like $GLOBALS, $_SESSION, $_GET, $HTTP_POST_VARS,
etc. The "" is used only before the PHP function as far as I know of.
FletchSOD
"Uri Even-Chen" <webmasterspeedy.co.il> wrote in message
news:3D260D1F.51C8AEB8speedy.co.il...
> Hi,
>
> I tried to suppress warnings in isset expressions (Uninitialized string
> offset warnings). The original line was something like this:
>
> if (!(isset($GLOBALS['SPEEDY_GLOBAL_VARS']['PAGE_NAME'])))
>
> When I added the "" sign like this:
>
> if (!(isset($GLOBALS['SPEEDY_GLOBAL_VARS']['PAGE_NAME'])))
>
> My program stopped working, and I got errors like:
>
> PHP Parse error: parse error, expecting `T_VARIABLE' or `'$'' ....
>
> Eventually, I put the "" in this place:
>
> if (!(isset($GLOBALS['SPEEDY_GLOBAL_VARS']['PAGE_NAME'])))
>
> Which works, but why didn't it work the other way? Is it some kind of
> PHP bug?
>
> I'm using PHP Version 4.1.2
>
> Thanks,
> Uri.
> --------------------------------------------------------
-- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
attached mail follows:
On Sun, 7 Jul 2002, andy wrote:
> Alberto Serra <albertoserragala.net> schrieb:
>> andy wrote:
>>> One Form has a textfield, I submit it to another html site where there
>>> is another form with a textfield. Inside this textfield I place a
>>> hidden field with the value of the field from page 1 then I submit to
>>> the actual php site inserting the values into a db.
>>
>> So, let's see if I got you right:
>>
>> Form 1: a textfield, you submit it to another page (no matter whether it
>> is on the same host or not, this should not make any difference)
>>
>> Form 2 contains:
>> 1) a hidden field with the value from form 1
>> 2) another text field for new user input
>> You submit form 2 and nl2br does not work on the values of the hidden
>> field. Right?
>>
>> If that is so it's simply because once the value gets put in
>> form2/field1 it has already lost the new lines.
>> So you should run nl2br on it *before* it gets submitted the second
>> time. Do it when you send the value to form2.
>
> I did try this out, but somehow this happens:
>
> text br / br / text in new line
>
> br/ is exacly where the linebrakes should be, but instead it is typed on
> screen.
>
> Is there a solution for this?
That looks like the result of htmlentities(nl2br($string)).
Do it the other way around.
Better yet, don't call nl2br or htmlentities or anything else on data that you are inserting into your database. Madness that way lies. Instead, use those functions only when outputting data to the browser.
miguel
P.S. Please stop spamming the rec.travel.* newsgroups.
attached mail follows:
On Sun, 7 Jul 2002, Alberto Serra wrote: > A 100% robust solution should contain both, and call PHP only if jscript > is not available on the client. But this is costly and requires the two > procedures to be realigned everytime you have some change going on. Most > applications can just use javascript and forget about it.
JavaScript cannot be counted on. You don't know whether it's available, and you don't know whether it's going to work the way you think it will. Any application which places a JavaScript barrier between users and the tasks they're trying to perform is a shoddy application indeed.
miguel
attached mail follows:
Hey all, this is probably more to do with Mysql but I figured i'd ask here as well.
The problem: When connecting to the mysql server on the local machine its fine, but when you connect to a remote machine eg $db = mysql_connect("x.x.x.x", "user", "password"); and request something from the database, it connects, BUT it takes about 5 minutes...
any ideas???
Jo
attached mail follows:
Jo wrote:
>The problem: >When connecting to the mysql server on the local machine its fine, but when you connect to a remote machine >eg $db = mysql_connect("x.x.x.x", "user", "password"); >and request something from the database, it connects, BUT it takes about 5 minutes... >
I have an idea, yes. Make sure that the machine you are connecting to can do a reverse lookup on the machine you are connecting from. Meaning, either your DNS has to be properly configured to include thie remote machine, or you need to add it to your /etc/hosts file.
To see whether I'm even on the right track, try to telnet or ftp manually rather than make a database connection. You should see the same timeout condition occur, because the remote machine will basically try to see who is connecting, and if it can't figure it out, it's going to first time out before giving up.
Happy hacking.
Chris
attached mail follows:
> Hey all, this is probably more to do with Mysql but I figured i'd > ask here as well. > > The problem: > When connecting to the mysql server on the local machine its > fine, but when you connect to a remote machine > eg $db = mysql_connect("x.x.x.x", "user", "password"); > and request something from the database, it connects, BUT it > takes about 5 minutes... that depends on load on the server & or network i think... how much info are you tring to get? try it will a very small amount and see if there is a difference...
attached mail follows:
On Sat, 6 Jul 2002, markbm wrote: > I am trying to build a "product detail" page that pulls data from a > MYSQL database using PHP. The data for the page includes product images, > which I am trying to link to (i.e. from their location on the web > server) instead of loading the images into the database. However, I > cannot find any sample code that seems to work. Two questions: > > 1. Is this possible (i.e. to store the HYPERLINK to the image in the > database , and as the results are returned to the product detail screen, > the image file will be displayed)? OR RATHER do I need to store the > physical image file in the database location and query it that way?
It's obviously much easier to store the link or the file name in the database. In fact, it's so easy that I can't guess offhand what aspect of it you might be having trouble with. Perhaps you could show some more code and explain the symptoms you are observing.
miguel
attached mail follows:
Thanks for the reply. The question is how to pull that hyperlink/file location and display the image file on a PHP page. Basically, the text in the FRONT_REND field is just an image name (1855.jpg), and I store the prefix to that location on the page. I have included all the code from my page below....the issue at hand is noted by //Problem Area//. Note also, that all fields above this item are simply just retrieving text from a db field not retrieving a file from the db/web server location. Again, thanks for your help.
CODE: ===============================================
<body>
<?php
$db = mysql_connect("localhost", "username", "password");
mysql_select_db("dbname",$db);
$result = mysql_query("SELECT * FROM PRODUCTS",$db);
printf("ID: %s<br>\n", mysql_result($result,0,"ID")); printf("HPG_PLAN_ID: %s<br>\n", mysql_result($result,0,"HPG_PLAN_ID")); printf("DESIGNER: %s<br>\n", mysql_result($result,0,"DESIGNER")); printf("PLAN_NAME: %s<br>\n", mysql_result($result,0,"PLAN_NAME")); printf("EXTERIOR: %s<br>\n", mysql_result($result,0,"EXTERIOR")); printf("NUM_BEDROOMS: %s<br>\n", mysql_result($result,0,"NUM_BEDROOMS")); printf("NUM_BATHS: %s<br>\n", mysql_result($result,0,"NUM_BATHS")); printf("NUM_FLOORS: %s<br>\n", mysql_result($result,0,"NUM_FLOORS")); printf("GARAGE: %s<br>\n", mysql_result($result,0,"GARAGE")); printf("NUM_CARS: %s<br>\n", mysql_result($result,0,"NUM_CARS")); printf("FOUNDATION: %s<br>\n", mysql_result($result,0,"FOUNDATION")); printf("MAT_LIST: %s<br>\n", mysql_result($result,0,"MAT_LIST")); printf("COLOR_REND: %s<br>\n", mysql_result($result,0,"COLOR_REND")); printf("PICTURES: %s<br>\n", mysql_result($result,0,"PICTURES")); printf("REPRODUCIBLE: %s<br>\n", mysql_result($result,0,"REPRODUCIBLE")); printf("RR_REVERSE: %s<br>\n", mysql_result($result,0,"RR_REVERSE")); printf("MIRROR_REV: %s<br>\n", mysql_result($result,0,"MIRROR_REV")); printf("CAD_FILES: %s<br>\n", mysql_result($result,0,"CAD_FILES")); printf("BONUS_ROOM: %s<br>\n", mysql_result($result,0,"BONUS_ROOM")); printf("WIDTH: %s<br>\n", mysql_result($result,0,"WIDTH")); printf("DEPTH: %s<br>\n", mysql_result($result,0,"DEPTH")); printf("HEAT_SQ_FT: %s<br>\n", mysql_result($result,0,"HEAT_SQ_FT")); printf("UNHEAT_SQ_FT: %s<br>\n", mysql_result($result,0,"UNHEAT_SQ_FT")); printf("TOTAL_SQ_FT: %s<br>\n", mysql_result($result,0,"TOTAL_SQ_FT")); printf("ROOF_TYPE: %s<br>\n", mysql_result($result,0,"ROOF_TYPE")); printf("ROOF_PITCH: %s<br>\n", mysql_result($result,0,"ROOF_PITCH")); printf("SEC_ROOF_PITCH: %s<br>\n", mysql_result($result,0,"SEC_ROOF_PITCH")); printf("MAIN_CEIL_HEIGHT: %s<br>\n", mysql_result($result,0,"MAIN_CEIL_HEIGHT")); printf("PLAN_DESCRIPTION: %s<br>\n", mysql_result($result,0,"PLAN_DESCRIPTION")); printf("REL_PLAN1: %s<br>\n", mysql_result($result,0,"REL_PLAN1")); printf("REL_PLAN2: %s<br>\n", mysql_result($result,0,"REL_PLAN2")); printf("REL_PLAN3: %s<br>\n", mysql_result($result,0,"REL_PLAN3")); printf("REL_PLAN4: %s<br>\n", mysql_result($result,0,"REL_PLAN4")); printf("REL_PLAN5: %s<br>\n", mysql_result($result,0,"REL_PLAN5")); printf("REL_PLAN6: %s<br>\n", mysql_result($result,0,"REL_PLAN6")); printf("REL_PLAN7: %s<br>\n", mysql_result($result,0,"REL_PLAN7")); printf("REL_PLAN8: %s<br>\n", mysql_result($result,0,"REL_PLAN8")); printf("REL_PLAN9: %s<br>\n", mysql_result($result,0,"REL_PLAN9"));
//Problem code //
// Then show image and/or details echo "<img src=http://www.website.com/images/".$result[FRONT_REND].">";
//printf("FRONT_REND: %s<br>\n", mysql_result($result,0,'<a href=FRONT_REND></a>')); printf("REAR_REND: %s<br>\n", mysql_result($result,0,"REAR_REND")); printf("SIDE_REND1: %s<br>\n", mysql_result($result,0,"SIDE_REND1")); printf("SIDE_REND2: %s<br>\n", mysql_result($result,0,"SIDE_REND2")); printf("THMBNAIL_IMG: %s<br>\n", mysql_result($result,0,"THMBNAIL_IMG")); printf("FLRPLAN_1: %s<br>\n", mysql_result($result,0,"FLRPLAN_1")); printf("FLRPLAN_2: %s<br>\n", mysql_result($result,0,"FLRPLAN_2")); printf("FLRPLAN_3: %s<br>\n", mysql_result($result,0,"FLRPLAN_3")); printf("OTHER_IMG1: %s<br>\n", mysql_result($result,0,"OTHER_IMG1")); printf("OTHER_IMG2: %s<br>\n", mysql_result($result,0,"OTHER_IMG2")); printf("NUM_HITS: %s<br>\n", mysql_result($result,0,"NUM_HITS")); printf("PAYPAL_BUTTON: %s<br>\n", mysql_result($result,0,"PAYPAL_BUTTON"));
?>
</body>
"Miguel Cruz" <mncstoic.net> wrote in message
news:Pine.LNX.4.44.0207072029450.29387-100000stoic.net...
> On Sat, 6 Jul 2002, markbm wrote:
> > I am trying to build a "product detail" page that pulls data from a
> > MYSQL database using PHP. The data for the page includes product images,
> > which I am trying to link to (i.e. from their location on the web
> > server) instead of loading the images into the database. However, I
> > cannot find any sample code that seems to work. Two questions:
> >
> > 1. Is this possible (i.e. to store the HYPERLINK to the image in the
> > database , and as the results are returned to the product detail screen,
> > the image file will be displayed)? OR RATHER do I need to store the
> > physical image file in the database location and query it that way?
>
> It's obviously much easier to store the link or the file name in the
> database. In fact, it's so easy that I can't guess offhand what aspect of
> it you might be having trouble with. Perhaps you could show some more code
> and explain the symptoms you are observing.
>
> miguel
>
attached mail follows:
Instead of:
echo "<img src=http://www.website.com/images/".$result[FRONT_REND].">";
Wouldn't you want it to be:
echo "<img src='http://www.website.com/images/" . mysql_result($result, 0, 'FRONT_REND') . "'>';
...?
miguel
On Sun, 7 Jul 2002, markbm wrote:
> Thanks for the reply. The question is how to pull that hyperlink/file
> location and display the image file on a PHP page. Basically, the text in
> the FRONT_REND field is just an image name (1855.jpg), and I store the
> prefix to that location on the page. I have included all the code from my
> page below....the issue at hand is noted by //Problem Area//. Note also,
> that all fields above this item are simply just retrieving text from a db
> field not retrieving a file from the db/web server location. Again, thanks
> for your help.
>
> CODE:
> ===============================================
>
> <body>
>
>
>
> <?php
>
>
>
> $db = mysql_connect("localhost", "username", "password");
>
>
>
> mysql_select_db("dbname",$db);
>
>
>
> $result = mysql_query("SELECT * FROM PRODUCTS",$db);
>
>
> printf("ID: %s<br>\n", mysql_result($result,0,"ID"));
> printf("HPG_PLAN_ID: %s<br>\n", mysql_result($result,0,"HPG_PLAN_ID"));
> printf("DESIGNER: %s<br>\n", mysql_result($result,0,"DESIGNER"));
> printf("PLAN_NAME: %s<br>\n", mysql_result($result,0,"PLAN_NAME"));
> printf("EXTERIOR: %s<br>\n", mysql_result($result,0,"EXTERIOR"));
> printf("NUM_BEDROOMS: %s<br>\n", mysql_result($result,0,"NUM_BEDROOMS"));
> printf("NUM_BATHS: %s<br>\n", mysql_result($result,0,"NUM_BATHS"));
> printf("NUM_FLOORS: %s<br>\n", mysql_result($result,0,"NUM_FLOORS"));
> printf("GARAGE: %s<br>\n", mysql_result($result,0,"GARAGE"));
> printf("NUM_CARS: %s<br>\n", mysql_result($result,0,"NUM_CARS"));
> printf("FOUNDATION: %s<br>\n", mysql_result($result,0,"FOUNDATION"));
> printf("MAT_LIST: %s<br>\n", mysql_result($result,0,"MAT_LIST"));
> printf("COLOR_REND: %s<br>\n", mysql_result($result,0,"COLOR_REND"));
> printf("PICTURES: %s<br>\n", mysql_result($result,0,"PICTURES"));
> printf("REPRODUCIBLE: %s<br>\n", mysql_result($result,0,"REPRODUCIBLE"));
> printf("RR_REVERSE: %s<br>\n", mysql_result($result,0,"RR_REVERSE"));
> printf("MIRROR_REV: %s<br>\n", mysql_result($result,0,"MIRROR_REV"));
> printf("CAD_FILES: %s<br>\n", mysql_result($result,0,"CAD_FILES"));
> printf("BONUS_ROOM: %s<br>\n", mysql_result($result,0,"BONUS_ROOM"));
> printf("WIDTH: %s<br>\n", mysql_result($result,0,"WIDTH"));
> printf("DEPTH: %s<br>\n", mysql_result($result,0,"DEPTH"));
> printf("HEAT_SQ_FT: %s<br>\n", mysql_result($result,0,"HEAT_SQ_FT"));
> printf("UNHEAT_SQ_FT: %s<br>\n", mysql_result($result,0,"UNHEAT_SQ_FT"));
> printf("TOTAL_SQ_FT: %s<br>\n", mysql_result($result,0,"TOTAL_SQ_FT"));
> printf("ROOF_TYPE: %s<br>\n", mysql_result($result,0,"ROOF_TYPE"));
> printf("ROOF_PITCH: %s<br>\n", mysql_result($result,0,"ROOF_PITCH"));
> printf("SEC_ROOF_PITCH: %s<br>\n",
> mysql_result($result,0,"SEC_ROOF_PITCH"));
> printf("MAIN_CEIL_HEIGHT: %s<br>\n",
> mysql_result($result,0,"MAIN_CEIL_HEIGHT"));
> printf("PLAN_DESCRIPTION: %s<br>\n",
> mysql_result($result,0,"PLAN_DESCRIPTION"));
> printf("REL_PLAN1: %s<br>\n", mysql_result($result,0,"REL_PLAN1"));
> printf("REL_PLAN2: %s<br>\n", mysql_result($result,0,"REL_PLAN2"));
> printf("REL_PLAN3: %s<br>\n", mysql_result($result,0,"REL_PLAN3"));
> printf("REL_PLAN4: %s<br>\n", mysql_result($result,0,"REL_PLAN4"));
> printf("REL_PLAN5: %s<br>\n", mysql_result($result,0,"REL_PLAN5"));
> printf("REL_PLAN6: %s<br>\n", mysql_result($result,0,"REL_PLAN6"));
> printf("REL_PLAN7: %s<br>\n", mysql_result($result,0,"REL_PLAN7"));
> printf("REL_PLAN8: %s<br>\n", mysql_result($result,0,"REL_PLAN8"));
> printf("REL_PLAN9: %s<br>\n", mysql_result($result,0,"REL_PLAN9"));
>
> //Problem code //
>
> // Then show image and/or details
> echo "<img src=http://www.website.com/images/".$result[FRONT_REND].">";
>
>
> //printf("FRONT_REND: %s<br>\n", mysql_result($result,0,'<a
> href=FRONT_REND></a>'));
> printf("REAR_REND: %s<br>\n", mysql_result($result,0,"REAR_REND"));
> printf("SIDE_REND1: %s<br>\n", mysql_result($result,0,"SIDE_REND1"));
> printf("SIDE_REND2: %s<br>\n", mysql_result($result,0,"SIDE_REND2"));
> printf("THMBNAIL_IMG: %s<br>\n", mysql_result($result,0,"THMBNAIL_IMG"));
> printf("FLRPLAN_1: %s<br>\n", mysql_result($result,0,"FLRPLAN_1"));
> printf("FLRPLAN_2: %s<br>\n", mysql_result($result,0,"FLRPLAN_2"));
> printf("FLRPLAN_3: %s<br>\n", mysql_result($result,0,"FLRPLAN_3"));
> printf("OTHER_IMG1: %s<br>\n", mysql_result($result,0,"OTHER_IMG1"));
> printf("OTHER_IMG2: %s<br>\n", mysql_result($result,0,"OTHER_IMG2"));
> printf("NUM_HITS: %s<br>\n", mysql_result($result,0,"NUM_HITS"));
> printf("PAYPAL_BUTTON: %s<br>\n", mysql_result($result,0,"PAYPAL_BUTTON"));
>
>
>
>
>
> ?>
>
>
>
> </body>
>
> "Miguel Cruz" <mncstoic.net> wrote in message
> news:Pine.LNX.4.44.0207072029450.29387-100000stoic.net...
> > On Sat, 6 Jul 2002, markbm wrote:
> > > I am trying to build a "product detail" page that pulls data from a
> > > MYSQL database using PHP. The data for the page includes product images,
> > > which I am trying to link to (i.e. from their location on the web
> > > server) instead of loading the images into the database. However, I
> > > cannot find any sample code that seems to work. Two questions:
> > >
> > > 1. Is this possible (i.e. to store the HYPERLINK to the image in the
> > > database , and as the results are returned to the product detail screen,
> > > the image file will be displayed)? OR RATHER do I need to store the
> > > physical image file in the database location and query it that way?
> >
> > It's obviously much easier to store the link or the file name in the
> > database. In fact, it's so easy that I can't guess offhand what aspect of
> > it you might be having trouble with. Perhaps you could show some more code
> > and explain the symptoms you are observing.
> >
> > miguel
> >
>
>
>
>
attached mail follows:
> -----Original Message-----
> From: Miguel Cruz [mailto:mncstoic.net]
> Sent: Monday, July 08, 2002 12:56 AM
> To: markbm
> Cc: php-generallists.php.net
> Subject: Re: [PHP] Retrieving/Displaying hyperlinked images with PHP
>
> Instead of:
>
> echo "<img
src=http://www.website.com/images/".$result[FRONT_REND].">";
>
> Wouldn't you want it to be:
>
> echo "<img src='http://www.website.com/images/" .
mysql_result($result,
> 0, 'FRONT_REND') . "'>';
>
> ...?
>
> miguel
[César L. Aracena] What Miguel says here is completely true... you do need to call the resulting query the right way. I guess you tried to follow an example I or someone else gave you before in order to work with an array made from the resulting query. You should read some useful lessons and tricks about using arrays at www.php.net in order to be able to recognize them first and then work with them... quite handy feature I should add.
C.
>
> On Sun, 7 Jul 2002, markbm wrote:
> > Thanks for the reply. The question is how to pull that
hyperlink/file
> > location and display the image file on a PHP page. Basically, the
text
> in
> > the FRONT_REND field is just an image name (1855.jpg), and I store
the
> > prefix to that location on the page. I have included all the code
from
> my
> > page below....the issue at hand is noted by //Problem Area//. Note
also,
> > that all fields above this item are simply just retrieving text from
a
> db
> > field not retrieving a file from the db/web server location. Again,
> thanks
> > for your help.
> >
> > CODE:
> > ===============================================
> >
> > <body>
> >
> >
> >
> > <?php
> >
> >
> >
> > $db = mysql_connect("localhost", "username", "password");
> >
> >
> >
> > mysql_select_db("dbname",$db);
> >
> >
> >
> > $result = mysql_query("SELECT * FROM PRODUCTS",$db);
> >
> >
> > printf("ID: %s<br>\n", mysql_result($result,0,"ID"));
> > printf("HPG_PLAN_ID: %s<br>\n",
mysql_result($result,0,"HPG_PLAN_ID"));
> > printf("DESIGNER: %s<br>\n", mysql_result($result,0,"DESIGNER"));
> > printf("PLAN_NAME: %s<br>\n", mysql_result($result,0,"PLAN_NAME"));
> > printf("EXTERIOR: %s<br>\n", mysql_result($result,0,"EXTERIOR"));
> > printf("NUM_BEDROOMS: %s<br>\n",
> mysql_result($result,0,"NUM_BEDROOMS"));
> > printf("NUM_BATHS: %s<br>\n", mysql_result($result,0,"NUM_BATHS"));
> > printf("NUM_FLOORS: %s<br>\n",
mysql_result($result,0,"NUM_FLOORS"));
> > printf("GARAGE: %s<br>\n", mysql_result($result,0,"GARAGE"));
> > printf("NUM_CARS: %s<br>\n", mysql_result($result,0,"NUM_CARS"));
> > printf("FOUNDATION: %s<br>\n",
mysql_result($result,0,"FOUNDATION"));
> > printf("MAT_LIST: %s<br>\n", mysql_result($result,0,"MAT_LIST"));
> > printf("COLOR_REND: %s<br>\n",
mysql_result($result,0,"COLOR_REND"));
> > printf("PICTURES: %s<br>\n", mysql_result($result,0,"PICTURES"));
> > printf("REPRODUCIBLE: %s<br>\n",
> mysql_result($result,0,"REPRODUCIBLE"));
> > printf("RR_REVERSE: %s<br>\n",
mysql_result($result,0,"RR_REVERSE"));
> > printf("MIRROR_REV: %s<br>\n",
mysql_result($result,0,"MIRROR_REV"));
> > printf("CAD_FILES: %s<br>\n", mysql_result($result,0,"CAD_FILES"));
> > printf("BONUS_ROOM: %s<br>\n",
mysql_result($result,0,"BONUS_ROOM"));
> > printf("WIDTH: %s<br>\n", mysql_result($result,0,"WIDTH"));
> > printf("DEPTH: %s<br>\n", mysql_result($result,0,"DEPTH"));
> > printf("HEAT_SQ_FT: %s<br>\n",
mysql_result($result,0,"HEAT_SQ_FT"));
> > printf("UNHEAT_SQ_FT: %s<br>\n",
> mysql_result($result,0,"UNHEAT_SQ_FT"));
> > printf("TOTAL_SQ_FT: %s<br>\n",
mysql_result($result,0,"TOTAL_SQ_FT"));
> > printf("ROOF_TYPE: %s<br>\n", mysql_result($result,0,"ROOF_TYPE"));
> > printf("ROOF_PITCH: %s<br>\n",
mysql_result($result,0,"ROOF_PITCH"));
> > printf("SEC_ROOF_PITCH: %s<br>\n",
> > mysql_result($result,0,"SEC_ROOF_PITCH"));
> > printf("MAIN_CEIL_HEIGHT: %s<br>\n",
> > mysql_result($result,0,"MAIN_CEIL_HEIGHT"));
> > printf("PLAN_DESCRIPTION: %s<br>\n",
> > mysql_result($result,0,"PLAN_DESCRIPTION"));
> > printf("REL_PLAN1: %s<br>\n", mysql_result($result,0,"REL_PLAN1"));
> > printf("REL_PLAN2: %s<br>\n", mysql_result($result,0,"REL_PLAN2"));
> > printf("REL_PLAN3: %s<br>\n", mysql_result($result,0,"REL_PLAN3"));
> > printf("REL_PLAN4: %s<br>\n", mysql_result($result,0,"REL_PLAN4"));
> > printf("REL_PLAN5: %s<br>\n", mysql_result($result,0,"REL_PLAN5"));
> > printf("REL_PLAN6: %s<br>\n", mysql_result($result,0,"REL_PLAN6"));
> > printf("REL_PLAN7: %s<br>\n", mysql_result($result,0,"REL_PLAN7"));
> > printf("REL_PLAN8: %s<br>\n", mysql_result($result,0,"REL_PLAN8"));
> > printf("REL_PLAN9: %s<br>\n", mysql_result($result,0,"REL_PLAN9"));
> >
> > //Problem code //
> >
> > // Then show image and/or details
> > echo "<img
src=http://www.website.com/images/".$result[FRONT_REND].">";
> >
> >
> > //printf("FRONT_REND: %s<br>\n", mysql_result($result,0,'<a
> > href=FRONT_REND></a>'));
> > printf("REAR_REND: %s<br>\n", mysql_result($result,0,"REAR_REND"));
> > printf("SIDE_REND1: %s<br>\n",
mysql_result($result,0,"SIDE_REND1"));
> > printf("SIDE_REND2: %s<br>\n",
mysql_result($result,0,"SIDE_REND2"));
> > printf("THMBNAIL_IMG: %s<br>\n",
> mysql_result($result,0,"THMBNAIL_IMG"));
> > printf("FLRPLAN_1: %s<br>\n", mysql_result($result,0,"FLRPLAN_1"));
> > printf("FLRPLAN_2: %s<br>\n", mysql_result($result,0,"FLRPLAN_2"));
> > printf("FLRPLAN_3: %s<br>\n", mysql_result($result,0,"FLRPLAN_3"));
> > printf("OTHER_IMG1: %s<br>\n",
mysql_result($result,0,"OTHER_IMG1"));
> > printf("OTHER_IMG2: %s<br>\n",
mysql_result($result,0,"OTHER_IMG2"));
> > printf("NUM_HITS: %s<br>\n", mysql_result($result,0,"NUM_HITS"));
> > printf("PAYPAL_BUTTON: %s<br>\n",
> mysql_result($result,0,"PAYPAL_BUTTON"));
> >
> >
> >
> >
> >
> > ?>
> >
> >
> >
> > </body>
> >
> > "Miguel Cruz" <mncstoic.net> wrote in message
> > news:Pine.LNX.4.44.0207072029450.29387-100000stoic.net...
> > > On Sat, 6 Jul 2002, markbm wrote:
> > > > I am trying to build a "product detail" page that pulls data
from a
> > > > MYSQL database using PHP. The data for the page includes product
> images,
> > > > which I am trying to link to (i.e. from their location on the
web
> > > > server) instead of loading the images into the database.
However, I
> > > > cannot find any sample code that seems to work. Two questions:
> > > >
> > > > 1. Is this possible (i.e. to store the HYPERLINK to the image in
the
> > > > database , and as the results are returned to the product detail
> screen,
> > > > the image file will be displayed)? OR RATHER do I need to store
the
> > > > physical image file in the database location and query it that
way?
> > >
> > > It's obviously much easier to store the link or the file name in
the
> > > database. In fact, it's so easy that I can't guess offhand what
aspect
> of
> > > it you might be having trouble with. Perhaps you could show some
more
> code
> > > and explain the symptoms you are observing.
> > >
> > > miguel
> > >
> >
> >
> >
> >
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
attached mail follows:
On Sat, 6 Jul 2002, Zac Hillier wrote: > I'm opening a port on a remote machine presently I'm using fsockopen() which > is fine for opening the port and sending data however I'm having trouble > reading data back from the port. > > So I've considered using socket functions but do not appear to be able to > get a connection. When I run the code below pointing to 127.0.0.1 everything > runs fine however when I point to 192.168.123.193 (Another machine on the > local network without a server running) I get these errors.
You can't bind to a socket on another machine. You have to bind the socket to a local address (i.e., on your machine) and then either listen for incoming connections or initiate an outbound connection from that socket.
miguel
attached mail follows:
Can someone explain to me what the ? does. I have a vague idea of what it means in a URL (please cearify that) but I haven't the slightest what it means in php code. Thanks for your help
Alex
attached mail follows:
On Sun, 7 Jul 2002, Alexander Ross wrote: > Can someone explain to me what the ? does. I have a vague idea of what > it means in a URL (please cearify that) but I haven't the slightest what > it means in php code. Thanks for your help
Read about the ternary operator at:
http://www.php.net/manual/en/language.operators.comparison.php
miguel
attached mail follows:
ðÒÉ×ÅÔ!
has anyone been using MING extension in a production environment? Is it robust?
ÐÏËÁ áÌØÂÅÒÔÏ ëÉÅ×
--
LoRd, CaN yOu HeAr Me, LiKe I'm HeArInG yOu? lOrD i'M sHiNiNg... YoU kNoW I AlMoSt LoSt My MiNd, BuT nOw I'm HoMe AnD fReE tHe TeSt, YeS iT iS ThE tEsT, yEs It Is tHe TeSt, YeS iT iS ThE tEsT, yEs It Is.......
attached mail follows:
This code doesn't work:
<? if(ini_set("register_globals", "0")) echo "ini_set success"; else echo "ini_set failed"; ?>
At http://php.net/ini_set it states the following setting is possible:
register_globals "0" PHP_INI_ALL
Translated, PHP_INI_ALL means: Entry can be set anywhere
So does anyone know why my code doesn't work then? ini_set() seems broken. Can anyone confirm or deny?
I am using PHP 4.2.1 and on this particular project I am moving existing code from a Linux/Apache setup where I developed it, to it's home on a microsoft/iis server. Obviously I do not have access to the php.ini file.
Thanks in advance.. :)
-- ----------------------------------------------------------------------- Greg Donald http://destiney.com/public.key -----------------------------------------------------------------------
attached mail follows:
On Sun, 7 Jul 2002, Greg Donald wrote: > This code doesn't work: > > <? > if(ini_set("register_globals", "0")) > echo "ini_set success"; > else > echo "ini_set failed"; > ?>
Please don't say "this code doesn't work." Say why you think it didn't work, whether that's because you received an error message, or a specific expected outcome was not realized, or whatever. Otherwise it doesn't really tell us anything. Obviously it doesn't work or you wouldn't be posting it.
> At http://php.net/ini_set it states the following setting is possible: > > register_globals "0" PHP_INI_ALL > > Translated, PHP_INI_ALL means: Entry can be set anywhere > > So does anyone know why my code doesn't work then? ini_set() seems > broken. Can anyone confirm or deny?
I believe the issue here is that by the time your PHP code starts executing and gets to the ini_set call, it's too late to register the globals (which must happen before execution begins). Therefore I'd suggest looking into .htaccess or whatever the IIS equivalent is. If there's no equivalent then I'd suggest throwing the server out the window.
miguel
attached mail follows:
On Sun, 7 Jul 2002, Miguel Cruz wrote:
>> <? >> if(ini_set("register_globals", "0")) >> echo "ini_set success"; >> else >> echo "ini_set failed"; >> ?> > >Please don't say "this code doesn't work." Say why you think it didn't >work, whether that's because you received an error message, or a specific
Uhh.. I don't have any thoughts as to why it doesn't work, that's why I posted. The function itself appears broken, my code is a test to that notion. If you can't be helpful then feel free to shutup..
>expected outcome was not realized, or whatever. Otherwise it doesn't >really tell us anything. Obviously it doesn't work or you wouldn't be >posting it.
Yes, the obvious is always pretty easy to restate. If you need more explanation than the code itself I don't knwo what to tell you.
>> At http://php.net/ini_set it states the following setting is possible: >> >> register_globals "0" PHP_INI_ALL >> >> Translated, PHP_INI_ALL means: Entry can be set anywhere >> >> So does anyone know why my code doesn't work then? ini_set() seems >> broken. Can anyone confirm or deny? > >I believe the issue here is that by the time your PHP code starts >executing and gets to the ini_set call, it's too late to register the
"gets to the ini_set call" - what do you mean? The code I posted is all there is to the entire script. Where else would I use the ini_set() function except at the very beginning of a script?
>globals (which must happen before execution begins). Therefore I'd suggest >looking into .htaccess or whatever the IIS equivalent is. If there's no
Thanks but I have no idea about IIS, that's why I posted, to see if this might be an IIS specific issue some other windows users experienced.
>equivalent then I'd suggest throwing the server out the window.
Yes..
-- ----------------------------------------------------------------------- Greg Donald http://destiney.com/public.key -----------------------------------------------------------------------
attached mail follows:
On Sun, 7 Jul 2002, Miguel Cruz wrote:
>> <? >> if(ini_set("register_globals", "0")) >> echo "ini_set success"; >> else >> echo "ini_set failed"; >> ?>
[snip]
I haven't tried this code, but I assume you're trying to say that "ini_set failed" is displayed, but you're expecting the other output to be displayed. Am I correct there?
What happens if you use http://localhost/file.php?var=something or whatever your test script's path is and have this line at the end of the script echo "var = |$var|";
does $var contain anything. If it doesn't, then ini_set() worked... otherwise.. um... find other way of doing it(??)
attached mail follows:
Greg Donald wrote:
>If you can't be helpful then feel free to shutup.. >
Please don't attack people who freely give their time to try and help you. Mr. Cruz did not ridicule you in any way but merely asked that you be more specific than, "it doesn't work," which is very good advice and a sincere attempt at helping you solve your problem. I can vouch that participating on this list and attempting to give helpful answers takes a great deal of time and there is absolutely no benefit, so try to be more respectful.
I refer you to this URL:
http://www.tuxedo.org/~esr/faqs/smart-questions.html
Chris
attached mail follows:
On Mon, 8 Jul 2002, Martin Towell wrote:
>>> <? >>> if(ini_set("register_globals", "0")) >>> echo "ini_set success"; >>> else >>> echo "ini_set failed"; >>> ?> > >I haven't tried this code
Then why comment on it?
>but I assume you're trying to say that "ini_set >failed" is displayed, but you're expecting the other output to be displayed. >Am I correct there?
Yes, is it not obvious enough from just reading the code? I am showing that the ini_set() function is not working properly, as per the manual. The manual states that ini_set() returns the old value on success and FALSE on failure. My script always returns false. Any idea why?
>What happens if you use http://localhost/file.php?var=something or whatever >your test script's path is and have this line at the end of the script > echo "var = |$var|";
What does this prove or disprove in relation to the ini_set() function? If you knew anything about the function then you would see I am passing it a big fat zero in the second parameter, just as the manual states I can. I also tried "Off" and "off", same results.
>does $var contain anything. If it doesn't, then ini_set() worked... >otherwise.. um... find other way of doing it(??)
Yes.. another way, any suggestions?
-- ----------------------------------------------------------------------- Greg Donald http://destiney.com/public.key -----------------------------------------------------------------------
attached mail follows:
On Sun, 7 Jul 2002, Chris Shiflett wrote:
>I refer you to this URL: > >http://www.tuxedo.org/~esr/faqs/smart-questions.html
I refer you to this URL: http://php.net/ini_set and ask why does this function not work as per the manual?
Again, here is my code:
<? if(ini_set("register_globals", "0")) echo "ini_set success"; else echo "ini_set failed"; ?>
-- ----------------------------------------------------------------------- Greg Donald http://destiney.com/public.key -----------------------------------------------------------------------
attached mail follows:
Greg Donald said: > On Sun, 7 Jul 2002, Miguel Cruz wrote: > >>> <? >>> if(ini_set("register_globals", "0")) >>> echo "ini_set success"; >>> else >>> echo "ini_set failed"; >>> ?> >> >>Please don't say "this code doesn't work." Say why you think it didn't >> work, whether that's because you received an error message, or a >> specific > > Uhh.. I don't have any thoughts as to why it doesn't work, that's why I > posted.
Even if you don't know _why_ it didn't work, you could at least state what you _expected_ to see and what you _actually_ saw.
> The function itself appears broken, my code is a test to that > notion. If you can't be helpful then feel free to shutup..
It would be helpful on your part if you had stated your problem clearly.
>>expected outcome was not realized, or whatever. Otherwise it doesn't >> really tell us anything. Obviously it doesn't work or you wouldn't be >> posting it.
Absolutely.
> Yes, the obvious is always pretty easy to restate. If you need more > explanation than the code itself I don't knwo what to tell you.
Again, what you expected to happen, and what actually happened are usually a good starting points.
>>> At http://php.net/ini_set it states the following setting is >>> possible: >>> >>> register_globals "0" PHP_INI_ALL >>> >>> Translated, PHP_INI_ALL means: Entry can be set anywhere
I'm not sure about this, but I don't think it was possible in previous versions PHP.
>>> So does anyone know why my code doesn't work then? ini_set() seems >>> broken. Can anyone confirm or deny? >> >>I believe the issue here is that by the time your PHP code starts >> executing and gets to the ini_set call, it's too late to register the
> "gets to the ini_set call" - what do you mean? The code I posted is all > there is to the entire script. Where else would I use the ini_set() > function except at the very beginning of a script?
Because PHP registers the globals etc (if enabled) then starts working on your code.
Anyway, regardless of whether or not it is possible to set register_globals at run-time, your code would be better re-written as:
<? if (ini_set("register_globals", "0") !== FALSE) echo "ini_set success"; else echo "ini_set failed"; ?>
Because, if you RTFM, ini_set() will return the existing value of whatever you're setting. Thus if register_globals was already disabled then your original code would return "ini_set failed" everytime.
-- Jason Wong -> Gremlins Associates -> www.gremlins.com.hk
attached mail follows:
On Sun, 7 Jul 2002, Greg Donald wrote: > On Sun, 7 Jul 2002, Miguel Cruz wrote: >>> <? >>> if(ini_set("register_globals", "0")) >>> echo "ini_set success"; >>> else >>> echo "ini_set failed"; >>> ?> >> >> Please don't say "this code doesn't work." Say why you think it didn't >> work, whether that's because you received an error message, or a >> specific > > Uhh.. I don't have any thoughts as to why it doesn't work, that's why I > posted. The function itself appears broken, my code is a test to that > notion.
I can see where my wording was ambiguous. By "why you think it didn't work", I don't mean "the explanation for its failure to function", but rather "the experience you had that convinced you it was not working".
Obviously something happened to make you decide that it wasn't working. We need to know what that was. Maybe it was an error message. Maybe it was a plume of smoke rising from your computer. Maybe it was some sort of weird behavior of your program. It's just a general thing: We can't read your mind. Or at least I can't.
> If you can't be helpful then feel free to shutup..
Well, I did go on to answer your question. It could've been worse.
>>> So does anyone know why my code doesn't work then? ini_set() seems >>> broken. Can anyone confirm or deny? >> >> I believe the issue here is that by the time your PHP code starts >> executing and gets to the ini_set call, it's too late to register the > > "gets to the ini_set call" - what do you mean? The code I posted is all > there is to the entire script. Where else would I use the ini_set() > function except at the very beginning of a script?
Before your code starts, there is a whole bunch of initialization that takes place in the script engine. It looks at its settings to see how it should behave. It gathers all the data that came from the web server (details about the user's request, etc.). It learns about its environment. It populates global variables.
Having done these, it starts looking at your code. By this time it's too late to change the way those prior steps were taken. It's like waiting until the plane has taken off (i.e., execution of your code has begun) and then telling the flight attendant you wished it were headed to Chicago instead of Detroit.
miguel
attached mail follows:
Greg Donald wrote:
>On Sun, 7 Jul 2002, Chris Shiflett wrote: > >>I refer you to this URL: >> >>http://www.tuxedo.org/~esr/faqs/smart-questions.html >> >> > >I refer you to this URL: http://php.net/ini_set and ask why does this >function not work as per the manual? > >Again, here is my code: > ><? >if(ini_set("register_globals", "0")) > echo "ini_set success"; >else > echo "ini_set failed"; >?> >
Why should I help you when you can't:
1. Follow simple instructions 2. Treat others who have tried to help you with respect.
Suffice it to say that ini_set() is not broken; your logic above is. Behave like an adult, and I might explain more.
Chris
attached mail follows:
On Mon, 8 Jul 2002, Jason Wong wrote:
><? > if (ini_set("register_globals", "0") !== FALSE) > echo "ini_set success"; > else > echo "ini_set failed"; >?>
Finally someone interested in helping find my error.
Thanks alot!
-- ----------------------------------------------------------------------- Greg Donald http://destiney.com/public.key -----------------------------------------------------------------------
attached mail follows:
Hi If you check with phpinfo() you will see that it is getting set to 1 or 0 but by the time your script is run it is too late for it to have any effect. Also ini_get('registar_globals') will not return the current state. I have no idea why, it looks like one of those undocumented safety features... Tom
At 10:50 PM 7/07/2002 -0500, Greg Donald wrote: >On Sun, 7 Jul 2002, Chris Shiflett wrote: > > >I refer you to this URL: > > > >http://www.tuxedo.org/~esr/faqs/smart-questions.html > >I refer you to this URL: http://php.net/ini_set and ask why does this >function not work as per the manual? > >Again, here is my code: > ><? >if(ini_set("register_globals", "0")) > echo "ini_set success"; >else > echo "ini_set failed"; >?> > > >-- >----------------------------------------------------------------------- >Greg Donald >http://destiney.com/public.key >----------------------------------------------------------------------- > > > >-- >PHP General Mailing List (http://www.php.net/) >To unsubscribe, visit: http://www.php.net/unsub.php
attached mail follows:
Tom Rogers said: > Hi > If you check with phpinfo() you will see that it is getting set to 1 or > 0 but by the time your script is run it is too late for it to have any > effect.
I just checked with an old PHP manual (probably 4.1.X) and register_globals can only be set in PHP_INI_PERDIR & PHP_INI_SYSTEM, ie cannot be set at run-time. So either they changed the behaviour in 4.2.X, or the latest manual is wrong.
> Also ini_get('registar_globals') will not return the current > state.
No, but ini_get('register_globals') will :)
> I have no idea why, it looks like one of those undocumented > safety features... Tom
However, in the one instance where I used it, it returned 'Off'. My guess is that it returns whatever was defined in php.ini. Thus if in php.ini you had defined register_globals = 1, then ini_get('register_globals') returns 1.
It would be much better and less confusing if ini_get() returns values in a consistent notation, eg for booleans it should either return (0/1) OR (false/true).
Another gotcha that I've come across is when setting register_globals (may or may not apply to other settings) in the apache conf file.
This does NOT work: php_value register_globals On
Whereas this does work: php_value register_globals 1
-- Jason Wong -> Gremlins Associates -> www.gremlins.com.hk
attached mail follows:
Hi Even with the correct spelling it returns null (php-4.2.1)
$x = ini_get('register_globals'); echo "current settings = ".$x."<br>";
Tom
At 12:43 PM 8/07/2002 +0800, Jason Wong wrote: >Tom Rogers said: > > Hi > > If you check with phpinfo() you will see that it is getting set to 1 or > > 0 but by the time your script is run it is too late for it to have any > > effect. > >I just checked with an old PHP manual (probably 4.1.X) and >register_globals can only be set in PHP_INI_PERDIR & PHP_INI_SYSTEM, ie >cannot be set at run-time. So either they changed the behaviour in 4.2.X, >or the latest manual is wrong. > > > Also ini_get('registar_globals') will not return the current > > state. > >No, but ini_get('register_globals') will :) > > > I have no idea why, it looks like one of those undocumented > > safety features... Tom > >However, in the one instance where I used it, it returned 'Off'. My guess >is that it returns whatever was defined in php.ini. Thus if in php.ini you >had defined register_globals = 1, then ini_get('register_globals') returns >1. > >It would be much better and less confusing if ini_get() returns values in >a consistent notation, eg for booleans it should either return (0/1) OR >(false/true). > >Another gotcha that I've come across is when setting register_globals (may >or may not apply to other settings) in the apache conf file. > >This does NOT work: > php_value register_globals On > >Whereas this does work: > php_value register_globals 1 > > >-- >Jason Wong -> Gremlins Associates -> www.gremlins.com.hk > > > >-- >PHP General Mailing List (http://www.php.net/) >To unsubscribe, visit: http://www.php.net/unsub.php
attached mail follows:
Hi,
I was here first:
http://www.php.net/manual/en/faq.mailinglist.php#faq.mailinglist.guideline
> Before you post to the list please have a look in this FAQ
But I found nothing about a jobs mailing list. I'm really a Perl programmer and we have jobs.perl.org which has a list which does a really good job.
A person from Houston, TX asked me if I knew of any PHP people in Houston. I advertise on Google and Overture as a developer for hire.
I don't sugget he post to this list as I'm not sure of the etiquette and I've never seen jobs posted to this list; I know they are accepted heartily on the mod_perl list.
Anything simple but effective like this site for PHP?
Peter
attached mail follows:
Job postings are fine on this list. Some people will invariably gripe, but overall people like to see that there are jobs out there involving PHP. And it they don't, well tough. None of the people who help run this list, including myself have any problems with them.
-Rasmus
On Sun, 7 Jul 2002, Peter J. Schoenster wrote:
> Hi, > > I was here first: > > http://www.php.net/manual/en/faq.mailinglist.php#faq.mailinglist.guideline > > > Before you post to the list please have a look in this FAQ > > But I found nothing about a jobs mailing list. I'm really a Perl programmer and > we have jobs.perl.org which has a list which does a really good job. > > A person from Houston, TX asked me if I knew of any PHP people in Houston. > I advertise on Google and Overture as a developer for hire. > > I don't sugget he post to this list as I'm not sure of the etiquette and I've never > seen jobs posted to this list; I know they are accepted heartily on the > mod_perl list. > > Anything simple but effective like this site for PHP? > > http://jobs.perl.org/ > > Peter > > > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php >
attached mail follows:
What is the best function or operator to compare two text strings being inputted by a text field within a form? Any help is appreciated. Thanks in advance, Jas
attached mail follows:
In what way do you want to compare them? to see if they are the same string? the same type of var? different? greater than? less than?
My guess is that you want them to be the same (as in the case of two passwords), in which case it's simple:
<?
if($_POST['pass1'] == $_POST['pass2']) { $passwords_match = 1; }
?>
Of course if you looked in the manual for comparison operators, or even did a search for comparison, you would have found this quite easy.
If I haven't guessed your question correctly, please provide more information.
maybe something like levenshtein() is what you want. Of course, reading through the string based functions in the manual would also help :)
Justin French
on 08/07/02 1:45 PM, Jas (jlgerfenhotmail.com) wrote:
> What is the best function or operator to compare two text strings being > inputted by a text field within a form? Any help is appreciated. > Thanks in advance, > Jas > >
attached mail follows:
On Sun, 7 Jul 2002, Jas wrote: > What is the best function or operator to compare two text strings being > inputted by a text field within a form? Any help is appreciated.
== is always handy.
Depending on your needs, you may want to throw in a couple calls to strlower (if you don't care about case matching). If you are even more flexible, look into soundex, levenshtein, metaphone, and similar_text. They're all documented in the online manual, and each provides a different sort of flexibility for dealing with variant spelling, etc.
miguel
attached mail follows:
http://www.adobe.com/products/premiere/demodnld.html#win
attached mail follows:
A little off your request, but may be of interest:
Top 21 PHP Programming Mistakes from Zend.com http://www.zend.com/zend/art/mistake1.php http://www.zend.com/zend/art/mistake2.php
olinux
> On 07/04/2002 02:24 AM, Jean-Christian Imbeault > wrote: > > I am trying to figure out what are some Bad Things > (tm) when it comes to > > secure PHP programming and how to avoid them. > > > > I am looking for a kind of "best practices for > security" list for PHP > > programming. Do's and Don't, or a list of common > pitfalls and how to > > avoid them. > > > > Can anyone point me to such a list or tutorial?
__________________________________________________ Do You Yahoo!? Sign up for SBC Yahoo! Dial - First Month Free http://sbc.yahoo.com
attached mail follows:
On Fri, Jul 05, 2002 at 01:59:48PM -0700, Lazor, Ed wrote: > > How many here feel PostgreSQL has surpassed MySQL as the better backend for > PHP? This would be based on performance (speed, scalability, etc.) and > features.
I've been using MySQL/PHP for quite some time. Several months ago, I wanted to port a project over to PostgreSQL. I found everything about pg (eg the website, documentation, installation process) far less straight ahead than MySQL. So much so, that I didn't get around to actually installing pg.
Plus, as others have pointed out, the supporting functions in PHP aren't as powerful/diverse. For example, there's no insert id function.
--Dan
--
PHP classes that make web design easier
SQL Solution | Layout Solution | Form Solution
sqlsolution.info | layoutsolution.info | formsolution.info
T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y
4015 7 Av #4AJ, Brooklyn NY v: 718-854-0335 f: 718-854-0409
attached mail follows:
Tony:
On Sun, Jul 07, 2002 at 11:40:27AM +0100, Tony Harrison wrote: > > Hi. I please need some help with converting a MySQL timestamp into something > easily read. Any help at all is most appreciated, thanks.
There are a lot of ways to do that. I'd go for the date_format() function in MySQL.
--Dan
--
PHP classes that make web design easier
SQL Solution | Layout Solution | Form Solution
sqlsolution.info | layoutsolution.info | formsolution.info
T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y
4015 7 Av #4AJ, Brooklyn NY v: 718-854-0335 f: 718-854-0409
attached mail follows:
I have a general question about referencing...
Would it be safe to reference a function return value? My main concern is that once the function goes out of scope, is that variable cleaned up or would it stay around because there is a new reference to it.
I am coming from the C++ and Java world. I know how it works there! However, I am unsure about PHP. Instead of trying out a test script. I wish to know more about language design. So, I would be assured of its support for future versions of the language.
Thank you very much.
--------------------------------- Do You Yahoo!? New! SBC Yahoo! Dial - 1st Month Free & unlimited access
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]