|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
php-general-digest-help_at_lists.php.net
Date: Fri Aug 23 2002 - 22:19:28 CDT
php-general Digest 24 Aug 2002 03:19:28 -0000 Issue 1543
Topics (messages 113776 through 113889):
Re: Unable to get a form to update CODE AS REQUESTED
113776 by: Patrick Kirk
113779 by: Jay Blanchard
113788 by: Patrick Kirk
Re: httpd headers etc
113777 by: Matt Schroebel
113781 by: DL Neil
Re: Upload files
113778 by: Juan Pablo Aqueveque
113780 by: Jay Blanchard
113782 by: Juan Pablo Aqueveque
113783 by: Jay Blanchard
113786 by: Juan Pablo Aqueveque
113789 by: Jay Blanchard
Encryption Features for the database.
113784 by: Scott Fletcher
113793 by: Scott Fletcher
Encryption features for the file.
113785 by: Scott Fletcher
113787 by: Jay Blanchard
113796 by: Scott Fletcher
113832 by: Robert James Kaes
How can i connect to a Oracle DB??
113790 by: Alexander Guevara
set filename of file open/download
113791 by: David Buerer
113792 by: Daniel Masson
113794 by: Daniel Masson
113798 by: David Buerer
113805 by: Justin French
DPHPEdit new version
113795 by: Davor Pleskina
PHP and LDAP over SSL
113797 by: Curtis Robinson
custom xml parser
113799 by: OrangeHairedBoy
113801 by: OrangeHairedBoy
113803 by: OrangeHairedBoy
113817 by: OrangeHairedBoy
Re: Simple Security Clarification
113800 by: David Buerer
113804 by: Rasmus Lerdorf
Logic problem (I think)
113802 by: Patrick Kirk
113806 by: Patrick Kirk
113810 by: Chris Shiflett
writing a custom xml parser
113807 by: OrangeHairedBoy
113809 by: David Buerer
113811 by: OrangeHairedBoy
113861 by: Bogdan Stancescu
113868 by: Peter J. Schoenster
delete cookie does not work
113808 by: andy
Re: Session problems / where to register
113812 by: Chad Day
113813 by: Rasmus Lerdorf
113814 by: Chad Day
113816 by: Rasmus Lerdorf
Re: Session Array 2 dimensions
113815 by: Christian Ista
custom xml parser!
113818 by: OrangeHairedBoy
mail return path
113819 by: Michael
113820 by: eriol
Converting code to work with MS SQL from MySQL
113821 by: Chris Boget
113827 by: Brad Dameron
113831 by: Chris Boget
113873 by: Michael Sims
Re: Logic problem (I think) SOLVED
113822 by: Patrick Kirk
cookie challenge
113823 by: Support . Fourthrealm.com
113826 by: Jay Blanchard
113828 by: Brent Baisley
Explode/Implode array
113824 by: Richard Fox
113825 by: Chris Wesley
tracing/determining caller function
113829 by: Konstantin Vainer
writing html in php.............. newbie question
113830 by: Jonathan Hsu
113834 by: Bas Jobsen
Re: Best way to check for some certain text in a string
113833 by: Konstantin Vainer
113888 by: Bogdan Stancescu
Anyone Willing To Help
113835 by: Dale
113836 by: Adam Williams
113839 by: Jeff Lewis
113844 by: Chris Shiflett
How to select rows where timestamp is in last 10 mins
113837 by: Tony Harrison
113842 by: eriol
113843 by: Jome
113885 by: Justin French
Tracking ads with php4.2.2 possible?
113838 by: andy
HELP HELP, please help
113840 by: Dan McCullough
how can php applications use session control to track multiple users?
113841 by: Wo Chang
113847 by: Kevin Stone
113853 by: Wo Chang
Upload file - $HTTP_POST_FILES empty (thinking in harakiri)
113845 by: Juan Pablo Aqueveque
113848 by: Daniel Masson
113849 by: Daniel Masson
113851 by: Robert James Kaes
113857 by: Juan Pablo Aqueveque
113858 by: Robert James Kaes
113863 by: Robert James Kaes
113865 by: Juan Pablo Aqueveque
113874 by: Robert James Kaes
113889 by: Zeev Suraski
Pulling data out of browser address bar
113846 by: rdkurth.starband.net
113850 by: SHEETS,JASON (Non-HP-Boise,ex1)
113852 by: Kevin Stone
113856 by: rdkurth.starband.net
113859 by: Kevin Stone
113860 by: rdkurth.starband.net
113864 by: rdkurth.starband.net
Pfpro Installations
113854 by: John W Cunningham
Re: How Do You Protect Individual Files
113855 by: Roger Lewis
Help with script
113862 by: Erich Kolb
113866 by: Bogdan Stancescu
113884 by: Erich Kolb
113887 by: Bogdan Stancescu
Connection to db
113867 by: Jim Long
113869 by: Chris Shiflett
output to temp.htm file?
113870 by: hugh danaher
Variables inquiry
113871 by: César Aracena
113872 by: Bogdan Stancescu
newline (#13)
113875 by: Burak Delice
113878 by: Bogdan Stancescu
send a form with php
113876 by: Burak Delice
add #13 character to a string
113877 by: Burak Delice
113881 by: Bogdan Stancescu
sending a form with PHP
113879 by: Burak Delice
How to get the value from the form?
113880 by: Jingyu Zhu
import_request_variables and OOP
113882 by: jacob.keystreams.com
Re: is my form safe enough ?
113883 by: Roger Thomas
Can Someone Look At This Code?
113886 by: JohnP
Administrivia:
To subscribe to the digest, e-mail:
php-general-digest-subscribe
lists.php.net
To unsubscribe from the digest, e-mail:
php-general-digest-unsubscribelists.php.net
To post to the list, e-mail:
php-generallists.php.net
----------------------------------------------------------------------
attached mail follows:
<?php
/*
PSEUDO CODE-ISH
Setup connection
if ($grouping)
// called as contacts.php?grouping?=blah
// print table with group members
elseif ($lastname)
// called as contacts.php?lastname starts with blah
// print table of suitable last names
elseif ($organisation)
// called as contacts.php?organisation starts with blah
/ print table of suitable organisation names
elseif (person_id)
// called as contacts.php?person_id=blah
// print addedit form
else
//default case
// called as contacts.php and show navigation tools
*/
?>
<?php
require ("config.inc.php");
$db = mysql_pconnect($hostname,$user,$password);
mysql_select_db("contacts",$db);
if ($grouping) {
// called as contacts.php?grouping?=blah
// print table with group members
printGrouping($grouping);
}
elseif ($person_id) {
require ("config.inc.php");
$db = mysql_pconnect($hostname,$user,$password);
mysql_select_db("contacts",$db);
$sql = "SELECT * FROM people WHERE person_id=$person_id";
$result = mysql_query($sql);
$myrow = mysql_fetch_array($result);
$person_id = $myrow["person_id"];
$first_name = $myrow["first_name"];
$last_name = $myrow["last_name"];
$organisation = $myrow["organisation"];
$home_phone = $myrow["home_phone"];
$work_phone = $myrow["work_phone"];
$mobile_phone = $myrow["mobile_phone"];
$dob = $myrow["dob"];
$email1 = $myrow["email1"];
$notes = $myrow["notes"];
$title = $myrow["title"];
$home_address = $myrow["home_address"];
$work_address = $myrow["work_address"];
$grouping = $myrow["grouping"];
?>
<form method="post" action="contacts.php"><P>
<body bgcolor="#A0B8C8">
<input type=hidden name="person_id" value="<?php echo $person_id ?>">
<title>Contacts/<?php echo $grouping ?>/<?php echo
$first_name?> <?php echo $last_name?></title>
<CENTER><h3><a href=<?php echo $PHP_SELF?>>Contacts</a> /
 <a href=<?php echo $PHP_SELF?>?grouping=<?php echo
$grouping?>><?php echo $grouping?></a> /
 <?php echo $first_name?> <?php echo $last_name?></h3></CENTER>
<div align="center">
<table width="100%" border="1">
<tr>
<td>First Name:</td>
<td><input name="first_name" type="text" id="first_name"
value="<?php echo $first_name ?>" size="30"></td>
<td>Last Name:</td>
<td><input name="last_name" type="text" id="last_name"
value="<?php echo $last_name ?>" size="30"></td>
<td>Organisation:</td>
<td><input name="organisation" type="text" id="organisation"
value="<?php echo $organisation ?>" size="30"></td>
</tr>
<tr>
<td>Home Phone:</td>
<td><input name="home_phone" type="text" id="home_phone"
value="<?php echo $home_phone ?>" size="30"></td>
<td>Work Phone:</td>
<td><input name="work_phone" type="text" id="work_phone"
value="<?php echo $work_phone ?>" size="30"></td>
<td>Mobile Phone:</td>
<td><input name="mobile_phone" type="text" id="mobile_phone"
value="<?php echo $mobile_phone ?>" size="30"></td>
</tr>
<tr>
<td>Email:</td>
<td><input name="email1" type="text" id="email1" value="<?php
echo $email1 ?>" size="30"></td>
<td>Title:</td>
<td><input name="title" type="text" id="title" value="<?php echo
$title?>" size="30"></td>
<td>Date of birth:</td>
<td><input name="textfield" type="text" value="<?php echo $dob
?>" size="30"></td>
</tr>
</table>
</div>
<p align="center">Home Address:
<input name="home_address" type="text" id="home_address"
value="<?php echo $home_address ?>" size="100">
</p>
<p align="center">Work Address:
<input name="work_address" type="text" id="work_address"
value="<?php echo $work_address ?>" size="100">
</p>
<p align="center">Grouping:
<select name='grouping'>
<option><?php echo $grouping ?></option>
<option>Club</option>
<option>Players</option>
<option>Archives</option>
<option>Enterprise</option>
<option>Business</option>
<option>Children</option>
<option>Partners</option>
<option>Resources</option>
<option>Personal</option>
<option>Elizabeth Mews</option>
</select>
</p>
<p align="center">Notes:</p>
<p align="center">
<textarea name="notes" cols="100" rows="10" id="notes"><?php echo
$notes ?></textarea></p>
<p align="center">
<input type="submit" name="submit" value="Enter information">
<?php
}
elseif ($submit) {
// here if no ID then adding else we're editing
if ($person_id) {
require ("config.inc.php");
$db = mysql_pconnect($hostname,$user,$password);
mysql_select_db("contacts",$db);
$sql = "UPDATE people SET
first_name='$first_name',
last_name='$last_name',
organisation='$organisation',
title='$title',
home_phone='$home_phone',
work_phone='$work_phone',
mobile_phone='$mobile_phone',
email1='$email1',
dob='$dob',
grouping='$grouping',
home_address='$home_address',
work_address='$work_address',
notes='$notes'
WHERE person_id=$person_id";
}
else {
$sql = "INSERT INTO people (
first_name,
last_name,
organisation,
title,
home_phone,
work_phone,
mobile_phone,
email1,
dob,
grouping,
home_address,
work_address,
notes)
VALUES (
'$first_name',
'$last_name',
'$organisation',
'$title',
'$home_phone',
'$work_phone',
'$mobile_phone',
'$email1',
'$dob',
'$grouping',
'$home_address',
'$work_address',
'$notes')";
}
// run SQL against the DB
$result = mysql_query($sql);
echo "<CENTER><h3><a href=\"index.php\">Contacts</a> / <a
href=\"index.php?grouping=$grouping\">$grouping</a> / <a
href=\"addedit.php?person_id=$person_id\">$first_name
$last_name</a></h3>";
echo "Record updated/edited!<p></CENTER>";
} elseif ($delete) {
// delete a record
echo "<CENTER><h3><a href=\"index.php\">Contacts</a> / <a
href=\"index.php?grouping=$grouping\">$grouping</a></h3></CENTER>";
$sql = "DELETE FROM people WHERE person_id=$person_id";
$result = mysql_query($sql);
echo "$sql Record deleted!<p>";
} else {
?>
<title>Contacts</title>
<CENTER>
<H4>Filter by Grouping: </H4>
<form action=<?php echo $PHP_SELF ?>>
<p>Grouping: <select name='grouping'>
<option>Club</option>
<option>Players</option>
<option>Archives</option>
<option>Enterprise</option>
<option>Business</option>
<option>Children</option>
<option>Partners</option>
<option>Resources</option>
<option>Personal</option>
<option>Elizabeth Mews</option>
</select>
</p>
<p><input type='submit' value='Filter'/>
</p></form><body bgcolor="#A0B8C8">
<?php
}
// Function printGrouping($grouping)
function printGrouping($grouping) {
require ("config.inc.php");
$db = mysql_pconnect($hostname,$user,$password);
mysql_select_db("contacts",$db);
$result = mysql_query("SELECT * FROM people where grouping =
'$grouping'ORDER BY last_name ASC",$db);
echo "<title>Contacts/$grouping</title>";
echo "<center><h3><a
href=$PHP_SELF?>Contacts</a> / $grouping</a></h3></center>";
echo "<center><a href=\"addedit.php\"> Add a New Contact </a>";
echo "<table cellpadding=0 cellspacing=0 border=0><tr><td><b>First
Name</b></td><td>   </td><td><b>Last
Name</b></td><td>   </td><td><b>Organisation</b></td><td>   </td><td><b>Details</b></td>";
$alternate = "2";
while ($row = mysql_fetch_array($result)) {
$first_name = $row["first_name"];
$last_name = $row["last_name"];
$organisation = $row["organisation"];
$person_id = $row["person_id"];
if ($alternate == "1") {
$color = "#A0B8C8";
$alternate = "2";
}
else {
$color = "#ffffff";
$alternate = "1";
}
echo "<tr
bgcolor=$color><td>$first_name</td><td>   </td><td>$last_name</td><td>   </td><td>$organisation</td><td>   </td><td><a
href=\"$PHP_SELF?person_id=$person_id\"> More... </a></td></td></tr>";
}
// echo "<body bgcolor="#A0B8C8">";
echo "</center></table></HTML>";
} // Function printGrouping
?>
attached mail follows:
[snip]
if ($person_id) {
require ("config.inc.php");
$db = mysql_pconnect($hostname,$user,$password);
mysql_select_db("contacts",$db);
$sql = "UPDATE people SET
first_name='$first_name',
last_name='$last_name',
organisation='$organisation',
title='$title',
home_phone='$home_phone',
work_phone='$work_phone',
mobile_phone='$mobile_phone',
email1='$email1',
dob='$dob',
grouping='$grouping',
home_address='$home_address',
work_address='$work_address',
notes='$notes'
WHERE person_id=$person_id";
}
OK, have you done print($sql) to make sure the query looks ok? That is the
first thing I would do. Also, I do this syntax that works cleanly for me,
but you may not like it;
$sql = "UPDATE people SET
first_name='" . $first_name . "',
last_name='" . $last_name . "',
organisation='" . $organisation . "',
title='" . $title . "',
But print the statement out and check it for problems. IIRC you said that
the INSERT worked fine. Wait! I see the problem, the last line in the
update;
WHERE person_id=$person_id";
should be
WHERE person_id='$person_id'";
Dang syntax error ...
ALWAYS, ALWAYS, ALWAYS print out your completed SQL statements during
testing, it will save you much time.
HTH!
Jay
"It's hip to snip!"
***********************************************************
* Texas PHP Developers Conf Spring 2003 *
* T Bar M Resort & Conference Center *
* New Braunfels, Texas *
* San Antonio Area PHP Developers Group *
* Contact jay.blanchardniicommunications.com *
* *
* Want to present a paper or workshop? Contact now! *
***********************************************************
attached mail follows:
Jay Blanchard said:
> [snip]
> if ($person_id) {
[...]
the last line in
> the update;
>
> WHERE person_id=$person_id";
>
> should be
>
> WHERE person_id='$person_id'";
>
> Dang syntax error ...
>
> ALWAYS, ALWAYS, ALWAYS print out your completed SQL statements during
> testing, it will save you much time.
>
> HTH!
>
> Jay
[...]
Sorry Jay...that makes no difference.
I know exactly where the problem is. the form is triggering the 'if
$grouping' block instead if the 'if $submit' block. The sql never runs
because it doesn't get called.
Perhaps I need to repost my question to express the problem more clearly.
Its thanks to prompts from you and Jason I understand why its failing but
I still need a way to make it work.
attached mail follows:
> From: DL Neil [mailto:PHPmlDandE.HomeChoice.co.uk]
> Sent: Friday, August 23, 2002 10:25 AM
> To: php-generallists.php.net
> Subject: [PHP] httpd headers etc
>
>
> I have been picking up knowledge of http headers, etc, as
> I've gone along -
> doing redirects, fopen(), fsockopen(), caching, etc, but I've
> not sat down
> and studied the http client-server exchange as a whole. So
> the time has come
> (the walrus said) to round out my knowledge.
>
> Reading the RFC(s) is likely to be a sonorous experience.
>
> Can someone recommend a readable article/tutorial which
> covers the ground to
> a reasonable depth?
http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=%22http+tutorial%22
The HTTP Made Easy link is pretty good, but I think that the RFC is the authoritive source. I had bought a book on HTTP, but it really wasn't any better than the RFC, which I've htmlized at http://www.php-faq.com/httpintro.php
attached mail follows:
Thanks Matt
> > I have been picking up knowledge of http headers, etc, as
> > I've gone along -
> > doing redirects, fopen(), fsockopen(), caching, etc, but I've
> > not sat down
> > and studied the http client-server exchange as a whole. So
> > the time has come
> > (the walrus said) to round out my knowledge.
> >
> > Reading the RFC(s) is likely to be a sonorous experience.
> >
> > Can someone recommend a readable article/tutorial which
> > covers the ground to
> > a reasonable depth?
>
> http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=%22http+tutorial%22
>
> The HTTP Made Easy link is pretty good, but I think that the RFC is the
authoritive source. I had bought a book on HTTP, but it really wasn't any
better than the RFC, which I've htmlized at
http://www.php-faq.com/httpintro.php
My own Googling had featured "httpd" and after wading through references to
setting up servers, my eyes glazed over... Was seeking to benefit from
someone else's experience. My history is the same - HTML books tend not to
delve 'under the hood'.
I'll check out the PHP-FAQ version - but if I fall asleep over the weekend,
must my dream sequences appear between HTML tags?
(any other suggestions gratefully received)
Thanks,
=dn
attached mail follows:
Good Morning! (for me :-))
I went to http://www.php.net/manual/en/features.file-upload.php Jason
I tried the example, but I get message "Possible file upload attack", why?
because $HTTP_POST_FILES is empty; now gurus!..Why is empty?
PHP 4.1.2/Apache
file_uploads = On
Be kind please.
Thanks in advance!
--jp
At 10:14 23-08-2002 +0800, Jason Wong wrote:
>On Friday 23 August 2002 03:38, Juan Pablo Aqueveque wrote:
> > OK eriol, this is my code!.
> >
> > <HTML><BODY BGCOLOR=FFFFFF>
> > <?php
> > $uploadDir = '.fotos/';
> > if (isset($submit)){
> > if ($upload != 'none'){
> > $dest = $uploadDir . $upload_name;
> > if (copy($upload, $dest)){
> > echo "Successfully uploaded $dest<BR>\n";
> > }
>
>[snip]
>
>There's a perfectly good example of doing file uploads in the manual.
>
>--
>Jason Wong -> Gremlins Associates -> www.gremlins.com.hk
>Open Source Software Systems Integrators
>* Web Design & Hosting * Internet & Intranet Applications Development *
>
>/*
>positron router malfunction
>*/
>
>
>--
>PHP General Mailing List (http://www.php.net/)
>To unsubscribe, visit: http://www.php.net/unsub.php
________________________________________________________
Juan Pablo Aqueveque <juqueuct.cl>
Ingeniero de Sistemas
Departamento de Redes y Comunicaciones http://www.drc.uct.cl
Universidad Católica de Temuco.
Tel:(5645) 205 630 Fax:(5645) 205 628
attached mail follows:
[snip]
Good Morning! (for me :-))
I went to http://www.php.net/manual/en/features.file-upload.php Jason
I tried the example, but I get message "Possible file upload attack", why?
because $HTTP_POST_FILES is empty; now gurus!..Why is empty?
[/snip]
You did not include enough information in your post, but set your
MAX_FILE_SIZE=200000 (2Mb) and try again. If the file is larger than
MAX_FILE_SIZE it will return the 'attack' info.
Jay
"It's hip to snip!"
***********************************************************
* Texas PHP Developers Conf Spring 2003 *
* T Bar M Resort & Conference Center *
* New Braunfels, Texas *
* San Antonio Area PHP Developers Group *
* Contact jay.blanchardniicommunications.com *
* *
* Want to present a paper or workshop? Contact now! *
***********************************************************
attached mail follows:
nop Jay, I still get the message!
:-(
At 10:02 23-08-2002 -0500, Jay Blanchard wrote:
>[snip]
>Good Morning! (for me :-))
>I went to http://www.php.net/manual/en/features.file-upload.php Jason
>I tried the example, but I get message "Possible file upload attack", why?
>because $HTTP_POST_FILES is empty; now gurus!..Why is empty?
>[/snip]
>
>You did not include enough information in your post, but set your
>MAX_FILE_SIZE=200000 (2Mb) and try again. If the file is larger than
>MAX_FILE_SIZE it will return the 'attack' info.
>
>Jay
>
>"It's hip to snip!"
>
>***********************************************************
>* Texas PHP Developers Conf Spring 2003 *
>* T Bar M Resort & Conference Center *
>* New Braunfels, Texas *
>* San Antonio Area PHP Developers Group *
>* Contact jay.blanchardniicommunications.com *
>* *
>* Want to present a paper or workshop? Contact now! *
>***********************************************************
>
>
>
>--
>PHP General Mailing List (http://www.php.net/)
>To unsubscribe, visit: http://www.php.net/unsub.php
________________________________________________________
Juan Pablo Aqueveque <juqueuct.cl>
Ingeniero de Sistemas
Departamento de Redes y Comunicaciones http://www.drc.uct.cl
Universidad Católica de Temuco.
Tel:(5645) 205 630 Fax:(5645) 205 628
attached mail follows:
[snip]
nop Jay, I still get the message!
[/snip]
How large is the file that you are attempting to upload?
Jay
"Snip-ness is what it is!"
***********************************************************
* Texas PHP Developers Conf Spring 2003 *
* T Bar M Resort & Conference Center *
* New Braunfels, Texas *
* San Antonio Area PHP Developers Group *
* Contact jay.blanchardniicommunications.com *
* *
* Want to present a paper or workshop? Contact now! *
***********************************************************
attached mail follows:
very small! is a .txt 32 bytes.
(thinking: why is empty $HTTP_POST_FILES?)
--jp
>Good Morning! (for me :-))
>I went to http://www.php.net/manual/en/features.file-upload.php Jason
>I tried the example, but I get message "Possible file upload attack",
why? because $HTTP_POST_FILES is empty; now gurus!..Why is >empty?
>PHP 4.1.2/Apache
>file_uploads = On
>Be kind please.
>Thanks in advance!
At 10:13 23-08-2002 -0500, Jay Blanchard wrote:
>[snip]
>nop Jay, I still get the message!
>[/snip]
>
>How large is the file that you are attempting to upload?
>
>Jay
>
>"Snip-ness is what it is!"
>
>***********************************************************
>* Texas PHP Developers Conf Spring 2003 *
>* T Bar M Resort & Conference Center *
>* New Braunfels, Texas *
>* San Antonio Area PHP Developers Group *
>* Contact jay.blanchardniicommunications.com *
>* *
>* Want to present a paper or workshop? Contact now! *
>***********************************************************
________________________________________________________
Juan Pablo Aqueveque <juqueuct.cl>
Ingeniero de Sistemas
Departamento de Redes y Comunicaciones http://www.drc.uct.cl
Universidad Católica de Temuco.
Tel:(5645) 205 630 Fax:(5645) 205 628
attached mail follows:
[snip]
very small! is a .txt 32 bytes.
[/snip]
(thinking: why is empty $HTTP_POST_FILES?)
Does the directory being uploaded to have the proper permissions
(world-writable, since it through a web interface) and does the directory
where the file is being moved to have the proper permissions (also
world-writable)?
(thinking: we're going to have to see the code) :^]
Jay
"Snip"
***********************************************************
* Texas PHP Developers Conf Spring 2003 *
* T Bar M Resort & Conference Center *
* New Braunfels, Texas *
* San Antonio Area PHP Developers Group *
* Contact jay.blanchardniicommunications.com *
* *
* Want to present a paper or workshop? Contact now! *
***********************************************************
attached mail follows:
Hi!
I received an unusual requirement. It stated that to store the data to
the database would have to be 128-bit encrypt. I know hte database doesn't
do that but I think it is possible to encrypt the data with 128-bit and
store them to the database. The problem is the encryption would require hte
use of public and private key. If I lose the key then you're f***ed.
Anyone know how?
FletchSOD
attached mail follows:
This can be done by PHP on the server.
"Scott Fletcher" <scottabcoa.com> wrote in message
news:20020823151538.39581.qmailpb1.pair.com...
> Hi!
>
> I received an unusual requirement. It stated that to store the data
to
> the database would have to be 128-bit encrypt. I know hte database
doesn't
> do that but I think it is possible to encrypt the data with 128-bit and
> store them to the database. The problem is the encryption would require
hte
> use of public and private key. If I lose the key then you're f***ed.
>
> Anyone know how?
>
> FletchSOD
>
>
attached mail follows:
I also received an unusual requirement. It stated that when the customer
saved the file from the web browser, the file have to be 128-bit encrypted
on the hard disk. This is crazy! How can this be done?
attached mail follows:
[snip]
I also received an unusual requirement. It stated that when the customer
saved the file from the web browser, the file have to be 128-bit encrypted
on the hard disk. This is crazy! How can this be done?
[/snip]
STFW & RTFM - http://www.tuxedo.org/~esr/faqs/smart-questions.html
You have not given us enought to go on really. Speculation and conjecture I
say. Theory for which there may be not practical. What research have you
done? Help us to help you.
Jay
Jay
"Tao of Snip"
***********************************************************
* Texas PHP Developers Conf Spring 2003 *
* T Bar M Resort & Conference Center *
* New Braunfels, Texas *
* San Antonio Area PHP Developers Group *
* Contact jay.blanchardniicommunications.com *
* *
* Want to present a paper or workshop? Contact now! *
***********************************************************
attached mail follows:
Eh, eh, eh? What is there for me to say? I just say it all. Okay, let's
me reparaphrase this.
I received this unusual requirement from the credit bureau, Experian. It
said that if the user want to save the inquiry from the website, by the mean
of saving it to the hard disk on the personal computer. That file must be
128-bit encrypted.
It shouldn't be too difficult to encrypt it before pass it to the web
browser. But the keys or encryption once the user closed the browser? PHP
is a server side language. It doesn't support this. So, anyone have such a
ideas or knowledge?? Experian got to be kidding!!!
"Jay Blanchard" <jay.blanchardniicommunications.com> wrote in message
news:002c01c24ab9$012bfb60$8102a8c0000347D72515...
> [snip]
> I also received an unusual requirement. It stated that when the customer
> saved the file from the web browser, the file have to be 128-bit encrypted
> on the hard disk. This is crazy! How can this be done?
> [/snip]
>
> STFW & RTFM - http://www.tuxedo.org/~esr/faqs/smart-questions.html
>
> You have not given us enought to go on really. Speculation and conjecture
I
> say. Theory for which there may be not practical. What research have you
> done? Help us to help you.
>
> Jay
>
> Jay
>
> "Tao of Snip"
>
> ***********************************************************
> * Texas PHP Developers Conf Spring 2003 *
> * T Bar M Resort & Conference Center *
> * New Braunfels, Texas *
> * San Antonio Area PHP Developers Group *
> * Contact jay.blanchardniicommunications.com *
> * *
> * Want to present a paper or workshop? Contact now! *
> ***********************************************************
>
>
attached mail follows:
On Fri, 23 Aug 2002, Scott Fletcher wrote:
> I also received an unusual requirement. It stated that when the customer
> saved the file from the web browser, the file have to be 128-bit encrypted
> on the hard disk. This is crazy! How can this be done?
Why not just encrypt the file on the server using a private key and
distribute the public key. Then send the encrypted file and the person on
the other end would be able to decrypt it. I believe you could use
something like GnuPG to do the encryption.
Mind you, if you're sending a plain file to the customer's browser, then
you no longer have any control over what they do with that information.
(Maybe there is some javascript you could use, but that would only work if
the browser had javascript enabled.)
-- Robert
--
------------------------------------------------------------------
Robert James Kaes --- Flarenet Inc. --- (519) 426-3782
http://www.flarenet.com/
* Putting the Service Back in Internet Service Provider *
------------------------------------------------------------------
attached mail follows:
I need to connect to an Oracle 9 database, no via ODBC... i want to use the dll's provided by php..
HOw can i do it?
Thanks!
attached mail follows:
I'm using a php script to stream a microsoft word file to a browser.
I'm sending header("Content-type: {$mimetype[DOC]} \n"); to set the mime type to application/msword so that the browser knows how to open the file.
However, some users systems are configured to allow the choice of open or saveas. The problem is that when the user selects saveas the filename it uses is the name of the php script which streams the file, not the actual filename of the file. How do I set this filename?
attached mail follows:
Hi ... !! Use this !!
//force download dialog header("Content-type: application/octet-stream\n"); header("Content-disposition: attachment; filename=\"$arc\"\n");
$arc must contain the name of yhe file you want to be saved in the client machine !
I'm using a php script to stream a microsoft word file to a browser.
I'm sending header("Content-type: {$mimetype[DOC]} \n"); to set the mime type to application/msword so that the browser knows how to open the file.
However, some users systems are configured to allow the choice of open or saveas. The problem is that when the user selects saveas the filename it uses is the name of the php script which streams the file, not the actual filename of the file. How do I set this filename?
attached mail follows:
Hi ... !! Use this !!
//force download dialog header("Content-type: application/octet-stream\n"); header("Content-disposition: attachment; filename=\"$arc\"\n");
$arc must contain the name of yhe file you want to be saved in the client machine !
I'm using a php script to stream a microsoft word file to a browser.
I'm sending header("Content-type: {$mimetype[DOC]} \n"); to set the mime type to application/msword so that the browser knows how to open the file.
However, some users systems are configured to allow the choice of open or saveas. The problem is that when the user selects saveas the filename it uses is the name of the php script which streams the file, not the actual filename of the file. How do I set this filename?
attached mail follows:
Thanks Daniel, That's what I use when I want to force the download. But what if I just want to force the file to open?
That's when I do it the other way which works great for many file types like PDF's. The problem is that some O/S's force an Open/Save dialog anyway and the text it gives is this....
"You are downloading the file: dockit_getdoc.doc from www2.josiahministries.com Would you like to open the file or save it to your computer?"
I need to find a way to change 'dockit_getdoc.doc' to [filename].doc by sending the appropriate header. I just don't know what that header is.
Thanks all for your considerd response.
-----Original Message-----
From: Daniel Masson [mailto:dmassonimagine.com.co]
Sent: Friday, August 23, 2002 8:36 AM
To: php-generallists.php.net
Subject: RE: [PHP] set filename of file open/download
Hi ... !! Use this !!
//force download dialog header("Content-type: application/octet-stream\n"); header("Content-disposition: attachment; filename=\"$arc\"\n");
$arc must contain the name of yhe file you want to be saved in the client machine !
I'm using a php script to stream a microsoft word file to a browser.
I'm sending header("Content-type: {$mimetype[DOC]} \n"); to set the mime type to application/msword so that the browser knows how to open the file.
However, some users systems are configured to allow the choice of open or saveas. The problem is that when the user selects saveas the filename it uses is the name of the php script which streams the file, not the actual filename of the file. How do I set this filename?
-- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
attached mail follows:
> However, some users systems are configured to allow the choice of open > or saveas. The problem is that when the user selects saveas the > filename it uses is the name of the php script which streams the file, > not the actual filename of the file. How do I set this filename?
Read the endless user comments in the manual: php.net/header
There are hundreds of code samples, but end of the day, there are bugs in IE versions, etc etc... I haven't ever been able to get it to work for every browser.
In fact, even the very useful article on Zend about protecting file downloads doesn't seem to set the right filename for me...
Justin French
attached mail follows:
It now also includes user documentation: http://www.pleskina.com/dphped/dphpman.html
Free download from http://www.pleskina.com/dphped
Regards, Davor Pleskina
attached mail follows:
I am trying to get LDAP over SSL (ldaps). I have a custom certificate authority (CA). I can connect to ldap server with LDAPS and LDAP over TLS on the commandline. Here is the php code: $rs = ldap_connect("ldaps://ldapserver/"); if (!ldap_set_option($rs, LDAP_OPT_PROTOCOL_VERSION, 3)) echo "Couldnt set the ldap v3"; $r = ldap_bind($rs); echo "Bind Result is ".ldap_error($rs)."<br>";
ldap_unbind($rs); :END CODE
I setup an openssl test server with the certificate of the ldap server to debug the php ldap code: openssl s_server -cert cert.cer -key key.pem It reports this: 30051:error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca:s3_pkt.c:1031:SSL alert number 48 So, I see that php does not have the CA. But, I have no clue as to where to define the location of the CA in the php configuration. So, does anyone know how I can configure this option?
-- Curtis Robinson crobinso
attached mail follows:
am looking to create my own xml based scripting language for a program I am writing. I know that all of the xml parsing tools are with PHP, but I'm not exactly sure how I would implement everything? Can anyone offer any advice, or has an open source scripting language parser for php alreay been written??
For those that want to know, the reason I'm not just using PHP, is that the product I'm creating needs to be so easy to use that no real programming experience is needed. Scripting is optional, but used when necessary to create custom actions.
Take this for example:
<setvar> <name>test</name> <value>Hello World!</value> </setvar> <print> <var> <name>test</name> </var> </print> <!-- Prints Hello World! -->
or
<setvar name="test" value="Hello World!"/> <print> <var name="test"/> </print> <!-- Prints Hello World! -->
Both scripts would do the same thing - and it's pretty human-friendly scripting.
Can anyone offer advice how to make this work??
Thanks!
OHB
attached mail follows:
I am looking to create my own xml based scripting language for a program I am writing. I know that all of the xml parsing tools are with PHP, but I'm not exactly sure how I would implement everything? Can anyone offer any advice, or has an open source scripting language parser for php already been written??
For those that want to know, the reason I'm not just using PHP, is that the product I'm creating needs to be so easy to use that no real programming experience is needed. Scripting is optional, but used when necessary to create custom actions.
Take this for example:
<setvar> <name>test</name> <value>Hello World!</value> </setvar> <print> <var> <name>test</name> </var> </print> <!-- Prints Hello World! -->
or
<setvar name="test" value="Hello World!"/> <print> <var name="test"/> </print> <!-- Prints Hello World! -->
Both scripts would do the same thing - and it's pretty human-friendly scripting.
Can anyone offer advice how to make this work??
Thanks!
OHB
attached mail follows:
I am looking to create my own xml based scripting language for a program I am writing. I know that all of the xml parsing tools are with PHP, but I'm not exactly sure how I would implement everything? Can anyone offer any advice, or has an open source scripting language parser for php already been written??
For those that want to know, the reason I'm not just using PHP, is that the product I'm creating needs to be so easy to use that no real programming experience is needed. Scripting is optional, but used when necessary to create custom actions.
Take this for example:
<setvar> <name>test</name> <value>Hello World!</value> </setvar> <print> <var> <name>test</name> </var> </print> <!-- Prints Hello World! -->
or
<setvar name="test" value="Hello World!"/> <print> <var name="test"/> </print> <!-- Prints Hello World! -->
Both scripts would do the same thing - and it's pretty human-friendly scripting.
Can anyone offer advice how to make this work??
Thanks!
OHB
attached mail follows:
OrangeHairedBoy asked this question on 8/23/2002: I am looking to create my own xml based scripting language for a program I am writing. I know that all of the xml parsing tools are with PHP, but I'm not exactly sure how I would implement everything? Can anyone offer any advice, or has an open source scripting language parser for php alreay been written??
For those that want to know, the reason I'm not just using PHP, is that the product I'm creating needs to be so easy to use that no real programming experience is needed. Scripting is optional, but used when necessary to create custom actions.
Take this for example:
<setvar> <name>test</name> <value>Hello World!</value> </setvar> <print> <var> <name>test</name> </var> </print> <!-- Prints Hello World! -->
or
<setvar name="test" value="Hello World!"/> <print> <var name="test"/> </print> <!-- Prints Hello World! -->
Both scripts would do the same thing - and it's pretty human-friendly scripting.
Can anyone offer advice how to make this work??
Thanks!
OHB
attached mail follows:
Anyone come up with a good way to disallow php files from being servered directly? What i mean is this - all php files should be ONLY parsed by the PHP parser. My fear is that there is some way that the user will be able to actually download a PHP file directly therefore exposing all sorts of things I don't want exposed.
David
-----Original Message-----
From: Justin French [mailto:justinindent.com.au]
Sent: Wednesday, August 21, 2002 6:30 AM
To: aajdubucwebhart.net; php-generallists.php.net
Subject: Re: [PHP] Simple Security Clarification
If you can't store stuff ABOVE your doc root, you can protect them with a .htaccess file.
I use this to refuse all *.inc files from being served:
<Files ~ "\.inc$"> Order Allow,Deny Deny from all </Files>
With this in mind, a quick visit to the Apache site should get you started in the right direction.
Justin French
on 21/08/02 10:11 PM, Andre Dubuc (aajdubucwebhart.net) wrote:
> In another thread [How do you protect individual files], Justin French stated: > > "In real short, you want to store the files outside your htdocs root (so they > can't be served by http) . . ." > > My PHP setup serves files from DOCUMENT_ROOT=/var/www/html. If I place files > in '/var/www/html/secure' would this provide any isolation for file access? > Am I correct in thinking that 'below' is not the same as 'outside' doc_root, > and that i this case, no protection would be afforded? > > Tia, > Andre >
-- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
attached mail follows:
As long as you have Apache properly configured with the AddType sending .php files to the PHP module, they are not going to be served up raw.
On Fri, 23 Aug 2002, David Buerer wrote:
> Anyone come up with a good way to disallow php files from being servered
> directly? What i mean is this - all php files should be ONLY parsed by the
> PHP parser. My fear is that there is some way that the user will be able to
> actually download a PHP file directly therefore exposing all sorts of things
> I don't want exposed.
>
> David
>
> -----Original Message-----
> From: Justin French [mailto:justinindent.com.au]
> Sent: Wednesday, August 21, 2002 6:30 AM
> To: aajdubucwebhart.net; php-generallists.php.net
> Subject: Re: [PHP] Simple Security Clarification
>
>
> If you can't store stuff ABOVE your doc root, you can protect them with a
> .htaccess file.
>
> I use this to refuse all *.inc files from being served:
>
> <Files ~ "\.inc$">
> Order Allow,Deny
> Deny from all
> </Files>
>
> With this in mind, a quick visit to the Apache site should get you started
> in the right direction.
>
>
> Justin French
>
>
> on 21/08/02 10:11 PM, Andre Dubuc (aajdubucwebhart.net) wrote:
>
> > In another thread [How do you protect individual files], Justin French
> stated:
> >
> > "In real short, you want to store the files outside your htdocs root (so
> they
> > can't be served by http) . . ."
> >
> > My PHP setup serves files from DOCUMENT_ROOT=/var/www/html. If I place
> files
> > in '/var/www/html/secure' would this provide any isolation for file
> access?
> > Am I correct in thinking that 'below' is not the same as 'outside'
> doc_root,
> > and that i this case, no protection would be afforded?
> >
> > Tia,
> > Andre
> >
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
attached mail follows:
Hi all,
This is a simple contact manager. Whe it works I'll be able to create a multi-user version for use with Squirrelmail.
Some pseudo-code at the top explains how it is meant ot work. but it fails because when I change a contacts details, the form calls the 'if ($grouping)' block instead of the 'if ($submit)' block.
It seems to me that this is down the logic of the form being broken. If anyone knows what I should do to make it work, please do let me know.
Thanks in advance!
Patrick
<?php /* Setup connection
if ($grouping) // called as contacts.php?grouping?=blah // print table with group members elseif ($lastname) // called as contacts.php?lastname starts with blah // print table of suitable last names elseif ($organisation) // called as contacts.php?organisation starts with blah / print table of suitable organisation names elseif (person_id) // called as contacts.php?person_id=blah // print addedit form else //default case // called as contacts.php and show navigation tools */ ?>
<?php require ("config.inc.php"); $db = mysql_pconnect($hostname,$user,$password); mysql_select_db("contacts",$db);
if ($grouping) { // called as contacts.php?grouping?=blah // print table with group members
printGrouping($grouping); } elseif ($person_id) { require ("config.inc.php"); $db = mysql_pconnect($hostname,$user,$password); mysql_select_db("contacts",$db); $sql = "SELECT * FROM people WHERE person_id='$person_id'"; $result = mysql_query($sql); $myrow = mysql_fetch_array($result); $person_id = $myrow["person_id"]; $first_name = $myrow["first_name"]; $last_name = $myrow["last_name"]; $organisation = $myrow["organisation"]; $home_phone = $myrow["home_phone"]; $work_phone = $myrow["work_phone"]; $mobile_phone = $myrow["mobile_phone"]; $dob = $myrow["dob"]; $email1 = $myrow["email1"]; $notes = $myrow["notes"]; $title = $myrow["title"]; $home_address = $myrow["home_address"]; $work_address = $myrow["work_address"]; $grouping = $myrow["grouping"]; ?> <form method="post" action="try.php"><P> <body bgcolor="#A0B8C8"> <input type=hidden name="person_id" value="<?php echo $person_id ?>"> <title>Contacts/<?php echo $grouping ?>/<?php echo $first_name?> <?php echo $last_name?></title> <CENTER><h3><a href=<?php echo $PHP_SELF?>>Contacts</a> /  <a href=<?php echo $PHP_SELF?>?grouping=<?php echo $grouping?>><?php echo $grouping?></a> /  <?php echo $first_name?> <?php echo $last_name?></h3></CENTER> <div align="center"> <table width="100%" border="1"> <tr> <td>First Name:</td> <td><input name="first_name" type="text" id="first_name" value="<?php echo $first_name ?>" size="30"></td> <td>Last Name:</td> <td><input name="last_name" type="text" id="last_name" value="<?php echo $last_name ?>" size="30"></td> <td>Organisation:</td> <td><input name="organisation" type="text" id="organisation" value="<?php echo $organisation ?>" size="30"></td> </tr> <tr> <td>Home Phone:</td> <td><input name="home_phone" type="text" id="home_phone" value="<?php echo $home_phone ?>" size="30"></td> <td>Work Phone:</td> <td><input name="work_phone" type="text" id="work_phone" value="<?php echo $work_phone ?>" size="30"></td> <td>Mobile Phone:</td> <td><input name="mobile_phone" type="text" id="mobile_phone" value="<?php echo $mobile_phone ?>" size="30"></td> </tr> <tr> <td>Email:</td> <td><input name="email1" type="text" id="email1" value="<?php echo $email1 ?>" size="30"></td> <td>Title:</td> <td><input name="title" type="text" id="title" value="<?php echo $title?>" size="30"></td> <td>Date of birth:</td> <td><input name="textfield" type="text" value="<?php echo $dob ?>" size="30"></td> </tr> </table> </div> <p align="center">Home Address: <input name="home_address" type="text" id="home_address" value="<?php echo $home_address ?>" size="100"> </p> <p align="center">Work Address: <input name="work_address" type="text" id="work_address" value="<?php echo $work_address ?>" size="100"> </p> <p align="center">Grouping: <select name='grouping'> <option><?php echo $grouping ?></option> <option>Club</option> <option>Players</option> <option>Archives</option> <option>Enterprise</option> <option>Business</option> <option>Children</option> <option>Partners</option> <option>Resources</option> <option>Personal</option> <option>Elizabeth Mews</option> </select> </p> <p align="center">Notes:</p> <p align="center"> <textarea name="notes" cols="100" rows="10" id="notes"><?php echo $notes ?></textarea></p> <p align="center"> <input type="submit" name="submit" value="Enter information"> <?php
}
elseif ($submit) {
// here if no ID then adding else we're editing
if ($person_id) { require ("config.inc.php"); $db = mysql_pconnect($hostname,$user,$password); mysql_select_db("contacts",$db); $sql = "UPDATE people SET first_name='$first_name', last_name='$last_name', organisation='$organisation', title='$title', home_phone='$home_phone', work_phone='$work_phone', mobile_phone='$mobile_phone', email1='$email1', dob='$dob', grouping='$grouping', home_address='$home_address', work_address='$work_address', notes='$notes' WHERE person_id='$person_id'";
} else { $sql = "INSERT INTO people ( first_name, last_name, organisation, title, home_phone, work_phone, mobile_phone, email1, dob, grouping, home_address, work_address, notes) VALUES ( '$first_name', '$last_name', '$organisation', '$title', '$home_phone', '$work_phone', '$mobile_phone', '$email1', '$dob', '$grouping', '$home_address', '$work_address', '$notes')";
}
// run SQL against the DB
$result = mysql_query($sql);
echo "<CENTER><h3><a href=\"index.php\">Contacts</a> / <a href=\"index.php?grouping=$grouping\">$grouping</a> / <a href=\"addedit.php?person_id=$person_id\">$first_name $last_name</a></h3>";
echo "Record updated/edited!<p></CENTER>";
} elseif ($delete) {
// delete a record echo "<CENTER><h3><a href=\"index.php\">Contacts</a> / <a href=\"index.php?grouping=$grouping\">$grouping</a></h3></CENTER>";
$sql = "DELETE FROM people WHERE person_id='$person_id'";
$result = mysql_query($sql);
echo "$sql Record deleted!<p>";
} else {
?> <title>Contacts</title> <CENTER> <H4>Filter by Grouping: </H4>
<form action=<?php echo $PHP_SELF ?>>
<p>Grouping: <select name='grouping'> <option>Club</option> <option>Players</option> <option>Archives</option> <option>Enterprise</option> <option>Business</option> <option>Children</option> <option>Partners</option> <option>Resources</option> <option>Personal</option> <option>Elizabeth Mews</option>
</select> </p> <p><input type='submit' value='Filter'/>
</p></form><body bgcolor="#A0B8C8"> <?php
}
// Function printGrouping($grouping)
function printGrouping($grouping) { require ("config.inc.php"); $db = mysql_pconnect($hostname,$user,$password); mysql_select_db("contacts",$db); $result = mysql_query("SELECT * FROM people where grouping = '$grouping'ORDER BY last_name ASC",$db);
echo "<title>Contacts/$grouping</title>";
echo "<center><h3><a href=$PHP_SELF?>Contacts</a> / $grouping</a></h3></center>";
echo "<center><a href=\"addedit.php\"> Add a New Contact </a>";
echo "<table cellpadding=0 cellspacing=0 border=0><tr><td><b>First Name</b></td><td>   </td><td><b>Last Name</b></td><td>   </td><td><b>Organisation</b></td><td>   </td><td><b>Details</b></td>"; $alternate = "2"; while ($row = mysql_fetch_array($result)) { $first_name = $row["first_name"]; $last_name = $row["last_name"]; $organisation = $row["organisation"]; $person_id = $row["person_id"];
if ($alternate == "1") { $color = "#A0B8C8"; $alternate = "2"; } else { $color = "#ffffff"; $alternate = "1"; } echo "<tr bgcolor=$color><td>$first_name</td><td>   </td><td>$last_name</td><td>   </td><td>$organisation</td><td>   </td><td><a href=\"$PHP_SELF?person_id=$person_id\"> More... </a></td></td></tr>";
} // echo "<body bgcolor="#A0B8C8">"; echo "</center></table></HTML>"; } // Function printGrouping
?>
attached mail follows:
[...] > ?> > <form method="post" action="try.php"><P> > <body bgcolor="#A0B8C8"> > <input type=hidden name="person_id" value="<?php echo $ [...]
Of course that try.php ought to be PHP_SELF - try.php was the fiel I used to prove the sql works. Sorry about that.
attached mail follows:
Patrick,
Think you can limit your code to only the relevant problem you are having? It would be much easier to help you.
Patrick Kirk wrote:
>Hi all, > >This is a simple contact manager. Whe it works I'll be able to create a >multi-user version for use with Squirrelmail. > >Some pseudo-code at the top explains how it is meant ot work. but it >fails because when I change a contacts details, the form calls the 'if >($grouping)' block instead of the 'if ($submit)' block. > >It seems to me that this is down the logic of the form being broken. If >anyone knows what I should do to make it work, please do let me know. > >Thanks in advance! > >Patrick >
attached mail follows:
I am looking to create my own xml based scripting language for a program I am writing. I know that all of the xml parsing tools are with PHP, but I'm not exactly sure how I would implement everything? Can anyone offer any advice, or has an open source scripting language parser for php already been written??
For those that want to know, the reason I'm not just using PHP, is that the product I'm creating needs to be so easy to use that no real programming experience is needed. Scripting is optional, but used when necessary to create custom actions.
Take this for example:
<setvar> <name>test</name> <value>Hello World!</value> </setvar> <print> <var> <name>test</name> </var> </print> <!-- Prints Hello World! -->
or
<setvar name="test" value="Hello World!"/> <print> <var name="test"/> </print> <!-- Prints Hello World! -->
Both scripts would do the same thing - and it's pretty human-friendly scripting.
Can anyone offer advice how to make this work??
Thanks!
OHB
attached mail follows:
Hey buddy, your message is making it....so far four times.
-----Original Message-----
From: OrangeHairedBoy [mailto:meorangehairedboy.com]
Sent: Friday, August 23, 2002 9:05 AM
To: php-generallists.php.net
Subject: [PHP] writing a custom xml parser
I am looking to create my own xml based scripting language for a program I am writing. I know that all of the xml parsing tools are with PHP, but I'm not exactly sure how I would implement everything? Can anyone offer any advice, or has an open source scripting language parser for php already been written??
For those that want to know, the reason I'm not just using PHP, is that the product I'm creating needs to be so easy to use that no real programming experience is needed. Scripting is optional, but used when necessary to create custom actions.
Take this for example:
<setvar> <name>test</name> <value>Hello World!</value> </setvar> <print> <var> <name>test</name> </var> </print> <!-- Prints Hello World! -->
or
<setvar name="test" value="Hello World!"/> <print> <var name="test"/> </print> <!-- Prints Hello World! -->
Both scripts would do the same thing - and it's pretty human-friendly scripting.
Can anyone offer advice how to make this work??
Thanks!
OHB
-- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
attached mail follows:
Yeah...this was my first post at this php forum...I didn't know about the email authentication part...until I just checked my email.
Any insight though??
OHB
"David Buerer" <davidpladesigns.com> wrote in message
news:91FBD0B430EFD5118B930060672D982C081197CAIRO...
> Hey buddy, your message is making it....so far four times.
>
> -----Original Message-----
> From: OrangeHairedBoy [mailto:meorangehairedboy.com]
> Sent: Friday, August 23, 2002 9:05 AM
> To: php-generallists.php.net
> Subject: [PHP] writing a custom xml parser
>
>
> I am looking to create my own xml based scripting language for a program I
> am writing. I know that all of the xml parsing tools are with PHP, but I'm
> not exactly sure how I would implement everything? Can anyone offer any
> advice, or has an open source scripting language parser for php already
been
> written??
>
> For those that want to know, the reason I'm not just using PHP, is that
the
> product I'm creating needs to be so easy to use that no real programming
> experience is needed. Scripting is optional, but used when necessary to
> create custom actions.
>
> Take this for example:
>
> <setvar>
> <name>test</name>
> <value>Hello World!</value>
> </setvar>
> <print>
> <var>
> <name>test</name>
> </var>
> </print>
> <!-- Prints Hello World! -->
>
> or
>
> <setvar name="test" value="Hello World!"/>
> <print>
> <var name="test"/>
> </print>
> <!-- Prints Hello World! -->
>
> Both scripts would do the same thing - and it's pretty human-friendly
> scripting.
>
> Can anyone offer advice how to make this work??
>
> Thanks!
>
> OHB
>
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
attached mail follows:
I think you're over-complicating the issue. Reasons:
1. Are you using an interface to build the scrips? 1.1. YES - then no one really cares what you do behind the interface - you might as well build PHP code behind and eval() afterwards; 1.2. NO - then your "language" is at least as complicated as PHP - only more limited and you have to type more. Which do you find simpler: <setvar> <name>test</name> <value>Hello World!</value> </setvar> <print> <var> <name>test</name> </var> </print>
or
<? $test="Hello world!"; echo($test); ?>
2. Do your target users have at least some basic scripting experience? 2.1. YES - then PHP is just as simple at basic functionality as anything else; 2.2. NO - then you'll need an interface, unless you want to teach them your XML tagging language instead. Go back to square 1.1.
HTH
Bogdan
Orangehairedboy wrote: > I am looking to create my own xml based scripting language for a program I > am writing. I know that all of the xml parsing tools are with PHP, but I'm > not exactly sure how I would implement everything? Can anyone offer any > advice, or has an open source scripting language parser for php already been > written?? > > For those that want to know, the reason I'm not just using PHP, is that the > product I'm creating needs to be so easy to use that no real programming > experience is needed. Scripting is optional, but used when necessary to > create custom actions. > > Take this for example: > > <setvar> > <name>test</name> > <value>Hello World!</value> > </setvar> > <print> > <var> > <name>test</name> > </var> > </print> > <!-- Prints Hello World! --> > > or > > <setvar name="test" value="Hello World!"/> > <print> > <var name="test"/> > </print> > <!-- Prints Hello World! --> > > Both scripts would do the same thing - and it's pretty human-friendly > scripting. > > Can anyone offer advice how to make this work?? > > Thanks! > > OHB > >
attached mail follows:
Someone wrote:
> > For those that want to know, the reason I'm not just using PHP, is > > that the product I'm creating needs to be so easy to use that no real > > programming experience is needed. Scripting is optional, but used when > > necessary to create custom actions.
I think you should have said "no real intelligence is needed".
<RANT>
Personally it's my impression that doing the simple things in PHP is as simple as you can get, it's certainly a lot simpler than Perl and a lot of programmers consider that simple to begin with.
At some point, people have to bring *something* to the table. I was never too popular a fellow around the offices I worked at except when work needed to get done, I was *in*famous for giving work back to people. I knew I was doomed at a job when my boss was doing the work for the marketing people that I had already returned to marketing. Marketing wanted me to simplify a Web Trends Report. Yeah, true. :) I told them it was already as simple as it could get and if they wanted to see what it was like before that I'd be happy to show it to them.
</RANT>
Peter
attached mail follows:
Hi there,
I am having problems to delete a cookie. Assuming following code:
echo 'sess: '.$_COOKIE["referrer"];
#delete cookie setcookie ('referrer', "", time() - 3600);
It should not display the value of referrer after calling this php file a second time, right?
So the cookie still exists. How can I get rid of his value?
Thanx, Andy
attached mail follows:
Still need help with this.. I've been browsing the list archives and have tried various things.
No luck with an .htaccess file.. I've tried <IfModule> tags and setting the session.cookie_domain value, <Location> tags, neither worked.
Tried making the change to httpd.conf, by putting the php_flag and php_value tags in the <Directory> entry. Still nothing. Session variables I register at my.domain.com aren't accessible at www.domain.com.
I really am at a loss to what I am doing wrong, I thought maybe I couldn't use ini_set for some permission/security reason, but I'm not running in safe mode, and judging by the documentation I should be able to change that value.
The -only- way I've gotten it to work is to change it in php.ini itself, but I plan on running some other sites here for other users, leasing out space, and obviously I don't want them to be able to set cookies for my domain, and I'm sure they may want to do apps where they need sessions/cookies as well.
Any help is greatly appreciated. Thanks!
Chad
-----Original Message-----
From: Chad Day [mailto:cdayatpco.com]
Sent: Friday, August 23, 2002 10:23 AM
To: Rasmus Lerdorf
Cc: php-generallists.php.net
Subject: RE: [PHP] Session problems / where to register
Ok, thanks. I changed it in php.ini and it seems to work.
I'd rather set it in the script, but I had problems with that:
if (ini_set("session.cookie_domain", "domain.com")) { echo "ini_set"; } else { echo "no ini"; }
always failed.. I also tried moving it above the session_start call (saw in a comment on php.net), but it still failed there as well. If anyone knows why that would be failing, please let me know.
Thanks for your help, Rasmus. Much appreciated.
Chad
-----Original Message-----
From: Rasmus Lerdorf [mailto:rasmusphp.net]
Sent: Friday, August 23, 2002 10:21 AM
To: Chad Day
Cc: php-generallists.php.net
Subject: RE: [PHP] Session problems / where to register
> Isn't that just if I want to set cookies in that domain? I'm looking to > just register session variables, not save cookies to the user's machine.
That is the same thing in this case. The only way a session variable is tied to a domain is through whatever mechanism decides how the session id is propogated. If you are using cookies, then the cookie domain tells the remote browser which domains to send this cookie-based session id to.
-Rasmus
-- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
attached mail follows:
You need to set it to .domain.com
On Fri, 23 Aug 2002, Chad Day wrote:
> Still need help with this.. I've been browsing the list archives and have
> tried various things.
>
> No luck with an .htaccess file.. I've tried <IfModule> tags and setting the
> session.cookie_domain value, <Location> tags, neither worked.
>
> Tried making the change to httpd.conf, by putting the php_flag and php_value
> tags in the <Directory> entry. Still nothing. Session variables I register
> at my.domain.com aren't accessible at www.domain.com.
>
> I really am at a loss to what I am doing wrong, I thought maybe I couldn't
> use ini_set for some permission/security reason, but I'm not running in safe
> mode, and judging by the documentation I should be able to change that
> value.
>
> The -only- way I've gotten it to work is to change it in php.ini itself, but
> I plan on running some other sites here for other users, leasing out space,
> and obviously I don't want them to be able to set cookies for my domain, and
> I'm sure they may want to do apps where they need sessions/cookies as well.
>
> Any help is greatly appreciated. Thanks!
>
> Chad
>
> -----Original Message-----
> From: Chad Day [mailto:cdayatpco.com]
> Sent: Friday, August 23, 2002 10:23 AM
> To: Rasmus Lerdorf
> Cc: php-generallists.php.net
> Subject: RE: [PHP] Session problems / where to register
>
>
> Ok, thanks. I changed it in php.ini and it seems to work.
>
> I'd rather set it in the script, but I had problems with that:
>
> if (ini_set("session.cookie_domain", "domain.com")) {
> echo "ini_set";
> } else {
> echo "no ini";
> }
>
> always failed.. I also tried moving it above the session_start call (saw in
> a comment on php.net), but it still failed there as well. If anyone knows
> why that would be failing, please let me know.
>
> Thanks for your help, Rasmus. Much appreciated.
>
> Chad
>
> -----Original Message-----
> From: Rasmus Lerdorf [mailto:rasmusphp.net]
> Sent: Friday, August 23, 2002 10:21 AM
> To: Chad Day
> Cc: php-generallists.php.net
> Subject: RE: [PHP] Session problems / where to register
>
>
> > Isn't that just if I want to set cookies in that domain? I'm looking to
> > just register session variables, not save cookies to the user's machine.
>
> That is the same thing in this case. The only way a session variable is
> tied to a domain is through whatever mechanism decides how the session id
> is propogated. If you are using cookies, then the cookie domain tells the
> remote browser which domains to send this cookie-based session id to.
>
> -Rasmus
>
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
attached mail follows:
Still no luck, both in Apache (tried php_flag and php_value), and .htaccess (ditto)
I have a feeling I am missing something very basic, but can't imagine what it is. And yes, I restarted Apache and closed out of IE after I made each and every change.
Chad
-----Original Message-----
From: Rasmus Lerdorf [mailto:rasmusphp.net]
Sent: Friday, August 23, 2002 12:16 PM
To: Chad Day
Cc: php-generallists.php.net
Subject: RE: [PHP] Session problems / where to register
You need to set it to .domain.com
On Fri, 23 Aug 2002, Chad Day wrote:
> Still need help with this.. I've been browsing the list archives and have
> tried various things.
>
> No luck with an .htaccess file.. I've tried <IfModule> tags and setting
the
> session.cookie_domain value, <Location> tags, neither worked.
>
> Tried making the change to httpd.conf, by putting the php_flag and
php_value
> tags in the <Directory> entry. Still nothing. Session variables I
register
> at my.domain.com aren't accessible at www.domain.com.
>
> I really am at a loss to what I am doing wrong, I thought maybe I couldn't
> use ini_set for some permission/security reason, but I'm not running in
safe
> mode, and judging by the documentation I should be able to change that
> value.
>
> The -only- way I've gotten it to work is to change it in php.ini itself,
but
> I plan on running some other sites here for other users, leasing out
space,
> and obviously I don't want them to be able to set cookies for my domain,
and
> I'm sure they may want to do apps where they need sessions/cookies as
well.
>
> Any help is greatly appreciated. Thanks!
>
> Chad
>
> -----Original Message-----
> From: Chad Day [mailto:cdayatpco.com]
> Sent: Friday, August 23, 2002 10:23 AM
> To: Rasmus Lerdorf
> Cc: php-generallists.php.net
> Subject: RE: [PHP] Session problems / where to register
>
>
> Ok, thanks. I changed it in php.ini and it seems to work.
>
> I'd rather set it in the script, but I had problems with that:
>
> if (ini_set("session.cookie_domain", "domain.com")) {
> echo "ini_set";
> } else {
> echo "no ini";
> }
>
> always failed.. I also tried moving it above the session_start call (saw
in
> a comment on php.net), but it still failed there as well. If anyone
knows
> why that would be failing, please let me know.
>
> Thanks for your help, Rasmus. Much appreciated.
>
> Chad
>
> -----Original Message-----
> From: Rasmus Lerdorf [mailto:rasmusphp.net]
> Sent: Friday, August 23, 2002 10:21 AM
> To: Chad Day
> Cc: php-generallists.php.net
> Subject: RE: [PHP] Session problems / where to register
>
>
> > Isn't that just if I want to set cookies in that domain? I'm looking to
> > just register session variables, not save cookies to the user's machine.
>
> That is the same thing in this case. The only way a session variable is
> tied to a domain is through whatever mechanism decides how the session id
> is propogated. If you are using cookies, then the cookie domain tells the
> remote browser which domains to send this cookie-based session id to.
>
> -Rasmus
>
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
-- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
attached mail follows:
php_value session.cookie_domain .foo.bar
in your httpd.conf or even .htaccess or with an ini_set() before the session_start() call all work fine. Stick a phpinfo() call on a page and verify that the setting is there in the "Local Value" column.
If it isn't, doublecheck that you are editing the right files, putting the stuff in the right place, and finally, more likely, your code isn't bogus.
-Rasmus
On Fri, 23 Aug 2002, Chad Day wrote:
> Still no luck, both in Apache (tried php_flag and php_value), and .htaccess
> (ditto)
>
> I have a feeling I am missing something very basic, but can't imagine what
> it is. And yes, I restarted Apache and closed out of IE after I made each
> and every change.
>
> Chad
>
> -----Original Message-----
> From: Rasmus Lerdorf [mailto:rasmusphp.net]
> Sent: Friday, August 23, 2002 12:16 PM
> To: Chad Day
> Cc: php-generallists.php.net
> Subject: RE: [PHP] Session problems / where to register
>
>
> You need to set it to .domain.com
>
> On Fri, 23 Aug 2002, Chad Day wrote:
>
> > Still need help with this.. I've been browsing the list archives and have
> > tried various things.
> >
> > No luck with an .htaccess file.. I've tried <IfModule> tags and setting
> the
> > session.cookie_domain value, <Location> tags, neither worked.
> >
> > Tried making the change to httpd.conf, by putting the php_flag and
> php_value
> > tags in the <Directory> entry. Still nothing. Session variables I
> register
> > at my.domain.com aren't accessible at www.domain.com.
> >
> > I really am at a loss to what I am doing wrong, I thought maybe I couldn't
> > use ini_set for some permission/security reason, but I'm not running in
> safe
> > mode, and judging by the documentation I should be able to change that
> > value.
> >
> > The -only- way I've gotten it to work is to change it in php.ini itself,
> but
> > I plan on running some other sites here for other users, leasing out
> space,
> > and obviously I don't want them to be able to set cookies for my domain,
> and
> > I'm sure they may want to do apps where they need sessions/cookies as
> well.
> >
> > Any help is greatly appreciated. Thanks!
> >
> > Chad
> >
> > -----Original Message-----
> > From: Chad Day [mailto:cdayatpco.com]
> > Sent: Friday, August 23, 2002 10:23 AM
> > To: Rasmus Lerdorf
> > Cc: php-generallists.php.net
> > Subject: RE: [PHP] Session problems / where to register
> >
> >
> > Ok, thanks. I changed it in php.ini and it seems to work.
> >
> > I'd rather set it in the script, but I had problems with that:
> >
> > if (ini_set("session.cookie_domain", "domain.com")) {
> > echo "ini_set";
> > } else {
> > echo "no ini";
> > }
> >
> > always failed.. I also tried moving it above the session_start call (saw
> in
> > a comment on php.net), but it still failed there as well. If anyone
> knows
> > why that would be failing, please let me know.
> >
> > Thanks for your help, Rasmus. Much appreciated.
> >
> > Chad
> >
> > -----Original Message-----
> > From: Rasmus Lerdorf [mailto:rasmusphp.net]
> > Sent: Friday, August 23, 2002 10:21 AM
> > To: Chad Day
> > Cc: php-generallists.php.net
> > Subject: RE: [PHP] Session problems / where to register
> >
> >
> > > Isn't that just if I want to set cookies in that domain? I'm looking to
> > > just register session variables, not save cookies to the user's machine.
> >
> > That is the same thing in this case. The only way a session variable is
> > tied to a domain is through whatever mechanism decides how the session id
> > is propogated. If you are using cookies, then the cookie domain tells the
> > remote browser which domains to send this cookie-based session id to.
> >
> > -Rasmus
> >
> >
> >
> > --
> > PHP General Mailing List (http://www.php.net/)
> > To unsubscribe, visit: http://www.php.net/unsub.php
> >
> >
> >
> > --
> > PHP General Mailing List (http://www.php.net/)
> > To unsubscribe, visit: http://www.php.net/unsub.php
> >
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
attached mail follows:
--------------------------------------- Christian Ista, Hébergement - Hosting : http://www.bee-hosting.com Sharewares - Freewares - Mailing list : http://www.istasofts.com
> -----Original Message-----
> From: Tom Rogers [mailto:trogerskwikin.com]
Hello
Sorry
Not work : > $_SESSION['test'][0][0]=>'Hello'; erro parse error, unexpected T_DOUBLE_ARROW
and not work : >$_SESSION['test'] = array([0][0]=>'Hello');
parse error, unexpected '[', expecting ')'
Bye
attached mail follows:
I am looking to create my own xml based scripting language for a program I am writing. I know that all of the xml parsing tools are with PHP, but I'm not exactly sure how I would implement everything? Can anyone offer any advice, or has an open source scripting language parser for php alreay been written??
For those that want to know, the reason I'm not just using PHP, is that the product I'm creating needs to be so easy to use that no real programming experience is needed. Scripting is optional, but used when necessary to create custom actions.
Take this for example:
<setvar> <name>test</name> <value>Hello World!</value> </setvar> <print> <var> <name>test</name> </var> </print> <!-- Prints Hello World! -->
or
<setvar name="test" value="Hello World!"/> <print> <var name="test"/> </print> <!-- Prints Hello World! -->
Both scripts would do the same thing - and it's pretty human-friendly scripting.
Can anyone offer advice how to make this work??
Thanks!
OHB
attached mail follows:
Hello,
I want to change the reply and sender address when I´m sending eMails with PHP. I still found some articles about it. But it doesn't work. Can anybody help me? The current PHP-version is 4.2.2
Thanks a lot Michael
attached mail follows:
Without seeing your code, it's hard to help you.. An example of what I think you want to do is below.. If this doesn't help, search the manual for the mail() function..
----------------
mail($email,$subject,$body,"Return-Path: <yourname$SERVER_NAME>\r\n"
."From: YOURNAME <yourname$SERVER_NAME>\r\n"
."Reply-To: yourname$SERVER_NAME\r\n"
."X-Mailer: $SERVER_NAME");
----------------
HTH..
Take care.. peace.. eriol
====
"Michael" <michael_helbigarcor.de> disgorged:
: I want to change the reply and sender address when I´m sending eMails with : PHP.
attached mail follows:
We are using alot of mysql specific functions in our code (mysql_fetch_array, mysql_query, etc). However, we are contemplating switching to MS SQL. Will it be as simple as doing a global search on the function names and replace the "mysql_" with "mssql_"? Does anyone have any experience switching from MySQL to MS SQL? What problems, if any, did you experience? Any snags?
Any insight you might be able to provide would be greatly appreciated!
Chris
attached mail follows:
Ya, my insight is to don't do it. MsSQL is slower, cost's money, and lacks support that MySQL has.
--- Brad Dameron Network Account Executive TSCNet Inc. www.tscnet.com Silverdale, WA. 1-888-8TSCNET> -----Original Message----- > From: Chris Boget [mailto:chris
attached mail follows:
> Ya, my insight is to don't do it. MsSQL is slower,
Ok. Figured this much.
> cost's money,
It'll be free for us (our department). Our company has the appropriate MSDN subscription where we'd be able to use the SQL Server that comes with it.
> and lacks support that MySQL has.
Perhaps. But we've never needed the support that MySQL offers (we've always been able to find answers elsewhere) so that won't be that big of an issue, I don't think.
I was more curious about issues that might come up with the code not necessarily the server. Thanks for your response in any case. :p
Chris
attached mail follows:
On Fri, 23 Aug 2002 12:30:49 -0500, you wrote:
>We are using alot of mysql specific functions in our code >(mysql_fetch_array, mysql_query, etc). However, we are >contemplating switching to MS SQL. Will it be as simple >as doing a global search on the function names and replace >the "mysql_" with "mssql_"? >Does anyone have any experience switching from MySQL >to MS SQL? What problems, if any, did you experience? >Any snags?
Well, I haven't switched, but I do use both of them extensively (along with PostgreSQL, my current favorite of the three).
I wouldn't expect that you'd be able to do a mere global search and replace and then fire up your pages with no problems whatsoever. It depends highly on the types of queries your applications use.
For the most part MS-SQL's features are a super-set of MySQL, but there are some things in MS-SQL that are missing (at least in version 7.0 which is the only one I have any experience with). The main one, and the one you're most likely to run into, is that MS-SQL does not have a LIMIT clause. My understanding is that LIMIT is an extension to the SQL92 standard. Both MySQL and Postgres have it but MS-SQL v7.0 does not. I think that MySQL has some full-text indexing features that are lacking in MS-SQL 7 (but I think are present in MS SQL 2000). I think there are differences in how some of the larger field types (such as the text type) are handled too.
Basically