|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
php-general-digest-help_at_lists.php.net
Date: Mon Nov 11 2002 - 08:16:01 CST
php-general Digest 11 Nov 2002 14:16:01 -0000 Issue 1698
Topics (messages 123739 through 123807):
Re: How good is PHP to ASP?
123739 by: Brendon G
123742 by: Marco Tabini
123743 by: Jason Sheets
123787 by: . Edwin
Submit hitting enter problem
123740 by: rija
123744 by: Justin French
123745 by: rija
123746 by: Jason Sheets
123748 by: Justin French
123749 by: John W. Holmes
123751 by: Jason Wong
123766 by: . Darwin
123767 by: rija
123769 by: Khalid El-Kary
123770 by: David Rice
123771 by: rija
123772 by: Jason Wong
123776 by: Jason Wong
123783 by: Charles Wiltgen
123786 by: . Edwin
123792 by: Richard Allsebrook
123794 by: Jason Wong
Re: mysql DECODE question
123741 by: rija
<h/1> tag
123747 by: John Meyer
123750 by: John W. Holmes
123752 by: John Meyer
123755 by: John W. Holmes
123764 by: . Darwin
123784 by: . Edwin
123790 by: Hugh Danaher
Re: Unique Identifier String
123753 by: John W. Holmes
123785 by: . Edwin
isset doesn't like "->"?
123754 by: UberGoober
123759 by: John W. Holmes
123760 by: UberGoober
123782 by: Michael Sims
Re: Php | Architect Magazine?
123756 by: John W. Holmes
Re: confusion in session vars
123757 by: John W. Holmes
Re: Handling Errors Gracefully
123758 by: John W. Holmes
Re: Request entity too large (already seen the FAQ)
123761 by: John W. Holmes
123762 by: Rasmus Lerdorf
123765 by: Charles Wiltgen
Mcrypt under Win32?
123763 by: Nick Richardson
Payflow Pro
123768 by: James Taylor
date comparison
123773 by: Michael P. Carel
123779 by: John W. Holmes
123780 by: Justin French
Re: PHP installation _ help needed
123774 by: Prachait Saxena
123797 by: Bob G
Restrict file access from web users?
123775 by: James Taylor
123777 by: Jason Wong
123778 by: Justin French
123781 by: James Taylor
Domain Security Restrictions
123788 by: Nick Oostveen
Multiply - seemed to be so very easy
123789 by: Tomasz Ciesielski
123795 by: Jason Wong
<SELECT MULTIPLE...>
123791 by: Bsantos PHP
123793 by: Jason Wong
123796 by: Bsantos PHP
Copy & Paste URL was [Re: [PHP] Would appreciate thoughts on session management ]
123798 by: B.C. Lance
123799 by: B.C. Lance
Delivering Custom Content
123800 by: Warmonkey
refresh
123801 by: Shaun
123803 by: Bsantos PHP
123804 by: Brendon G
Urgent CPU and|or hdd test
123802 by: Thomas \"omega\" Henning
zend studio (erro)
123805 by: dark rotter
mysql_data_seek equivilant in Postgres
123806 by: Chris Boget
surepay
123807 by: Clint Tredway
Administrivia:
To subscribe to the digest, e-mail:
php-general-digest-subscribe
lists.php.net
To unsubscribe from the digest, e-mail:
php-general-digest-unsubscribelists.php.net
To post to the list, e-mail:
php-generallists.php.net
----------------------------------------------------------------------
attached mail follows:
I've noticed this question a fair bit, having to convince clients and
employers of a technology.. DO you guys really have that much trouble
selling php??
I tend to leave the development environment out of conversations all
together and talk product features, scalability, promotion etc
I do this with both the PHP and ASP projects I build.
If you really need to convince someone then there the kind of person people
who would really only need a name to associate things to.
This list was posted a few days ago...
> This list is designed to convice teh boss (no type-o). If your boss is a
> bandwagon kind of guy, afraid to take risks, this is for you- er- him. And
> you. Him in that he can read it, you in that if he accepts LAMP, you're
life
> will be a much more joyous existance ;)
>
>
>
> - --------------------------------
> Apache:
>
> By far the most popular web server, with 60.54% market share. Its
> closest competitor, Microsoft's IIS, has 28.89%. If all variants of
> each server are counted, Apache's install base increases to 62.17%,
> while IIS manages 29.42%). Statistics are from
> http://www.netcraft.net/survey
>
> Apache users:
> Yahoo!
> Amazon.com
> AltaVista
> BBC
> mp3.com
> SlashDot
> HP
> W3C
> IBM
> Verizon
> FEMA
> Infoseek
>
>
> PHP:
>
> In April 2002, PHP overtook ASP as the #1 server-side scripting
> language on the internet. In April, PHP was used by 24% of the
> sites on the Internet. Over the past two years PHP has averaged
> a 6.5% monthly growth rate. Source: zend.com/news/zendpr.php?id=49
>
> PHP users:
> Cisco
> CMG
> Vodafone
> Motorola
> Siemens
> Ericsson
> CBS
> Unilever
> Philips
> BMC
> NTT
> Air Canada
> Lufthansa
> OnVista
> Lycos Europe
> Deutsche Bank
> NASA
> W3C
>
>
> MySQL:
>
> It isn't as easy to determine which database a site uses, but here
> is a list of sites that do use MySQL, according to MySQL.com:
>
> Yahoo! Finance
> Texas Instruments
> U.S. Census Bureau
> NASA
> Omaha Steaks
> Slashdot
> Cross Media Marketing Corp
> Powell's Books
> Department of Academic Information Systems
> Avacom Net Services
> Blue World Communications
> CoreSense
> Ericsson
> handy.de
> mobile.de
> Nemo-Q
> Silicon Storage Technology, Inc.
> Virage
>
>
> Linux:
>
> I can't find a list for this... I figured these out by trying big
> sites that came to mind. I didn't encounter a single Microsoft site,
> but I did get a few *BSD sites, and several Solaris sites.
>
> FBI
> Google
> Amazon
> AltaVista
> Slashdot
> Verizon
> FEMA
> CNN
>
>
> Security:
>
> Here's a list of security companies/groups that run any LAMP component:
> Security Focus (LA)
> Symantec (L)
> CERT (LA)
> Packet Storm (A)
> FBI (L)
> OSVDB (LA)
> At Stake (LA)
> Netcraft (LA)
> TESO (L)
> Phenoelit (LA)
> Doxpara (LAP)
> NGS Software (LAMP)
> PivX (LAP)
> Grey Magic (LAMP)
> Phrack (AP)
> ***
-----Original Message-----
From: Wee Keat [Amorphosium] [mailto:weekeatamorphosium.com]
Sent: Monday, November 11, 2002 11:42 AM
To: PHP [General]
Subject: [PHP] How good is PHP to ASP?
Hi all,
I'm not too sure if this is the right place to get my answers but I really
need to know this:
How can I convince my clients that PHP is really good? I mean not a lot
of non-programmers have heard of PHP language. Most of them only heard of
things like C/C++, ASP and the like. So, how can I prove to them that PHP is
a much better language to use?
Can anyone point me to the right resources for me to show and prove to
my clients?
Thanks a lot and sorry if this is the wrong place to ask this question.
Yours,
Wee Keat Chin
-----------------------------------
"Don't find a fault; find a remedy"
attached mail follows:
You can also tell them that some 10 million websites run PHP, including
the most popular one--Yahoo!.
Marco
-- ------------ php|architect - The magazine for PHP Professionals The first monthly worldwide magazine dedicated to PHP programmers Check us out on the web at http://www.phparch.comOn Sun, 2002-11-10 at 20:41, Wee Keat [Amorphosium] wrote: > Hi all, > > I'm not too sure if this is the right place to get my answers but I really need to know this: > > How can I convince my clients that PHP is really good? I mean not a lot of non-programmers have heard of PHP language. Most of them only heard of things like C/C++, ASP and the like. So, how can I prove to them that PHP is a much better language to use? > > Can anyone point me to the right resources for me to show and prove to my clients? > > Thanks a lot and sorry if this is the wrong place to ask this question. > > > Yours, > > Wee Keat Chin > > ----------------------------------- > "Don't find a fault; find a remedy"
attached mail follows:
Search google.com for PHP case studies, also http://www.zend.com/links/links.php has a few links to sites about PHP vs. ASP.
You might also enlighten them about the differences of open source and Microsoft licensing.
Bottom line is if you have to make a product something it isn't to sell a client you shouldn't be using that technology.
Jason
On Sun, 2002-11-10 at 20:03, Marco Tabini wrote: > You can also tell them that some 10 million websites run PHP, including > the most popular one--Yahoo!. > > > Marco > > -- > ------------ > php|architect - The magazine for PHP Professionals > The first monthly worldwide magazine dedicated to PHP programmers > Check us out on the web at http://www.phparch.com > > On Sun, 2002-11-10 at 20:41, Wee Keat [Amorphosium] wrote: > > Hi all, > > > > I'm not too sure if this is the right place to get my answers but I really need to know this: > > > > How can I convince my clients that PHP is really good? I mean not a lot of non-programmers have heard of PHP language. Most of them only heard of things like C/C++, ASP and the like. So, how can I prove to them that PHP is a much better language to use? > > > > Can anyone point me to the right resources for me to show and prove to my clients? > > > > Thanks a lot and sorry if this is the wrong place to ask this question. > > > > > > Yours, > > > > Wee Keat Chin > > > > ----------------------------------- > > "Don't find a fault; find a remedy" > > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php
attached mail follows:
Yes, I think it's a good idea to emphasize "licensing" ($$).
Also, "portability" might be another thing to mention. (With little or no changes, you're apps could run on different platforms, etc.)
- E
PS Does anybody have any tips on how to run IIS/ASP/MSSQL server on a Zaurus (running on Linux)? I already have Apache/PHP/MySQL... Just wondering if I can do some testing;)
"Jason Sheets" <jsheetsphp.net> wrote:
> Search google.com for PHP case studies, also > http://www.zend.com/links/links.php has a few links to sites about PHP > vs. ASP. > > You might also enlighten them about the differences of open source and > Microsoft licensing. > > Bottom line is if you have to make a product something it isn't to sell > a client you shouldn't be using that technology. > > Jason > > On Sun, 2002-11-10 at 20:03, Marco Tabini wrote: > > You can also tell them that some 10 million websites run PHP, including > > the most popular one--Yahoo!. > > > > > > Marco > > > > -- > > ------------ > > php|architect - The magazine for PHP Professionals > > The first monthly worldwide magazine dedicated to PHP programmers > > Check us out on the web at http://www.phparch.com > > > > On Sun, 2002-11-10 at 20:41, Wee Keat [Amorphosium] wrote: > > > Hi all, > > > > > > I'm not too sure if this is the right place to get my answers but I really need to know this: > > > > > > How can I convince my clients that PHP is really good? I mean not a lot of non-programmers have heard of PHP language. Most of them only heard of things like C/C++, ASP and the like. So, how can I prove to them that PHP is a much better language to use? > > > > > > Can anyone point me to the right resources for me to show and prove to my clients? > > > > > > Thanks a lot and sorry if this is the wrong place to ask this question. > > > > > > > > > Yours, > > > > > > Wee Keat Chin > > > > > > ----------------------------------- > > > "Don't find a fault; find a remedy" > > > > > > > > -- > > PHP General Mailing List (http://www.php.net/) > > To unsubscribe, visit: http://www.php.net/unsub.php > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php >
attached mail follows:
What am I missing?
My form does not submit when I hit enter in the text box. I do something approximately like this :
<form action="index.php?s=add" method=post> .... <input type=text name=bongabe value=something> ... <input type=submit value=submit name=submit>
//
Thanks in advance.
attached mail follows:
on 11/11/02 12:44 PM, rija (rijavatu.com) wrote:
> <input type=text name=bongabe value=something>
I think you need to use a <textarea> if you wish for the returns to be submitted.
Cheers
Justin French -------------------- Creative Director http://Indent.com.au Web Developent & Graphic Design --------------------
attached mail follows:
Thanks for your quick answer,
But it doesn't change anything. <textarea> change my text box into big text area-
So I always have to click on submit button to submit the form.
----- Original Message -----
From: "Justin French" <justinindent.com.au>
To: <rijavatu.com>; "php" <php-generallists.php.net>
Sent: Monday, November 11, 2002 3:45 PM
Subject: Re: [PHP] Submit hitting enter problem
> on 11/11/02 12:44 PM, rija (rijavatu.com) wrote:
>
> > <input type=text name=bongabe value=something>
>
> I think you need to use a <textarea> if you wish for the returns to be
> submitted.
>
> Cheers
>
>
> Justin French
> --------------------
> Creative Director
> http://Indent.com.au
> Web Developent &
> Graphic Design
> --------------------
>
>
attached mail follows:
Return key presses in a <textarea> will usually be converted into a newline (\n).
Making your browser submit the form when you press enter is an HTML/Browser issue.
You probably should look at a javascript solution because this is a client side problem.
Jason
On Sun, 2002-11-10 at 21:16, rija wrote:
> Thanks for your quick answer,
>
> But it doesn't change anything.
> <textarea> change my text box into big text area-
>
> So I always have to click on submit button to submit the form.
>
>
>
> ----- Original Message -----
> From: "Justin French" <justinindent.com.au>
> To: <rijavatu.com>; "php" <php-generallists.php.net>
> Sent: Monday, November 11, 2002 3:45 PM
> Subject: Re: [PHP] Submit hitting enter problem
>
>
> > on 11/11/02 12:44 PM, rija (rijavatu.com) wrote:
> >
> > > <input type=text name=bongabe value=something>
> >
> > I think you need to use a <textarea> if you wish for the returns to be
> > submitted.
> >
> > Cheers
> >
> >
> > Justin French
> > --------------------
> > Creative Director
> > http://Indent.com.au
> > Web Developent &
> > Graphic Design
> > --------------------
> >
> >
>
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
attached mail follows:
on 11/11/02 2:16 PM, rija (rijavatu.com) wrote:
> Thanks for your quick answer, > > But it doesn't change anything. > <textarea> change my text box into big text area- > > So I always have to click on submit button to submit the form.
Actually, I miss-read your question... do you WANT the form to be submitted when hitting return/enter???
And you find that this is not happening when you are in a text field???
Correct?
This is a browser thing... I don't *think* there's anything in the standards to say when hitting enter should/shouldn't work -- i think it's something that each browser will do differently.
There may be something you can do with javascript.
Perhaps check out: http://www.w3.org/TR/1998/REC-html40-19980424/interact/forms.html
Or find a similar form example on another site, and dig around thru the code to have a look how they did it.
Justin
attached mail follows:
> Thanks for your quick answer, > > But it doesn't change anything. > <textarea> change my text box into big text area- > > So I always have to click on submit button to submit the form.
So? This doesn't have anything to do with PHP, it's dependant on the browser you are using. IE will do this for you sometimes, while most other browsers don't, I think.
Please ask your question on a relevant list.
---John Holmes...
attached mail follows:
On Monday 11 November 2002 10:44, rija wrote: > What am I missing? > > My form does not submit when I hit enter in the text box. > I do something approximately like this : > > <form action="index.php?s=add" method=post> > .... > <input type=text name=bongabe value=something> > ... > <input type=submit value=submit name=submit> >
What happens when ENTER is pressed depends on what browser you're using. Different browsers exhibit different behaviours, eg the old versions of Netscape (v4 and before) does not submit on ENTER. Also, put quotes around your attribute values eg:
<input type="text" name="bongabe" value="something">
-- Jason Wong -> Gremlins Associates -> www.gremlins.com.hk Open Source Software Systems Integrators * Web Design & Hosting * Internet & Intranet Applications Development */* The more I know men the more I like my horse. */
attached mail follows:
A missing </form> tag? Some browsers are picky, so you might want to also do what someone else suggested to you earlier, which is to put quotes around your attribute values. This is especially important to implement while HTML fades out and languages based on XML (XHTML in particular) fade into popularity. Good luck.
> -----Original Message-----
> From: rija [mailto:rijavatu.com]
> Sent: Sunday, November 10, 2002 8:45 PM
> To: php
> Subject: [PHP] Submit hitting enter problem
>
>
> What am I missing?
>
> My form does not submit when I hit enter in the text box.
> I do something approximately like this :
>
> <form action="index.php?s=add" method=post>
> ....
> <input type=text name=bongabe value=something>
> ...
> <input type=submit value=submit name=submit>
>
> //
>
> Thanks in advance.
>
attached mail follows:
Sure !
But just simple question? Is it necessary to put quotes around these attributes values? Because I think quotes increase the site size, and using IE4, IE5, IE6, NS4, OPERA, quotes don't change anything.
Of course if I have somethings with space, for value's attribute, It is important to put quote because sometimes users enter space.
----- Original Message -----
From: "Jason Wong" <php-generalgremlins.com.hk>
To: <php-generallists.php.net>
Sent: Monday, November 11, 2002 3:33 PM
Subject: Re: [PHP] Submit hitting enter problem
> What happens when ENTER is pressed depends on what browser you're using. > Different browsers exhibit different behaviours, eg the old versions of > Netscape (v4 and before) does not submit on ENTER. Also, put quotes around > your attribute values eg: > > <input type="text" name="bongabe" value="something"> > > -- > Jason Wong -> Gremlins Associates -> www.gremlins.com.hk > Open Source Software Systems Integrators > * Web Design & Hosting * Internet & Intranet Applications Development * > > /* > The more I know men the more I like my horse. > */ > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > >
attached mail follows:
well, you are right they may work, but according to the sepcification qoutes should be added, you should follow it, because you don't know the hidden browsers out there which you didn't test, and IE, Opera, NS can't guarantee that they will support this behaviour in future releases
_________________________________________________________________ MSN 8 helps eliminate e-mail viruses. Get 2 months FREE*. http://join.msn.com/?page=features/virus
attached mail follows:
Hi Rija:
No It's not "mandatory" to put quotes around attributes, but it would be wise to use this style="recommended" method of representing attributes, if for no reason="other" than to get used to a habit="good".
coding="happiness"
David
On Monday, November 11, 2002, at 12:36 AM, rija wrote:
> Sure !
>
> But just simple question?
> Is it necessary to put quotes around these attributes values?
> Because I think quotes increase the site size, and using IE4, IE5,
> IE6, NS4,
> OPERA, quotes don't change anything.
>
>
> Of course if I have somethings with space, for value's attribute, It is
> important to put quote because sometimes users enter space.
>
>
> ----- Original Message -----
> From: "Jason Wong" <php-generalgremlins.com.hk>
> To: <php-generallists.php.net>
> Sent: Monday, November 11, 2002 3:33 PM
> Subject: Re: [PHP] Submit hitting enter problem
>
>> What happens when ENTER is pressed depends on what browser you're
>> using.
>> Different browsers exhibit different behaviours, eg the old versions
>> of
>> Netscape (v4 and before) does not submit on ENTER. Also, put quotes
>> around
>> your attribute values eg:
>>
>> <input type="text" name="bongabe" value="something">
>>
>> --
>> Jason Wong -> Gremlins Associates -> www.gremlins.com.hk
>> Open Source Software Systems Integrators
>> * Web Design & Hosting * Internet & Intranet Applications Development
>> *
>>
>> /*
>> The more I know men the more I like my horse.
>> */
>>
>>
>> --
>> PHP General Mailing List (http://www.php.net/)
>> To unsubscribe, visit: http://www.php.net/unsub.php
>>
>>
>
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
attached mail follows:
Really big thank to everybody,
But, now, I know what happening, because I check form submit using isset($_POST['submit']), so if user don't press submit button, $_POST['submit'] stay null even the rest is already sent. Then my script send me back to the first page.
----- Original Message -----
From: "Justin French" <justinindent.com.au>
To: <rijavatu.com>; "php" <php-generallists.php.net>
Sent: Monday, November 11, 2002 4:28 PM
Subject: Re: [PHP] Submit hitting enter problem
> on 11/11/02 2:16 PM, rija (rijavatu.com) wrote:
>
>
> Actually, I miss-read your question... do you WANT the form to be
submitted
> when hitting return/enter???
>
> And you find that this is not happening when you are in a text field???
>
> Correct?
>
>
> This is a browser thing... I don't *think* there's anything in the
standards
> to say when hitting enter should/shouldn't work -- i think it's something
> that each browser will do differently.
>
> There may be something you can do with javascript.
>
>
> Perhaps check out:
> http://www.w3.org/TR/1998/REC-html40-19980424/interact/forms.html
>
>
> Or find a similar form example on another site, and dig around thru the
code
> to have a look how they did it.
>
>
> Justin
>
>
attached mail follows:
On Monday 11 November 2002 13:36, rija wrote: > Sure ! > > But just simple question? > Is it necessary to put quotes around these attributes values?
Let's put it this way, using quotes will not break any browser. Not using quotes /may/ make your page not work correctly on browsers which implement strict syntax checking.
> Because I think quotes increase the site size, and using IE4, IE5, IE6, > NS4, OPERA, quotes don't change anything.
Yes, but by how much? You'll probably shave much more off the byte count by optimising your graphics than scrimping on quotes. Assuming a 56K modem downloading at 4KB/s, you would have to remove over 4000 quotes to save 1 sec of download time.
-- Jason Wong -> Gremlins Associates -> www.gremlins.com.hk Open Source Software Systems Integrators * Web Design & Hosting * Internet & Intranet Applications Development */* President Reagan has noted that there are too many economic pundits and forecasters and has decided on an excess prophets tax. */
attached mail follows:
On Monday 11 November 2002 14:04, rija wrote: > Really big thank to everybody, > > But, now, I know what happening, because I check form submit using > isset($_POST['submit']), so if user don't press submit button, > $_POST['submit'] stay null even the rest is already sent. Then my script > send me back to the first page.
Like everybody had said "different browsers do different things on ENTER".
Some browsers (eg Opera) will submit your form as if you had clicked on the submit button. Others (eg IE), like you've already found out for yourself, submits the form but does not send the submit button.
-- Jason Wong -> Gremlins Associates -> www.gremlins.com.hk Open Source Software Systems Integrators * Web Design & Hosting * Internet & Intranet Applications Development */* If in any problem you find yourself doing an immense amount of work, the answer can be obtained by simple inspection. */
attached mail follows:
David Rice wrote...
> It's not "mandatory" to put quotes around attributes, but it would be wise to > use this style="recommended" method of representing attributes, if for no > reason="other" than to get used to a habit="good".
It is mandatory for XHTML, I believe.
-- Charles Wiltgen
attached mail follows:
Hello,
"Charles Wiltgen" <listswiltgen.net> wrote:
> David Rice wrote... > > > It's not "mandatory" to put quotes around attributes, but it would be wise to > > use this style="recommended" method of representing attributes, if for no > > reason="other" than to get used to a habit="good". > > It is mandatory for XHTML, I believe. >
It is. Without the quotes, the validator would complain. I came across this some time ago:
http://www.w3.org/TR/xhtml1/#h-4.4
- E
attached mail follows:
One point nobody seems to have raised about why its important to quote attribute values ...
<? $Value="foo bar"; echo "<INPUT type=text value=$Value>"; ?>
will produce the following code in the browser
<INPUT type=text value=foo bar>
and renders in the browser (testing in ie6) as a text box containing only the word foo
(The browser sets the value to foo and things bar is an unknown attribute so correctly ignores it)
quoting the attribute value fixes it
<? $Value="foo bar"; echo "<INPUT type='text' value='$Value'> ?>
produces
<INPUT type='text' value='foo bar'>
"Jason Wong" <php-generalgremlins.com.hk> wrote in message
news:200211111233.17744.php-generalgremlins.com.hk...
> On Monday 11 November 2002 10:44, rija wrote:
> > What am I missing?
> >
> > My form does not submit when I hit enter in the text box.
> > I do something approximately like this :
> >
> > <form action="index.php?s=add" method=post>
> > ....
> > <input type=text name=bongabe value=something>
> > ...
> > <input type=submit value=submit name=submit>
> >
>
> What happens when ENTER is pressed depends on what browser you're using.
> Different browsers exhibit different behaviours, eg the old versions of
> Netscape (v4 and before) does not submit on ENTER. Also, put quotes around
> your attribute values eg:
>
> <input type="text" name="bongabe" value="something">
>
> --
> Jason Wong -> Gremlins Associates -> www.gremlins.com.hk
> Open Source Software Systems Integrators
> * Web Design & Hosting * Internet & Intranet Applications Development *
>
> /*
> The more I know men the more I like my horse.
> */
>
attached mail follows:
On Monday 11 November 2002 17:59, Richard Allsebrook wrote: > One point nobody seems to have raised about why its important to quote > attribute values ... > > <? > $Value="foo bar"; > echo "<INPUT type=text value=$Value>"; > ?> > > will produce the following code in the browser > > <INPUT type=text value=foo bar> > > and renders in the browser (testing in ie6) as a text box containing only > the word foo > > (The browser sets the value to foo and things bar is an unknown attribute > so correctly ignores it) > > quoting the attribute value fixes it > > <? > $Value="foo bar"; > echo "<INPUT type='text' value='$Value'> > ?> > > produces > > <INPUT type='text' value='foo bar'>
The OP is aware of this and has pointed it out :)
-- Jason Wong -> Gremlins Associates -> www.gremlins.com.hk Open Source Software Systems Integrators * Web Design & Hosting * Internet & Intranet Applications Development */* Start every day off with a smile and get it over with. -- W.C. Fields */
attached mail follows:
SELECT DECODE(ENCODE('password', 'sec'), SUBSTRING("secret",1,3)); if you put quotes around substring function, mysql considere it as a string, so I think you shouldn't.
After, are you sure that the correct table field name is the weirdthing encoded by this function : ENCODE('password', 'sec') ??? if so, show us, the script that allow you to record the password ?
----- Original Message -----
From: "Donahue Ben" <fun23_usyahoo.com>
To: <php-generallists.php.net>
Sent: Monday, November 11, 2002 11:13 AM
Subject: [PHP] mysql DECODE question
> SELECT DECODE(ENCODE('password', 'sec'), 'sec') -> > password > > When I try: > SELECT DECODE(ENCODE('password', 'sec'), > 'SUBSTRING("secret",1,3)'); or without quotes around > SUBSTRING function > > This does not produce the same output, i am not sure > what the problem is. > > Ben > > __________________________________________________ > Do you Yahoo!? > U2 on LAUNCH - Exclusive greatest hits videos > http://launch.yahoo.com/u2 > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > >
attached mail follows:
I'm doing some PHP work, and I've come across the <h/1> tag. What, exactly, is this?
attached mail follows:
> I'm doing some PHP work, and I've come across the <h/1> tag. What, > exactly, > is this?
It is probably just a typo for an <h1> tag. It's nothing that PHP would create on its own.
---John Holmes...
attached mail follows:
Actually, it's a product of Microsoft Frontpage that a client sent me.
-----Original Message-----
From: John W. Holmes [mailto:holmes072000charter.net]
Sent: Sunday, November 10, 2002 9:33 PM
To: 'John Meyer'; php-generallists.php.net
Subject: RE: [PHP] <h/1> tag
> I'm doing some PHP work, and I've come across the <h/1> tag. What, > exactly, > is this?
It is probably just a typo for an <h1> tag. It's nothing that PHP would create on its own.
---John Holmes...
-- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
attached mail follows:
Hmmmm.... Frontpage creating bad code? ... say it ain't so!
---John Holmes...
> -----Original Message-----
> From: John Meyer [mailto:johnmeyer_1978yahoo.com]
> Sent: Sunday, November 10, 2002 11:34 PM
> To: php-generallists.php.net
> Subject: RE: [PHP] <h/1> tag
>
>
> Actually, it's a product of Microsoft Frontpage that a client sent me.
> -----Original Message-----
> From: John W. Holmes [mailto:holmes072000charter.net]
> Sent: Sunday, November 10, 2002 9:33 PM
> To: 'John Meyer'; php-generallists.php.net
> Subject: RE: [PHP] <h/1> tag
>
>
> > I'm doing some PHP work, and I've come across the <h/1> tag. What,
> > exactly,
> > is this?
>
> It is probably just a typo for an <h1> tag. It's nothing that PHP
would
> create on its own.
>
> ---John Holmes...
>
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
attached mail follows:
Perhaps it has something to do with XML? A new coding scheme perhaps? Or perhaps a typo from XHTML-like syntax, which requires coding like <br />, etc. with the trailing forward slash inside the tag. It could be that Microsoft has developed a new coding scheme using XML which has its own DTD or XML Schema. I'm not sure what it could be. You can go to Microsoft.com (this site gives me shivers) and "dig" through their site for how they syntax markup within their FrontPage application.
- Darwin
> -----Original Message-----
> From: John Meyer [mailto:johnmeyer_1978yahoo.com]
> Sent: Sunday, November 10, 2002 10:24 PM
> To: php-generallists.php.net
> Subject: [PHP] <h/1> tag
>
>
> I'm doing some PHP work, and I've come across the <h/1> tag.
> What, exactly,
> is this?
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
attached mail follows:
"John Meyer" <johnmeyer_1978yahoo.com> wrote:
> I'm doing some PHP work, and I've come across the <h/1> tag. What, exactly, > is this?
Could be a new tag--M$ Frontpage style :)
Anyway, what does it do? It may not even be a "tag"--perhaps a secret code...
- E
attached mail follows:
John,
Google search turned up nada. Perhaps it's just a typo.
Hugh
----- Original Message -----
From: " Edwin" <copperwallshotmail.com>
To: <php-generallists.php.net>
Sent: Sunday, November 10, 2002 11:08 PM
Subject: Re: [PHP] <h/1> tag
>
> "John Meyer" <johnmeyer_1978yahoo.com> wrote:
>
> > I'm doing some PHP work, and I've come across the <h/1> tag. What,
> exactly,
> > is this?
>
> Could be a new tag--M$ Frontpage style :)
>
> Anyway, what does it do? It may not even be a "tag"--perhaps a secret
> code...
>
> - E
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
attached mail follows:
What if you create an array of all the letters and numbers, then shuffle that array, implode it into a string and grab the first 24 characters? It should be fairly random, but not guaranteed unique.
---John Holmes...
> -----Original Message-----
> From: Edwin [mailto:copperwallshotmail.com]
> Sent: Sunday, November 10, 2002 6:22 AM
> To: Sebastian A.
> Cc: php-generallists.php.net
> Subject: Re: [PHP] Unique Identifier String
>
> Hello,
>
> "Sebastian A." <sebixinium.com> wrote:
>
> > I am currently working on a mySQL site administration system and I
need
> help
> > on figuring out how I can create a 24 digit letter/number unique
> identifier
> > string. I know that I can easily get a random number using a PHP
> function
> (I
> > can remember it off the top of my head) but I also need to create
random
> > letters and then insert them into the number. Here are the steps of
the
> > process:
> >
> > 1. Create a 12 digit random number using a PHP function
> > 2. Create 12 random letters
> > 3. Insert the letters into the number, or the other way around
> > Result: 1h5l79G05OP65kN61LPs1o6Z
> >
> >
> > Out of the steps above, I am not sure how to do 2 and 3 and I would
> greatly
> > appreciate it if someone could point out for me how to do them.
>
> This may not be the best way but you can do it this way:
> 1. Make sure that the number 1 above is in an array. Then,
> 2. Make an array of uppercase and lowercase letters, shuffle() them.
> 3. Get 12 from each. (i.e. by looping thru each and assigning it to
> another
> array, etc.)
> 4. array_merge() the two resulting arrays.
> 5. shuffle() again.
>
> Should work...
>
> - E
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
attached mail follows:
Hello,
"John W. Holmes" <holmes072000charter.net> wrote:
> What if you create an array of all the letters and numbers, then shuffle > that array, implode it into a string and grab the first 24 characters? > It should be fairly random, but not guaranteed unique.
...but just grabbing the first 24 chars wouldn't really give you a 12-letter-12-digit random string, no? I believe he needs the that way...
- E
attached mail follows:
I don't know if this is a bug, or what, but I get an error when trying the following
if ( isset($adodbobject->Fields('myresult') ) ) { // do something }
PHP throws an error ( not warning ) saying: Parse error: parse error, expecting `','' or `')'' in /path/to/index.php on line 45
However, when I modify the isset to look like this:
$_q = $adodbobject->Fields('myresult'); if ( isset($_q) ) { // do something }
It works fine.
Is this proper behavior for isset, or is this a php bug? I can't search google groups for "->", or any other search engine for that matter. So it has been tough trying to see if anyone else gets this error.
Many thanks!
--Brian
PS: what is the proper term for the "->" syntax? pointer?
attached mail follows:
> I don't know if this is a bug, or what, but I get an error when trying the > following > > if ( isset($adodbobject->Fields('myresult') ) ) { // do something } > > PHP throws an error ( not warning ) saying: > Parse error: parse error, expecting `','' or `')'' in /path/to/index.php > on > line 45 > > However, when I modify the isset to look like this: > > $_q = $adodbobject->Fields('myresult'); > if ( isset($_q) ) { // do something } > > It works fine.
That's because isset() is expecting a variable, not a function. In your first example, you're trying to see if a function is set, not a variable. In your second example, you're doing it right...
---John Holmes...
attached mail follows:
> That's because isset() is expecting a variable, not a function. In your > first example, you're trying to see if a function is set, not a > variable. In your second example, you're doing it right... > > ---John Holmes...
That actually makes sense once I thought about it, a function referencing a variable, or reference to a variable is in no way the same as a variable.
Thanks!
attached mail follows:
On Sun, 10 Nov 2002 18:34:52 -0600, you wrote:
>PS: what is the proper term for the "->" syntax? pointer?
In Perl it's called an infix operator. I think in PHP the technical term for it is that "->" thingy... :-)
attached mail follows:
> Has anyone taken a look at this magazine yet (www.phparch.com)? I came > across mention of it on Slashdot earlier today and it looks interesting. > I > am considering subscribing but wouldn't mind some feedback about the > overall quality of the publication beforehand. > > Nick Oostveen
It's new, the first issue isn't out yet. Give it a try when it comes out.
---John Holmes...
attached mail follows:
> did any one face a prob when session vars get mixed from a website to > another when you use the same browser window ?
No, did you?
---John Holmes...
attached mail follows:
Well, if you rule out ob_* and javascript, the best you can probably do is to just include() your error page or write a function to display it. You won't be redirected to the page, but it'll show up.
---John Holmes...
> -----Original Message-----
> From: Monty [mailto:monty3hotmail.com]
> Sent: Saturday, November 09, 2002 5:43 PM
> To: php-generallists.php.net
> Subject: [PHP] Handling Errors Gracefully
>
> Is there any way to gracefully handle errors that happen after output
to
> the
> screen has begun (the point where header(Location:) doesn't work)
without
> using ob_ functions?
>
> I have a separate PHP page I'd like to display with the error if one
> happens
> using the error_handler() and trigger_error() functions. But, I can't
make
> it work because if the error happens after output starts, I just get
an
> error stating header() won't work.
>
> I'm also not sure of the best way to pass all the error data to the
error
> page. Its too much for a $_GET.
>
> Anyone have any suggestions or links to articles that explain how this
can
> be done?? Thanks a lot.
>
> Monty
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
attached mail follows:
> OK, thanks for no help whatsoever. But I'm not bitter; I'm here to > report what I found so that the next guy with this problem isn't stuck: > > The PHP docs say to change variables in /etc/php.ini (like the whole > world knows about) but the key is to *also* look into php.CONF, too. > That's where the problem was. > > And though I don't understand why the second file was there, or why no > one piped up about it, this is the obscure answer to an obscure problem.
You say you're not bitter, but it doesn't sound that way.
Remember, no one is getting paid to do this. Some questions just go unanswered, sorry. All you can do is rephrase and ask again or ask somewhere else.
But, thank you for posting the solution you did eventually find. That will be of assistance if anyone ever searches the archives before posting...
Hey, I can dream, can't I??
---John Holmes...
attached mail follows:
php.CONF? Is that some distribution-specific file? It's not a PHP thing and thus would not be documented by us.
-Rasmus
On Sun, 10 Nov 2002, John W. Holmes wrote:
> > OK, thanks for no help whatsoever. But I'm not bitter; I'm here > to > > report what I found so that the next guy with this problem isn't > stuck: > > > > The PHP docs say to change variables in /etc/php.ini (like the > whole > > world knows about) but the key is to *also* look into php.CONF, too. > > That's where the problem was. > > > > And though I don't understand why the second file was there, or > why no > > one piped up about it, this is the obscure answer to an obscure > problem. > > You say you're not bitter, but it doesn't sound that way. > > Remember, no one is getting paid to do this. Some questions just go > unanswered, sorry. All you can do is rephrase and ask again or ask > somewhere else. > > But, thank you for posting the solution you did eventually find. That > will be of assistance if anyone ever searches the archives before > posting... > > Hey, I can dream, can't I?? > > ---John Holmes... > > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php >
attached mail follows:
John W. Holmes wrote...
> But, thank you for posting the solution you did eventually find. That will be > of assistance if anyone ever searches the archives before posting... > > Hey, I can dream, can't I??
I personally think more people would do that if something like...
Ask your worst, but search the archives first! <http://marc.theaimsgroup.com/?l=php-general>
...appeared at the bottom of the messages. List Mom?
-- Charles Wiltgen
attached mail follows:
Anyone out there know how to get the mcrypt functions running under Win32?
Any help / how-to's / URLs will be greatly appreciated. - I have searched around the web and found a few things, but nothing that really gives any good information
Thanks in advance for the help!!!
//Nick Richardson
// esoteric.webgte.net
--- Outgoing mail is certified Virus Free. Can McAfee do that? - Hell NO! Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.408 / Virus Database: 230 - Release Date: 10/24/2002
attached mail follows:
Has anyone used the PHP functions to integrate with Payflow Pro? Before I fork out the cash to sign up for an account with them, I'd like to know how solid the SDK and integration is. Thanks!
attached mail follows:
hi to all again,
I have a problem here again regarding the date comparison. I need to check the most recent date that was entered in mysql database in date format ("Y-m-d"), if the datetoday is a day or two days in advanced compared to the queried date. I need to make sure that the next inserted date in the mysql database whould be the next day of the last inserted date. Any idea how? Please help.
Im trying to do something like this:
//checking the queried date $querieddate=(2002-11-02);
$incrementdate=date("$querieddate"),mktime(0,0,0,date(m), date(d)+1,date(Y))); $datetoday=("Y-m-d"); if($incrementdate == $datetoday){ //insert $datetoday to the mysql database }else{ //insert $incrementdate to the mysql database
}
regards , mike
attached mail follows:
> I have a problem here again regarding the date comparison. I need to > check the most recent date that was entered in mysql database in date > format ("Y-m-d"), if the datetoday is a day or two days in advanced > compared to the queried date. > I need to make sure that the next inserted date in the mysql database > whould be the next day of the last inserted date.
Wow...that's confusing. :)
You will probably want to look at the DATE_SUB and DATE_ADD functions in MySQL. They are in the Date and Time section of Chapter 6 in the manual.
Something like this would insert the "date" and the day after it into two columns in the database.
$date = '2002-10-31';
$r = mysql_query("INSERT INTO your_table (todaydate, tomorrowdate) VALUES ('$date','$date' + INTERVAL 1 DAY)");
INTERVAL is a shortcut to the DATE_SUB and DATE_ADD functions.
---John Holmes...
attached mail follows:
Is it too late to change the way you insert dates into the DB? I really think the unix timestamp is the easiest way to store dates... comparisons are easy, because everything is in seconds, and using date() gives you the ability to re-format your dates over and over again for presentation purposes.
Just my 2 cents :)
Justin
on 11/11/02 4:04 PM, Michael P. Carel (mikecarelteamglac.com) wrote:
> hi to all again, > > I have a problem here again regarding the date comparison. I need to check the > most recent date that was entered in mysql database in date format ("Y-m-d"), > if the datetoday is a day or two days in advanced compared to the queried > date. > I need to make sure that the next inserted date in the mysql database whould > be the next day of the last inserted date. > Any idea how? Please help. > > Im trying to do something like this: > > //checking the queried date > $querieddate=(2002-11-02); > > $incrementdate=date("$querieddate"),mktime(0,0,0,date(m), date(d)+1,date(Y))); > $datetoday=("Y-m-d"); > if($incrementdate == $datetoday){ > //insert $datetoday to the mysql database > }else{ > //insert $incrementdate to the mysql database > > } > > > regards , > mike
Justin French -------------------- Creative Director http://Indent.com.au Web Developent & Graphic Design --------------------
attached mail follows:
What u had done to install PHP
added a dll module in IIS or Mapped the php.exe to .php and .php3 or .php4
Prachait
Bob G wrote:
> Hi people! > I have MySQL working with ASP under win2000 and IIS. I have recently > tried unsuccessfully to install PHP. Initially I started with zip binary > distribution. I tested it with:- > <html> > <head> > <title>PHP Test</title> > <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> > </head> > > <body bgcolor="#FFFFFF" text="#000000"> > <?php echo "Hello World<p>"; ?> > </body> > </html> > Couldn't be much simpler! > > Nothing worked but "view source" showed the above code. The implication > being that the sever did not parse the code. > I then deleted every thing and tried "InstallShield" with exactly the same > result. > I have reinstalled IIS - no change > I have added PHP to the application mapping. > I have given exec permissions to C:/PHP > The setup instructions say that I must rename PHP TO PHP.INI in WINNT and > that is all. Is this true. If not what precisely must I do? > Failing the .INI question I think I have done everything in the OPINS. But > you guys will know better. What have I missed? > All thoughts gratefully appreciated > Thanks Bob
-- Bye, and Have a nice day. Prachait Saxena --------------------------- Phone :- +91 - 712 - 544476 Email :- prachait
attached mail follows:
Hi Prachait. Many thanks for your reply. I have not added to dll in IIS. I simply wanted to get off the ground and then build on what I had. So I followed the operating instructions for InstallationShield and modified the application mappings for .PHP and .PHP3 to point to C:/PHP.php.exe. I did though modify the previous IIS with the regedit provided by PHP zip version with the same results. Since that time I have reloaded ISS so I would have thought we were back to square one!!
One strange thing though PHP.EXE ignores anything I type into it e.g. info(). I have downloaded PHP from 2 different mirrors so I would have thought they were to be trusted.
My thoughts were that PHP.INI might need modification. But what specifically? The install instructions suggest that it should work as is.
Any Thoughts - Anyone please?
Thanks Bob
"Prachait Saxena" <prachaitnagpur.dot.net.in> wrote in message
news:20021111060718.30648.qmailpb1.pair.com...
> What u had done to install PHP
>
> added a dll module in IIS or Mapped the php.exe to .php and .php3 or .php4
>
> Prachait
>
> Bob G wrote:
>
> > Hi people!
> > I have MySQL working with ASP under win2000 and IIS. I have recently
> > tried unsuccessfully to install PHP. Initially I started with zip
binary
> > distribution. I tested it with:-
> > <html>
> > <head>
> > <title>PHP Test</title>
> > <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
> > </head>
> >
> > <body bgcolor="#FFFFFF" text="#000000">
> > <?php echo "Hello World<p>"; ?>
> > </body>
> > </html>
> > Couldn't be much simpler!
> >
> > Nothing worked but "view source" showed the above code. The implication
> > being that the sever did not parse the code.
> > I then deleted every thing and tried "InstallShield" with exactly the
same
> > result.
> > I have reinstalled IIS - no change
> > I have added PHP to the application mapping.
> > I have given exec permissions to C:/PHP
> > The setup instructions say that I must rename PHP TO PHP.INI in WINNT
and
> > that is all. Is this true. If not what precisely must I do?
> > Failing the .INI question I think I have done everything in the OPINS.
But
> > you guys will know better. What have I missed?
> > All thoughts gratefully appreciated
> > Thanks Bob
>
> --
> Bye, and Have a nice day.
>
> Prachait Saxena
> ---------------------------
> Phone :- +91 - 712 - 544476
> Email :- prachaitnagpur.dot.net.in
> ICQ :- 71855637
> MSN :- prachaithotmail.com
> Yahoo Messenger :- prachaityahoo.com
>
> If you do for other's !
> Other's will do for you !!
>
> Visit me at
> http://www.Prachait.Com/
> http://www.SitesOnTesting.Com/
attached mail follows:
Ok, I have something like this set up:
1. User logs into site. Authenticates through a mysql table which basically just has username/password columns. Session is set.
2. User goes through site looking for information he'd like to purchase based on specific fields. After the gathering of information is done, a script dumps the text into a CSV file and zips it.
3. The user then downloads the zip.
What I can't figure out though, is in step number 3 - How do I secure this? The filenames are randomly generated, but if someone felt like saving a few bucks, they could write a program to try and brute force the guessing of filenames. I need to somehow have an .htaccess type system, WITHOUT .htaccess since the usernames are all just in a standard MySQL table. Any suggestions? Store the file in a table blob? I can't really think of anything. Thanks for your help.
attached mail follows:
On Monday 11 November 2002 14:10, James Taylor wrote: > Ok, I have something like this set up: > > 1. User logs into site. Authenticates through a mysql table which > basically just has username/password columns. Session is set. > > 2. User goes through site looking for information he'd like to purchase > based on specific fields. After the gathering of information is done, a > script dumps the text into a CSV file and zips it. > > 3. The user then downloads the zip. > > What I can't figure out though, is in step number 3 - How do I secure this? > The filenames are randomly generated, but if someone felt like saving a few > bucks, they could write a program to try and brute force the guessing of > filenames. I need to somehow have an .htaccess type system, WITHOUT > .htaccess since the usernames are all just in a standard MySQL table. Any > suggestions? Store the file in a table blob? I can't really think of > anything. Thanks for your help.
Try searching archives? It's been covered many times before and there are a load of good info in the archives. Start with the keywords as per your subject "Restrict file access".
attached mail follows:
You still need to restrict the files from being served directly over http... this can be done via a .htaccess, or just stored outside the document root.
Then, you create a script called download.php, which INSN'T a html page -- it sets a content header, and passes a .zip file through itself to the user.
Start by reading this article: http://www.zend.com/zend/trick/tricks-august-2001.php
Cheers,
Justin
on 11/11/02 4:10 PM, James Taylor (jtxhatesville.com) wrote:
> Ok, I have something like this set up: > > 1. User logs into site. Authenticates through a mysql table which basically > just has username/password columns. Session is set. > > 2. User goes through site looking for information he'd like to purchase > based on specific fields. After the gathering of information is done, a > script dumps the text into a CSV file and zips it. > > 3. The user then downloads the zip. > > What I can't figure out though, is in step number 3 - How do I secure this? > The filenames are randomly generated, but if someone felt like saving a few > bucks, they could write a program to try and brute force the guessing of > filenames. I need to somehow have an .htaccess type system, WITHOUT > .htaccess since the usernames are all just in a standard MySQL table. Any > suggestions? Store the file in a table blob? I can't really think of > anything. Thanks for your help. >
Justin French -------------------- Creative Director http://Indent.com.au Web Developent & Graphic Design --------------------
attached mail follows:
Thank you sir, problem solved :)
-----Original Message-----
From: Justin French [mailto:justinindent.com.au]
Sent: Sunday, November 10, 2002 11:21 PM
To: James Taylor; php-generallists.php.net
Subject: Re: [PHP] Restrict file access from web users?
You still need to restrict the files from being served directly over http... this can be done via a .htaccess, or just stored outside the document root.
Then, you create a script called download.php, which INSN'T a html page -- it sets a content header, and passes a .zip file through itself to the user.
Start by reading this article: http://www.zend.com/zend/trick/tricks-august-2001.php
Cheers,
Justin
on 11/11/02 4:10 PM, James Taylor (jtxhatesville.com) wrote:
> Ok, I have something like this set up: > > 1. User logs into site. Authenticates through a mysql table which basically > just has username/password columns. Session is set. > > 2. User goes through site looking for information he'd like to purchase > based on specific fields. After the gathering of information is done, a > script dumps the text into a CSV file and zips it. > > 3. The user then downloads the zip. > > What I can't figure out though, is in step number 3 - How do I secure this? > The filenames are randomly generated, but if someone felt like saving a few > bucks, they could write a program to try and brute force the guessing of > filenames. I need to somehow have an .htaccess type system, WITHOUT > .htaccess since the usernames are all just in a standard MySQL table. Any > suggestions? Store the file in a table blob? I can't really think of > anything. Thanks for your help. >
Justin French -------------------- Creative Director http://Indent.com.au Web Developent & Graphic Design --------------------
-- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
attached mail follows:
Our company is currently running a server which is responsible for hosting numerous domains. As a web development firm, traditionally our server has been set up so that only our developers have access to run scripts on it. Recently some of our clients have been looking for FTP access to their sites, mostly static, so that they can make additions directly, and as such we are looking for a way to securely offer them this service.
Essentially, I am looking for a way to do one or all of the following:
1) Enable safe mode on a domain by domain basis. 2) Disable the use of specific functions on a domain by domain basis. 3) Disable php entirely on a domain by domain basis.
Any help or advice with any of the above would be greatly appreciated.
Nick Oostveen
attached mail follows:
Hi. That's my problem: class MYCLASS { var $z = array(); function addOne($PRODUCT_ID,$IL,$PR) { $this->z[$PRODUCT_ID]=array("IL" => $IL, "PR" => $PR); } function myPrice() { $cn = 0.0; reset($this->z); while (list($id,$vals) = each($this->z)) { problem here! -> $cn=$cn + $vals["PR"]*$vals["IL"]; } reset($this->z); return $cn; } }
Example to above: $this->z[1] = array ("IL" => 1, "PR" => 634.4); then function myPrice() counts $cn as 634 (not as 634.4)!!! It works like that even when I convert $vals["PR"] and $vals ["IL"] to floats.
What's the problem?!?!
Thank's for any help :)
----------------------------------------------------------------------- Prawdziwe okazje nie zdarzaj± siê czêsto! Zobacz pe³n± ofertê! < http://zakupy.wp.pl >
attached mail follows:
On Monday 11 November 2002 17:20, Tomasz Ciesielski wrote: > Hi. That's my problem: > class MYCLASS { > var $z = array(); > function addOne($PRODUCT_ID,$IL,$PR) { > $this->z[$PRODUCT_ID]=array("IL" => $IL, > "PR" => $PR); > } > function myPrice() { > $cn = 0.0; > reset($this->z); > while (list($id,$vals) = each($this->z)) { > problem here! -> $cn=$cn + $vals["PR"]*$vals["IL"];
Be creative!
- Use print() on $vals["PR"] and $vals["IL"] to see what they contain - assign them to temp variables, then assign their multiplied value to a third temp variable, then print() all three. - you get the idea.
> } > reset($this->z); > return $cn; > } > } > > Example to above: > $this->z[1] = array ("IL" => 1, "PR" => 634.4); > then function myPrice() counts $cn as 634 (not as 634.4)!!! > It works like that even when I convert $vals["PR"] and $vals > ["IL"] to floats.
-- Jason Wong -> Gremlins Associates -> www.gremlins.com.hk Open Source Software Systems Integrators * Web Design & Hosting * Internet & Intranet Applications Development */* Bilbo's First Law: You cannot count friends that are all packed up in barrels. */
attached mail follows:
Hello:
I'm building an internal messaging system for small biz companies and I can't really go longer!!!!
Problem is, I use some fields to make the message form and one of them must be a <select multiple form element wich refers to messaging persons. This is my form:
<table> <tr> <td height="15" valign="top"><P class="P1">Para:</P></td> <td> <SELECT NAME=receptor[] size=6 multiple> <? //Legenda: eu - significa eusers || pu - significa preparar lista de utilizadores $eu_pu_result = mysql_query("SELECT u.name, u.email FROM users u"); while ($eu_pu = mysql_fetch_row($eu_pu_result)) { for ($i=0;$i<1;$i++) { echo"<option>$eu_pu[0]"; } } ?> </select> </td> </tr> <tr> <td height="15" valign="top"><P class="P1">Prioridade:</P></td> <td> <select name="priority"> <option value="Mínima">Mínima</option> <option SELECTED value="Normal">Normal</option> <option value="Prioritária">Prioritária</option> <option value="Urgente">Urgente</option> </select> </td> </tr> <tr> <td height="15" valign="top"><P class="P1">Assunto:</P></td> <td><input type="text" name="title" size=66 value="<? pv($frm["title"]) ?>"></td> </tr> <tr> <td height="15" valign="top"><P class="P1">Descrição:</P></td> <td><textarea name="description" cols=50 rows=8><? pv($frm["description"]) ?></textarea></td> </tr> <tr> <td> <!--EmptyCellContent--></td> <td><input type="submit" value="<?=$frm["submit_caption"] ?>"></td> </tr> </table>
After this, the page should reload on submit, but I keep getting the warning:
Warning: Undefined index: 1 in c:/apache/htdocs/sites/mail/admin/eusers.php on line 110
Warning: Undefined index: 1 in c:/apache/htdocs/sites/mail/admin/eusers.php on line 110
Warning: Undefined index: 1 in c:/apache/htdocs/sites/mail/admin/eusers.php on line 110
Warning: Undefined index: 1 in c:/apache/htdocs/sites/mail/admin/eusers.php on line 110
Warning: Undefined index: 1 in c:/apache/htdocs/sites/mail/admin/eusers.php on line 110
Warning: Undefined index: 1 in c:/apache/htdocs/sites/mail/admin/eusers.php on line 110
Warning: Undefined index: categories in c:/apache/htdocs/sites/mail/admin/eusers.php on line 120
All but the last, I think they appear because then page reloaded can't see any more the array of people (<select form>).
But... How can I solve the problem?
This is the file that is the page itself, as above in the warnings, called by:"eusers.php":
<? /*************************************************************************** *** * FUNCTIONS
**************************************************************************** */
function print_add_product_form($category_id = 0) { /* print a blank product form so we can add a new product */
global $mfi, $ME;
/* set default values for the reset of the fields */ $frm["categories"] = array($category_id); $frm["newmode"] = "insert"; $frm["receptor"] = ""; $frm["recipient"] = ""; $frm["priority"] = ""; $frm["title"] = ""; $frm["description"] = ""; $frm["on_special"] = ""; $frm["submit_caption"] = "Enviar";
/* build the categories listbox options, preselect the top item */ build_category_tree($category_options, $frm["categories"]);
include("templates/eusers_form.php"); }
function print_edit_product_form($id) { /* print a product form so we can edit the selected product */
global $mfi, $ME;
/* load up the information for the product */ $qid = db_query(" SELECT receptor, recipient, priority, title, description, stage, on_special FROM products WHERE id = $id "); $frm = db_fetch_array($qid);
/* load up the categories for the product */ $qid = db_query(" SELECT category_id FROM products_categories WHERE product_id = $id ");
$frm["categories"] = array(); while ($cat = db_fetch_object($qid)) { $frm["categories"][] = $cat->category_id; }
/* set values for the form */ $frm["newmode"] = "update"; $frm["submit_caption"] = "Enviar";
/* build the categories listbox options, preselect the selected item */ build_category_tree($category_options, $frm["categories"]);
include("templates/eusers_edit_form.php"); }
function delete_product($id) { /* delete the product specified by $id, we have to delete the product and then * the appropriate entries from the products_categories table. this should be * wrapped inside a transaction, unfortunately MySQL currently does not support * transactions. */
global $mfi, $ME;
/* load up the information for the product */ $qid = db_query(" SELECT title FROM products WHERE id = $id "); $prod = db_fetch_object($qid);
/* delete this product */ $qid = db_query(" DELETE FROM products WHERE id = $id ");
/* delete this product from the products_categories table */ $qid = db_query(" DELETE FROM products_categories WHERE product_id = $id ");
include("templates/eusers_deleted.php"); }
function insert_product($id, $frm) { /* add a new subproduct under the parent $id. all the fields that we want are * going to in the variable $frm */
global $mfi, $ME;
$on_special = checked($frm["on_special"]);
/* add the product into the products table */ if (!isset ($receptor[])) { $receptor[] = "{0,0,0,0,0,0}"; } else { } for ($i=0;$i<6;$i++) { $qid = db_query(" INSERT INTO products (receptor, recipient, priority, title, description, date_added, on_special) VALUES ('$receptor[1]', '$mfi->email', '$frm[priority]', '$frm[title]', '$frm[description]', now(), '$on_special') "); }
//mail('$frm[receptor]','$frm[title]','$frm[description]','$frm[recipient]') ;
/* get the product id that was just created */ $product_id = db_insert_id();
/* add this product under the specified categories */ for ($i = 0; $i < count($frm["categories"]); $i++) { $qid = db_query(" INSERT INTO products_categories (category_id, product_id) VALUES ('{$frm["categories"][$i]}', '$product_id') "); } }
function update_product($id, $frm) { /* update the product $id with new values. all the fields that we want are * going to in the variable $frm */
global $mfi, $ME;
checked($frm["on_special"]);
/* update the products table with the new information */ $qid = db_query(" UPDATE products SET receptor = '$frm[receptor]' ,recipient = '$frm[recipient]' ,priority = '$frm[priority]' ,title = '$frm[title]' ,description = '$frm[description]' ,date_added = 'now()' ,on_special = '$frm[on_special]' WHERE id = $id ");
/* delete all the categories this product was associated with */ $qid = db_query(" DELETE FROM products_categories WHERE product_id = $id ");
/* add associations for all the categories this product belongs to, if * no categories were selected, we will make it belong to the top * category */ if (count($frm["categories"]) == 0) { $frm["categories"][] = 0; }
for ($i = 0; $i < count($frm["categories"]); $i++) { $qid = db_query(" INSERT INTO products_categories (category_id, product_id) VALUES ('{$frm["categories"][$i]}', '$id') "); } }
function print_product_list() { /* read all the categories from the database and print them into a table. we * will use a template to display the listings to keep this main script clean */
global $mfi, $ME;
$qid = db_query(" SELECT DISTINCT p.id, p.receptor, p.recipient, p.priority, p.title, p.description, p.date_added, c.name AS category, u.name, u.email, u.username FROM products p, products_categories pc, categories c, users u WHERE p.id = pc.product_id AND c.id = pc.category_id AND p.receptor = u.email AND u.username = '$mfi->suser' "); $num_rows=mysql_num_rows($qid); if ($num_rows == "0") { echo"Nenhuma mensagem nesta caixa!"; } else { include("templates/eusers_list.php"); } }
/*************************************************************************** *** * MAIN
**************************************************************************** */
include("../startup.php"); require_login(); if ((has_priv("clien")) || (has_priv("admin"))) { $mfi->suser = $SESSION['user']['username']; $mfi->email = $SESSION['user']['email']; $DOC_TITLE = "MMS - Administração"; include("head_rec.php"); switch (nvl($mode)) { case "add" : print_add_product_form(nvl($category_id, 0)); break;
case "edit" : print_edit_product_form($id); break;
case "del" : delete_product($id); print_product_list(); break;
case "insert" : insert_product($id, $HTTP_POST_VARS); print_product_list(); break;
case "update" : update_product($id, $HTTP_POST_VARS); print_product_list(); break;
default : print_product_list(); break; }
include("foot_rec.php");
?> <? } else { ?> <? header ("Location: ../logout_now.php"); ?> <? } ?>
attached mail follows:
On Monday 11 November 2002 17:51, Bsantos PHP wrote: > Hello: > > I'm building an internal messaging system for small biz companies and I > can't really go longer!!!! > > Problem is, I use some fields to make the message form and one of them must > be a <select multiple form element wich refers to messaging persons. This > is my form:
[snip]
> After this, the page should reload on submit, but I keep getting the > warning: > > Warning: Undefined index: 1 in c:/apache/htdocs/sites/mail/admin/eusers.php > on line 110 > > Warning: Undefined index: 1 in c:/apache/htdocs/sites/mail/admin/eusers.php > on line 110 > > Warning: Undefined index: 1 in c:/apache/htdocs/sites/mail/admin/eusers.php > on line 110 > > Warning: Undefined index: 1 in c:/apache/htdocs/sites/mail/admin/eusers.php > on line 110 > > Warning: Undefined index: 1 in c:/apache/htdocs/sites/mail/admin/eusers.php > on line 110 > > Warning: Undefined index: 1 in c:/apache/htdocs/sites/mail/admin/eusers.php > on line 110 > > Warning: Undefined index: categories in > c:/apache/htdocs/sites/mail/admin/eusers.php on line 120
Which is line 110 and line 120?
I'm certainly not going to count the lines in your code to see which lines they refer to.
If you want people to help you, you should make it easier for them to do so by indicating which lines are being referred to as 110 & 120.
> All but the last, I think they appear because then page reloaded can't see > any more the array of people (<select form>).
Well, try using print_r() on all your important variables at strategic places in your code to see that they contain what you expect them to contain.
-- Jason Wong -> Gremlins Associates -> www.gremlins.com.hk Open Source Software Systems Integrators * Web Design & Hosting * Internet & Intranet Applications Development */* Utility is when you have one telephone, luxury is when you have two, opulence is when you have three -- and paradise is when you have none. -- Doug Larson */
attached mail follows:
Sorry People:
I really forget that:
Line 110:
VALUES ('$receptor[1]', '$mfi->email', '$frm[priority]', '$frm[title]', '$frm[description]', now(), '$on_special')
which makes part of:
if (!isset ($receptor[])) { $receptor[] = "{0,0,0,0,0,0}"; } else { } for ($i=0;$i<6;$i++) { $qid = db_query(" INSERT INTO products (receptor, recipient, priority, title, description, date_added, on_special) VALUES ('$receptor[1]', '$mfi->email', '$frm[priority]', '$frm[title]', '$frm[description]', now(), '$on_special') "); }
Line 120:
for ($i = 0; $i < count($frm["categories"]); $i++) {
which makes part of:
$product_id = db_insert_id();
/* add this product under the specified categories */ for ($i = 0; $i < count($frm["categories"]); $i++) { $qid = db_query(" INSERT INTO products_categories (category_id, product_id) VALUES ('{$frm["categories"][$i]}', '$product_id') "); }
An this two parts, build a function:
function insert_product($id, $frm) { /* add a new subproduct under the parent $id. all the fields that we want are * going to in the variable $frm */
global $mfi, $ME;
$on_special = checked($frm["on_special"]);
/* add the product into the products table */ if (!isset ($receptor[])) { $receptor[] = "{0,0,0,0,0,0}"; } else { } for ($i=0;$i<6;$i++) { $qid = db_query(" INSERT INTO products (receptor, recipient, priority, title, description, date_added, on_special) VALUES ('$receptor[1]', '$mfi->email', '$frm[priority]', '$frm[title]', '$frm[description]', now(), '$on_special') "); }
//mail('$frm[receptor]','$frm[title]','$frm[description]','$frm[recipient]') ;
/* get the product id that was just created */ $product_id = db_insert_id();
/* add this product under the specified categories */ for ($i = 0; $i < count($frm["categories"]); $i++) { $qid = db_query(" INSERT INTO products_categories (category_id, product_id) VALUES ('{$frm["categories"][$i]}', '$product_id') "); } }
Really sorry... again
"Jason Wong" <php-generalgremlins.com.hk> wrote in message
news:200211111802.38606.php-generalgremlins.com.hk...
> On Monday 11 November 2002 17:51, Bsantos PHP wrote:
> > Hello:
> >
> > I'm building an internal messaging system for small biz companies and I
> > can't really go longer!!!!
> >
> > Problem is, I use some fields to make the message form and one of them
must
> > be a <select multiple form element wich refers to messaging persons.
This
> > is my form:
>
>
> [snip]
>
> > After this, the page should reload on submit, but I keep getting the
> > warning:
> >
> > Warning: Undefined index: 1 in
c:/apache/htdocs/sites/mail/admin/eusers.php
> > on line 110
> >
> > Warning: Undefined index: 1 in
c:/apache/htdocs/sites/mail/admin/eusers.php
> > on line 110
> >
> > Warning: Undefined index: 1 in
c:/apache/htdocs/sites/mail/admin/eusers.php
> > on line 110
> >
> > Warning: Undefined index: 1 in
c:/apache/htdocs/sites/mail/admin/eusers.php
> > on line 110
> >
> > Warning: Undefined index: 1 in
c:/apache/htdocs/sites/mail/admin/eusers.php
> > on line 110
> >
> > Warning: Undefined index: 1 in
c:/apache/htdocs/sites/mail/admin/eusers.php
> > on line 110
> >
> > Warning: Undefined index: categories in
> > c:/apache/htdocs/sites/mail/admin/eusers.php on line 120
>
> Which is line 110 and line 120?
>
> I'm certainly not going to count the lines in your code to see which lines
> they refer to.
>
> If you want people to help you, you should make it easier for them to do
so by
> indicating which lines are being referred to as 110 & 120.
>
> > All but the last, I think they appear because then page reloaded can't
see
> > any more the array of people (<select form>).
>
> Well, try using print_r() on all your important variables at strategic
places
> in your code to see that they contain what you expect them to contain.
>
> --
> Jason Wong -> Gremlins Associates -> www.gremlins.com.hk
> Open Source Software Systems Integrators
> * Web Design & Hosting * Internet & Intranet Applications Development *
>
> /*
> Utility is when you have one telephone, luxury is when you have two,
> opulence is when you have three -- and paradise is when you have none.
> -- Doug Larson
> */
>
attached mail follows:
one reason that i could think of for not including session id into URL and using cookies would be copy & paste.
users could just copy and paste the url and send it to his/her friends. and it could be a considerably number of people. imagine couple of people clicking on the link. that session will be shared among that no. of active people at that particular time. in short, session hijacking will occur.
Ernest E Vogelsinger wrote: > At 22:41 10.11.2002, Charles Wiltgen said: > --------------------[snip]-------------------- > >>I'm about to implement session management, and I'm considering rolling my >>own instead of using PHP's. > > > Hmm - NIH syndrome? > (>>not invented here<<) > > >>Specifically, I'm considering using hidden fields for persistent object >>properties because (1) I don't want cookies to be an issue, (2) I prefer not >>to have session IDs appear in a URL, and (3) I prefer not to use require a >>database just to store persistent properties. > > --------------------[snip]-------------------- > > As Justin already pointed out you make yourself stick to forms, not > allowing any "normal" page be session-dependent - but that's only one of > the drawbacks. > > The issue that would disturb me the most is data security - if you use the > client browser to store object persistent data this opens up a whole world > of possibilities to hack your data... Of course you could always check if > the hidden fields are still ok, using some md5 or whetever, but why the hassle? > > If you don't want cookies (I too don't use them for a session and have > disabled session cookies in our php.ini), PHP will transparently merge the > session identifier into its output (as long as you don't use ob_gzhandler, > that is). But why don't you like the session ID magled into links? > > "prefer not to use a database" - that's not the case with standard php > sessions, they get written to a file somewhere. Just make sure that this > "somewhere" is > a) read/writable by apache > b) not read/writable by anyone else > and you are (relatively) secure. > >
attached mail follows:
one reason that i could think of for not including session id into URL and using cookies would be copy & paste.
users could just copy and paste the url and send it to his/her friends. and it could be a considerably number of people. imagine couple of people clicking on the link. that session will be shared among that no. of active people at that particular time. in short, session hijacking will occur.
Ernest E Vogelsinger wrote: > At 22:41 10.11.2002, Charles Wiltgen said: > --------------------[snip]-------------------- > >>I'm about to implement session management, and I'm considering rolling my >>own instead of using PHP's. > > > Hmm - NIH syndrome? > (>>not invented here<<) > > >>Specifically, I'm considering using hidden fields for persistent object >>properties because (1) I don't want cookies to be an issue, (2) I prefer not >>to have session IDs appear in a URL, and (3) I prefer not to use require a >>database just to store persistent properties. > > --------------------[snip]-------------------- > > As Justin already pointed out you make yourself stick to forms, not > allowing any "normal" page be session-dependent - but that's only one of > the drawbacks. > > The issue that would disturb me the most is data security - if you use the > client browser to store object persistent data this opens up a whole world > of possibilities to hack your data... Of course you could always check if > the hidden fields are still ok, using some md5 or whetever, but why the hassle? > > If you don't want cookies (I too don't use them for a session and have > disabled session cookies in our php.ini), PHP will transparently merge the > session identifier into its output (as long as you don't use ob_gzhandler, > that is). But why don't you like the session ID magled into links? > > "prefer not to use a database" - that's not the case with standard php > sessions, they get written to a file somewhere. Just make sure that this > "somewhere" is > a) read/writable by apache > b) not read/writable by anyone else > and you are (relatively) secure. > >
attached mail follows:
Hello there,
My CS clan has just starting using phpBB for our clan forum. We are planning to develop a new php based site and wanted to be able to display customised content on the main page depending on the user logged in. For instance, I was thinking of having a login box in the corner of the page, and once logged in, you could navigate to the forum without having to sign in again.
Also, because each user has their own profile, I'd like them to be able to choose what content/news/announcements they see when they go to the site etc. An example of stuff like this in action is CS Nation.
Is all this rather ambitious, or can any give some advice/pointers/sources of info to go on?
Cheers,
Monk's
attached mail follows:
hi,
How do you refresh a page in php?
If i cannot wat is the code or meta(i think) to do so?
Thanks Shaun
attached mail follows:
<meta http-equiv="refresh" content="X, http://www.Y.EXT"> Being:
X - number of seconds Y - domain EXT -type of domain (.net, .pt, .com, .org, etc...)
In PHP you use it also, or you may go to same location as an header (double check where to do it...):
header("Location: http://www.where_I_am_right_noe.something/this/that/etc");
Cheers,
bsantos
"Shaun" <johannovtel.co.za> wrote in message
news:20021111112327.79700.qmailpb1.pair.com...
> hi,
>
> How do you refresh a page in php?
>
> If i cannot wat is the code or meta(i think) to do so?
>
> Thanks
> Shaun
>
>
attached mail follows:
http://www.google.com/search?q=meta+refresh+html+code
Google is your friend.
Cheers
Brendon
-----Original Message-----
From: Shaun [mailto:johannovtel.co.za]
Sent: Monday, November 11, 2002 9:24 PM
To: php-generallists.php.net
Subject: [PHP] refresh
hi,
How do you refresh a page in php?
If i cannot wat is the code or meta(i think) to do so?
Thanks Shaun
-- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
attached mail follows:
Hello,
Is there a way i can test the cpu or the hdd for its serial number in php under linux and win?
Thanks
Thomas "omega" Henning
attached mail follows:
hello..
I use Dreamweaver for coding but i knew the zend studio. When i try run a script, the output window show me this:
X-Powered-By: PHP/4.2.1
Content-type: text/html
<br /> <b>Fatal error</b>: Call to undefined function: mssql_connect() in <b>E:\cef\hab\frm_diagnostico.php</b> on line <b>2</b><br />
But when i run this script from my browser, work. I don't know how i decide this error. My function of mssql_connect have correct.
ps.: Sorry my english (bad)
ass.: Augusto Flavio
__________________________________________________ Do you Yahoo!? U2 on LAUNCH - Exclusive greatest hits videos http://launch.yahoo.com/u2
attached mail follows:
I'm looking into the feasibility of moving our current MySQL database to Postgres and have been looking over the PHP documentation for each, comparing the functionality. One of the functions we use alot that I haven't seen in the pg function list is the equivilant of mysql_data_seek. Is there such a function? The closest thing I saw was pg_lo_seek() but I don't think (know, really. I'm still unsure what Large Objects are in the pgSQL context) I'll be using LO's.
Any info would be appreciated. Also, if you have gone through this (MySQL -> pgSQL), I'd love to hear your experiences.
Chris
attached mail follows:
Has anyone implemented credit card processing with surepay.com using PHP?
Any tips would be appreciated.
Clint
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]