|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
php-general Digest 16 Jul 2004 04:33:22 -0000 Issue 2879
php-general-digest-help
lists.php.net
Date: Thu Jul 15 2004 - 23:33:22 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
php-general Digest 16 Jul 2004 04:33:22 -0000 Issue 2879
Topics (messages 190603 through 190673):
PHP upgrade... issues???
190603 by: Tristan.Pretty.risk.sungard.com
190604 by: John W. Holmes
190605 by: Jordi Canals
190610 by: Tristan.Pretty.risk.sungard.com
190637 by: Marek Kilimajer
date difference
190606 by: JOHN MEYER
190631 by: Torsten Roehr
ereg question/prob...
190607 by: bruce
190608 by: Tim Van Wassenhove
190618 by: Red Wingate
Re: [mysql]Problem with PHP5
190609 by: Ciprian Constantinescu
Problem with ImageJPEG and quality > 75
190611 by: Ewout
How to tell if the file is already locked with flock()???
190612 by: Scott Fletcher
190614 by: Jay Blanchard
190622 by: Red Wingate
190634 by: Scott Fletcher
190645 by: Marek Kilimajer
Storing text with carriage returns in MySQL
190613 by: Andrew Wood
190615 by: Vail, Warren
190616 by: Ron Stiemer
190617 by: Vail, Warren
190624 by: Andrew Wood
190626 by: Andrew Wood
190627 by: Matthew Sims
190628 by: Andrew Wood
190629 by: Vail, Warren
190630 by: Vail, Warren
190632 by: Brian Tully
190633 by: Jason Wong
190638 by: John W. Holmes
Re: PHP5 release HTTP Authentication not working on FreeBSD.
190619 by: Red Wingate
Re: Regular Expressions
190620 by: Red Wingate
190621 by: Red Wingate
190623 by: Tim Van Wassenhove
Re: File locking in PHP???
190625 by: Manuel Lemos
190639 by: Curt Zirzow
Got JavaScript error when using PHP's include()...
190635 by: Scott Fletcher
190640 by: Neal Owen
Re: Log all GET AND POST?
190636 by: Marek Kilimajer
problem with super global '$_REQUEST'
190641 by: Dennis Gearon
190644 by: Justin Patrin
190649 by: Dennis Gearon
190650 by: Dennis Gearon
190651 by: Justin Patrin
190653 by: Justin Patrin
190665 by: John W. Holmes
190672 by: Dennis Gearon
Re: problem including images in safe_mode
190642 by: Jason Wong
Email Forms
190643 by: PHP User
190646 by: Manuel Lemos
190648 by: Jason Wong
Encrypting passwords from page to page -mcrypt question
190647 by: Scott Taylor
190663 by: Jordi Canals
Offset error
190652 by: C.F. Scheidecker Antunes
190654 by: Justin Patrin
190667 by: John W. Holmes
image
190655 by: php
190658 by: Jason Wong
190659 by: php
190660 by: Vail, Warren
190661 by: Jason Wong
190662 by: php
model view and control with php
190656 by: asolomon15
190657 by: Justin Patrin
190673 by: Justin French
Embedded Email Directives
190664 by: Jordi Canals
Problems saving some email attachments
190666 by: C.F. Scheidecker Antunes
190670 by: raditha dissanayake
selecting a database to create a table with MySQL
190668 by: Rocky Singh
190669 by: John W. Holmes
PHP and MySQL Installation on Apache for Windows
190671 by: Sean Vasey
Administrivia:
To subscribe to the digest, e-mail:
php-general-digest-subscribelists.php.net
To unsubscribe from the digest, e-mail:
php-general-digest-unsubscribelists.php.net
To post to the list, e-mail:
php-generallists.php.net
----------------------------------------------------------------------
attached mail follows:
I've just got this mail from my host...
=============
Dear customer,
This email is sent to inform you that we'll upgrade the PHP version on
your
server to the latest stable version 4.3.8 within the next hour.
=============
Are there any issues that I need to panic about...?
I'm off to google now, but am just having a panic attack, and hope that I
can sit back knowing that my PHP pages will still work...
Cheers...
Tris...
*********************************************************************
The information contained in this e-mail message is intended only for
the personal and confidential use of the recipient(s) named above.
If the reader of this message is not the intended recipient or an agent
responsible for delivering it to the intended recipient, you are hereby
notified that you have received this document in error and that any
review, dissemination, distribution, or copying of this message is
strictly prohibited. If you have received this communication in error,
please notify us immediately by e-mail, and delete the original message.
***********************************************************************
attached mail follows:
Tristan.Prettyrisk.sungard.com wrote:
> I've just got this mail from my host...
> =============
> Dear customer,
>
> This email is sent to inform you that we'll upgrade the PHP version on
> your
> server to the latest stable version 4.3.8 within the next hour.
> =============
>
> Are there any issues that I need to panic about...?
> I'm off to google now, but am just having a panic attack, and hope that I
> can sit back knowing that my PHP pages will still work...
I wouldn't be too worried.
PHP 4.3.8 Changelog: http://us2.php.net/ChangeLog-4.php
--
---John Holmes...
Amazon Wishlist: www.amazon.com/o/registry/3BEXC84AB3A5E/
php|architect: The Magazine for PHP Professionals – www.phparch.com
attached mail follows:
Tristan.Prettyrisk.sungard.com wrote:
> This email is sent to inform you that we'll upgrade the PHP version on
> your
> server to the latest stable version 4.3.8 within the next hour.
> =============
>
> Are there any issues that I need to panic about...?
Don't worry about, I'm sure you will have any problem as it only fixes
some security bugs.
Mine is upgrading today alto to 4.3.8 (From 4.3.7), and before where
many, many upgrade versions.
My only problem is that I cannot test pages on my preview server, during
this time. My only worry is my pub being opened to have a beer with
friend ;)
Regards,
Jordi Canals
attached mail follows:
Phew!
However, While reading about php upgrades, I've got the impression that
version 5, will not support MySQL by default...
Does that mean that I'll have to ensure my hosts install an extra module,
or worse case senario, I'll have to re-write all my pages, to take new
code into effect...
I' know I'm sounding liek a worried mother hen, but I can't seem to find
confirmation on line?!?!
Ho hum, nearly Friday eh?
"John W. Holmes" <holmes072000charter.net>
15/07/2004 17:40
To
Tristan.Prettyrisk.sungard.com
cc
php-generallists.php.net
Subject
Re: [PHP] PHP upgrade... issues???
Tristan.Prettyrisk.sungard.com wrote:
> I've just got this mail from my host...
> =============
> Dear customer,
>
> This email is sent to inform you that we'll upgrade the PHP version on
> your
> server to the latest stable version 4.3.8 within the next hour.
> =============
>
> Are there any issues that I need to panic about...?
> I'm off to google now, but am just having a panic attack, and hope that
I
> can sit back knowing that my PHP pages will still work...
I wouldn't be too worried.
PHP 4.3.8 Changelog: http://us2.php.net/ChangeLog-4.php
--
---John Holmes...
Amazon Wishlist: www.amazon.com/o/registry/3BEXC84AB3A5E/
php|architect: The Magazine for PHP Professionals – www.phparch.com
*********************************************************************
The information contained in this e-mail message is intended only for
the personal and confidential use of the recipient(s) named above.
If the reader of this message is not the intended recipient or an agent
responsible for delivering it to the intended recipient, you are hereby
notified that you have received this document in error and that any
review, dissemination, distribution, or copying of this message is
strictly prohibited. If you have received this communication in error,
please notify us immediately by e-mail, and delete the original message.
***********************************************************************
attached mail follows:
Tristan.Prettyrisk.sungard.com wrote:
> Phew!
> However, While reading about php upgrades, I've got the impression that
> version 5, will not support MySQL by default...
> Does that mean that I'll have to ensure my hosts install an extra module,
> or worse case senario, I'll have to re-write all my pages, to take new
> code into effect...
> I' know I'm sounding liek a worried mother hen, but I can't seem to find
> confirmation on line?!?!
4.3.8 is not version 5.0.0. Mysql support stays the same, and I'm sure
your host will not dump mysql support even if it wasn't. 4.3.8 is merely
a bugfix version.
attached mail follows:
Hello,
Is there a function to determine the difference between two dates? I am
asking so I can do some date verification for COPA.
attached mail follows:
"John Meyer" <jmeyer2003msn.com> wrote in message
news:BAY11-F14k3wJ8orsYK000dd031hotmail.com...
> Hello,
> Is there a function to determine the difference between two dates? I am
> asking so I can do some date verification for COPA.
Convert your dates to timestamps which will be 10-digit integers (the time
since 1.1.1970 in seconds) you can then substract/add them like normal
numbers.
$date = '2004-07-15 01:00:00';
$date2 = '2004-07-15 02:00:00';
$timestamp = strtotime($date);
$timestamp2 = strtotime($date2);
echo $timestamp2 - $timestamp1; // will output 3600 (seconds)
Hope this helps. Regards,
Torsten Roehr
attached mail follows:
hi...
i have the following...
$file = "tttt.txt";
ereg("(\.)([a-z0-9]{3,5})$", $file, $regs);
echo " ww = ".$regs. "<br><br>";
i'm trying to figure out how to get the portion of the regex that's the
"extension" of the file. my understanding of the docs, says that the
"extension" should be in the $reg array....
any ideas/comments on where my mistake is would be appreciated...
thanks
-bruce
attached mail follows:
In article <008d01c46a91$e3d202d0$0301a8c0Mesa.com>, Bruce wrote:
> $file = "tttt.txt";
>
> ereg("(\.)([a-z0-9]{3,5})$", $file, $regs);
> echo " ww = ".$regs. "<br><br>";
>
>
> i'm trying to figure out how to get the portion of the regex that's the
> "extension" of the file. my understanding of the docs, says that the
> "extension" should be in the $reg array....
>
> any ideas/comments on where my mistake is would be appreciated...
Will it work with 123.123.txt ?
If you have a look at the file functions in the manual, you'll find much
better solutions like pathinfo();
--
Tim Van Wassenhove <http://home.mysth.be/~timvw>
attached mail follows:
$regs is an array not a string !
try print_r or var_dump to determine $regexp's content
Tim Van Wassenhove wrote:
> In article <008d01c46a91$e3d202d0$0301a8c0Mesa.com>, Bruce wrote:
>
>>$file = "tttt.txt";
>>
>>ereg("(\.)([a-z0-9]{3,5})$", $file, $regs);
>>echo " ww = ".$regs. "<br><br>";
>>
>>
>>i'm trying to figure out how to get the portion of the regex that's the
>>"extension" of the file. my understanding of the docs, says that the
>>"extension" should be in the $reg array....
>>
>>any ideas/comments on where my mistake is would be appreciated...
>
>
> Will it work with 123.123.txt ?
>
> If you have a look at the file functions in the manual, you'll find much
> better solutions like pathinfo();
>
>
attached mail follows:
I have included the extension. Now I get "Unable to load dynamic library
'C:\php\ext\php_mysql.dll' - The specified procedure could not be found"
I have in Windows\System32 the file libmysql.dll. I have also put it in the
php\ext directory without any result.
attached mail follows:
I have a problem with my image resize function
When i resize/save an image with 'ImageJPEG($DEST_IMAGE,$OUTPUT_FILE)'
everything works fine, but with 'ImageJPEG($DEST_IMAGE,$OUTPUT_FILE,100)' it
displays only the first half of the image, the bottom is blank
any suggestions on how to fix this ?
regards,
Ewout
attached mail follows:
Hi!
How do we tell if the file is already locked when someone use a flock()
on the file??
FletchSOD
attached mail follows:
[snip]
How do we tell if the file is already locked when someone use a
flock()
on the file??
[/snip]
If your flock attempt returns FALSE then it is likely locked already
attached mail follows:
http://de2.php.net/manual/en/function.is-writeable.php
Jay Blanchard wrote:
> [snip]
> How do we tell if the file is already locked when someone use a
> flock()
> on the file??
> [/snip]
>
> If your flock attempt returns FALSE then it is likely locked already
attached mail follows:
Um, I think I'll stick to file_exist instead and to unlock, I'll grab the IP
address in the text file and match it against the current browser of whoever
is using before deleting the file. That way, I'll know who is the guilty
party if the person doesn't finish whatever he/she is doing on the browser.
"Jay Blanchard" <jay.blanchardniicommunications.com> wrote in message
news:C8F323573C030A448F3E5A2B6FE2070B03522712nemesis...
[snip]
How do we tell if the file is already locked when someone use a
flock()
on the file??
[/snip]
If your flock attempt returns FALSE then it is likely locked already
attached mail follows:
Scott Fletcher wrote:
> Um, I think I'll stick to file_exist instead and to unlock, I'll grab the IP
> address in the text file and match it against the current browser of whoever
> is using before deleting the file. That way, I'll know who is the guilty
> party if the person doesn't finish whatever he/she is doing on the browser.
>
IP address is not reliable identification. And you cannot use flock()
either as the lock lasts only while the php script is executed. You
should use some uniq string associated with the browser, either cookie
or session id.
attached mail follows:
I'm trying to use PHP to read text from an HTML textarea form field and
store in in MySQL using the longtext data type but it's cutting off
everything after the first carriage return. I suspect I need to
iterate through the text looking for CRs then do something? But I
don't know what.
Can anyone offer any pointers?
Thanks
attached mail follows:
http://www.php.net/manual/en/function.addslashes.php
Warren Vail
-----Original Message-----
From: Andrew Wood [mailto:ajwoodiee.org]
Sent: Thursday, July 15, 2004 12:19 PM
To: php-gen
Subject: [PHP] Storing text with carriage returns in MySQL
I'm trying to use PHP to read text from an HTML textarea form field and
store in in MySQL using the longtext data type but it's cutting off
everything after the first carriage return. I suspect I need to iterate
through the text looking for CRs then do something? But I don't know what.
Can anyone offer any pointers?
Thanks
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
attached mail follows:
Hi Andrew,
I'm also saving html input from textarea fields into my msql DB...but try to
use the filed type TEXT instead of LONGTEXT that it should work fine.
Greetings,
Ron
-----Ursprüngliche Nachricht-----
Von: Andrew Wood [mailto:ajwoodiee.org]
Gesendet: Donnerstag, 15. Juli 2004 21:19
An: php-gen
Betreff: [PHP] Storing text with carriage returns in MySQL
I'm trying to use PHP to read text from an HTML textarea form field and
store in in MySQL using the longtext data type but it's cutting off
everything after the first carriage return. I suspect I need to iterate
through the text looking for CRs then do something? But I don't know what.
Can anyone offer any pointers?
Thanks
--
PHP General Mailing List (http://www.php.net/) To unsubscribe, visit:
http://www.php.net/unsub.php
attached mail follows:
The major difference between TEXT and LONGTEXT data types is the size (65k
vs 4Meg).
The function addslashes() will resolve many user input problems where the
user;
Inputs a quoted value in the middle of his string.
Uses & and < and > in text.
Inputs other ASCII control characters like tab and bell (remember that one).
Just to name a few.
Usually MySQL will strip slashes when the column is retrieved, however care
should be taken when displaying the value on a form (inside another text
area should be no problem). Suppose a user codes the following
"<b>TEST</b>" to be stored in your database, you have to decide if you want
that displayed on a web page as bold text or exactly as input. If you want
it to appear exactly as the user typed it in, check out the
htmlspecialchars() function.
Hope this helps,
Warren Vail
-----Original Message-----
From: Ron Stiemer [mailto:ronstiemer.de]
Sent: Thursday, July 15, 2004 12:26 PM
To: 'php-gen'
Subject: AW: [PHP] Storing text with carriage returns in MySQL
Hi Andrew,
I'm also saving html input from textarea fields into my msql DB...but try to
use the filed type TEXT instead of LONGTEXT that it should work fine.
Greetings,
Ron
-----Ursprüngliche Nachricht-----
Von: Andrew Wood [mailto:ajwoodiee.org]
Gesendet: Donnerstag, 15. Juli 2004 21:19
An: php-gen
Betreff: [PHP] Storing text with carriage returns in MySQL
I'm trying to use PHP to read text from an HTML textarea form field and
store in in MySQL using the longtext data type but it's cutting off
everything after the first carriage return. I suspect I need to iterate
through the text looking for CRs then do something? But I don't know what.
Can anyone offer any pointers?
Thanks
--
PHP General Mailing List (http://www.php.net/) To unsubscribe, visit:
http://www.php.net/unsub.php
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
attached mail follows:
That only seems to work for quotation marks and apostrophes etc. Not
carriage returns? Unless I'm missing something.
On 15 Jul 2004, at 20:23, Vail, Warren wrote:
> http://www.php.net/manual/en/function.addslashes.php
>
> Warren Vail
>
attached mail follows:
Umm this is very weird - I've checked the database and the string is
only stored upto the first carriage return everything else appears to
be missing, BUT, when I display it in the webpage (using
stripslashes()) the entire original message is intact - but on a
single line!!! :S
On 15 Jul 2004, at 21:28, Vail, Warren wrote:
> Perhaps you have another problem.
>
> Do you have PHPMyAdmin access to the database? Could it be that your
> string
> is being stored OK, and the problem is on the retrieval end?
>
> Warren Vail
>
attached mail follows:
> Umm this is very weird - I've checked the database and the string is
> only stored upto the first carriage return everything else appears to
> be missing, BUT, when I display it in the webpage (using
> stripslashes()) the entire original message is intact - but on a
> single line!!! :S
Magic
>
>
> On 15 Jul 2004, at 21:28, Vail, Warren wrote:
>
>> Perhaps you have another problem.
>>
>> Do you have PHPMyAdmin access to the database? Could it be that your
>> string
>> is being stored OK, and the problem is on the retrieval end?
>>
>> Warren Vail
>>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
attached mail follows:
Sorry, its the crap software I'm using to view the DB!
phpMyadmin shows that yes, the text is all there with CRs.
so it IS something at the display end?
any ideas, cos I haven't aclue?
cheers
AW
On 15 Jul 2004, at 21:28, Vail, Warren wrote:
> Perhaps you have another problem.
>
> Do you have PHPMyAdmin access to the database? Could it be that your
> string
> is being stored OK, and the problem is on the retrieval end?
>
> Warren Vail
>
>
>
> -----Original Message-----
> From: Andrew Wood [mailto:ajwoodiee.org]
> Sent: Thursday, July 15, 2004 1:22 PM
> To: php-gen
> Subject: Re: [PHP] Storing text with carriage returns in MySQL
>
>
> That only seems to work for quotation marks and apostrophes etc. Not
> carriage returns? Unless I'm missing something.
>
>
> On 15 Jul 2004, at 20:23, Vail, Warren wrote:
>
>> http://www.php.net/manual/en/function.addslashes.php
>>
>> Warren Vail
>>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
attached mail follows:
Is your form method POST or GET, I know the browser will strip out returns,
etc for a GET? Grabbing at straws here.
Warren Vail
-----Original Message-----
From: Matthew Sims [mailto:mattkillermookie.org]
Sent: Thursday, July 15, 2004 1:44 PM
To: php-generallists.php.net
Subject: Re: [PHP] Storing text with carriage returns in MySQL
> Umm this is very weird - I've checked the database and the string is
> only stored upto the first carriage return everything else appears to
> be missing, BUT, when I display it in the webpage (using
> stripslashes()) the entire original message is intact - but on a
> single line!!! :S
Magic
>
>
> On 15 Jul 2004, at 21:28, Vail, Warren wrote:
>
>> Perhaps you have another problem.
>>
>> Do you have PHPMyAdmin access to the database? Could it be that your
>> string is being stored OK, and the problem is on the retrieval end?
>>
>> Warren Vail
>>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
attached mail follows:
Are you displaying it in a form control, like another TEXTAREA? Or are you
displaying say in a table cell?
I know that CR's are ignored by most normal html, unless coded between <pre>
and </pre>;
Warren Vail
-----Original Message-----
From: Andrew Wood [mailto:ajwoodiee.org]
Sent: Thursday, July 15, 2004 1:40 PM
To: php-gen
Subject: Re: [PHP] Storing text with carriage returns in MySQL
Sorry, its the crap software I'm using to view the DB!
phpMyadmin shows that yes, the text is all there with CRs.
so it IS something at the display end?
any ideas, cos I haven't aclue?
cheers
AW
On 15 Jul 2004, at 21:28, Vail, Warren wrote:
> Perhaps you have another problem.
>
> Do you have PHPMyAdmin access to the database? Could it be that your
> string
> is being stored OK, and the problem is on the retrieval end?
>
> Warren Vail
>
>
>
> -----Original Message-----
> From: Andrew Wood [mailto:ajwoodiee.org]
> Sent: Thursday, July 15, 2004 1:22 PM
> To: php-gen
> Subject: Re: [PHP] Storing text with carriage returns in MySQL
>
>
> That only seems to work for quotation marks and apostrophes etc. Not
> carriage returns? Unless I'm missing something.
>
>
> On 15 Jul 2004, at 20:23, Vail, Warren wrote:
>
>> http://www.php.net/manual/en/function.addslashes.php
>>
>> Warren Vail
>>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
attached mail follows:
Not sure if I understand the issue completely, but if it's a matter of
displaying the text from the database you could use the nl2br function.
http://us3.php.net/manual/en/function.nl2br.php
Hope that helps,
Brian
on 7/15/04 4:40 PM, Andrew Wood at ajwoodiee.org wrote:
> Sorry, its the crap software I'm using to view the DB!
>
> phpMyadmin shows that yes, the text is all there with CRs.
>
> so it IS something at the display end?
>
> any ideas, cos I haven't aclue?
>
> cheers
> AW
>
>
> On 15 Jul 2004, at 21:28, Vail, Warren wrote:
>
>> Perhaps you have another problem.
>>
>> Do you have PHPMyAdmin access to the database? Could it be that your
>> string
>> is being stored OK, and the problem is on the retrieval end?
>>
>> Warren Vail
>>
>>
>>
>> -----Original Message-----
>> From: Andrew Wood [mailto:ajwoodiee.org]
>> Sent: Thursday, July 15, 2004 1:22 PM
>> To: php-gen
>> Subject: Re: [PHP] Storing text with carriage returns in MySQL
>>
>>
>> That only seems to work for quotation marks and apostrophes etc. Not
>> carriage returns? Unless I'm missing something.
>>
>>
>> On 15 Jul 2004, at 20:23, Vail, Warren wrote:
>>
>>> http://www.php.net/manual/en/function.addslashes.php
>>>
>>> Warren Vail
>>>
>>
>> --
>> PHP General Mailing List (http://www.php.net/)
>> To unsubscribe, visit: http://www.php.net/unsub.php
>>
attached mail follows:
On Friday 16 July 2004 03:52, Vail, Warren wrote:
> The function addslashes() will resolve many user input problems where the
> user;
When using MySQL it is better to use the more specific:
mysql_real_escape_string()
> Usually MySQL will strip slashes when the column is retrieved
No. Slashes (those that were used to escape characters) are never stored in
the first place, and thus there are no slashes to strip upon retrieval.
--
Jason Wong -> Gremlins Associates -> www.gremlins.biz
Open Source Software Systems Integrators
* Web Design & Hosting * Internet & Intranet Applications Development *
------------------------------------------
Search the list archives before you post
http://marc.theaimsgroup.com/?l=php-general
------------------------------------------
/*
Half of being smart is knowing what you're dumb at.
*/
attached mail follows:
Vail, Warren wrote:
> The function addslashes() will resolve many user input problems where the
> user;
>
> Inputs a quoted value in the middle of his string.
> Uses & and < and > in text.
> Inputs other ASCII control characters like tab and bell (remember that one).
addslashes() does not escape & < > characters nor control characters
(other than NUL). It only affects single quotes, double quotes,
backslashes, and NUL bytes.
> Just to name a few.
>
> Usually MySQL will strip slashes when the column is retrieved,
Already mentioned, but there are no slashes to remove when reading data.
The slashes simply escape the string to get it into the database.
> however care
> should be taken when displaying the value on a form (inside another text
> area should be no problem).
It can be a problem if the text contains the string "</textarea>"
followed by whatever the user wants to inject onto your page.
--
---John Holmes...
Amazon Wishlist: www.amazon.com/o/registry/3BEXC84AB3A5E/
php|architect: The Magazine for PHP Professionals – www.phparch.com
attached mail follows:
known problem, will be fixed soon in 5.0.1 which should be released asap
William Bailey wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hi Guys,
>
> I've just upgraded from 5.0 rc3 to 5.0 release on freeBSD (using the
> ports) and now find that HTTP Authentication dosent work.
>
> Here is the test script that i am using:
>
> <?php
> ~ error_reporting(E_ALL);
> ~ ini_set('display_errors', true);
> ~ if (! (isset($_SERVER['PHP_AUTH_USER']) ||
> isset($_SERVER['PHP_AUTH_PW']) )) {
> ~ header('WWW-Authenticate: Basic realm="My Realm"');
> ~ header('HTTP/1.0 401 Unauthorized');
> ~ echo 'Text to send if user hits Cancel button';
> ~ exit;
> ~ } else {
> ~ echo "<p>Hello '{$_SERVER['PHP_AUTH_USER']}'.</p>";
> ~ echo "<p>You entered {$_SERVER['PHP_AUTH_PW']} as your password.</p>";
> ~ }
> ?>
>
> And here is the output that i get:
>
>
> Notice: Undefined index: PHP_AUTH_USER in test.php on line 10
>
> Hello ''.
>
> You entered pass as your password.
>
> As you can see PHP_AUTH_USER is on longer being set. Does anybody else
> have this issue or know of a fix?
>
> - --
> Regards,
> William Bailey.
> Pro-Net Internet Services Ltd.
> http://www.pro-net.co.uk/
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.2.1 (MingW32)
> Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
>
> iD8DBQFA9o3ZzSfrYDJMXmERAmZqAKCunk+xl2w+RRIKOvbDTQEWjXbGCgCgxXsw
> DknafWhfiwLTYrusTzHl0gE=
> =IMNL
> -----END PGP SIGNATURE-----
attached mail follows:
Yep, but to avoid his problem with empty Strings he should use
something like:
/Last Name: *(.*?)\n/
outerwise \s* will match the first newline and continue to the end
of the next line !
Tim Van Wassenhove wrote:
> In article <20040715144024.00007d80ariktab>, Arik Raffael Funke wrote:
>
>>implement following pattern "Last Name:\s*(.*)\n".
>
>
>>I get just 'Jason'. But what I currently get is:
>>Jason
>>Street: abc
>
>
> This is behaviour because (.*) is greedy.
> As you noticed, it matched "Jason \nStreet:abc"
>
> /Last Name:\s+(.*?)\n/
>
>
attached mail follows:
Oh guess it would be even better and faster to only use:
/Last Name:([^\n]*)/
and trim() the result :-)
-- red
Red Wingate wrote:
> Yep, but to avoid his problem with empty Strings he should use
> something like:
>
> /Last Name: *(.*?)\n/
>
> outerwise \s* will match the first newline and continue to the end
> of the next line !
>
> Tim Van Wassenhove wrote:
>
>> In article <20040715144024.00007d80ariktab>, Arik Raffael Funke wrote:
>>
>>> implement following pattern "Last Name:\s*(.*)\n".
>>
>>
>>
>>> I get just 'Jason'. But what I currently get is:
>>> Jason
>>> Street: abc
>>
>>
>>
>> This is behaviour because (.*) is greedy.
>> As you noticed, it matched "Jason \nStreet:abc"
>>
>> /Last Name:\s+(.*?)\n/
>>
>>
attached mail follows:
In article <20040715200423.94606.qmailpb1.pair.com>, Red Wingate wrote:
> Oh guess it would be even better and faster to only use:
>
> /Last Name:([^\n]*)/
In most environments is strpos and substr even faster ;)
--
Tim Van Wassenhove <http://home.mysth.be/~timvw>
attached mail follows:
Hello,
On 07/15/2004 12:28 PM, Scott Fletcher wrote:
> Hi! I saw the php function flock(), since I never used it before so I
> thought I would ask you folks a couple of questions.
>
> 1) Is this function good or is there a better function somewhere that I'm
> not aware of?
It depends on what you want to do. There are also semaphores at least
under Unix systems.
> 2) If the flock() activated the file lock then is it possible that I
> manually unlock the file? Like chmod or something through the Linux console
> for example.
Externally? Only when the file is close or the program that opened is ended.
> 3) good example of script just in case..
You may want to take a look at this arbitrary content caching class. It
uses file locks to prevent that multiple scripts attempt to access a
cache file when it is being updated.
http://www.phpclasses.org/filecache
--
Regards,
Manuel Lemos
PHP Classes - Free ready to use OOP components written in PHP
http://www.phpclasses.org/
PHP Reviews - Reviews of PHP books and other products
http://www.phpclasses.org/reviews/
Metastorage - Data object relational mapping layer generator
http://www.meta-language.net/metastorage.html
attached mail follows:
* Thus wrote Scott Fletcher:
> Nah! I'll settle for a simplier one... file_exists() by checking to see
> if the file exist then spit out the error message. Meaning the file is in
> use...
Don't use file_exists() for that, it will fail miserable with
racing conditions. a better more portable way would be to use
mkdir():
if (mkdir('mylockdir', 0755) ) {
// we've obtained a lock
// do stuff
// and unlock it
rmdir('mylockdir');
} else {
// unable to obtain lock
}
Curt
--
First, let me assure you that this is not one of those shady pyramid schemes
you've been hearing about. No, sir. Our model is the trapezoid!
attached mail follows:
When an include file contain plain JavaScript codes, with the echo command
before and after the include file. I get the javascript error saying
"undefined jsTest"... Anyone know why is that?
--snip--
echo "<table><tr><td></td></tr></table>";
echo "<script type='text/javascript'>";
include('test.inc');
echo " var jsTest = 0; ";
echo "</script>";
echo "<form><input type='button></form>";
--snip--
Let's say the script in the test.inc contain
--snip--
function test() {
if (jsTest != 0) {
//blah blah balh...
}
}
--snip--
Thanks,
FletchSOD
attached mail follows:
You defined jsTest after the include where it should be before.
On Thu, 2004-07-15 at 16:24, Scott Fletcher wrote:
> When an include file contain plain JavaScript codes, with the echo command
> before and after the include file. I get the javascript error saying
> "undefined jsTest"... Anyone know why is that?
>
> --snip--
> echo "<table><tr><td></td></tr></table>";
> echo "<script type='text/javascript'>";
> include('test.inc');
> echo " var jsTest = 0; ";
> echo "</script>";
> echo "<form><input type='button></form>";
> --snip--
>
> Let's say the script in the test.inc contain
>
> --snip--
> function test() {
> if (jsTest != 0) {
> //blah blah balh...
> }
> }
> --snip--
>
> Thanks,
> FletchSOD
--
Neal Owen | IT Programmer
Marketing Resources, Inc.
Main : 312.238.8923 x1218
Direct : 630.592.3118
nowenmrichi.com | http://www.mrichi.com
attached mail follows:
Robert Sossomon wrote:
> I was wondering if anyone knew of a way to log all GET and POST
> information being passed to a log file?
>
> Thanks,
> Robert
>
$get = serialize($_GET);
$post = serialize($_POST);
and store the variables somewhere, eg. database
attached mail follows:
I have a function in a class that unsets the superglobal $_REQUEST;
Well, it's supposed to, it doesn't do it. I'm on version 4.2.3 of PHP. This page:
http://us2.php.net/manual/en/language.variables.predefined.php#language.variables.superglobals
says that $_REQUEST is a super global as of version 4.1.0. Is there some bug I don't know about or am I doing something wrong?
Here's the code:
<?PHP
$_REQUEST["var1"]="\"><script>script stuff</script>";
$_REQUEST["var2"]="a_string_of_course";
$_REQUEST["arr1"]["elem1"]="<script>script stuff2</script>";
$_REQUEST["arr1"]["elem2"]="another_string_of_course";
if( !defined('TEST_UNSET') ){
define('TEST_UNSET', TRUE);
class abstract_environment{
var $_REQUEST;
function abstract_environment(){
$this->_REQUEST=$_REQUEST;
unset( $_REQUEST );
echo("unset was done");
$this->_clean_all_vars();
}
function _clean_all_vars(){
//ADD OTHER PROCESSING AS NEEDED
$this->_strip_tags_arr( $this->_REQUEST );
}
function _strip_tags_arr( &$arr_or_solo ){
if( isset($arr_or_solo) ){
if( !is_array($arr_or_solo) ){
$arr_or_solo= strip_tags($arr_or_solo);
} else {
reset ($arr_or_solo);
while (list($key, ) = each ($arr_or_solo)) {
if( isset($arr_or_solo[$key]) ){
if( is_array($arr_or_solo[$key]) ){
$this->_strip_tags_arr($arr_or_solo[$key]);
} else {
$arr_or_solo[$key] = strip_tags($arr_or_solo[$key]);
}
}
}
}
}
}
}
}
$abs_env=new abstract_environment;
echo "<pre>";
print_r($_REQUEST);
print_r( $abs_env );
echo "</pre>";
?>
attached mail follows:
You can't unset $_REQUEST. All it does is unset the reference to it in
the current context. It still exists elsewhere. If you *really* want
to get rid of $_REQUEST, you should do it this way:
unset($GLOBALS['_REQUEST']);
But I would advise against that. Why exactly are you unsetting a superglobal?
On Thu, 15 Jul 2004 15:00:15 -0700, Dennis Gearon <gearondfireserve.net> wrote:
> I have a function in a class that unsets the superglobal $_REQUEST;
>
> Well, it's supposed to, it doesn't do it. I'm on version 4.2.3 of PHP. This page:
>
> http://us2.php.net/manual/en/language.variables.predefined.php#language.variables.superglobals
>
> says that $_REQUEST is a super global as of version 4.1.0. Is there some bug I don't know about or am I doing something wrong?
>
> Here's the code:
>
> <?PHP
> $_REQUEST["var1"]="\"><script>script stuff</script>";
> $_REQUEST["var2"]="a_string_of_course";
> $_REQUEST["arr1"]["elem1"]="<script>script stuff2</script>";
> $_REQUEST["arr1"]["elem2"]="another_string_of_course";
>
> if( !defined('TEST_UNSET') ){
> define('TEST_UNSET', TRUE);
>
> class abstract_environment{
> var $_REQUEST;
> function abstract_environment(){
> $this->_REQUEST=$_REQUEST;
> unset( $_REQUEST );
> echo("unset was done");
> $this->_clean_all_vars();
> }
> function _clean_all_vars(){
> //ADD OTHER PROCESSING AS NEEDED
> $this->_strip_tags_arr( $this->_REQUEST );
> }
> function _strip_tags_arr( &$arr_or_solo ){
> if( isset($arr_or_solo) ){
> if( !is_array($arr_or_solo) ){
> $arr_or_solo= strip_tags($arr_or_solo);
> } else {
> reset ($arr_or_solo);
> while (list($key, ) = each ($arr_or_solo)) {
> if( isset($arr_or_solo[$key]) ){
> if( is_array($arr_or_solo[$key]) ){
> $this->_strip_tags_arr($arr_or_solo[$key]);
> } else {
> $arr_or_solo[$key] = strip_tags($arr_or_solo[$key]);
> }
> }
> }
> }
> }
> }
>
> }
> }
> $abs_env=new abstract_environment;
> echo "<pre>";
> print_r($_REQUEST);
> print_r( $abs_env );
> echo "</pre>";
> ?>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
> !DSPAM:40f6fde76071105215333!
>
>
--
DB_DataObject_FormBuilder - The database at your fingertips
http://pear.php.net/package/DB_DataObject_FormBuilder
paperCrane --Justin Patrin--
attached mail follows:
OK, after lots of reading, I find out it's not possible to unset something that has been 'globalized' in a function, nor ANY global value. However, some online manual pages documented that it's possible to assign NULL to the value. Well that's NOT unset.
But,that got me to thinking. What about assigning an unset variable to the global? IT WORKS!
Change the line below:
unset( $_REQUEST );
*--to--*
$unset_variable;
$_REQUEST = $unset_variable;
VOILA! no more $_REQUEST super_global. Now, I need to see if it can still be assigned to as if it's a super global.
Dennis Gearon wrote:
> I have a function in a class that unsets the superglobal $_REQUEST;
>
> Well, it's supposed to, it doesn't do it. I'm on version 4.2.3 of PHP.
> This page:
>
> http://us2.php.net/manual/en/language.variables.predefined.php#language.variables.superglobals
>
>
> says that $_REQUEST is a super global as of version 4.1.0. Is there some
> bug I don't know about or am I doing something wrong?
>
> Here's the code:
>
> <?PHP
> $_REQUEST["var1"]="\"><script>script stuff</script>";
> $_REQUEST["var2"]="a_string_of_course";
> $_REQUEST["arr1"]["elem1"]="<script>script stuff2</script>";
> $_REQUEST["arr1"]["elem2"]="another_string_of_course";
>
> if( !defined('TEST_UNSET') ){
> define('TEST_UNSET', TRUE);
>
> class abstract_environment{
> var $_REQUEST;
> function abstract_environment(){
> $this->_REQUEST=$_REQUEST;
> unset( $_REQUEST );
> echo("unset was done");
> $this->_clean_all_vars();
> }
> function _clean_all_vars(){
> //ADD OTHER PROCESSING AS NEEDED
> $this->_strip_tags_arr( $this->_REQUEST );
> }
> function _strip_tags_arr( &$arr_or_solo ){
> if( isset($arr_or_solo) ){
> if( !is_array($arr_or_solo) ){
> $arr_or_solo= strip_tags($arr_or_solo);
> } else {
> reset ($arr_or_solo);
> while (list($key, ) = each ($arr_or_solo)) {
> if( isset($arr_or_solo[$key]) ){
> if( is_array($arr_or_solo[$key]) ){
> $this->_strip_tags_arr($arr_or_solo[$key]);
> } else {
> $arr_or_solo[$key] =
> strip_tags($arr_or_solo[$key]);
> }
> }
> }
> }
> }
> }
>
> }
> }
> $abs_env=new abstract_environment;
> echo "<pre>";
> print_r($_REQUEST);
> print_r( $abs_env );
> echo "</pre>";
> ?>
>
>
attached mail follows:
I found the answer, as my second post on this told.
Why unset the globals?
I plan on implementing filters on all User input to ALL scripts in the prepend file. And if someone wants to get a variable that was supplied by a user, they have to specifiy if it's going to be INT, STR(with options to remove run on spaces, validate email addr, remove carriage returns to prevent embedded email directives) 'NUM' type with formatting like in databases, and also, anti SQL injection escaping is possible. The programmer will HAVE to choose which filtering, but strip tags is automatic. I'm not going to have XSS holes or SQL injection on my site.
Justin Patrin wrote:
> You can't unset $_REQUEST. All it does is unset the reference to it in
> the current context. It still exists elsewhere. If you *really* want
> to get rid of $_REQUEST, you should do it this way:
>
> unset($GLOBALS['_REQUEST']);
>
> But I would advise against that. Why exactly are you unsetting a superglobal?
>
> On Thu, 15 Jul 2004 15:00:15 -0700, Dennis Gearon <gearondfireserve.net> wrote:
>
>>I have a function in a class that unsets the superglobal $_REQUEST;
>>
>>Well, it's supposed to, it doesn't do it. I'm on version 4.2.3 of PHP. This page:
>>
>> http://us2.php.net/manual/en/language.variables.predefined.php#language.variables.superglobals
>>
>>says that $_REQUEST is a super global as of version 4.1.0. Is there some bug I don't know about or am I doing something wrong?
>>
>>Here's the code:
>>
>><?PHP
>>$_REQUEST["var1"]="\"><script>script stuff</script>";
>>$_REQUEST["var2"]="a_string_of_course";
>>$_REQUEST["arr1"]["elem1"]="<script>script stuff2</script>";
>>$_REQUEST["arr1"]["elem2"]="another_string_of_course";
>>
>>if( !defined('TEST_UNSET') ){
>> define('TEST_UNSET', TRUE);
>>
>> class abstract_environment{
>> var $_REQUEST;
>> function abstract_environment(){
>> $this->_REQUEST=$_REQUEST;
>> unset( $_REQUEST );
>> echo("unset was done");
>> $this->_clean_all_vars();
>> }
>> function _clean_all_vars(){
>> //ADD OTHER PROCESSING AS NEEDED
>> $this->_strip_tags_arr( $this->_REQUEST );
>> }
>> function _strip_tags_arr( &$arr_or_solo ){
>> if( isset($arr_or_solo) ){
>> if( !is_array($arr_or_solo) ){
>> $arr_or_solo= strip_tags($arr_or_solo);
>> } else {
>> reset ($arr_or_solo);
>> while (list($key, ) = each ($arr_or_solo)) {
>> if( isset($arr_or_solo[$key]) ){
>> if( is_array($arr_or_solo[$key]) ){
>> $this->_strip_tags_arr($arr_or_solo[$key]);
>> } else {
>> $arr_or_solo[$key] = strip_tags($arr_or_solo[$key]);
>> }
>> }
>> }
>> }
>> }
>> }
>>
>> }
>>}
>>$abs_env=new abstract_environment;
>>echo "<pre>";
>>print_r($_REQUEST);
>>print_r( $abs_env );
>>echo "</pre>";
>>?>
>>
>>--
>>PHP General Mailing List (http://www.php.net/)
>>To unsubscribe, visit: http://www.php.net/unsub.php
>>
>>!DSPAM:40f6fde76071105215333!
>>
>>
>
>
>
attached mail follows:
You *can* unset it, you just have to unset the place where it really
sits. When you have a global in a function, then unset it, you only
disconnect the variable. unset doesn't destroy a variable, it just
breaks the reference.
As I said in my earlier e-mail, using this *will* work (I tested it):
unset($GLOBALS['_REQUEST']);
$GLOBALS is itself a superglobal.....hmmm, wonder what would happen if
you unset($GLOBALS['GLOBALS'])....
On Thu, 15 Jul 2004 15:25:55 -0700, Dennis Gearon <gearondfireserve.net> wrote:
> OK, after lots of reading, I find out it's not possible to unset something that has been 'globalized' in a function, nor ANY global value. However, some online manual pages documented that it's possible to assign NULL to the value. Well that's NOT unset.
>
> But,that got me to thinking. What about assigning an unset variable to the global? IT WORKS!
>
> Change the line below:
>
> unset( $_REQUEST );
> *--to--*
> $unset_variable;
> $_REQUEST = $unset_variable;
>
> VOILA! no more $_REQUEST super_global. Now, I need to see if it can still be assigned to as if it's a super global.
>
>
>
> Dennis Gearon wrote:
>
> > I have a function in a class that unsets the superglobal $_REQUEST;
> >
> > Well, it's supposed to, it doesn't do it. I'm on version 4.2.3 of PHP.
> > This page:
> >
> > http://us2.php.net/manual/en/language.variables.predefined.php#language.variables.superglobals
> >
> >
> > says that $_REQUEST is a super global as of version 4.1.0. Is there some
> > bug I don't know about or am I doing something wrong?
> >
> > Here's the code:
> >
> > <?PHP
> > $_REQUEST["var1"]="\"><script>script stuff</script>";
> > $_REQUEST["var2"]="a_string_of_course";
> > $_REQUEST["arr1"]["elem1"]="<script>script stuff2</script>";
> > $_REQUEST["arr1"]["elem2"]="another_string_of_course";
> >
> > if( !defined('TEST_UNSET') ){
> > define('TEST_UNSET', TRUE);
> >
> > class abstract_environment{
> > var $_REQUEST;
> > function abstract_environment(){
> > $this->_REQUEST=$_REQUEST;
> > unset( $_REQUEST );
> > echo("unset was done");
> > $this->_clean_all_vars();
> > }
> > function _clean_all_vars(){
> > //ADD OTHER PROCESSING AS NEEDED
> > $this->_strip_tags_arr( $this->_REQUEST );
> > }
> > function _strip_tags_arr( &$arr_or_solo ){
> > if( isset($arr_or_solo) ){
> > if( !is_array($arr_or_solo) ){
> > $arr_or_solo= strip_tags($arr_or_solo);
> > } else {
> > reset ($arr_or_solo);
> > while (list($key, ) = each ($arr_or_solo)) {
> > if( isset($arr_or_solo[$key]) ){
> > if( is_array($arr_or_solo[$key]) ){
> > $this->_strip_tags_arr($arr_or_solo[$key]);
> > } else {
> > $arr_or_solo[$key] =
> > strip_tags($arr_or_solo[$key]);
> > }
> > }
> > }
> > }
> > }
> > }
> >
> > }
> > }
> > $abs_env=new abstract_environment;
> > echo "<pre>";
> > print_r($_REQUEST);
> > print_r( $abs_env );
> > echo "</pre>";
> > ?>
> >
> >
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
> !DSPAM:40f7048930729073420354!
>
>
--
DB_DataObject_FormBuilder - The database at your fingertips
http://pear.php.net/package/DB_DataObject_FormBuilder
paperCrane --Justin Patrin--
attached mail follows:
Ok....
Why not just set the values in $_REQUEST then?
AbstractEnvironment::stripTagsArr($_REQUEST);
Or something like this:
foreach($_REQUEST as $key => $val) {
$_REQUEST[$key] = stripTagsNStuff($key, $val);
}
On Thu, 15 Jul 2004 15:45:45 -0700, Dennis Gearon <gearondfireserve.net> wrote:
> I found the answer, as my second post on this told.
>
> Why unset the globals?
>
> I plan on implementing filters on all User input to ALL scripts in the prepend file. And if someone wants to get a variable that was supplied by a user, they have to specifiy if it's going to be INT, STR(with options to remove run on spaces, validate email addr, remove carriage returns to prevent embedded email directives) 'NUM' type with formatting like in databases, and also, anti SQL injection escaping is possible. The programmer will HAVE to choose which filtering, but strip tags is automatic. I'm not going to have XSS holes or SQL injection on my site.
>
>
>
>
> Justin Patrin wrote:
>
> > You can't unset $_REQUEST. All it does is unset the reference to it in
> > the current context. It still exists elsewhere. If you *really* want
> > to get rid of $_REQUEST, you should do it this way:
> >
> > unset($GLOBALS['_REQUEST']);
> >
> > But I would advise against that. Why exactly are you unsetting a superglobal?
> >
> > On Thu, 15 Jul 2004 15:00:15 -0700, Dennis Gearon <gearondfireserve.net> wrote:
> >
> >>I have a function in a class that unsets the superglobal $_REQUEST;
> >>
> >>Well, it's supposed to, it doesn't do it. I'm on version 4.2.3 of PHP. This page:
> >>
> >> http://us2.php.net/manual/en/language.variables.predefined.php#language.variables.superglobals
> >>
> >>says that $_REQUEST is a super global as of version 4.1.0. Is there some bug I don't know about or am I doing something wrong?
> >>
> >>Here's the code:
> >>
> >><?PHP
> >>$_REQUEST["var1"]="\"><script>script stuff</script>";
> >>$_REQUEST["var2"]="a_string_of_course";
> >>$_REQUEST["arr1"]["elem1"]="<script>script stuff2</script>";
> >>$_REQUEST["arr1"]["elem2"]="another_string_of_course";
> >>
> >>if( !defined('TEST_UNSET') ){
> >> define('TEST_UNSET', TRUE);
> >>
> >> class abstract_environment{
> >> var $_REQUEST;
> >> function abstract_environment(){
> >> $this->_REQUEST=$_REQUEST;
> >> unset( $_REQUEST );
> >> echo("unset was done");
> >> $this->_clean_all_vars();
> >> }
> >> function _clean_all_vars(){
> >> //ADD OTHER PROCESSING AS NEEDED
> >> $this->_strip_tags_arr( $this->_REQUEST );
> >> }
> >> function _strip_tags_arr( &$arr_or_solo ){
> >> if( isset($arr_or_solo) ){
> >> if( !is_array($arr_or_solo) ){
> >> $arr_or_solo= strip_tags($arr_or_solo);
> >> } else {
> >> reset ($arr_or_solo);
> >> while (list($key, ) = each ($arr_or_solo)) {
> >> if( isset($arr_or_solo[$key]) ){
> >> if( is_array($arr_or_solo[$key]) ){
> >> $this->_strip_tags_arr($arr_or_solo[$key]);
> >> } else {
> >> $arr_or_solo[$key] = strip_tags($arr_or_solo[$key]);
> >> }
> >> }
> >> }
> >> }
> >> }
> >> }
> >>
> >> }
> >>}
> >>$abs_env=new abstract_environment;
> >>echo "<pre>";
> >>print_r($_REQUEST);
> >>print_r( $abs_env );
> >>echo "</pre>";
> >>?>
> >>
> >>--
> >>PHP General Mailing List (http://www.php.net/)
> >>To unsubscribe, visit: http://www.php.net/unsub.php
> >>
> >>
> >>
> >>
> >
> >
> >
>
--
DB_DataObject_FormBuilder - The database at your fingertips
http://pear.php.net/package/DB_DataObject_FormBuilder
paperCrane --Justin Patrin--
attached mail follows:
Dennis Gearon wrote:
> Why unset the globals?
>
> I plan on implementing filters on all User input to ALL scripts in the
> prepend file. And if someone wants to get a variable that was supplied
> by a user, they have to specifiy if it's going to be INT, STR(with
> options to remove run on spaces, validate email addr, remove carriage
> returns to prevent embedded email directives) 'NUM' type with formatting
> like in databases, and also, anti SQL injection escaping is possible.
> The programmer will HAVE to choose which filtering, but strip tags is
> automatic. I'm not going to have XSS holes or SQL injection on my site.
Why is strip_tags automatic? So you can filter out such evil code as
<grin> and <crap>, which strip_tags removes? Thinking about using
allowed_tags with strip_tags? Allow me only the use of the <b> tag and
I'll put XSS vulnerabilities all over your site.
How is this going to stop XSS? I tell you I need a string safe to input
into a database and you send me an escaped string that I insert into a
database and then display to the user. That can prevent a XSS hole
unless your users run htmlentities/htmlspecialchars() on the string.
I undestand your idea and what you're trying to do, but educating your
users is going to have a greater effect than trying to create this
catch-all-be-all script to protect yourself... that's not going to work.
--
---John Holmes...
Amazon Wishlist: www.amazon.com/o/registry/3BEXC84AB3A5E/
php|architect: The Magazine for PHP Professionals – www.phparch.com
attached mail follows:
I bet it would work, 'cause whenever $GLOBALS is 'print_r'd, Globals shows up and a 'recursion note' ends the execution of 'print_r'.
Justin Patrin wrote:
> You *can* unset it, you just have to unset the place where it really
> sits. When you have a global in a function, then unset it, you only
> disconnect the variable. unset doesn't destroy a variable, it just
> breaks the reference.
>
> As I said in my earlier e-mail, using this *will* work (I tested it):
>
> unset($GLOBALS['_REQUEST']);
>
> $GLOBALS is itself a superglobal.....hmmm, wonder what would happen if
> you unset($GLOBALS['GLOBALS'])....
>
attached mail follows:
On Thursday 15 July 2004 23:30, Frank Holtschke wrote:
> > Even if you could prevent an included file from being parsed, I can't see
> > how it would help you as you can't assign the contents to a variable. But
> > you say that you "sometimes have problems" which implies that sometimes
> > it works. Could you explain how it works?
>
> We just flush it on the display. the php-script is an image src like
> <img src="showImage.php">
That's interesting.
> The showImage.php does an include of the image which is located out of
> the DocumentRoot.
> The image is generated by a cron script. Mostly it works but sometimes
> we have the problem
> described above.
>
> > And anyway why are your images in safe_mode_include_dir in the first
> > place?
>
> Cause php-scripts (owned by different uids => therefore the
> safe_mode_include_dir ) of various virtual servers make use of the image.
Several suggestions:
1) If the various virtual servers have no need to perform file operations
anywhere else then you may get away with setting open_basedir appropriately.
2) Use the safe_mode_gid switch.
3) If cronjob is owned by root then have it create images for each of the
virtual servers and set permissions accordingly.
--
Jason Wong -> Gremlins Associates -> www.gremlins.biz
Open Source Software Systems Integrators
* Web Design & Hosting * Internet & Intranet Applications Development *
------------------------------------------
Search the list archives before you post
http://marc.theaimsgroup.com/?l=php-general
------------------------------------------
/*
"Why are we importing all these highbrow plays like `Amadeus'? I could
have told you Mozart was a jerk for nothing."
-- Ian Shoales
*/
attached mail follows:
Hi,
I am trying unsuccessfully to set up an email form and as far as I know my
code is fine, but it won't send. I suspect that it's because my server
requires authentication.
Running my script on my Windows machine I get the following.
Warning: mail() [function.mail <http://www.php.net/function.mail> ]: SMTP
server response: 550 not local host myhost.ca, not a gateway in...
On Linux I don't get a specific error message, the mail just never shows up.
I am in the right ballpark here with the authentication, and if so, how can
I get around this..?
Thanks
attached mail follows:
Hello,
On 07/15/2004 07:06 PM, Php User wrote:
> I am trying unsuccessfully to set up an email form and as far as I know my
> code is fine, but it won't send. I suspect that it's because my server
> requires authentication.
>
> Running my script on my Windows machine I get the following.
>
> Warning: mail() [function.mail <http://www.php.net/function.mail> ]: SMTP
> server response: 550 not local host myhost.ca, not a gateway in...
>
> On Linux I don't get a specific error message, the mail just never shows up.
>
> I am in the right ballpark here with the authentication, and if so, how can
> I get around this..?
That error means you need to authenticate to relay the message to the
SMTP server. In Linux that does not happen because it does not relay
messages to any SMTP server.
The mail() function does not support SMTP authentication. Alternatively
you may want to try this class that can connect to a SMTP server of
choice and authenticate if necessary. If you do not want to change your
PHP programs much, the class comes with a wrapper function named
smtp_mail() that works compatibly with the mail() function but sends the
message via SMTP:
http://www.phpclasses.org/mimemessage
You also need this for the actual SMTP delivery:
http://www.phpclasses.org/smtpclass
--
Regards,
Manuel Lemos
PHP Classes - Free ready to use OOP components written in PHP
http://www.phpclasses.org/
PHP Reviews - Reviews of PHP books and other products
http://www.phpclasses.org/reviews/
Metastorage - Data object relational mapping layer generator
http://www.meta-language.net/metastorage.html
attached mail follows:
On Friday 16 July 2004 06:06, PHP User wrote:
> I am trying unsuccessfully to set up an email form and as far as I know my
> code is fine, but it won't send. I suspect that it's because my server
> requires authentication.
Well does it or does it not require SMTP AUTH? If it does then the standard
mail() function will not work - google or look on www.phpclasses.org for some
solutions.
--
Jason Wong -> Gremlins Associates -> www.gremlins.biz
Open Source Software Systems Integrators
* Web Design & Hosting * Internet & Intranet Applications Development *
------------------------------------------
Search the list archives before you post
http://marc.theaimsgroup.com/?l=php-general
------------------------------------------
/*
95. Wow!! Look at this.....
--Top 100 things you don't want the sysadmin to say
*/
attached mail follows:
I would like to go from page to page, submitting the password through a
GET query string. Of course I wouldn't want to do this unencrypted. So
is mcrypt the best option?
When submitting the data, would I also need to sumit the IV as well as
the encrypted data? Or am I completely off base with this one? Should
I also base64_encode() this data when passing it?
Scott Taylor
attached mail follows:
Scott Taylor wrote:
>
> I would like to go from page to page, submitting the password through a
> GET query string. Of course I wouldn't want to do this unencrypted. So
> is mcrypt the best option?
I think to submit the password on the query string is a really bad idea.
What will happend if a user decides to mail the URL to someone? Any
recipient of that message would have access to the password protected data.
In my opinion, passwords NEVER should be sent to the client computer in
any form (encrypted or not).
I will recomend to find a different way to authenticate the user on
every page wich does not require sending him the password.
Regards,
Jordi
attached mail follows:
Hello,
error: PHP Notice: Undefined offset: 1 in
/home/ant/test.app/teste3/getfiles.php on line 217
I have this Undefined offset error in PHP because I am trying to get a
value from this $att[$k]->parameters[1]->value that sometimes does not
exist with offset 1 as the parameters go up to 0 and not one.
Can anyone tell me how to test the offset 1 or more in the array
$att[$k]->parameters[1] so that I can avoid this error?
Thanks.
attached mail follows:
if(isset($att[$k]->parameters[1])) {
//use $att[$k]->parameters[1]->value
}
or, assuming indexes start at 0 and are sequential:
if(count($att[$k]->parameters) > 1) {
//use $att[$k]->parameters[1]->value
}
On Thu, 15 Jul 2004 17:08:16 -0600, C.F. Scheidecker Antunes
<nandoantunes.eti.br> wrote:
> Hello,
>
> error: PHP Notice: Undefined offset: 1 in
> /home/ant/test.app/teste3/getfiles.php on line 217
>
> I have this Undefined offset error in PHP because I am trying to get a
> value from this $att[$k]->parameters[1]->value that sometimes does not
> exist with offset 1 as the parameters go up to 0 and not one.
>
> Can anyone tell me how to test the offset 1 or more in the array
> $att[$k]->parameters[1] so that I can avoid this error?
>
> Thanks.
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
> !DSPAM:40f70d90273879057181623!
>
>
--
DB_DataObject_FormBuilder - The database at your fingertips
http://pear.php.net/package/DB_DataObject_FormBuilder
paperCrane --Justin Patrin--
attached mail follows:
C.F. Scheidecker Antunes wrote:
> Can anyone tell me how to test the offset 1 or more in the array
> $att[$k]->parameters[1] so that I can avoid this error?
if(isset($att[$k]->parameters[1]))
{ dosomething(); }
--
---John Holmes...
Amazon Wishlist: www.amazon.com/o/registry/3BEXC84AB3A5E/
php|architect: The Magazine for PHP Professionals – www.phparch.com
attached mail follows:
how do you catch an image request and instead of the image display php?
attached mail follows:
On Friday 16 July 2004 08:06, php wrote:
> how do you catch an image request and instead of the image display php?
Please elaborate.
--
Jason Wong -> Gremlins Associates -> www.gremlins.biz
Open Source Software Systems Integrators
* Web Design & Hosting * Internet & Intranet Applications Development *
------------------------------------------
Search the list archives before you post
http://marc.theaimsgroup.com/?l=php-general
------------------------------------------
/*
Neil Armstrong tripped.
*/
attached mail follows:
like i call an image if the img tag but instead of loading the image it
loads a php script
"Jason Wong" <php-generalgremlins.biz> wrote in message
news:200407160819.57548.php-generalgremlins.biz...
> On Friday 16 July 2004 08:06, php wrote:
>
> > how do you catch an image request and instead of the image display php?
>
> Please elaborate.
>
> --
> Jason Wong -> Gremlins Associates -> www.gremlins.biz
> Open Source Software Systems Integrators
> * Web Design & Hosting * Internet & Intranet Applications Development *
> ------------------------------------------
> Search the list archives before you post
> http://marc.theaimsgroup.com/?l=php-general
> ------------------------------------------
> /*
> Neil Armstrong tripped.
> */
attached mail follows:
I would recommend you start here;
http://www.php.net/manual/en/ref.image.php
As I understand you are trying to understand the process where an image tag
in hmtl causes a browser to request an image be loaded, but because the
image statement looks something like the following;
<img src="path/to/my/phpscript.php">
It causes the browser to request the server to send the phpscript.php file,
and since the server knows that ".php" files are executable, the server then
executes your module. If your module begins by outputting the appropriate
mime headers that indicate the type of image the script will generate, it
then takes the remaining characters sent by the script as the actual image
itself.
Hope this is what you are looking for.
Warren Vail
-----Original Message-----
From: php [mailto:phpdbnewsaaron.aichlmayr.net]
Sent: Thursday, July 15, 2004 5:43 PM
To: php-generallists.php.net
Subject: Re: [PHP] image
like i call an image if the img tag but instead of loading the image it
loads a php script
"Jason Wong" <php-generalgremlins.biz> wrote in message
news:200407160819.57548.php-generalgremlins.biz...
> On Friday 16 July 2004 08:06, php wrote:
>
> > how do you catch an image request and instead of the image display
> > php?
>
> Please elaborate.
>
> --
> Jason Wong -> Gremlins Associates -> www.gremlins.biz
> Open Source Software Systems Integrators
> * Web Design & Hosting * Internet & Intranet Applications Development *
> ------------------------------------------
> Search the list archives before you post
> http://marc.theaimsgroup.com/?l=php-general
> ------------------------------------------
> /*
> Neil Armstrong tripped.
> */
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
attached mail follows:
On Friday 16 July 2004 08:43, php wrote:
Please do not top post.
> like i call an image if the img tag but instead of loading the image it
> loads a php script
<img src="my.php">
It's still not clear what your eventual goal is.
--
Jason Wong -> Gremlins Associates -> www.gremlins.biz
Open Source Software Systems Integrators
* Web Design & Hosting * Internet & Intranet Applications Development *
------------------------------------------
Search the list archives before you post
http://marc.theaimsgroup.com/?l=php-general
------------------------------------------
/*
Q: What's another name for the "Intel Inside" sticker they put on Pentiums?
A: Warning label.
*/
attached mail follows:
thanks
"Warren Vail" <Warren.Vailschwab.com> wrote in message
news:72138202E59CD6118E960002A52CD9D211FAAB6Cn1025smx.nt.schwab.com...
> I would recommend you start here;
>
> http://www.php.net/manual/en/ref.image.php
>
> As I understand you are trying to understand the process where an image
tag
> in hmtl causes a browser to request an image be loaded, but because the
> image statement looks something like the following;
>
> <img src="path/to/my/phpscript.php">
>
> It causes the browser to request the server to send the phpscript.php
file,
> and since the server knows that ".php" files are executable, the server
then
> executes your module. If your module begins by outputting the appropriate
> mime headers that indicate the type of image the script will generate, it
> then takes the remaining characters sent by the script as the actual image
> itself.
>
> Hope this is what you are looking for.
>
> Warren Vail
>
>
> -----Original Message-----
> From: php [mailto:phpdbnewsaaron.aichlmayr.net]
> Sent: Thursday, July 15, 2004 5:43 PM
> To: php-generallists.php.net
> Subject: Re: [PHP] image
>
>
> like i call an image if the img tag but instead of loading the image it
> loads a php script
>
> "Jason Wong" <php-generalgremlins.biz> wrote in message
> news:200407160819.57548.php-generalgremlins.biz...
> > On Friday 16 July 2004 08:06, php wrote:
> >
> > > how do you catch an image request and instead of the image display
> > > php?
> >
> > Please elaborate.
> >
> > --
> > Jason Wong -> Gremlins Associates -> www.gremlins.biz
> > Open Source Software Systems Integrators
> > * Web Design & Hosting * Internet & Intranet Applications Development *
> > ------------------------------------------
> > Search the list archives before you post
> > http://marc.theaimsgroup.com/?l=php-general
> > ------------------------------------------
> > /*
> > Neil Armstrong tripped.
> > */
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
attached mail follows:
I wanted to know has anyone implemented the model view and control (mvc)
with php?
attached mail follows:
Yep, just search the list for previous MVC discussions.
On Thu, 15 Jul 2004 20:09:07 -0400, asolomon15 <asolomon15nyc.rr.com> wrote:
> I wanted to know has anyone implemented the model view and control (mvc)
> with php?
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
> !DSPAM:40f71aa0168881708919695!
>
>
--
DB_DataObject_FormBuilder - The database at your fingertips
http://pear.php.net/package/DB_DataObject_FormBuilder
paperCrane --Justin Patrin--
attached mail follows:
On 16/07/2004, at 10:09 AM, asolomon15 wrote:
> I wanted to know has anyone implemented the model view and control
> (mvc) with php?
Searching Google for "PHP MVC" would have been a great start. and would
also show that you've done some research on the topic, instead of being
lazy :)
http://www.google.com.au/search?q=MVC+PHP&ie=UTF-8&