|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
php-general Digest 7 Dec 2005 15:34:06 -0000 Issue 3837
php-general-digest-help
lists.php.net
Date: Wed Dec 07 2005 - 09:34:06 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
php-general Digest 7 Dec 2005 15:34:06 -0000 Issue 3837
Topics (messages 227016 through 227056):
Re: What software do you use for writing PHP?
227016 by: Curt Zirzow
227021 by: Michael Hulse
227032 by: Arno Kuhl
227034 by: Ahmed Saad
227044 by: John Nichel
227051 by: Chris Boget
227054 by: Jim Moseby
227055 by: Murray . PlanetThoughtful
227056 by: Jay Blanchard
Re: what is better for performance?
227017 by: Oliver Grätz
Re: XmlWriter::writeDTD bug...
227018 by: Rob Richards
227039 by: Jared Williams
227040 by: Jared Williams
Re: references, circular references, oop, and garbage collection in PHP5
227019 by: Curt Zirzow
227020 by: Anas Mughal
Re: Debuggers on Windows Servers
227022 by: Amir Mohammad Saied
Re: Migration to PHP5
227023 by: Amir Mohammad Saied
PHP5 Soap extension and generate wsdl
227024 by: Dan Rossi
pear website?
227025 by: Eternity Records Webmaster
Why don't webhosts upgrade to PHP5 ?
227026 by: Pugi!
227029 by: Andy Pieters
227031 by: Jochem Maas
Security question
227027 by: Andy Pieters
227028 by: £ukasz Hejnak
227030 by: Andy Pieters
227035 by: Ahmed Saad
Re: Why do Sessions use Cookies?
227033 by: Ahmed Saad
Re: Simple Authentication Infrastructure
227036 by: Jochem Maas
Re: PHP Warning: imagettftext() expects parameter 2 to be double
227037 by: Jochem Maas
227038 by: James
how to lock multiple rows in oracle?
227041 by: Rasim ÞEN
227045 by: John Nichel
Re: Advanced search form
227042 by: Michelle Konzack
227049 by: Brent Baisley
Re: Assigns True but not false?
227043 by: Gabe
Anyone getting bounces from
227046 by: Jay Blanchard
227047 by: John Nichel
227048 by: Jason Gerfen
227050 by: Max Belushkin
227052 by: David Grant
227053 by: Angelo Zanetti
Administrivia:
To subscribe to the digest, e-mail:
php-general-digest-subscribelists.php.net
To unsubscribe from the digest, e-mail:
php-general-digest-unsubscribelists.php.net
To post to the list, e-mail:
php-generallists.php.net
----------------------------------------------------------------------
attached mail follows:
On Tue, Dec 06, 2005 at 06:43:49PM -0800, Michael Hulse wrote:
> On Dec 6, 2005, at 6:38 PM, Curt Zirzow wrote:
> >On Tue, Dec 06, 2005 at 06:36:33PM +0100, M. Sokolewicz wrote:
> >>Jason Petersen wrote:
> >>>On 12/6/05, Jeff McKeon <jmckeontelaurus.com> wrote:
>
> Shooooot... BBEdit[1] & Dreamweaver[2] on a Mac[3] baby!
>
> [1]http://www.barebones.com/products/bbedit/index.shtml
> [2]http://www.macromedia.com/software/dreamweaver/
> [3]http://www.apple.com/
remove #2 and i'd say you have a rather nice system.
Curt.
--
cat .signature: No such file or directory
attached mail follows:
On Dec 6, 2005, at 9:25 AM, Mark Steudel wrote:
> I primarily code in Dreamweaver 8. Two of my favorite features that
> were
> added from MX are as follows:
> 1. Code folding, basically you can collapse blocks of code. If you
> have to
> work with other peoples code, matching braces and code folding is an
> awesome
> way of just seeing the logical flow of the code, and hide all the
> details.
> DW 8 code folding is great because you can select any amount of code
> and
> collapse it. The bummer about dreamweaver is that it doesn't detect
> functions and add a collapse handle to it like Zend Studio, or have the
> default to automatically collapse functions when you open a page like
> Zend
> Studio.
Sah-weeeet! I have yet to upgrade. Waiting to get a new puter. :)
Code-folding sound fricken cool!
I am pretty stoked that they finally fixed the crappy built-in ftp.
But, can you set permissions?
I wonder if there is a plugin for DW8 that will detect functions? Me =
googling.
M
attached mail follows:
Nusphere PhpED and love it. Tried a few other editors but stayed with PhpED
now for the last year and about to renew my subscription. Excellent project
management, brilliant debugger (local and remote), code error detection and
highlighting, fast (much faster than the java editors), able to handle huge
projects, and very stable. Not as expensive as the Zend equivalent (last
time I checked) and in my opinion it's better. Good support from the forum
and quick responses from the support desk. I keep checking out the new
editors and new versions of old editors as they come out but nothing yet to
match PhpED. I develop on Windows but there's a Linux version too (which I
haven't tried). If you're looking for a professional PHP IDE you won't find
better. And BTW I don't work for Nusphere, I just really like their product.
Arno
________________________
DotContent
Professional Content Management Solutions
www.dotcontent.net
-----Original Message-----
[snip]
Forever now I've been using Frontpage for all my web work including php.
I'm sure there's better software out there that is more suited to
writing and editing PHP pages. What do you all use?
[/snip]
--
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.1.371 / Virus Database: 267.13.12/193 - Release Date: 2005/12/06
attached mail follows:
Hi Jeff,
On 12/6/05, Jeff McKeon <jmckeontelaurus.com> wrote:
> I'm sure there's better software out there that is more suited to
> writing and editing PHP pages. What do you all use?
Eclipse + TruFoundation (PHP/Python) + JSEclipse + CSSEditor + Web
Standard Tools (HTML/XML/...)
Well, first of all, these are open source and/or free (for commercial
use, so no Zend or NuSphere price tags)... TruPHP has auto-completion
(both user defined and builtin functions/classes); class insight;
debugging; instant syntax checking and error highlighting; code
folding among other features... In Eclipse, you can manage your code
through CVS, Subversion (using Subclipse), FTP, WebDav, ... or just
the little built-in "History" feature...
I use Eclipse also for Java (JDT) and C/C++ (CDT) development...
Eclipse has plugins for nearly anything you want...
As for editors, i use Kate, and VIM when i'm not running X...
Eclipse and Web Standard Tools: http://www.eclipse.org
TruFoundation: http://www.xored.com/trustudio
JSEclipse: http://www.interaktonline.com/Products/Eclipse/JSEclipse/Overview/
CSSEditor: http://csseditor.sourceforge.net/
Subclipse (SVN support): http://subclipse.tigris.org/
Clay (database modeling): http://www.azzurri.jp/en/software/clay/index.jsp
-ahmed
attached mail follows:
Curt Zirzow wrote:
> On Tue, Dec 06, 2005 at 06:36:33PM +0100, M. Sokolewicz wrote:
>
>>Jason Petersen wrote:
>>
>>>On 12/6/05, Jeff McKeon <jmckeontelaurus.com> wrote:
>>>
>>>
>>>>Hey all,
>>>>
>>>>Forever now I've been using Frontpage for all my web work including php.
>>>>I'm sure there's better software out there that is more suited to
>>>>writing and editing PHP pages. What do you all use?
>>>>
>>>
>>>
>>>Vim is my editor of preference. If I have to use Windows, I usually go
>>>with
>>>Homesite (because I already have a licensed copy) or Textpad (because it's
>>>better than Notepad).
>>>
>>>IDEs? Who needs 'em ;)
>>>
>>>Best,
>>>Jason
>>>
>>
>>same here :)
>>Vim on UNIX machines, and Textpad on Windows
>
>
> man you guys are wimps.. gvim on windows... :)
Pffffttttt....'Edit' in DOS. ;)
--
John C. Nichel IV
Programmer/System Admin (ÜberGeek)
Dot Com Holdings of Buffalo
716.856.9675
jnicheldotcomholdingsofbuffalo.com
attached mail follows:
> Pffffttttt....'Edit' in DOS. ;)
Absolutely!! It can't be beaten for undocumented features. :p
thnx,
Chris
attached mail follows:
>
> Curt Zirzow wrote:
> > On Tue, Dec 06, 2005 at 06:36:33PM +0100, M. Sokolewicz wrote:
> >
> >>Jason Petersen wrote:
> >>
> >>>On 12/6/05, Jeff McKeon <jmckeontelaurus.com> wrote:
> >>>
> >>>
> >>>>Hey all,
> >>>>
> >>>>Forever now I've been using Frontpage for all my web work
> including php.
> >>>>I'm sure there's better software out there that is more suited to
> >>>>writing and editing PHP pages. What do you all use?
> >>>>
> >>>
> >>>
> >>>Vim is my editor of preference. If I have to use Windows,
> I usually go
> >>>with
> >>>Homesite (because I already have a licensed copy) or
> Textpad (because it's
> >>>better than Notepad).
> >>>
> >>>IDEs? Who needs 'em ;)
> >>>
> >>>Best,
> >>>Jason
> >>>
> >>
> >>same here :)
> >>Vim on UNIX machines, and Textpad on Windows
> >
> >
> > man you guys are wimps.. gvim on windows... :)
>
> Pffffttttt....'Edit' in DOS. ;)
>
(Pfffft * 2) 'edlin' in DOS. :P
attached mail follows:
Jim Moseby wrote:
>>> man you guys are wimps.. gvim on windows... :)
>>>
>> Pffffttttt....'Edit' in DOS. ;)
>>
>>
>
> (Pfffft * 2) 'edlin' in DOS. :)
Infinitely recursive pfffffft.... A pencil and a piece of paper and
ringing people to describe the cool web site you've just drawn,
attached mail follows:
[snip]
>>> man you guys are wimps.. gvim on windows... :)
>>>
>> Pffffttttt....'Edit' in DOS. ;)
>>
>>
>
> (Pfffft * 2) 'edlin' in DOS. :)
Infinitely recursive pfffffft.... A pencil and a piece of paper and
ringing people to describe the cool web site you've just drawn,
[/snip]
Two words .... punch cards. 'Nuff said.
attached mail follows:
Karel Kozlik schrieb:
> Hi,
> I am just thinking about that what is better for storeing structured
> variables in point of view of performance.
>
> Is better store structured variables in associative array, for example:
>
> $person['first_name'] = 'Karel';
> $person['last_name'] = 'Kozlik';
> $person['address'] = 'somewhere on Earth';
>
> or in object like this:
>
> $person->first_name = 'Karel';
> $person->last_name = 'Kozlik';
> $person->address = 'somewhere on Earth';
>
> I feel that objects are better for performance, but work with
> associative arrays is pleasanter for me. May be the diference in
> performance measurable? (in heavy loaded environment)
First of all: You are already using something like eAccelerator? You
have optimized your database queries to take full advantage of the query
cache in your DBMS? You are using a userland cache to increase the
performance for seldomly changing content? If the question is "No" to
these or similar questions: Don't waste your time on thinking about
performance differences in the microsecond range! Unless your site
really has to take some hundred thousand page requests a day this is
just silly.
Now for the concept of array vs. attributes: I used to prefer the array
notation, too. But think about this: Arrays suggest some similarity
between the array elements, it suggest the elements are somewhat of the
same type. On the other side attributes are just that: Attributes of an
entity. So, it's more appropriate to use array notation for a
collections of persons but not for the attributes of a single person.
This started to change my mind about using array syntax here. Besides,
using -> saves you two keystrokes/bytes.
OK, that was for conceptual view. Now technical ;-)
The performance depends on the version of PHP you are using. For PHP4,
classes and objects are very much like arrays in disguise, it's only
with the Zend Engine 2 of PHP5 that this has changed. This engine has
greatly improved performance in PHP 5.1, so yeah, with PHP5.1 attributes
could be quicker than arrays BUT you shouldn't care ;-)
But remember: Always prefer concept to performance when designing
software. Performance considerations are welcome and important for the
large scale (as in "you shouldn't fetch all the rows in a table if you
display only ten of them => use LIMIT") but micro-profiling is
definitely something you should do when the system's up and running.
OLLi
attached mail follows:
Jared Williams wrote:
> Hi,
>
> $writer = new XmlWriter();
> ...
>
> $writer->writeDtd('html', '-//W3C//DTD XHTML 1.0 Strict//EN', 'http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd');
>
> produces no whitespace between the public & system ids like...
>
> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN""http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
>
> Has anyone got a workaround for this problem?
libxml bug. Add $writer->setIndent(TRUE); before the writeDTD call (can
revert it back right after if you dont want indenting). This will force
whitespace insertion between the two - not pretty but its a workaround.
Rob
attached mail follows:
> -----Original Message-----
> From: Rob Richards [mailto:rrichardsctindustries.net]
> Sent: 07 December 2005 04:21
> To: Jared.Williamsntlworld.com
> Cc: php-generallists.php.net
> Subject: Re: XmlWriter::writeDTD bug...
>
> Jared Williams wrote:
> > Hi,
> >
> > $writer = new XmlWriter();
> > ...
> >
> > $writer->writeDtd('html', '-//W3C//DTD XHTML 1.0 Strict//EN',
> > 'http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd');
> >
> > produces no whitespace between the public & system ids like...
> >
> > <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0
> > Strict//EN""http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
> >
> > Has anyone got a workaround for this problem?
>
> libxml bug. Add $writer->setIndent(TRUE); before the writeDTD
> call (can revert it back right after if you dont want
> indenting). This will force whitespace insertion between the
> two - not pretty but its a workaround.
>
> Rob
Ahh excellent. Cheers
Jared
attached mail follows:
> Jared Williams wrote:
> > Hi,
> >
> > $writer = new XmlWriter();
> > ...
> >
> > $writer->writeDtd('html', '-//W3C//DTD XHTML 1.0 Strict//EN',
> > 'http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd');
> >
> > produces no whitespace between the public & system ids like...
> >
> > <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0
> > Strict//EN""http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
> >
> > Has anyone got a workaround for this problem?
>
> libxml bug. Add $writer->setIndent(TRUE); before the writeDTD
> call (can revert it back right after if you dont want
> indenting). This will force whitespace insertion between the
> two - not pretty but its a workaround.
>
PS.
Yeah, thought it was libxml, hence didn't file a pecl bug report. But there does seem a problem with this method as can't
just have a publicId or a systemId, libxml function uses NULL as a parameter to specify which id you don't want to use. Which we've
lost with the PHP wrapper, as can only specify two strings.
And when pecl.php.net was reachable I'll report it.
Jared
attached mail follows:
On Tue, Dec 06, 2005 at 10:46:36PM -0500, Alan Pinstein wrote:
> >the key thing to remember in php5 is that the old &$var
> >declaration has no real meaning in objects. php5's objects exist
> >outside of the old oop reference. Consider:
>
> Hmmm... I am not sure I believe this.
>
> I understand how object refs work in PHP5. I understood how they
> worked in PHP4. Sadly I had to learn the hard way... coming from a C/C
> ++ background it was wierd, and not really useful, which is probably
> why the updated it so nicely in PHP5.
>
> If & was not intended to work on objects in PHP5, then it should fail
> at runtime. I doesn't, and in fact has specific and different
> behavior from assignment WITHOUT &.
My original statement was to show how the the php4 = &$o is
different. To simply the problem you have:
<?php
// sets object $o to instance of stcClass
$o = new stdClass;
// sets $c to point to the same instance as what $o is
// pointing to
$c = $o;
// we no longer need $o, but...
$o = null;
// the instance of stdClass no longer exists
var_dump($o); /* null */
var_dump($c); /* object(stdClass)#1 (0) { } */
// sets object $o to point to instance stdClass
$o = new stdClass;
// $b and $o are now referencing the variable that happens to
// reference an object
$b = &$o;
// object gets destroyed cause both $b and $o are the same vars
$o = null;
var_dump($o); /* null */
var_dump($b); /* null */
?>
In php5 variables are just containers that point to objects, so when you make
a variable a reference to another variable all you are doing is
saying these variables are the same thing.
php5's objects dont know any such thing as a reference, they just
know of instances of themselves. The variables ($o, $a, $b)
existance is just a container for the instance of the object. So in
the case when I do a:
$b = &$o;
All that is happening is the container is identical, so when I say:
$o = null;
Since $b is the same thing as $o , $b is set to null as well and
thus, there are now more variable (containers) that reference to
the instance of the object, thus the object will get destroyed,
but.. if i say we have two containers:
$o = new stcClass;
$b = $o;
Now the instance of that 'new StdClass' is contained in two vars,
when I set $o to null, $b still exists since it doesn't know about
$o whats so ever, and the instance of the stdClass still exists.
I guess it comes down to objects are treated the same way as you
would expect these results:
<?php
$i = 1; /* aka new object */
$k = $i;
$i = null;
var_dump($i); /* null */
var_dump($k); /* int(1) */
$i = 1; /* aka new object */
$j = &$i;
$i = null;
var_dump($i); /* null */
var_dump($j); /* null */
?>
> The sample code below shows that indeed, in practice, on 5.0.4, that
> & will create another reference (ie a weak reference) to an object
> WITHOUT incrementing the refcount....
I'm not sure how you mean a weak reference, and well a refcount is
rather meaning less in php userland.
Curt
--
cat .signature: No such file or directory
attached mail follows:
One example he presented is suited to pre-PHP5. With PHP5, a reference to
self could be kept inside the class as a static member. No need to use a
global variable.
Just wanted to bring this up for new comers to PHP references and global
variables.
Cheers.
On 12/6/05, Ray Hauge <ray.haugeamericanstudentloan.com> wrote:
>
> I am uncertain on this, but I believe that the $this variable is already
> just a reference to the class you are calling it from. Then passing the
> reference by-reference to the addParent() method of the Child class
> could be what is causing your issue. I'd be curious to see what would
> happen if you took out the pass-by-reference and instead pass-by-value
> for the addParent() method. Then again, that doesn't particularly sound
> correct either.
>
> This link might help. They cover a lot of advanced reference usage for
> PHP.
>
> http://www.onlamp.com/pub/a/php/2002/09/12/php_foundations.html
>
> Alan Pinstein wrote:
>
> > So.. I am having PHP5 memory management problems.
> >
> > They are similar to those described in this thread:
> >
> > http://aspn.activestate.com/ASPN/Mail/Message/php-Dev/1555640
> >
> > (so maybe this question belongs on php-dev but I figured I'd try here
> > first... seems like a userland question)
> >
> > Basically I have an object model to represent db objects, and I am
> > bulk-loading the objects via some PHP scripts. Sadly the scripts
> > consume unbounded memory because of this problem.
> >
> > I have done a lot of programming in C++ and Obj-C and the normal way
> > to handle circular references is to have parents "retain" (keep ref-
> > counted links) to their kids, and have the kids have "weak
> > references" (non-ref-counted) links to their parents. This way, when
> > the parent is no longer used, it will automatically 0-out the ref
> > counts to all children it links too and things GC correctly.
> >
> > Now, how to do this in PHP?
> >
> > Well, there are no "documented" weak references. However, I figured
> > out by trial that if you obtain a php-reference to an object, it
> > doesn't bump the refcount.
> >
> > Question #1: Is the fact that references to objects in the form
> > $objRef = &$obj don't bump the refcount of $obj an intended behavior
> > that can be counted on? If so, cool!
> >
> > So, now that we have a way to do weak references, we should be able
> > to implement a reasonable memory management scheme for parent-child
> > objects.
> >
> > Normally from the client side the interface should look something like:
> >
> > $parent = new Parent();
> > $child = new Child();
> > $parent->addChild($child);
> >
> > Where parent can have 0,n children and child can have 0,1 parent.
> >
> > And all of parent's internal links to child should be refcounted, and
> > the internal links from child to parent are weak (not ref-counted).
> >
> > So based on the above discovery about references, I tried to
> > implement this as such:
> >
> > class Parent
> > {
> > public $children = array();
> >
> > // add a child to our list. We want a ref-counted link here.
> > function addChild($child)
> > {
> > $this->children[] = $child; // refCounted desired in
> > parent->child link
> > $child->setParent($this);
> > }
> > }
> >
> > class Child
> > {
> > public $parent;
> >
> > // set the parent object. We want a non-ref-counted link here.
> > function setParent(&$parent)
> > {
> > // refCount NOT desired in child->parent link
> > $this->parent = &$parent;
> > }
> > }
> >
> > Now, you'd expect this would work, but it doesn't. On a hunch, I
> > changed the client code to:
> >
> > $parent = new Parent();
> > $child = new Child();
> > $parent->addChild($child);
> > $child->setParent($child); // new line here - you can
> > successfully create a reference to the object when not passed in as
> > $this
> >
> > Now, this works! However, it's not practical. The setParent call
> > should work from within the parent object....
> >
> > So what I figured out is that $this is a "pseudo variable" according
> > to the docs, but I don't know what that means. Empirically I have
> > figured out that it means you cannot create a reference to it.
> >
> > Is this a feature or a bug? What's the workaround?
> >
> > This is a serious problem for PHP scripts that need to do things that
> > require large amounts of memory.
> >
> > Please advise.
> >
> > Thanks,
> > Alan
> >
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
--
Anas Mughal
attached mail follows:
Mark Steudel wrote:
> Anyone out there running debuggers and profilers on your windows boxes? I'd
> like to start profiling some of my code and use some debuggers. Since we
> have dev sites on the same box with product sites, I wanted to make sure
> that before I ask our Sysadmin to install anything that they are stable and
> easy to install. Any suggetsions out there? Ones that I have run across,
> xdebug, DBG, Advanced PHP Debugger.
>
>
>
> Thanks, Mark
>
>
Hi,
It's possible to get the source-codes of that extensions and compile
them, but http://pecl4win.php.net/ is a good repository for DLL compiled
files for the extensions you want, like APD
attached mail follows:
Hi,
I think for someone like you that's a Java developer, php4 seems crap
when OO programming comes to mind.
If you are going to write products that should be hosted on vary
features (e.g one with php5, the other 4.4 and someother 4.3) I suggest
you to use 4.3 and take care about some notes, but if you know your
customers and like the OO advantages of php5, why not migrate?
attached mail follows:
Hi there, im just wondering if its possible to setup your web service
and let it generate a wsdl file for clients when u request the script
with a wsdl flag like with nusoap ? Im rather not having to code an
entire wsdl document for the web service if possible :\
attached mail follows:
does anybody know if the pear website is having any problems? i cant seem to
be able to go there and its the only website giving me problems right now...
attached mail follows:
My webhost doesn't want to upgrade to PHP5 because of security reasons and
some scripts that will mallfunction. I find it hard to believe. Current conf
of webhost is PHP 4.3.11, Apache 1.3.33 and MySQL 3.23.49.
What real reasons could there be not to upgrade ?
How could I convince them to upgrade to PHP5 ?
(Less important for me : but why not upgrade to Apache 2.x and at least
MySQL 4.x ?)
Enlighten me,
Pugi!
attached mail follows:
On Wednesday 07 December 2005 08:37, Pugi! wrote:
> My webhost doesn't want to upgrade to PHP5 because of security reasons and
> some scripts that will mallfunction. I find it hard to believe. Current
> conf of webhost is PHP 4.3.11, Apache 1.3.33 and MySQL 3.23.49.
> What real reasons could there be not to upgrade ?
> How could I convince them to upgrade to PHP5 ?
> (Less important for me : but why not upgrade to Apache 2.x and at least
> MySQL 4.x ?)
1. If it ain't broken, don't fix it.
2. PHP 4 has proven its worth. Now that PHP 5 came out, there will be tons of
bugs that aren't found yet.
3. PHP 5 *WILL* break some scripts, and most big suits like forums and shops
and stuff will need a serious amount of work to convert to php 5
Same applies for Apache and MySQL.
Consider this, NASA still uses 386 cpu's in their space equipment because they
are a lot more stable and mission secure then newer chipsets.
HTH
Andy
--
Now listening to Top! Radio Live www.topradio.be/stream on amaroK
Geek code: www.vlaamse-kern.com/geek
Registered Linux User No 379093
If life was for sale, what would be its price?
www.vlaamse-kern.com/sas/ for free php utilities
--
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
iD8DBQBDlqP26Hylol726jIRAuUxAJ9ZzBLzsj//b7egSuFVoa69/pQk6gCfXVDR
6FMXt5sOghNEYZJ3E2H//rI=
=kNae
-----END PGP SIGNATURE-----
attached mail follows:
Andy Pieters wrote:
> On Wednesday 07 December 2005 08:37, Pugi! wrote:
>
>>My webhost doesn't want to upgrade to PHP5 because of security reasons and
>>some scripts that will mallfunction. I find it hard to believe. Current
upgrade to php5 == "scripts that will mallfunction" == support calls == losing money.
thats how I see the ISPs view of upgrading to php5, regardless of
whether they are right for them it seems to be a simple matter of
economics and operational stability. you also have to consider the ammount of
work involved is purely performing the upgrade properly.
>>conf of webhost is PHP 4.3.11, Apache 1.3.33 and MySQL 3.23.49.
>>What real reasons could there be not to upgrade ?
>>How could I convince them to upgrade to PHP5 ?
>>(Less important for me : but why not upgrade to Apache 2.x and at least
>>MySQL 4.x ?)
>
>
> 1. If it ain't broken, don't fix it.
PHP4 _is_ broken in places. if it was perfect then there would be no need
for improvement.
> 2. PHP 4 has proven its worth. Now that PHP 5 came out, there will be tons of
> bugs that aren't found yet.
rather defeatist attitude, and a point that cannot be truely substantiated. besides
there is a point when it becomes too difficult to successfully enchance or add features
to something (move forward) and you have to start 'fresh'.
> 3. PHP 5 *WILL* break some scripts, and most big suits like forums and shops
> and stuff will need a serious amount of work to convert to php 5
and some scripts are broken. there is a lot of code out there that is technically
evil (potential segfaults etc) so this cuts boths ways.
besides most apps [forums etc] out there arn't hard at all to convert -
the problem for the developers of such apps is more likely to be about releasing
versions that run on both (which is more difficult) or maintaining 2 releases, which
eat into your time.
>
> Same applies for Apache and MySQL.
>
> Consider this, NASA still uses 386 cpu's in their space equipment because they
> are a lot more stable and mission secure then newer chipsets.
are you sure its not because they have invested so much time and energy into
the hardware, software and procedures surrounding the cpus. refitting a space
shuttle is not done on a whim like your changing the cpu in the box under
your desk... comparitive stability wirth newer models doesn't factor in at all
if you consider that every part on a space shuttle could be assumed to only be
authorized for use after it's absolute stability has been proven.
>
> HTH
>
> Andy
>
>
attached mail follows:
Hi list
I've got a concern for a user add/edit form.
Right now when the user is logged in, I put its id in the session.
Then when the user edits his details I put the id in the form and when it
comes back I verify if the id matches the one in the session.
Is it possible for someone who does not have access to the server to edit
arbitary accounts?
With kind regards
Andy
--
Now listening to Top! Radio Live www.topradio.be/stream on amaroK
Geek code: www.vlaamse-kern.com/geek
Registered Linux User No 379093
If life was for sale, what would be its price?
www.vlaamse-kern.com/sas/ for free php utilities
--
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
iD8DBQBDlqLr6Hylol726jIRAvfXAKCH2PqZsUv/9L6WmNcIAXoV8nfZ9QCgiK+5
n5uRX6hR5H6AhkagujbkInQ=
=bquZ
-----END PGP SIGNATURE-----
attached mail follows:
Andy Pieters napisa³(a):
> Is it possible for someone who does not have access to the server to edit
> arbitary accounts?
well this depends on the forum You use, there're many many exploits out
there.
The best way to know is to try and keep up with places like
the bugtraqsecurityfocus.com list, or other security websites/mailing
lists and such.
--
Best wishes
£ukasz
attached mail follows:
On Wednesday 07 December 2005 08:57, £ukasz Hejnak wrote:
> The best way to know is to try and keep up with places like
> the bugtraqsecurityfocus.com list, or other security websites/mailing
> lists and such.
>
It isn't a forum, it is software I write myself.
--
Now listening to Top! Radio Live www.topradio.be/stream on amaroK
Geek code: www.vlaamse-kern.com/geek
Registered Linux User No 379093
If life was for sale, what would be its price?
www.vlaamse-kern.com/sas/ for free php utilities
--
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
iD8DBQBDlqSr6Hylol726jIRAuk2AKCMQslYhsPWWxG/tIewK4t1cjLnYQCfWqCW
ZYQVK1hUoEVZdXvwzIjw1+k=
=1+tL
-----END PGP SIGNATURE-----
attached mail follows:
Hi Andy,
On 12/7/05, Andy Pieters <mailingsvlaamse-kern.com> wrote:
> Right now when the user is logged in, I put its id in the session.
> Then when the user edits his details I put the id in the form and when it
> comes back I verify if the id matches the one in the session.
Well, is session data saved in a "secure" place on the server side?
Read Form Processing and Sessions sections in the PHP Security Guide
http://phpsec.org/projects/guide/
Regards,
Ahmed
attached mail follows:
Hi Michael,
On 12/3/05, Michael B Allen <mba2000ioplex.com> wrote:
> Why do sessions use cookies?
'cause HTTP is a "stateless" protocol ... check
Wikiepedia on HTTP Cookies at http://en.wikipedia.org/wiki/HTTP_cookies
and RFC 2109 http://www.cse.ohio-state.edu/cgi-bin/rfc/rfc2109.html
such "statelessness" is the source of one of the major attack types in
Web applications: Session Hijacking... Chris has more to say here
http://shiflett.org/articles/security-corner-aug2004 (hello Chris :)
>Isn't a session just a container associated
> with the user's socket
No it's not, 'cause if so, the clien has to keep a socket open to the
server during the "whole" session... statelessness has design benefits
...
Regards,
Ahmed
attached mail follows:
Michael B Allen wrote:
> Hi,
>
> I scoping out an Internet site project and my primary consideration at
> the moment is authentication infrastructure. Conceptually I was thinking
> about something like the pseudocode at the bottom of this message
> (pardon all the Java-esc typing).
>
> Can PHP do this sort of thing? I'm wondering if there are some classes
> available to do this? I don't think I want to use WWW-Authenticate (at
> least I don't want to use the ugly password dialog) and I certainly don't
> want to authenticate via pam or something like that. I want "as simple
> as possible, but not simpler" type of thing. I have a strong aversion
> to bloatware.
>
> Or am I off track? I normally do pretty low level C type stuff so websites
conceptually? not as far as I can see.
practically speaking:
session and request are not objects in php (you could create userland wrapper
objects for them though), string concatenation is done with a '.',
variables are prefixed with '$', you don't have to declare variable types, etc.
> are new to me (ie. php).
>
> Thanks,
> Mike
>
> int
> handleRequest(Request req)
> {
> Ticket ticket, tmp;
>
> /* If the user already has a ticket associated with their session,
> * just pass through and handle the request
> */
> if ((ticket = req.session.getProperty("ticket")) == null) {
> SqlResults results;
>
> /* If the user has a ticket (embeeded in a cookie) then associate
> * it with their session and pass through and handle the request.
> */
> String cookie = req.getCookie("ticket");
> if (cookie) { /* try ticket from cookie */
> tmp = Ticket.decrypt("12345", cookie);
> results = Sql.exec( /* sql injection vulnerbility, wahoo! */
> "select ssnkey from accounts where emailaddr = " + tmp.emailaddr);
> if (results.size() == 1 && tmp.sshkey == results.getInteger(0)) {
> req.session.setProperty("ticket", tmp);
> ticket = tmp; /* Success! */
> }
> }
>
> if (ticket == null && req.session.isHttps) { /* try new login */
> String emailaddr = req.getParameter("emailaddr");
> String password = req.getParameter("password");
> if (emailaddr && password) {
> results = Sql.exec(
> "select status, password from accounts where emailaddr = " + emailaddr);
> if (results.size() != 1 ||
> results.getString(0) != "valid" ||
> password != results.getString(1)) {
> return sendError(req, ERROR_AUTH_FAILED);
> }
>
> tmp = new Ticket(emailaddr);
> Sql.exec("update accounts set ssnkey = " + tmp.ssnkey +
> " where emailaddr = " + tmp.emailaddr);
> req.setCookie("ticket", ticket.encrypt("12345"));
> req.session.setProperty("ticket", tmp);
> ticket = tmp; /* Success! */
> }
> }
> }
>
> /* null ticket means not logged in / anonymous
> */
> return handleAuthenticatedRequest(req, ticket);
> }
>
attached mail follows:
James wrote:
> Hi there,
>
> I have been using the GD functions from PHP5.0 on Mac OS X.
>
> I have a simple script that creates a PNG image with text on the image using
> fonts using FreeType 2.
>
> I am trying to use the imagettftext() function within a foreach loop but I
> get the following error:
>
> PHP Warning: imagettftext() expects parameter 2 to be double
what does paramter 2 contain in each case? var_dump(), print_r(), echo ?!?
>
> The code is as follows:
>
> $font['type']="./fonts/font.ttf²;
>
>
> $font['color']=imageColorAllocate($card['png'],$font['hexcolor']['r'],$font[
> 'hexcolor']['g'],$font['hexcolor']['b']);
>
> imageFill($card['png'],0,0,$card['color']);
>
> foreach ($xml->textblock as $text) {
> $fontsize=$text->fontsize; $fontangle=$text->fontangle;
> $fontxpos=$text->fontxpos; $fontypos=$text->fontypos;
> $text=$text->text;
try var_dump($text); or print_r($text); to see what you have
(if its an XML node object - dump $fontsize, $fontxpos instead!!!)
> imagettftext($image['png'],$fontsize,$fontangle,$fontxpos,$fontypos,$font['c
> olor'],$font['type'],$text); }
>
> It works fine if I add just one line outside of the loop but as soon as
> its within the loop it errors.
>
> Cheers,
>
> James
>
attached mail follows:
Hi,
Thank you for getting back to me, your the first.
The array works fine I have tested it using var_dump().
Attached are the two files xml.test this holds the array of the text
blocks which is being parsed by image.php.
Line 38 is the problem, if you comment around the foreach() statement and
un-comment the commented lines you should see it working fine, its when its
within the foreach statement when it errors.
Regards,
James
Jochem Maas Wrote:
> James wrote:
>> > Hi there,
>> >
>> > I have been using the GD functions from PHP5.0 on Mac OS X.
>> >
>> > I have a simple script that creates a PNG image with text on the image
>> using
>> > fonts using FreeType 2.
>> >
>> > I am trying to use the imagettftext() function within a foreach loop but
I
>> > get the following error:
>> >
>> > PHP Warning: imagettftext() expects parameter 2 to be double
>
> what does paramter 2 contain in each case? var_dump(), print_r(), echo ?!?
>
>> >
>> > The code is as follows:
>> >
>> > $font['type']="./fonts/font.ttf²;
>> >
>> >
>> >
>> $font['color']=imageColorAllocate($card['png'],$font['hexcolor']['r'],$font[
>> > 'hexcolor']['g'],$font['hexcolor']['b']);
>> >
>> > imageFill($card['png'],0,0,$card['color']);
>> >
>> > foreach ($xml->textblock as $text) {
>> > $fontsize=$text->fontsize; $fontangle=$text->fontangle;
>> > $fontxpos=$text->fontxpos; $fontypos=$text->fontypos;
>> > $text=$text->text;
>
> try var_dump($text); or print_r($text); to see what you have
> (if its an XML node object - dump $fontsize, $fontxpos instead!!!)
>
>> >
>> imagettftext($image['png'],$fontsize,$fontangle,$fontxpos,$fontypos,$font['c
>> > olor'],$font['type'],$text); }
>> >
>> > It works fine if I add just one line outside of the loop but as soon as
>> > its within the loop it errors.
>> >
>> > Cheers,
>> >
>> > James
>> >
attached mail follows:
Hi friends ,
my code like this
$sql="SELECT mid,substr(ROWID,0,100) as nROWID,MEMBER_ID, NAME, SURNAME,
E_MAIL, SUBJECT, MAIL_BODY, to_char(DATE_CREATED,'DD.MM.YYYY HH24:MI:SS') as
DATE_CREATED, RETRY, PRIORITY, E_MAIL_FROM, RECEIVER_MEMBER_ID,
RECEIVER_NAME, RECEIVER_SURNAME, MAIL_TYPE, ATTACHMENT1, ATTACHMENT2,
EMBEDDING1, EMBEDDING2 FROM MEMBERS_TO_MAIL_SEND_HTML where flag=0 and
rownum<2000";
putenv("NLS_LANG=TURKISH_TURKEY.WE8ISO8859P9");
$baglanti = ocilogon(USERNAME,PASSWORD,DATABASE);
$statement = ociparse ($baglanti, $sql);
ociexecute ($statement);
$i=0;
while (ocifetchinto ($statement,$row, OCI_ASSOC)) {
........
........
I want to lock this 2000 rows, for this I make query like below:
$sql=" .............. FROM MEMBERS_TO_MAIL_SEND_HTML where flag=0 and
rownum<2000 FOR UPDATE";
this time, it is updateting only one row.
I tried to use "LOCK TABLE table IN ROW SHARE MODE;LOCK TABLE table IN ROW
SHARE MODE;"; but I don't know how to use in php.
How can I lock all rows, any advice ?
Thanks a lot
rasim
attached mail follows:
Rasim ÞEN wrote:
> Hi friends ,
>
> my code like this
>
> $sql="SELECT mid,substr(ROWID,0,100) as nROWID,MEMBER_ID, NAME, SURNAME,
> E_MAIL, SUBJECT, MAIL_BODY, to_char(DATE_CREATED,'DD.MM.YYYY HH24:MI:SS') as
> DATE_CREATED, RETRY, PRIORITY, E_MAIL_FROM, RECEIVER_MEMBER_ID,
> RECEIVER_NAME, RECEIVER_SURNAME, MAIL_TYPE, ATTACHMENT1, ATTACHMENT2,
> EMBEDDING1, EMBEDDING2 FROM MEMBERS_TO_MAIL_SEND_HTML where flag=0 and
> rownum<2000";
>
> putenv("NLS_LANG=TURKISH_TURKEY.WE8ISO8859P9");
> $baglanti = ocilogon(USERNAME,PASSWORD,DATABASE);
>
> $statement = ociparse ($baglanti, $sql);
> ociexecute ($statement);
> $i=0;
>
>
> while (ocifetchinto ($statement,$row, OCI_ASSOC)) {
> ........
> ........
>
>
> I want to lock this 2000 rows, for this I make query like below:
>
> $sql=" .............. FROM MEMBERS_TO_MAIL_SEND_HTML where flag=0 and
> rownum<2000 FOR UPDATE";
>
> this time, it is updateting only one row.
>
> I tried to use "LOCK TABLE table IN ROW SHARE MODE;LOCK TABLE table IN ROW
> SHARE MODE;"; but I don't know how to use in php.
>
>
> How can I lock all rows, any advice ?
I'm not an Oracle expert, but I would _think_ you just execute the
query, like you would execute any other query in PHP.
--
John C. Nichel IV
Programmer/System Admin (ÜberGeek)
Dot Com Holdings of Buffalo
716.856.9675
jnicheldotcomholdingsofbuffalo.com
attached mail follows:
Hello PHP-Gurus,
I have already ask this on php-de and pgsql-pgp but unfortunatly
gotten no answer.
I have a search form and I like to add advanced search options like
"this is a search" -XXX Test
which mean,
1) "this is a search" must be in this order
2) -XXX Do not find XXX contents
3) Test AND
Does anyone has a PHP/PGSQL code sniplet?
Thanks
Michelle
--
Linux-User #280138 with the Linux Counter, http://counter.li.org/
##################### Debian GNU/Linux Consultant #####################
Michelle Konzack Apt. 917 ICQ #328449886
50, rue de Soultz MSM LinuxMichi
0033/3/88452356 67100 Strasbourg/France IRC #Debian (irc.icq.com)
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
----- End forwarded message -----
******************************************************************
* Do not Cc: me, because I am on THIS list, if I write here *
* Keine Cc: am mich, bin auf DIESER Liste wenn ich hier schreibe *
******************************************************************
Hello,
Greetings
Michelle
--
Linux-User #280138 with the Linux Counter, http://counter.li.org/
##################### Debian GNU/Linux Consultant #####################
Michelle Konzack Apt. 917 ICQ #328449886
50, rue de Soultz MSM LinuxMichi
0033/3/88452356 67100 Strasbourg/France IRC #Debian (irc.icq.com)
attached mail follows:
Here is some code that you can modify. It's design to convert a
search string into a MySQL full text search string, not sure how
different pgsql is. It adds * for word expansion where appropriate.
It assume a space is the delimiter, but that's easy to change in the
explode statement.
Example:
"this is a search" -XXX Test
becomes
+"this is a search" -XXX* +Test*
Conversion function:
function prepFullTextSearch($searchVal) {
//Split words into list
$word_List = explode(' ',stripslashes(trim($searchVal)));
//Step through word list to get search phrases
$i = 0;
$isPhrase = false;
foreach($word_List as $word) {
$searchItems[$i] = trim(($isPhrase?$searchItems[$i].' '.$word:
$word));
//Check for start of Phrase
if(substr($searchItems[$i],0,1) == '"') {
$isPhrase = true;
}
//If not building a phrase, append wildcard (*) to end of word
if(!$isPhrase) {
$searchItems[$i] .= '*';
$i++;
}
//Check for end of Phrase
if(substr($searchItems[$i],-1) == '"') {
$isPhrase = false;
$i++;
}
}
$searchVal = '+'.implode(' +',$searchItems);
$searchVal = str_replace('+-','-',$searchVal);
return $searchVal;
}
On Dec 7, 2005, at 8:18 AM, Michelle Konzack wrote:
> Hello PHP-Gurus,
>
> I have already ask this on php-de and pgsql-pgp but unfortunatly
> gotten no answer.
>
> I have a search form and I like to add advanced search options like
>
> "this is a search" -XXX Test
>
> which mean,
>
> 1) "this is a search" must be in this order
> 2) -XXX Do not find XXX contents
> 3) Test AND
>
> Does anyone has a PHP/PGSQL code sniplet?
>
> Thanks
> Michelle
>
> --
> Linux-User #280138 with the Linux Counter, http://counter.li.org/
> ##################### Debian GNU/Linux Consultant
> #####################
> Michelle Konzack Apt. 917 ICQ #328449886
> 50, rue de Soultz MSM LinuxMichi
> 0033/3/88452356 67100 Strasbourg/France IRC #Debian (irc.icq.com)
>
> --
> PHP Database Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
> ----- End forwarded message -----
> ******************************************************************
> * Do not Cc: me, because I am on THIS list, if I write here *
> * Keine Cc: am mich, bin auf DIESER Liste wenn ich hier schreibe *
> ******************************************************************
>
> Hello,
>
>
> Greetings
> Michelle
>
> --
> Linux-User #280138 with the Linux Counter, http://counter.li.org/
> ##################### Debian GNU/Linux Consultant
> #####################
> Michelle Konzack Apt. 917 ICQ #328449886
> 50, rue de Soultz MSM LinuxMichi
> 0033/3/88452356 67100 Strasbourg/France IRC #Debian (irc.icq.com)
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
--
Brent Baisley
Systems Architect
Landover Associates, Inc.
Search & Advisory Services for Advanced Technology Environments
p: 212.759.6400/800.759.0577
attached mail follows:
Thanks guys, very helpful!
Gabe wrote:
> In this if statement, if the condition is true, then it will assign true
> to the array (as I want it to). If the condition evaluates to false, it
> assigns nothing. Any idea why it won't assign false? If I switch the
> FALSE boolean value to the number 0, that will get assigned. Seems
> kinda strange...
>
> $this->m_arrQuesInfo[$this->m_itemID]['blnVacPromo'] = ( (
> !empty($_POST['vac_promo']) ) && ( $_POST['vac_promo'] == 'on' ) ) ?
> TRUE : FALSE;
attached mail follows:
MAILER-DAEMONmlm.mariotti.lan ?
I am getting failure notices out the wazoo for some very old messages to the
general list.
attached mail follows:
Jay Blanchard wrote:
> MAILER-DAEMONmlm.mariotti.lan ?
>
> I am getting failure notices out the wazoo for some very old messages to the
> general list.
>
I'm not. Told you Bill was going to get mad at you. ;)
--
John C. Nichel IV
Programmer/System Admin (ÜberGeek)
Dot Com Holdings of Buffalo
716.856.9675
jnicheldotcomholdingsofbuffalo.com
attached mail follows:
Yeah, I am recieving the same.
Jay Blanchard wrote:
>MAILER-DAEMONmlm.mariotti.lan ?
>
>I am getting failure notices out the wazoo for some very old messages to the
>general list.
>
>
>
--
Jason Gerfen
"Oh I have seen alot of what
the world can do, and its
breaking my heart in two..."
~ Wild World, Cat Stevens
attached mail follows:
John Nichel wrote:
> Jay Blanchard wrote:
>> MAILER-DAEMONmlm.mariotti.lan ?
>>
>> I am getting failure notices out the wazoo for some very old messages
>> to the
>> general list.
I am too.
attached mail follows:
Jay Blanchard wrote:
> MAILER-DAEMONmlm.mariotti.lan ?
>
> I am getting failure notices out the wazoo for some very old messages to the
> general list.
>
Just got seven in a row, looks like the MTA is trying for three weeks
and then giving up. The messages appear to be for:
jcfdebyahoo.it
Can this address be unsubscribed?
Cheers,
David
--
David Grant
http://www.grant.org.uk/
attached mail follows:
me 3
Jason Gerfen wrote:
> Yeah, I am recieving the same.
>
> Jay Blanchard wrote:
>
>> MAILER-DAEMONmlm.mariotti.lan ?
>>
>> I am getting failure notices out the wazoo for some very old messages
>> to the
>> general list.
>>
>>
>>
>
>
- text/plain attachment: image.php
- text/plain attachment: test.xml
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]