|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
php-general Digest 24 May 2006 01:53:51 -0000 Issue 4145
php-general-digest-help
lists.php.net
Date: Tue May 23 2006 - 20:53:51 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
php-general Digest 24 May 2006 01:53:51 -0000 Issue 4145
Topics (messages 236719 through 236794):
3DES w/ openssl_{csr,pkey}_new ?
236719 by: Brian A. Seklecki
Re: Can a script run twice?
236720 by: Jochem Maas
236723 by: Anthony Ettinger
236733 by: Lester Caine
236736 by: Robert Cummings
236742 by: Paul Novitski
236744 by: Robert Cummings
236747 by: Richard Lynch
236749 by: Paul Novitski
236751 by: Ray Hauge
236752 by: tedd
236753 by: Lester Caine
236755 by: Lester Caine
236756 by: Robert Cummings
236757 by: Richard Lynch
236760 by: Paul Novitski
236792 by: Robert Cummings
Re: One works, but the other doesn't
236721 by: Jochem Maas
236759 by: Richard Lynch
Re: Security Concerns with Uploaded Images:
236722 by: tedd
236762 by: Richard Lynch
236763 by: Richard Lynch
236778 by: tedd
Can php convert doc to HTML?
236724 by: Dotan Cohen
236725 by: Jay Blanchard
236726 by: tedd
236727 by: Dotan Cohen
236728 by: Dotan Cohen
236729 by: Koen Martens
236741 by: Martin Alterisio
236745 by: tedd
236754 by: Dotan Cohen
236768 by: Martin Alterisio
236772 by: Jochem Maas
236784 by: Martin Alterisio
Re: Generating thumbnails from tiff images
236730 by: Al
236766 by: Richard Lynch
getting subdirectory
236731 by: Dallas Cahker
236732 by: Brad Bonkoski
236734 by: Miles Thompson
236735 by: D. Dante Lorenso
236746 by: tedd
236750 by: Eric Butera
PHP & SNMP
236737 by: Pavleck, Jeremy D.
New PostgreSQL
236738 by: Martin Marques
236793 by: Chris
Re: storing single and double quote in MySQL
236739 by: Martin Marques
236740 by: Martin Marques
How to disable PHP's POST caching?
236743 by: Adam Zey
236758 by: Jochem Maas
236764 by: Adam Zey
236765 by: Adam Zey
236767 by: Richard Lynch
236769 by: Adam Zey
236770 by: Jochem Maas
236771 by: Adam Zey
236773 by: Jochem Maas
236774 by: Adam Zey
236775 by: Jay Blanchard
236777 by: Adam Zey
236782 by: Jay Blanchard
236785 by: Adam Zey
236789 by: Adam Zey
236794 by: Adam Zey
Re: Windows/Apache Shopping Cart Software
236748 by: Michael Crute
Re: date iteration
236761 by: Richard Lynch
Going through 2 arrays at once
236776 by: Pavleck, Jeremy D.
236779 by: Jochem Maas
236780 by: Adam Zey
236781 by: Adam Zey
236783 by: tedd
Formatting of a.m. and p.m.
236786 by: Kevin Murphy
236787 by: Adam Zey
how include works?
236788 by: Mindaugas L
236790 by: Adam Zey
236791 by: Adam Zey
Administrivia:
To subscribe to the digest, e-mail:
php-general-digest-subscribelists.php.net
To unsubscribe from the digest, e-mail:
php-general-digest-unsubscribelists.php.net
To post to the list, e-mail:
php-generallists.php.net
----------------------------------------------------------------------
attached mail follows:
Does anyone know how to specify the encryption cipher used in this
funciton as documented in OpenSSL's genrsa(1)?
Why isn't the encryption method a value in [array configargs] ?
-des|-des3|-idea
These options encrypt the private key with the DES, triple DES,
or
the IDEA ciphers respectively before outputting it. If none of
these options is specified no encryption is used.
Or is the encryption method a value that can be specified in
config=> and req_extensions=> ?
Right now generated private keys look like:
-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-EDE3-CBC,FA81C573DFD21B7D
Which is 3DES, but some systems support AES, IDEA, Blowfish, Twofish, It
depends on the OpenSSL config.
Idea?
TIA,
~BAS
attached mail follows:
Lester Caine wrote:
> Stut wrote:
>
>> Lester Caine wrote:
>>
>>> I'm having very occasional problems with my PHP5 applications which
>>> only seem to be explained if the script is run twice.
>>>
>>> Example - page has 'Add Ticket' button, which adds a record and marks
>>> it as being processed by the location that created it. 99.99% of the
>>> time no problems, but just now and again there are two records, with
>>> different primary keys - so the database bit worked - but with very
>>> close now times and identified as being at the same counter. The next
>>> page does not have the 'Add Ticket' button, so it would seem the
>>> first script was trigger twice?
>>>
>>> Am I simply going mad ( which is the logical choice ;) ), or is this
>>> something that can happen and needs to be handled?
>>
>>
>> This can happen if a page contains a reference to an empty URL. For
>> example, <img src="" /> would cause the page to be loaded twice in
>> some browsers. That'd be the first thing I'd check.
>>
>> Is the 'Add Ticket' button a GET or POST request? If it's a POST then
>> chances are the script itself has a logic error since the user would
>> get asked if they wanted to repost the data. If it's a get then you've
>> violated one of the cardinal rules of web-based application
>> development - GETs get, POSTs do.
>
>
> <a class="button" accesskey="A" href="ticketaddserve.php?enqno=0">Add
> Ticket</a>
if add ticket actually does an insert then it should be a form button - and use
POST. no arguments.
>
> Just change enqno= for a different queue.
>
> Found the simple answer - Double click - two records !
>
> And I'm with you on the problems with IE7 Chris - but in this case even
> Moz does the Double Click - two records :(
>
> So next problem - how do I stop it !
the answer is on the firebird list (you know the one ;-) obviously it assumes
you use a POST - but the same disabling trick could be performed on the link with
various bits of javascript.
>
attached mail follows:
> > Is the 'Add Ticket' button a GET or POST request? If it's a POST then
> > chances are the script itself has a logic error since the user would get
> > asked if they wanted to repost the data. If it's a get then you've
> > violated one of the cardinal rules of web-based application development
> > - GETs get, POSTs do.
>
> <a class="button" accesskey="A" href="ticketaddserve.php?enqno=0">Add
> Ticket</a>
>
> Just change enqno= for a different queue.
>
> Found the simple answer - Double click - two records !
>
Like the previous poster says, GET requests should not "put, they
should only "get". Use POST to write to the database.
--
Anthony Ettinger
Signature: http://chovy.dyndns.org/hcard.html
attached mail follows:
Lester Caine wrote:
> I'm having very occasional problems with my PHP5 applications which only
> seem to be explained if the script is run twice.
>
> Example - page has 'Add Ticket' button, which adds a record and marks it
> as being processed by the location that created it. 99.99% of the time
> no problems, but just now and again there are two records, with
> different primary keys - so the database bit worked - but with very
> close now times and identified as being at the same counter. The next
> page does not have the 'Add Ticket' button, so it would seem the first
> script was trigger twice?
>
> Am I simply going mad ( which is the logical choice ;) ), or is this
> something that can happen and needs to be handled?
OK this is getting interesting.
I could not believe that double clicking a link would run the link
twice. It just does not make any sense. So I've been round the browsers.
IE does NOT process the link twice how ever I try and since all the user
sites are IE they should be OK.
Moz, Firefox and Sea Monkey *DO* run the link twice, and any code
attached to that link.
I can't believe that this has not surfaced before. I should not need to
prevent duplicate actions, but it looks as that is required by the
Mozilla browsers :(
--
Lester Caine - G8HFL
-----------------------------
L.S.Caine Electronic Services - http://home.lsces.co.uk
Model Engineers Digital Workshop -
http://home.lsces.co.uk/ModelEngineersDigitalWorkshop/
Treasurer - Firebird Foundation Inc. - http://www.firebirdsql.org/index.php
attached mail follows:
On Tue, 2006-05-23 at 14:08, Lester Caine wrote:
>
> I can't believe that this has not surfaced before. I should not need to
> prevent duplicate actions, but it looks as that is required by the
> Mozilla browsers :(
Why not? Why is it the browser's responsibility? Are you suggesting that
when I click twice on a link that runs javascript on every link that it
should only work once? Do you think javascript enabled links should work
differently than standard links? Have you read the HTML spec for the
anchor tag? This is deeper than the presumption that it should work one
way and one way only. Personally I think IE does it wrong. Also I use
linux and I'm very very likely to use the middle mouse button to popup a
link into a new window, and I might do it twice. Or I might do it once,
close the window, then proceed through the link. Either way, all these
actions mimic a second click. You're server side code should be more
robust and never ever trust the user or the browser to do what you want
:) Also, just for giggles and farts, I might hold down ctrl+r on the
target page. Is that any different than two clicks?
Cheers,
Rob.
--
.------------------------------------------------------------.
| InterJinn Application Framework - http://www.interjinn.com |
:------------------------------------------------------------:
| An application and templating framework for PHP. Boasting |
| a powerful, scalable system for accessing system services |
| such as forms, properties, sessions, and caches. InterJinn |
| also provides an extremely flexible architecture for |
| creating re-usable components quickly and easily. |
`------------------------------------------------------------'
attached mail follows:
At 11:08 AM 5/23/2006, Lester Caine wrote:
>I could not believe that double clicking a link would run the link
>twice. It just does not make any sense. So I've been round the
>browsers. IE does NOT process the link twice how ever I try and
>since all the user sites are IE they should be OK.
>Moz, Firefox and Sea Monkey *DO* run the link twice, and any code
>attached to that link.
>I can't believe that this has not surfaced before. I should not need
>to prevent duplicate actions, but it looks as that is required by
>the Mozilla browsers :(
Just to clarify, there's a difference between "double-clicking" and
clicking more than once before the form completely submits.
Double-clicking is a GUI event, the two mouse clicks bound together
as a single event as defined by your mouse properties in your
computer's operating system.
It is certainly possible to single-click once to submit a form, then
single-click again to submit the same form a second time before the
first request has completed. This sends two submissions to the
server and is a common problem on pages that have left this door wide open.
Before I wandered off into the dense jungle of possible browser bugs,
I'd make absolutely sure my users can't submit the form more than once.
There is no way you can prevent your users from clicking more than
once unless you visit them and physically restrain them, a strategy
which would quickly exhaust your resources and soon curtail your
personal freedom. Instead, you have to assume that some of your
users WILL multiply click (whether deliberately or accidentally) and
plan for that contingency. Multiple submissions can happen for a
variety of reasons:
- maliciousness;
- accidentally clicking twice (happens to me when I've been working
too long: my mouse button finger sometimes just clicks of its own accord);
- getting impatient with a form submission that takes more than a few
seconds and either clicking again or reloading the form to try again.
A client-side solution is for Javascript to disable the submit button
onsubmit(), however this wouldn't prevent the user from reloading the
page and submitting a second time and wouldn't work at all if
scripting were disabled.
A server-side (and therefore more robust) solution is to accept only
one form submission from each user/session.
An additional strategy to make your system more robust is to use
three pages for your form submission:
1) the form itself, which submits to:
2) the script that processes input, which redirects to:
3) the page that displays the results (or is the next form in a sequence).
Even if the user reloads the results page (3) they won't be
resubmitting the form (1) or repeating the input processing (2).
Paul
attached mail follows:
On Tue, 2006-05-23 at 15:01, Paul Novitski wrote:
> At 11:08 AM 5/23/2006, Lester Caine wrote:
> >I could not believe that double clicking a link would run the link
> >twice. It just does not make any sense. So I've been round the
> >browsers. IE does NOT process the link twice how ever I try and
> >since all the user sites are IE they should be OK.
> >Moz, Firefox and Sea Monkey *DO* run the link twice, and any code
> >attached to that link.
> >I can't believe that this has not surfaced before. I should not need
> >to prevent duplicate actions, but it looks as that is required by
> >the Mozilla browsers :(
>
>
> Just to clarify, there's a difference between "double-clicking" and
> clicking more than once before the form completely submits.
>
> Double-clicking is a GUI event, the two mouse clicks bound together
> as a single event as defined by your mouse properties in your
> computer's operating system.
>
> It is certainly possible to single-click once to submit a form, then
> single-click again to submit the same form a second time before the
> first request has completed. This sends two submissions to the
> server and is a common problem on pages that have left this door wide open.
>
> Before I wandered off into the dense jungle of possible browser bugs,
> I'd make absolutely sure my users can't submit the form more than once.
>
> There is no way you can prevent your users from clicking more than
> once unless you visit them and physically restrain them, a strategy
> which would quickly exhaust your resources and soon curtail your
> personal freedom. Instead, you have to assume that some of your
> users WILL multiply click (whether deliberately or accidentally) and
> plan for that contingency. Multiple submissions can happen for a
> variety of reasons:
> - maliciousness;
> - accidentally clicking twice (happens to me when I've been working
> too long: my mouse button finger sometimes just clicks of its own accord);
> - getting impatient with a form submission that takes more than a few
> seconds and either clicking again or reloading the form to try again.
>
> A client-side solution is for Javascript to disable the submit button
> onsubmit(), however this wouldn't prevent the user from reloading the
> page and submitting a second time and wouldn't work at all if
> scripting were disabled.
>
> A server-side (and therefore more robust) solution is to accept only
> one form submission from each user/session.
>
> An additional strategy to make your system more robust is to use
> three pages for your form submission:
>
> 1) the form itself, which submits to:
> 2) the script that processes input, which redirects to:
> 3) the page that displays the results (or is the next form in a sequence).
>
> Even if the user reloads the results page (3) they won't be
> resubmitting the form (1) or repeating the input processing (2).
I think a 2 page scenario is simpler and more elegant:
1) the form itself, which submits to itself for validation
and re-presenation in case of validation errors
(including multiple submission of same form - such as
going back in browser). This also means if errors occur
then the form can be presented with previously
submitted data.
2) the final destination page(s) after the form has been
submitted with successful validation to which the user
is redirected (preventing reload submissions).
Cheers,
Rob.
--
.------------------------------------------------------------.
| InterJinn Application Framework - http://www.interjinn.com |
:------------------------------------------------------------:
| An application and templating framework for PHP. Boasting |
| a powerful, scalable system for accessing system services |
| such as forms, properties, sessions, and caches. InterJinn |
| also provides an extremely flexible architecture for |
| creating re-usable components quickly and easily. |
`------------------------------------------------------------'
attached mail follows:
You have users who "double-click" on their submit button.
Deal with it. :-)
Add a token to the form and mark it "used" in the database on first
submit.
On Tue, May 23, 2006 6:55 am, Lester Caine wrote:
> I'm having very occasional problems with my PHP5 applications which
> only
> seem to be explained if the script is run twice.
>
> Example - page has 'Add Ticket' button, which adds a record and marks
> it
> as being processed by the location that created it. 99.99% of the time
> no problems, but just now and again there are two records, with
> different primary keys - so the database bit worked - but with very
> close now times and identified as being at the same counter. The next
> page does not have the 'Add Ticket' button, so it would seem the first
> script was trigger twice?
>
> Am I simply going mad ( which is the logical choice ;) ), or is this
> something that can happen and needs to be handled?
>
> --
> Lester Caine - G8HFL
> -----------------------------
> L.S.Caine Electronic Services - http://home.lsces.co.uk
> Model Engineers Digital Workshop -
> http://home.lsces.co.uk/ModelEngineersDigitalWorkshop/
> Treasurer - Firebird Foundation Inc. -
> http://www.firebirdsql.org/index.php
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
--
Like Music?
http://l-i-e.com/artists.htm
attached mail follows:
>On Tue, 2006-05-23 at 15:01, Paul Novitski wrote:
> > An additional strategy to make your system more robust is to use
> > three pages for your form submission:
> >
> > 1) the form itself, which submits to:
> > 2) the script that processes input, which redirects to:
> > 3) the page that displays the results (or is the next form in a sequence).
> >
> > Even if the user reloads the results page (3) they won't be
> > resubmitting the form (1) or repeating the input processing (2).
At 01:02 PM 5/23/2006, Robert Cummings wrote:
>I think a 2 page scenario is simpler and more elegant:
>
> 1) the form itself, which submits to itself for validation
> and re-presenation in case of validation errors
> (including multiple submission of same form - such as
> going back in browser). This also means if errors occur
> then the form can be presented with previously
> submitted data.
>
> 2) the final destination page(s) after the form has been
> submitted with successful validation to which the user
> is redirected (preventing reload submissions).
Robert, you're absolutely right: there's no reason why my pages 1) &
2) can't be the same script posting to itself, and in fact the
two-page model you describe is what I most often use in
practice. Perhaps I should have written "step" instead of "page"...
To take your point further, the process would be even simpler & more
elegant if we stuck with a single script-page that displayed the
form, processed input, and displayed the results. If the server-side
script is doing its homework, even separating out the results page
isn't necessary since the form-processor has to be on guard against
multiple executions regardless of the cause. Reloading the script
when it's in "results" mode isn't a big deal because it's smart
enough not to process the same input twice.
There are occasionally some practical reasons for making the
separation. A few years back I wrote an action center engine that
drove letter-writing campaigns run from many different environmental
websites. We let each client site host the introduction and the
final thanks page, but the intervening 'action engine' that processed
input and generated email & faxes was resident on our domain. I'm
sure many users were never aware that they'd left the client site for
the duration of the processing.
Regards,
Paul
attached mail follows:
On Tuesday 23 May 2006 13:40, Richard Lynch wrote:
> You have users who "double-click" on their submit button.
>
> Deal with it. :-)
>
> Add a token to the form and mark it "used" in the database on first
> submit.
You could even go so far as to disable the form element with the onClick
event. Should work for anchor tags as well.
--
Ray Hauge
Programmer/Systems Administrator
American Student Loan Services
www.americanstudentloan.com
1.800.575.1099
attached mail follows:
At 4:02 PM -0400 5/23/06, Robert Cummings wrote:
>On Tue, 2006-05-23 at 15:01, Paul Novitski wrote:
>> At 11:08 AM 5/23/2006, Lester Caine wrote:
>> >I could not believe that double clicking a link would run the link
>> >twice. It just does not make any sense. So I've been round the
>> >browsers. IE does NOT process the link twice how ever I try and
>> >since all the user sites are IE they should be OK.
>> >Moz, Firefox and Sea Monkey *DO* run the link twice, and any code
>> >attached to that link.
>> >I can't believe that this has not surfaced before. I should not need
>> >to prevent duplicate actions, but it looks as that is required by
>> >the Mozilla browsers :(
>>
>>
>> Just to clarify, there's a difference between "double-clicking" and
>> clicking more than once before the form completely submits.
>>
>> Double-clicking is a GUI event, the two mouse clicks bound together
>> as a single event as defined by your mouse properties in your
>> computer's operating system.
>>
>> It is certainly possible to single-click once to submit a form, then
>> single-click again to submit the same form a second time before the
>> first request has completed. This sends two submissions to the
>> server and is a common problem on pages that have left this door wide open.
>>
>> Before I wandered off into the dense jungle of possible browser bugs,
>> I'd make absolutely sure my users can't submit the form more than once.
>>
>> There is no way you can prevent your users from clicking more than
>> once unless you visit them and physically restrain them, a strategy
>> which would quickly exhaust your resources and soon curtail your
>> personal freedom. Instead, you have to assume that some of your
>> users WILL multiply click (whether deliberately or accidentally) and
>> plan for that contingency. Multiple submissions can happen for a
>> variety of reasons:
>> - maliciousness;
>> - accidentally clicking twice (happens to me when I've been working
>> too long: my mouse button finger sometimes just clicks of its own accord);
>> - getting impatient with a form submission that takes more than a few
>> seconds and either clicking again or reloading the form to try again.
>>
>> A client-side solution is for Javascript to disable the submit button
>> onsubmit(), however this wouldn't prevent the user from reloading the
>> page and submitting a second time and wouldn't work at all if
>> scripting were disabled.
>>
>> A server-side (and therefore more robust) solution is to accept only
>> one form submission from each user/session.
>>
>> An additional strategy to make your system more robust is to use
>> three pages for your form submission:
>>
>> 1) the form itself, which submits to:
>> 2) the script that processes input, which redirects to:
>> 3) the page that displays the results (or is the next form in a sequence).
>>
>> Even if the user reloads the results page (3) they won't be
>> resubmitting the form (1) or repeating the input processing (2).
>
>I think a 2 page scenario is simpler and more elegant:
>
> 1) the form itself, which submits to itself for validation
> and re-presenation in case of validation errors
> (including multiple submission of same form - such as
> going back in browser). This also means if errors occur
> then the form can be presented with previously
> submitted data.
>
> 2) the final destination page(s) after the form has been
> submitted with successful validation to which the user
> is redirected (preventing reload submissions).
>
>Cheers,
>Rob.
>-
Considering that everyone is putting in their $0.02, here's my suggestion.
1. Keep the form and processing on one page. The number of pages is
not the problem -- double clicking is.
2. Start a session.
3. Initialize a variable that is incremented each time the page is
refreshed per session.
4. If the variable's value is larger than one, then do something
other than create and insert a duplicate record. Allow the user one
insert per session or whatever.
If you want a very simple example that deals with clicks, see this:
http://xn--ovg.com/session
No matter how many times you double click that link, it will not
increment more than once (at least that's been my experience). In
other words, you can't get it to jump more than one.
If you want code, then see this:
http://www.weberdev.com/get_example-4349.html
tedd
PS: For several reasons, don't rely on javascript to control what the
user is doing.
--
------------------------------------------------------------------------------------
http://sperling.com http://ancientstones.com http://earthstones.com
attached mail follows:
Paul Novitski wrote:
> An additional strategy to make your system more robust is to use three
> pages for your form submission:
>
> 1) the form itself, which submits to:
So I need separate forms for each function on the main page rather than
just a link to ...
> 2) the script that processes input, which redirects to:
Yep that is the one, and it does check if the user already has an
existing ticket, but it does not see the ticket created by the first
click of double click in Moz :(
*THAT* should prevent the second record !
> 3) the page that displays the results (or is the next form in a sequence).
This just sees the second record and not the first :(
> Even if the user reloads the results page (3) they won't be resubmitting
> the form (1) or repeating the input processing (2).
Exactly what should be happening. The bit I have to work out is why the
second page is not seeing the already loaded ticket! Which I think is
exactly where I started, the scripts seem to be processed in parallel
and so do not see the data committed by each the other instance.
However now that I know what is going on I can deal with it, but the
problem is much less in IE anyway :)
--
Lester Caine - G8HFL
-----------------------------
L.S.Caine Electronic Services - http://home.lsces.co.uk
Model Engineers Digital Workshop -
http://home.lsces.co.uk/ModelEngineersDigitalWorkshop/
Treasurer - Firebird Foundation Inc. - http://www.firebirdsql.org/index.php
attached mail follows:
Richard Lynch wrote:
> You have users who "double-click" on their submit button.
>
> Deal with it. :-)
>
> Add a token to the form and mark it "used" in the database on first
> submit.
As I have indicated - the code SHOULD have delt with it - that is part
of the problem :( I just had not anticipated a browser splitting double
click into two single clicks :)
But I'm now looking at other ways of flagging the 'second page' so that
it knows that it is already being handled. That way I will not need to
do so much work everywhere else in the code base. ;)
--
Lester Caine - G8HFL
-----------------------------
L.S.Caine Electronic Services - http://home.lsces.co.uk
Model Engineers Digital Workshop -
http://home.lsces.co.uk/ModelEngineersDigitalWorkshop/
Treasurer - Firebird Foundation Inc. - http://www.firebirdsql.org/index.php
attached mail follows:
On Tue, 2006-05-23 at 16:47, tedd wrote:
>
> Considering that everyone is putting in their $0.02, here's my suggestion.
>
> 1. Keep the form and processing on one page. The number of pages is
> not the problem -- double clicking is.
>
> 2. Start a session.
>
> 3. Initialize a variable that is incremented each time the page is
> refreshed per session.
>
> 4. If the variable's value is larger than one, then do something
> other than create and insert a duplicate record. Allow the user one
> insert per session or whatever.
I'd stay away form relying on the session unless your whole site relies
on the session. Your form should contain a hidden submission UID and
THAT should be used to determine if the form was submitted already. In
this way your form will still detect double submissions even when
sessions are disabled. Then the user needs to work quite hard to do a
double submission -- if you're using the POST method anyways :)
Cheers,
Rob.
--
.------------------------------------------------------------.
| InterJinn Application Framework - http://www.interjinn.com |
:------------------------------------------------------------:
| An application and templating framework for PHP. Boasting |
| a powerful, scalable system for accessing system services |
| such as forms, properties, sessions, and caches. InterJinn |
| also provides an extremely flexible architecture for |
| creating re-usable components quickly and easily. |
`------------------------------------------------------------'
attached mail follows:
On Tue, May 23, 2006 1:08 pm, Lester Caine wrote:
> IE does NOT process the link twice how ever I try and since all the
> user
> sites are IE they should be OK.
> Moz, Firefox and Sea Monkey *DO* run the link twice, and any code
> attached to that link.
> I can't believe that this has not surfaced before. I should not need
> to
> prevent duplicate actions, but it looks as that is required by the
> Mozilla browsers :(
I can't believe IE has so little faith in its users' that it blocks
double-click on a form button... Oh, wait. It's MS.
Look, just dump out a uniqid() when you send the form and log that ID.
Only accept *ONE* INSERT per ID.
Done.
--
Like Music?
http://l-i-e.com/artists.htm
attached mail follows:
At 01:50 PM 5/23/2006, Lester Caine wrote:
>>2) the script that processes input, which redirects to:
>
>Yep that is the one, and it does check if the user already has an
>existing ticket, but it does not see the ticket created by the first
>click of double click in Moz :(
>*THAT* should prevent the second record !
>
>>3) the page that displays the results (or is the next form in a sequence).
>
>This just sees the second record and not the first :(
>
>>Even if the user reloads the results page (3) they won't be
>>resubmitting the form (1) or repeating the input processing (2).
>
>Exactly what should be happening. The bit I have to work out is why
>the second page is not seeing the already loaded ticket! Which I
>think is exactly where I started, the scripts seem to be processed
>in parallel and so do not see the data committed by each the other instance.
I really don't see how this could be browser-dependent. (Unless you
have cookies or session cookies disabled in your Mozilla browser?)
I can see that, in theory, it might be possible to submit a form
twice in succession so quickly that the first query is still being
processed by PHP when the second query is initiated. It's hard to
imagine such a slow database or script, but perhaps all it would take
would be a slow internet connection.
However, if you flag form submission in the session cookie I don't
think it's practically possible to slip a duplicate by. Because both
form submissions would exist in the same session context, the server
would know that a tenth or hundredth of a second previously the same
session had submitted the same form, and could squelch it.
Paul
attached mail follows:
On Tue, 2006-05-23 at 17:26, Paul Novitski wrote:
> At 01:50 PM 5/23/2006, Lester Caine wrote:
> >>2) the script that processes input, which redirects to:
> >
> >Yep that is the one, and it does check if the user already has an
> >existing ticket, but it does not see the ticket created by the first
> >click of double click in Moz :(
> >*THAT* should prevent the second record !
> >
> >>3) the page that displays the results (or is the next form in a sequence).
> >
> >This just sees the second record and not the first :(
> >
> >>Even if the user reloads the results page (3) they won't be
> >>resubmitting the form (1) or repeating the input processing (2).
> >
> >Exactly what should be happening. The bit I have to work out is why
> >the second page is not seeing the already loaded ticket! Which I
> >think is exactly where I started, the scripts seem to be processed
> >in parallel and so do not see the data committed by each the other instance.
>
>
> I really don't see how this could be browser-dependent. (Unless you
> have cookies or session cookies disabled in your Mozilla browser?)
>
> I can see that, in theory, it might be possible to submit a form
> twice in succession so quickly that the first query is still being
> processed by PHP when the second query is initiated. It's hard to
> imagine such a slow database or script, but perhaps all it would take
> would be a slow internet connection.
>
> However, if you flag form submission in the session cookie I don't
> think it's practically possible to slip a duplicate by. Because both
> form submissions would exist in the same session context, the server
> would know that a tenth or hundredth of a second previously the same
> session had submitted the same form, and could squelch it.
These are called race conditions for a reason. They are racing against
all kinds of things. Network latency, filesystem, processor, etc etc.
Any one of these thigns can slow down one thread just long enough for a
newer thread to grab the session data before the older thread saves it.
Then the newer thread happily uses the stale session and voila duplicate
input. If you absolutely, definitely, for sure want to prevent this...
use some kind of locking mechanism. I'd suggest locking the table that
manages the form submission unique IDs until you've checked and, if
necessary, updated it. There's a reason pages load sequentially in
multiple frames when using PHP sessions... it's because PHP uses
locking. Are you using PHP native sessions or your own home cooked
system? Are sessions even activated? Did the user disabled sessions? Why
am I teaching you second year comp sci? :)
http://en.wikipedia.org/wiki/Race_condition
Cheers,
Rob.
--
.------------------------------------------------------------.
| InterJinn Application Framework - http://www.interjinn.com |
:------------------------------------------------------------:
| An application and templating framework for PHP. Boasting |
| a powerful, scalable system for accessing system services |
| such as forms, properties, sessions, and caches. InterJinn |
| also provides an extremely flexible architecture for |
| creating re-usable components quickly and easily. |
`------------------------------------------------------------'
attached mail follows:
some one is about to run out of karma.
Jonas Rosling wrote:
> -----Ursprungligt meddelande-----
> Från: Barry [mailto:barryflyerheaven.de]
> Skickat: den 23 maj 2006 14:24
> Till: php-generallists.php.net
> Ämne: Re: SV: [PHP] One works, but the other doesn't
>
>
>
>>-------------------------
>>Well, I'm kind of a newbie at this. So you think this will solve my
>
> problem?
> Why don't you test it?
>
> --
> Smileys rule (cX.x)C --o(^_^o)
> Dance for me! ^(^_^)o (o^_^)o o(^_^)^ o(^_^o)
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
> Okej, now I've tested it. I just changed the while part for the rows with
> the code I got from Chris. But just doing that doesn't make the same result
> as my code. Do I need to put in $my_data in the foreach part as well?
>
> // Jonas
>
attached mail follows:
On Tue, May 23, 2006 7:19 am, Jonas Rosling wrote:
> Well, I'm kind of a newbie at this. So you think this will solve my
> problem?
Yes, as we told you a week ago. :-)
--
Like Music?
http://l-i-e.com/artists.htm
attached mail follows:
At 9:45 AM +0100 5/23/06, Rory Browne wrote:
>>Use the unix command "file" to determiner what file you have.
>>I have had the same problem...
>
>
>Don't depend on it.
>
>graphic.php
>
>GIF89
><?php do_bad_stuff(); ?>
>ANY_GIF_FOOTERS_HERE
>
>should according to file be a gif, but contains embedded php.
Rory:
I'm not disagreeing with you, but how would that work? The file would
still have a suffix of ".gif" and as such wouldn't be recognized as
code to execute.
For example, I can place php code within a html document and it will
not run because the document has a ".html" suffix -- unless I
indicate such in my .htaccess.
So, how does placing <?php do_bad_stuff(); ?> within any image cause problems?
However, if the problem is real, then why not just resample or alter
the image in some fashion? Surely, that would cause any embedded code
to not run properly, right?
Thanks.
tedd
--
------------------------------------------------------------------------------------
http://sperling.com http://ancientstones.com http://earthstones.com
attached mail follows:
On Tue, May 23, 2006 3:45 am, Rory Browne wrote:
>> Use the unix command "file" to determiner what file you have.
>> I have had the same problem...
>
> Don't depend on it.
http://php.net/getimagesize
would be slightly better, as it tries to dig out width/height and
number of colors for any given format, plus other fun stuff for some
formats.
So they'd have to hack MORE of a file and make it look kosher enough
to fool that...
You STILL ought to put the images OUTSIDE the webtree and use PHP to
readfile them so they can never get executed by remote visitor, imho.
--
Like Music?
http://l-i-e.com/artists.htm
attached mail follows:
On Tue, May 23, 2006 9:52 am, tedd wrote:
> At 9:45 AM +0100 5/23/06, Rory Browne wrote:
> I'm not disagreeing with you, but how would that work? The file would
> still have a suffix of ".gif" and as such wouldn't be recognized as
> code to execute.
Unless you have ANOTHER bug somewhere in those million lines of PHP
code...
Which might maybe let you eval() that, or manage to include it or...
Why risk it?
Defense in depth.
It's not like a call to http://getimagesize is gonna kill you.
Even moving the image out of web tree and using readfile is fine for
all but the busiest servers.
[shrug]
I don't understand why people are so resistant to something so simple
that adds a layer of defense.
--
Like Music?
http://l-i-e.com/artists.htm
attached mail follows:
At 4:34 PM -0500 5/23/06, Richard Lynch wrote:
>On Tue, May 23, 2006 9:52 am, tedd wrote:
>> At 9:45 AM +0100 5/23/06, Rory Browne wrote:
>> I'm not disagreeing with you, but how would that work? The file would
>> still have a suffix of ".gif" and as such wouldn't be recognized as
>> code to execute.
>
>Unless you have ANOTHER bug somewhere in those million lines of PHP
>code...
>
>Which might maybe let you eval() that, or manage to include it or...
>
>Why risk it?
>
>Defense in depth.
>
>It's not like a call to http://getimagesize is gonna kill you.
>
>Even moving the image out of web tree and using readfile is fine for
>all but the busiest servers.
>
>[shrug]
>
>I don't understand why people are so resistant to something so simple
>that adds a layer of defense.
Again, I'm not disagreeing with anyone! Instead I'm simply trying to
understand how this might work.
Understanding a risk is one step closer to providing a proper
defense. Just placing an additional step is not necessary adding
another layer of defense and in fact goes against the "Simple is
Beautiful" security level that Chris Shifett addresses in his
Essential PHP security book.
As for using eval(), that function ranks number one on his "list to
pay the most attention to" with regard to security. I hope that no
programmer would use an evalu() on an uploaded image -- but, that
might be a way to make an image with embedded code do bad things.
However, the programmer would have to be an accomplice in the attack
by using eval() incorrectly.
In the past, I have used headers of jpg files to store information --
there's a lots of unused space there -- however, at some point, the
program that deals with the image has to switch from "this is an
image" to "this is an executable piece of code" for this to work. I'm
trying to understand how that would happen.
If this is something that is real, then I am also suggesting that
doing something with the "image" should screw-up any embedded code.
But, before providing a defense, one should understand the threat.
My $0.02.
tedd
--
------------------------------------------------------------------------------------
http://sperling.com http://ancientstones.com http://earthstones.com
attached mail follows:
This may be far-fetched, but can php convert a doc file to HTML? I
vaguely remember a thread that discussed converting pdf's, but I
cannot find reference to either that or to doc in the manual. Any
input would be appreciated.
If php cannot do this, then could someone recommend a tool that runs
on linux that can do the conversion in batch? I have ~200 files to
convert.
Thanks.
Dotan Cohen
http://what-is-what.com
623
attached mail follows:
[snip]
This may be far-fetched, but can php convert a doc file to HTML?
[/snip]
http://www.google.com/search?hl=en&q=php+convert+word+doc+to+html
attached mail follows:
At 7:09 PM +0300 5/23/06, Dotan Cohen wrote:
>This may be far-fetched, but can php convert a doc file to HTML? I
>vaguely remember a thread that discussed converting pdf's, but I
>cannot find reference to either that or to doc in the manual. Any
>input would be appreciated.
>
>If php cannot do this, then could someone recommend a tool that runs
>on linux that can do the conversion in batch? I have ~200 files to
>convert.
>
>Thanks.
>
>Dotan Cohen
Dotan:
What kind of documents and how to do want to present them?
PHP can generate html code and place any text file within in it --
it's simple a matter of arranging things the way you want it to look.
For example, you might want to review:
http://www.weberdev.com/get_example-1233.html
In fact, you can do that without php by using a shtml and includes.
But, more specifically, I need to know more about what documents you
have and you what you want to do with them.
tedd
--
------------------------------------------------------------------------------------
http://sperling.com http://ancientstones.com http://earthstones.com
attached mail follows:
On 5/23/06, Jay Blanchard <jblanchardpocket.com> wrote:
> [snip]
> This may be far-fetched, but can php convert a doc file to HTML?
> [/snip]
>
> http://www.google.com/search?hl=en&q=php+convert+word+doc+to+html
>
Thanks, Jay. I mostly found Windows software on google that would do
the job. So I decided to roll my own- but being the non-programmer
that I am I would have to do it in php. I was half expecting to find
that $html_code=doc_to_html($filename); would do it! Of course, that
would run with make_coffee(black) running in the background...
Dotan
attached mail follows:
On 5/23/06, tedd <teddsperling.com> wrote:
> At 7:09 PM +0300 5/23/06, Dotan Cohen wrote:
> >This may be far-fetched, but can php convert a doc file to HTML? I
> >vaguely remember a thread that discussed converting pdf's, but I
> >cannot find reference to either that or to doc in the manual. Any
> >input would be appreciated.
> >
> >If php cannot do this, then could someone recommend a tool that runs
> >on linux that can do the conversion in batch? I have ~200 files to
> >convert.
> >
> >Thanks.
> >
> >Dotan Cohen
>
> Dotan:
>
> What kind of documents and how to do want to present them?
>
> PHP can generate html code and place any text file within in it --
> it's simple a matter of arranging things the way you want it to look.
> For example, you might want to review:
>
> http://www.weberdev.com/get_example-1233.html
>
> In fact, you can do that without php by using a shtml and includes.
>
> But, more specifically, I need to know more about what documents you
> have and you what you want to do with them.
>
> tedd
Thanks for the example, Tedd. That script would work if I already had
the files in HTML format.
I have about two hundred .doc files that I have archived over the
years. Now that I'm rid of windows I would still like to use them. I
figure that the easiest way to still view the documents, and make them
available for others in my faculty, would be to publish them on
dotancohen.com . However, I'd need to convert them from .doc format to
HTML before I can put them on the web.
I know that I can just drag it all over to a winbox at the university
and convert them one-by-one in Word, but I'd rather not do that to 200
individual files!
Dotan Cohen
http://gmail-com.com
56
attached mail follows:
Dotan Cohen wrote:
> This may be far-fetched, but can php convert a doc file to HTML? I
> vaguely remember a thread that discussed converting pdf's, but I
> cannot find reference to either that or to doc in the manual. Any
> input would be appreciated.
>
> If php cannot do this, then could someone recommend a tool that runs
> on linux that can do the conversion in batch? I have ~200 files to
> convert.
I looked at this briefly once, and you might find the OpenOffice.org
libraries useful. Iirc, they allow one to use OpenOffice.Org
functionality from other programs, but i don't know any details. You
might want to browse their site a bit.
Best,
Koen
--
K.F.J. Martens, Sonologic, http://www.sonologic.nl/
Networking, hosting, embedded systems, unix, artificial intelligence.
Public PGP key: http://www.metro.cx/pubkey-gmc.asc
Wondering about the funny attachment your mail program
can't read? Visit http://www.openpgp.org/
attached mail follows:
2006/5/23, Dotan Cohen <dotancohengmail.com>:
>
> On 5/23/06, tedd <teddsperling.com> wrote:
> > At 7:09 PM +0300 5/23/06, Dotan Cohen wrote:
> > >This may be far-fetched, but can php convert a doc file to HTML? I
> > >vaguely remember a thread that discussed converting pdf's, but I
> > >cannot find reference to either that or to doc in the manual. Any
> > >input would be appreciated.
> > >
> > >If php cannot do this, then could someone recommend a tool that runs
> > >on linux that can do the conversion in batch? I have ~200 files to
> > >convert.
> > >
> > >Thanks.
> > >
> > >Dotan Cohen
> >
> > Dotan:
> >
> > What kind of documents and how to do want to present them?
> >
> > PHP can generate html code and place any text file within in it --
> > it's simple a matter of arranging things the way you want it to look.
> > For example, you might want to review:
> >
> > http://www.weberdev.com/get_example-1233.html
> >
> > In fact, you can do that without php by using a shtml and includes.
> >
> > But, more specifically, I need to know more about what documents you
> > have and you what you want to do with them.
> >
> > tedd
>
> Thanks for the example, Tedd. That script would work if I already had
> the files in HTML format.
>
> I have about two hundred .doc files that I have archived over the
> years. Now that I'm rid of windows I would still like to use them. I
> figure that the easiest way to still view the documents, and make them
> available for others in my faculty, would be to publish them on
> dotancohen.com . However, I'd need to convert them from .doc format to
> HTML before I can put them on the web.
>
> I know that I can just drag it all over to a winbox at the university
> and convert them one-by-one in Word, but I'd rather not do that to 200
> individual files!
>
> Dotan Cohen
> http://gmail-com.com
> 56
>
If that's the case, why don't you just use the "export as web page" or "save
as web page" tools of MS Word (if you don't have it anymore you can as
someone who still has it, or I think OpenOffice also has a similar tool).
attached mail follows:
>Thanks for the example, Tedd. That script would work if I already had
>the files in HTML format.
Try searching the site using "html", I found 85 examples that did
something with html and php.
Searching Google, presented this:
http://www.needscripts.com/Resource/15472.html
That's another source too.
>I have about two hundred .doc files that I have archived over the
>years. Now that I'm rid of windows I would still like to use them. I
>figure that the easiest way to still view the documents, and make them
>available for others in my faculty, would be to publish them on
>dotancohen.com . However, I'd need to convert them from .doc format to
>HTML before I can put them on the web.
>
>I know that I can just drag it all over to a winbox at the university
>and convert them one-by-one in Word, but I'd rather not do that to 200
>individual files!
>
>Dotan Cohen
If you were on a Mac, you could batch change the doc's into html
pretty easily using AppleScript. You know that Word can save doc's
directly to html.
tedd
--
------------------------------------------------------------------------------------
http://sperling.com http://ancientstones.com http://earthstones.com
attached mail follows:
On 5/23/06, Martin Alterisio <malterisio777gmail.com> wrote:
>
> If that's the case, why don't you just use the "export as web page" or "save
> as web page" tools of MS Word (if you don't have it anymore you can as
> someone who still has it, or I think OpenOffice also has a similar tool).
>
Because there are 200 of them.
Dotan Cohen
http://what-is-what.com
323
attached mail follows:
2006/5/23, Dotan Cohen <dotancohengmail.com>:
>
> On 5/23/06, Martin Alterisio <malterisio777gmail.com> wrote:
> >
> > If that's the case, why don't you just use the "export as web page" or
> "save
> > as web page" tools of MS Word (if you don't have it anymore you can as
> > someone who still has it, or I think OpenOffice also has a similar
> tool).
> >
>
> Because there are 200 of them.
>
> Dotan Cohen
> http://what-is-what.com
> 323
>
Open file, choose file, save as web page, close file ~ 2 minutes
200 files * 2 minutes = 400 minutes ~ 7 hours
How much hours have you wasted looking for a php script?
Anyway, I understand... it's a pain in the ass. Whay you're doing wrong is:
you have turned your solution into a problem and forgot what the real
problem was.
Why don't look for another solution:
http://www.google.com/search?q=batch+convert+word+to+html
But they'll probably ask money for it, so why don't just:
http://www.google.com/search?q=batch+convert+word+to+html+free
attached mail follows:
my 2cents ....
Martin Alterisio wrote:
> 2006/5/23, Dotan Cohen <dotancohengmail.com>:
>
>>
>> On 5/23/06, Martin Alterisio <malterisio777gmail.com> wrote:
>> >
>> > If that's the case, why don't you just use the "export as web page" or
>> "save
>> > as web page" tools of MS Word (if you don't have it anymore you can as
>> > someone who still has it, or I think OpenOffice also has a similar
>> tool).
>> >
>>
>> Because there are 200 of them.
>>
>> Dotan Cohen
>> http://what-is-what.com
>> 323
>>
>
>
> Open file, choose file, save as web page, close file ~ 2 minutes
> 200 files * 2 minutes = 400 minutes ~ 7 hours
> How much hours have you wasted looking for a php script?
even if it takes him 14 hours to find a script and get it working
he will have:
a, learnt quite abit about php'ing/html/etc
b, have the basis for a tool that can convert any future .doc
files that he finds/get thrown at him.
Martin the suggestion you give sucks because it doesn't empower,
it leaves Dotan with a sore wrist and no gain in knowledge...
maybe it's good advice for 'noobs' on an Office mailing
but this is a lsit about programming (sure it's php and plenty of IT
related people consider us phpers to be the pretty much the lowest form
of programmer - well not as low as VBscripters ;-) - anyone reading, posting
here, I would hope, aspires to a little more than PHB's secretary with
regards to their IT skills.
>
> Anyway, I understand... it's a pain in the ass. Whay you're doing wrong is:
> you have turned your solution into a problem and forgot what the real
> problem was.
this assumes there is a 'problem' - maybe Dotan is driven more or less
by a desire to see if he can do it rather than being up against some deadline
or having his boss breathing down his neck waiting for a result?
attached mail follows:
2006/5/23, Jochem Maas <jochemiamjochem.com>:
>
> my 2cents ....
>
> Martin Alterisio wrote:
> > 2006/5/23, Dotan Cohen <dotancohengmail.com>:
> >
> >>
> >> On 5/23/06, Martin Alterisio <malterisio777gmail.com> wrote:
> >> >
> >> > If that's the case, why don't you just use the "export as web page"
> or
> >> "save
> >> > as web page" tools of MS Word (if you don't have it anymore you can
> as
> >> > someone who still has it, or I think OpenOffice also has a similar
> >> tool).
> >> >
> >>
> >> Because there are 200 of them.
> >>
> >> Dotan Cohen
> >> http://what-is-what.com
> >> 323
> >>
> >
> >
> > Open file, choose file, save as web page, close file ~ 2 minutes
> > 200 files * 2 minutes = 400 minutes ~ 7 hours
> > How much hours have you wasted looking for a php script?
>
> even if it takes him 14 hours to find a script and get it working
> he will have:
>
> a, learnt quite abit about php'ing/html/etc
> b, have the basis for a tool that can convert any future .doc
> files that he finds/get thrown at him.
>
> Martin the suggestion you give sucks because it doesn't empower,
> it leaves Dotan with a sore wrist and no gain in knowledge...
>
> maybe it's good advice for 'noobs' on an Office mailing
> but this is a lsit about programming (sure it's php and plenty of IT
> related people consider us phpers to be the pretty much the lowest form
> of programmer - well not as low as VBscripters ;-) - anyone reading,
> posting
> here, I would hope, aspires to a little more than PHB's secretary with
> regards to their IT skills.
You're completely right about that. Maybe living too much at the edge of the
deadline has turned me into boring freak (most probably). I have to take
this way of thinking out my mind.
>
> > Anyway, I understand... it's a pain in the ass. Whay you're doing wrong
> is:
> > you have turned your solution into a problem and forgot what the real
> > problem was.
>
> this assumes there is a 'problem' - maybe Dotan is driven more or less
> by a desire to see if he can do it rather than being up against some
> deadline
> or having his boss breathing down his neck waiting for a result?
>
I disagree. There is always a problem, the kind of problem you're referring
to is "I'm lacking this knowledge, or I want to know how to do X", in his
case X would be "converting word docs to html with a php script".
My first impression was that this was his problem, but deducing from what he
explained after, I'm certain this isn't the problem he wants to solve, but
rather a solution he came up but is unable to put into practice.
I think this time PHP is not the solution. A shell script interacting with a
third party tool, or a C program interacting with a third party library will
be a much more appropiate solution.
attached mail follows:
mbneto wrote:
> Hi,
>
> I am looking for sample code/class that can generate a thumbnail (can be a
> png/jpeg) image from a tiff image. So far I've only found examples using
> png/jpg/gif as input.
>
> Any tips?
>
ImageMagick
attached mail follows:
On Mon, May 22, 2006 5:10 pm, mbneto wrote:
> I am looking for sample code/class that can generate a thumbnail (can
> be a
> png/jpeg) image from a tiff image. So far I've only found examples
> using
> png/jpg/gif as input.
In those examples, change the line that reads:
imagecreatefromjpeg(...)
to
imagecreatefromtiff(...)
That's pretty much it...
--
Like Music?
http://l-i-e.com/artists.htm
attached mail follows:
how do I get the subdirectory that a page is being pulled from.
say I have three sites running the same script and I need to determine which
site is which.
http://www.domain.com/subdir1
http://www.domain.com/subdir2
http://www.domain.com/subdir3
and subdir1, subdir2 and subdir3 all need different header and different db
and so on.
how would i get that I am in site subdir3 and not in subdir1?
attached mail follows:
Perhaps check out some of these....
http://www.php.net/manual/en/reserved.variables.php#reserved.variables.server
-Brad
Dallas Cahker wrote:
> how do I get the subdirectory that a page is being pulled from.
>
> say I have three sites running the same script and I need to determine
> which
> site is which.
>
> http://www.domain.com/subdir1
> http://www.domain.com/subdir2
> http://www.domain.com/subdir3
>
> and subdir1, subdir2 and subdir3 all need different header and
> different db
> and so on.
>
> how would i get that I am in site subdir3 and not in subdir1?
>
attached mail follows:
At 02:29 PM 5/23/2006, Dallas Cahker wrote:
>how do I get the subdirectory that a page is being pulled from.
>
>say I have three sites running the same script and I need to determine which
>site is which.
>
>http://www.domain.com/subdir1
>http://www.domain.com/subdir2
>http://www.domain.com/subdir3
>
>and subdir1, subdir2 and subdir3 all need different header and different db
>and so on.
>
>how would i get that I am in site subdir3 and not in subdir1?
Check phpinfo(), particularly SCRIPT_FILENAME or REQUEST_URI or
SCRIPT_FILENAME in the Apache Environment section, and everything following
_SERVER["REQUEST_URI"] in the PHP Variables section.
But why not just put the appropriate header in the subdirectory you are using?
Cheers - Miles
--
No virus found in this outgoing message.
Checked by AVG Anti-Virus.
Version: 7.1.392 / Virus Database: 268.7.0/345 - Release Date: 5/22/2006
attached mail follows:
Dallas Cahker wrote:
> how do I get the subdirectory that a page is being pulled from.
> say I have three sites running the same script and I need to determine
> which
> site is which.
>
> http://www.domain.com/subdir1
> http://www.domain.com/subdir2
> http://www.domain.com/subdir3
>
> and subdir1, subdir2 and subdir3 all need different header and
> different db
> and so on.
> how would i get that I am in site subdir3 and not in subdir1?
$subdir = array_shift(preg_split('|/|', $_SERVER['PHP_SELF'], 0,
PREG_SPLIT_NO_EMPTY));
Dante
attached mail follows:
>how do I get the subdirectory that a page is being pulled from.
>
>say I have three sites running the same script and I need to determine which
>site is which.
>
>http://www.domain.com/subdir1
>http://www.domain.com/subdir2
>http://www.domain.com/subdir3
>
>and subdir1, subdir2 and subdir3 all need different header and different db
>and so on.
>
>how would i get that I am in site subdir3 and not in subdir1?
Lot's of ways to do this. Try:
$u = basename($_SERVER['PHP_SELF']);
hth's
tedd
--
------------------------------------------------------------------------------------
http://sperling.com http://ancientstones.com http://earthstones.com
attached mail follows:
On 5/23/06, Dallas Cahker <christmasfruitcakegmail.com> wrote:
> how do I get the subdirectory that a page is being pulled from.
>
> say I have three sites running the same script and I need to determine which
> site is which.
>
> http://www.domain.com/subdir1
> http://www.domain.com/subdir2
> http://www.domain.com/subdir3
>
> and subdir1, subdir2 and subdir3 all need different header and different db
> and so on.
>
> how would i get that I am in site subdir3 and not in subdir1?
>
>
I like to use dirname(__FILE__) when working with paths. Maybe this
will be of use to you.
attached mail follows:
Greetings,
Seem to have a bit of a problem I can't figure out. I'm trying to query
servers via SNMP with PHP's snmpget function. Everything seems to work
fine, no problems at all - except I'd like the web page to print the
string value instead of the numeric value (I.E. OK for the Compaq Drive
Array vs 1).
Now I've configured everything as best I can tell, and I have the page
loading the appropriate MIB file (
snmp_read_mib("/usr/local/share/snmp/mibs/CPQIDA.MIB")).
Running it from the terminal via 'php mypage.php' returns all the
correct values, I see "Ok", instead of "1". But accessing it via the web
produces nothing - no output. It doesn't matter how I set the get, I've
tried varying it with "CPQIDA-MIB::cpqDaCntlrBoardStatus.0",
"cpqDaCntlrBoardStatus.0",
".iso.org.dod.internet.private.enterprises.compaq.cpqDriveArray.cpqDaCom
ponent.cpqDaCntlr.cpqDaCntlrTable.cpqDaCntlrEntry.cpqDaCntlrBoardStatus.
0" - all work fine running it via the terminal, but not via the web
page.
Does anyone have any ideas at all about this? Anything else I can check?
If I snmpget the numeric OID (.1.3.6.1.4.1.232.3.2.2.1.1.10.0) it does
work, but only returns the numeric value.
System Info:
PHP 5.0.5
Net-SNMP 5.1.1
Php compiled with --with-snmp and --enable-ucd-snmp-hack
Thanks.
Jeremy Pavleck
Network Engineer - Systems Management
IT Networks and Infrastructure
Direct Line: 612-977-5881
Toll Free: 1-888-CAPELLA ext. 5881
Fax: 612-977-5053
E-mail: jeremy.pavleckcapella.edu <mailto:jeremy.pavleckcapella.edu>
Capella University
225 South 6th Street, 9th Floor
Minneapolis, MN 55402
www.capella.edu <http://www.capella.edu/>
attached mail follows:
A new version on PostgreSQL came out with a security SQL-injection hole
fixed. Reading the docs, I find that clients have to be rebuilt, and with
changes in regard to the use of the libpq library.
Is there going to be a new version of PHP4 and 5 to ajust to this?
Here is the data:
http://www.postgresql.org/docs/techdocs.49
--
21:50:04 up 2 days, 9:07, 0 users, load average: 0.92, 0.37, 0.18
---------------------------------------------------------
Lic. Martín Marqués | SELECT 'mmarques' ||
Centro de Telemática | '' || 'unl.edu.ar';
Universidad Nacional | DBA, Programador,
del Litoral | Administrador
---------------------------------------------------------
attached mail follows:
Martin Marques wrote:
> A new version on PostgreSQL came out with a security SQL-injection hole
> fixed. Reading the docs, I find that clients have to be rebuilt, and
> with changes in regard to the use of the libpq library.
>
> Is there going to be a new version of PHP4 and 5 to ajust to this?
>
> Here is the data:
>
> http://www.postgresql.org/docs/techdocs.49
Interesting. Might be better off asking on the internals list if one is
needed.
--
Postgresql & php tutorials
http://www.designmagick.com/
attached mail follows:
On Mon, 22 May 2006, John Nichel wrote:
> Brad Bonkoski wrote:
>> Looks good to me, just make sure you use:
>> http://www.php.net/manual/en/function.stripslashes.php
>> if you have to dump that information back to the users.
>> (you might want to check out: addslashes() to add the slashes before your
>> DB insert, just to keep those things under your command)
>> -Brad
>
> No, no, no. Bad coder.
I was about to say the same! ;-)
>
> Always, always, always...
>
> mysql_real_escape_string()
The best way is to use PEAR::DB and work with quoteSmart() :-D
--
21:50:04 up 2 days, 9:07, 0 users, load average: 0.92, 0.37, 0.18
---------------------------------------------------------
Lic. Martín Marqués | SELECT 'mmarques' ||
Centro de Telemática | '' || 'unl.edu.ar';
Universidad Nacional | DBA, Programador,
del Litoral | Administrador
---------------------------------------------------------
attached mail follows:
On Mon, 22 May 2006, Richard Lynch wrote:
> On Mon, May 22, 2006 11:25 am, afanafan.net wrote:
>> After the form is submitted, some fields are filled with single and/or
>> double quote info (like: 1'2"x2'4", or sky's blue, or "cool" stuff).
>> I validate what I got using mysql_real_escape_string() and then store
>> the
>> result in MySQL. And, it will be stored as:1\'2\"x2\'4\", and sky\'s
>> blue,
>> and \"cool\" stuff.
>> Is this correct way
>
> No.
>
> If you still see \' in your data after it's in MySQL, then you have
> done TWO escapes, and should have only done ONE.
By the way, the right way to escape single quotes is by adding anothe
single quote (this is SQL standard). Somthing like:
O'Conner --> O''Conner
--
21:50:04 up 2 days, 9:07, 0 users, load average: 0.92, 0.37, 0.18
---------------------------------------------------------
Lic. Martín Marqués | SELECT 'mmarques' ||
Centro de Telemática | '' || 'unl.edu.ar';
Universidad Nacional | DBA, Programador,
del Litoral | Administrador
---------------------------------------------------------
attached mail follows:
PHP seems to cache POST data, and waits for the entire POST to finish
sending before it makes it available to php://input.
I'd like to be able to read the post data from php://input while the
client is still uploading it. How can I cause PHP to make the POST data
available right away instead of after the client finishes sending?
Regards, Adam Zey.
PS: As far as I can tell, PHP caches the entire POST in memory as it is
being sent, but just doesn't make it available to php://input until
after the client is done. Since PHP already has it in memory, why isn't
it accessible?
attached mail follows:
Adam Zey wrote:
> PHP seems to cache POST data, and waits for the entire POST to finish
> sending before it makes it available to php://input.
>
> I'd like to be able to read the post data from php://input while the
> client is still uploading it. How can I cause PHP to make the POST data
> available right away instead of after the client finishes sending?
>
> Regards, Adam Zey.
>
> PS: As far as I can tell, PHP caches the entire POST in memory as it is
> being sent, but just doesn't make it available to php://input until
> after the client is done. Since PHP already has it in memory, why isn't
> it accessible?
are you sure it's php that is holding it in memory? $_POST is fully filled
on the first line of the script which gives me the impression that the webserver
is caching the response until it all been uploaded before even starting up
php.
or am I missing something here?
attached mail follows:
Jochem Maas wrote:
> Adam Zey wrote:
>
>> PHP seems to cache POST data, and waits for the entire POST to finish
>> sending before it makes it available to php://input.
>>
>> I'd like to be able to read the post data from php://input while the
>> client is still uploading it. How can I cause PHP to make the POST
>> data available right away instead of after the client finishes sending?
>>
>> Regards, Adam Zey.
>>
>> PS: As far as I can tell, PHP caches the entire POST in memory as it
>> is being sent, but just doesn't make it available to php://input until
>> after the client is done. Since PHP already has it in memory, why
>> isn't it accessible?
>
>
> are you sure it's php that is holding it in memory? $_POST is fully filled
> on the first line of the script which gives me the impression that the
> webserver
> is caching the response until it all been uploaded before even starting up
> php.
>
> or am I missing something here?
You're correct, of course. I was a bit confused, it seems.
PUT behaves as I described above. If you do a PUT request for the PHP
script directly, the PHP script is called right away, and any attempt to
fread from php://input blocks until either the client is done sending,
or some sort of buffer is filled (the fread occasionally returns with
lots of data if you keep sending).
So, might I amend my question to, is it possible to disable PHP
buffering PUTs, or Apache buffering POST? (Or is it PHP that just
buffers the POST before actually executing the script, but post Apache?)
Essentially what I want is a persistant HTTP connection over which I can
stream data and have the server-side PHP script process the data as it
arrives, rather than when all the data is sent.
The only other approach I can figure out is to send periodic POST
requests with the latest data, the downside of which is a huge increase
in latency between data production and consumption.
Regards, Adam Zey.
attached mail follows:
Jochem Maas wrote:
> Adam Zey wrote:
>
>> PHP seems to cache POST data, and waits for the entire POST to finish
>> sending before it makes it available to php://input.
>>
>> I'd like to be able to read the post data from php://input while the
>> client is still uploading it. How can I cause PHP to make the POST
>> data available right away instead of after the client finishes sending?
>>
>> Regards, Adam Zey.
>>
>> PS: As far as I can tell, PHP caches the entire POST in memory as it
>> is being sent, but just doesn't make it available to php://input until
>> after the client is done. Since PHP already has it in memory, why
>> isn't it accessible?
>
>
> are you sure it's php that is holding it in memory? $_POST is fully filled
> on the first line of the script which gives me the impression that the
> webserver
> is caching the response until it all been uploaded before even starting up
> php.
>
> or am I missing something here?
You're correct, of course. I was a bit confused, it seems.
PUT behaves as I described above. If you do a PUT request for the PHP
script directly, the PHP script is called right away, and any attempt to
fread from php://input blocks until either the client is done sending,
or some sort of buffer is filled (the fread occasionally returns with
lots of data if you keep sending).
So, might I amend my question to, is it possible to disable PHP
buffering PUTs, or Apache buffering POST? (Or is it PHP that just
buffers the POST before actually executing the script, but post Apache?)
Essentially what I want is a persistant HTTP connection over which I can
stream data and have the server-side PHP script process the data as it
arrives, rather than when all the data is sent.
The only other approach I can figure out is to send periodic POST
requests with the latest data, the downside of which is a huge increase
in latency between data production and consumption.
Regards, Adam Zey.
attached mail follows:
On Tue, May 23, 2006 4:39 pm, Adam Zey wrote:
> The only other approach I can figure out is to send periodic POST
> requests with the latest data, the downside of which is a huge
> increase
> in latency between data production and consumption.
Sounds like you maybe want to run your own "server"...
http://php.net/sockets
--
Like Music?
http://l-i-e.com/artists.htm
attached mail follows:
Richard Lynch wrote:
>On Tue, May 23, 2006 4:39 pm, Adam Zey wrote:
>
>
>>The only other approach I can figure out is to send periodic POST
>>requests with the latest data, the downside of which is a huge
>>increase
>>in latency between data production and consumption.
>>
>>
>
>Sounds like you maybe want to run your own "server"...
>http://php.net/sockets
>
>
>
Unfortunately, the requirement is that the script be able to accept data
on port 80, and co-exist with an existing webserver at the same time. As
far as I can tell, this requirement can only be fulfilled by running the
script through a webserver. Also, sockets are not compiled into PHP by
default, and stream sockets aren't included in versions below PHP 5.0.0,
as far as I can tell. That sort of puts a hamper on socket usage.
Regards, Adam Zey.
attached mail follows:
Adam Zey wrote:
> Jochem Maas wrote:
>
...
> Essentially what I want is a persistant HTTP connection over which I can
> stream data and have the server-side PHP script process the data as it
> arrives, rather than when all the data is sent.
>
> The only other approach I can figure out is to send periodic POST
> requests with the latest data, the downside of which is a huge increase
> in latency between data production and consumption.
Richard's suggestion is most likely the best option (assuming you want to use php)
otherwise you'll probably end up hacking webserver and/or php sources (painful, time consuming
and a probable maintainance nightmare) ... which also comes with the risk of breaking
lots http protocols 'rules' while your at it.
>
> Regards, Adam Zey.
>
attached mail follows:
Jochem Maas wrote:.
> ...
> Richard's suggestion is most likely the best option (assuming you want
> to use php)
> otherwise you'll probably end up hacking webserver and/or php sources
> (painful, time consuming
> and a probable maintainance nightmare) ... which also comes with the
> risk of breaking
> lots http protocols 'rules' while your at it.
>
>>
>> Regards, Adam Zey.
>>
>
As I mentioned in my more recent mail, this unfortunately isn't an
option since I need to run on port 80 without disturbing the existing
webserver, which requirse that the script be running through the
webserver :(
I've considered the possibility of looking into Perl or C (via CGI) to
try to get the desired functionality, but they have their own issues
(namely more complicated installation than just sticking a script
anywhere in the web tree as you can with a default PHP installation).
Regards, Adam Zey.
attached mail follows:
Adam Zey wrote:
> Jochem Maas wrote:.
>
>> ...
>> Richard's suggestion is most likely the best option (assuming you want
>> to use php)
>> otherwise you'll probably end up hacking webserver and/or php sources
>> (painful, time consuming
>> and a probable maintainance nightmare) ... which also comes with the
>> risk of breaking
>> lots http protocols 'rules' while your at it.
>>
>>>
>>> Regards, Adam Zey.
>>>
>>
> As I mentioned in my more recent mail, this unfortunately isn't an
> option since I need to run on port 80 without disturbing the existing
why is port 80 a requirement - HTTP can technically over any port.
> webserver, which requirse that the script be running through the
> webserver :(
>
> I've considered the possibility of looking into Perl or C (via CGI) to
> try to get the desired functionality, but they have their own issues
> (namely more complicated installation than just sticking a script
> anywhere in the web tree as you can with a default PHP installation).
sounds to me your requirement rules out the use of bog standard setups,
that said I doubt using CGI (with any language you choose) will fix the
problem because your still at thew mercy of the webserver that is running the
CGI.
>
> Regards, Adam Zey.
>
attached mail follows:
Jochem Maas wrote:
>
> why is port 80 a requirement - HTTP can technically over any port.
>
It must be accessible to any client, no matter what sort of firewall or
proxy they go through. The only way to absolutely assure that is, as far
as I know, to use port 80. It is the only port that you can count on
with a fair degree of certainty, if the user is proxied or firewalled.
I'd just as soon write my own simple webserver, but then it'd run into
conflicts with existing webservers on port 80.
My current solution is to buffer data on the client-side, and send a
fresh POST request every so many milliseconds (Say, 250) over a
keepalive connection with the latest buffered data. The downside of this
is that it introduces up to 250ms of latency on top of the existing
network latency, and it produces a lot of POST requests. I would really
like to eliminate that by streaming the data rather than splitting it up
like that.
Regards, Adam Zey.
attached mail follows:
[snip]
As I mentioned in my more recent mail, this unfortunately isn't an
option since I need to run on port 80 without disturbing the existing
webserver, which requirse that the script be running through the
webserver :(
[/snip]
I have been reading this thread with much interest and think that
perhaps a different approach may be needed. What, exactly, are you
trying to accomplish? Skip past the persistency, etc. and describe the
problem for which you are seeking a solution. I have the feeling that
there may be a way to do what you want with PHP if you will describe the
process.
attached mail follows:
Jay Blanchard wrote:
>[snip]
>As I mentioned in my more recent mail, this unfortunately isn't an
>option since I need to run on port 80 without disturbing the existing
>webserver, which requirse that the script be running through the
>webserver :(
>[/snip]
>
>I have been reading this thread with much interest and think that
>perhaps a different approach may be needed. What, exactly, are you
>trying to accomplish? Skip past the persistency, etc. and describe the
>problem for which you are seeking a solution. I have the feeling that
>there may be a way to do what you want with PHP if you will describe the
>process.
>
>
Essentially, I'm looking to write something in the same vein as GNU
httptunnel, but in PHP, and running on port 80 serverside. The
server->client part is easy, since a never-ending GET request can stream
the data and be consumed by the client instantly. The thing I'm having