|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
php-general-digest-help
lists.php.net
Date: Fri May 18 2007 - 12:21:42 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
php-general Digest 18 May 2007 17:21:42 -0000 Issue 4798
Topics (messages 255104 through 255149):
sessions from own php-extension
255104 by: HeavyWave
Use sessions from own php-extension
255105 by: hw.musicaldb.com
Problems with SSL and stream contexts on 4.x branch...
255106 by: David Preece
showing source
255107 by: James Lockie
255108 by: Paul Scott
255115 by: M.Sokolewicz
255117 by: Christian Haensel
255118 by: itoctopus
255142 by: Steve
255143 by: Tijnema !
255144 by: James Lockie
Re: Download speed limit
255109 by: clive
255137 by: Jonathan
255138 by: Tijnema !
255146 by: Rangel Reale
255147 by: Tijnema !
Browser Cache and PHP Namespace
255110 by: Sancar Saran
255113 by: M.Sokolewicz
Re: Tipos about which CMS use
255111 by: Edward Kay
Re: IE7 => end tag?
255112 by: Edward Kay
255129 by: Jim Moseby
255131 by: Robin Vickery
255133 by: Edward Kay
Re: Setting Up A Simple Shopping Cart
255114 by: Edward Kay
Re: Can't link image directory?
255116 by: Tijnema !
255128 by: Daniel Brown
255132 by: Haig Dedeyan
255134 by: Tijnema !
255135 by: Daniel Brown
stay logged in for session
255119 by: Joshua
255120 by: Edward Kay
255121 by: Zoltán Németh
255122 by: Edward Kay
255123 by: Zoltán Németh
255124 by: itoctopus
255125 by: Edward Kay
255126 by: Richard Davey
255127 by: Zoltán Németh
Send HTML from PHP scripts ...
255130 by: Kuldip Mond
255140 by: Steve
255148 by: Jonathan
Re: error_reporting(E_ALL) doesn't show anything
255136 by: Jonathan
Re: Bounty
255139 by: Tijnema !
255141 by: Robert Cummings
ftp_get() - OpenVMS - semicolon in filenames
255145 by: Jim Moseby
PHP5 Static functions called through __call() that don't exist... yet
255149 by: Jared Farrish
Administrivia:
To subscribe to the digest, e-mail:
php-general-digest-subscribelists.php.net
To unsubscribe from the digest, e-mail:
php-general-digest-unsubscribelists.php.net
To post to the list, e-mail:
php-generallists.php.net
----------------------------------------------------------------------
attached mail follows:
Hi there
I'm writing my own php-extension in C++. Can I call ext/session
functions or somehow use sessions in my extension?
attached mail follows:
Hi there.
I'm developing php-extension in C++ and want to use session handling from
ext/session . Is it possible?
attached mail follows:
Hi,
Well, this has been fun. I'm not normally a PHP guy, but right now I
need to move some data from an HTTPS server into PHP. Problem is that
I'm trying to do it properly, confirming that the servers certificate
says what it should and that it isn't self signed (i.e. the chain of
trust extends all the way up to the root). I've been at this for
getting on for two days now and have got this far:
if (function_exists('openssl_open')) echo('Not a dumbarse');
$sc=stream_context_create();
$rtn=stream_context_set_option($sc,'ssl', 'verify_peer', true);
$rtn=stream_context_set_option($sc,'ssl', 'allow_self_signed',
false);
$sock=fsockopen('ssl://development.atomicdroplet.com',443,$errno,
$errstr,30,$sc);
if ($sock) {
fwrite($sock,"GET /msg_serve/123/ HTTP /1.0\r\n\r\n");
while ($contents=fread($sock,8192)) echo $contents;
fclose($sock);
};
Now, I actually just tripped across the fsockopen call using a stream
context (my IDE autocompleted it for me) and it's not covered in the
docs. I also wanted to use stream_socket_client but realistically
have to target the 4.x branch, probably all the way back to 4.3.0.
The error I get is #36, "Operation now in progress". Commenting out
the two stream_context_set_option calls makes it work properly ...
but also completely defeats the purpose of trying to establish the
real identity of the other end.
I could also use curl, but it seems rare that it is installed.
Any guidance is gratefully received ... as I said, this has taken
rather a long time and my patience is wearing thin :(
Dave
attached mail follows:
This almost works but all my < and > are replaced with "".
// open this file to show the source
if (($fh = fopen( __FILE__, 'r' )) === FALSE){
die ('Failed to open source file (' . $_FILE_ . ') for
reading!');
} else {
$tags = array( "<", ">" );
$safe_tags = array( "\\<", "\\>" );
print "<pre>\n";
// read the file line by line
while (! feof( $fh )) {
$currentLine = fgets( $fh, 255 );
$noTags = str_replace( $tags, $safeTags, $currentLine );
print $noTags;
}
fclose( $fh );
print "</pre>\n";
}
attached mail follows:
On Fri, 2007-05-18 at 01:50 -0400, James Lockie wrote:
> This almost works but all my < and > are replaced with "".
>
Rather use named entities, www.php.net/htmlentities
--Paul
All Email originating from UWC is covered by disclaimer http://www.uwc.ac.za/portal/uwc2006/content/mail_disclaimer/index.htm
attached mail follows:
Why don't you use:
highlight_file(__FILE__) ?
- tul
James Lockie wrote:
> This almost works but all my < and > are replaced with "".
>
> // open this file to show the source
> if (($fh = fopen( __FILE__, 'r' )) === FALSE){
> die ('Failed to open source file (' . $_FILE_ . ') for
> reading!');
> } else {
> $tags = array( "<", ">" );
> $safe_tags = array( "\\<", "\\>" );
>
> print "<pre>\n";
>
> // read the file line by line
> while (! feof( $fh )) {
> $currentLine = fgets( $fh, 255 );
> $noTags = str_replace( $tags, $safeTags, $currentLine );
> print $noTags;
> }
>
> fclose( $fh );
> print "</pre>\n";
> }
attached mail follows:
> Why don't you use:
> highlight_file(__FILE__) ?
OMG
I have been coding that thing for MONTHS now... just to get syntax
highlighting for my tutorial blog... maybe I shouldn't write tutorials...
maybe I should rather read them *g*
Thanks for this short, but awesome answer :o) I wasn't the one asking the
question, but nonetheless you have just wrecked my weekend :oP If I could
kick my own rear end, I would do so´for the next two days...
Cheers mate, and have a great weekend!
Chris
>
> - tul
>
> James Lockie wrote:
>> This almost works but all my < and > are replaced with "".
>>
>> // open this file to show the source
>> if (($fh = fopen( __FILE__, 'r' )) === FALSE){
>> die ('Failed to open source file (' . $_FILE_ . ') for
>> reading!');
>> } else {
>> $tags = array( "<", ">" );
>> $safe_tags = array( "\\<", "\\>" );
>>
>> print "<pre>\n";
>>
>> // read the file line by line
>> while (! feof( $fh )) {
>> $currentLine = fgets( $fh, 255 );
>> $noTags = str_replace( $tags, $safeTags, $currentLine );
>> print $noTags;
>> }
>>
>> fclose( $fh );
>> print "</pre>\n";
>> }
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
attached mail follows:
yup, highlight_file($file_name) is your magical answer.
http://ca.php.net/highlight_file
Make sure this function will only access specific directories.
--
itoctopus - http://www.itoctopus.com
""M.Sokolewicz"" <tularisphp.net> wrote in message
news:464D716B.7040702php.net...
> Why don't you use:
> highlight_file(__FILE__) ?
>
> - tul
>
> James Lockie wrote:
>> This almost works but all my < and > are replaced with "".
>>
>> // open this file to show the source
>> if (($fh = fopen( __FILE__, 'r' )) === FALSE){
>> die ('Failed to open source file (' . $_FILE_ . ') for
>> reading!');
>> } else {
>> $tags = array( "<", ">" );
>> $safe_tags = array( "\\<", "\\>" );
>>
>> print "<pre>\n";
>>
>> // read the file line by line
>> while (! feof( $fh )) {
>> $currentLine = fgets( $fh, 255 );
>> $noTags = str_replace( $tags, $safeTags, $currentLine );
>> print $noTags;
>> }
>>
>> fclose( $fh );
>> print "</pre>\n";
>> }
attached mail follows:
Not that it really matters in this scenario, but if you rename a file to
.phps you should be able to navigate to it in a web browser and have nice,
highlighted syntax. It's pretty nice for internally viewing a file, but
obviously I wouldn't recommend doing this with live files that contain
sensitive information.
"James Lockie" <bjlockielockie.homeunix.net> wrote in message
news:464D3EB7.5050109lockie.homeunix.net...
> This almost works but all my < and > are replaced with "".
>
> // open this file to show the source
> if (($fh = fopen( __FILE__, 'r' )) === FALSE){
> die ('Failed to open source file (' . $_FILE_ . ') for
> reading!');
> } else {
> $tags = array( "<", ">" );
> $safe_tags = array( "\\<", "\\>" );
>
> print "<pre>\n";
>
> // read the file line by line
> while (! feof( $fh )) {
> $currentLine = fgets( $fh, 255 );
> $noTags = str_replace( $tags, $safeTags, $currentLine );
> print $noTags;
> }
>
> fclose( $fh );
> print "</pre>\n";
> }
attached mail follows:
On 5/18/07, Steve <stevedeported.net> wrote:
> Not that it really matters in this scenario, but if you rename a file to
> .phps you should be able to navigate to it in a web browser and have nice,
> highlighted syntax. It's pretty nice for internally viewing a file, but
> obviously I wouldn't recommend doing this with live files that contain
> sensitive information.
Or just a symlink from .phps to .php for the file :)
Tijnema
>
>
> "James Lockie" <bjlockielockie.homeunix.net> wrote in message
> news:464D3EB7.5050109lockie.homeunix.net...
> > This almost works but all my < and > are replaced with "".
> >
> > // open this file to show the source
> > if (($fh = fopen( __FILE__, 'r' )) === FALSE){
> > die ('Failed to open source file (' . $_FILE_ . ') for
> > reading!');
> > } else {
> > $tags = array( "<", ">" );
> > $safe_tags = array( "\\<", "\\>" );
> >
> > print "<pre>\n";
> >
> > // read the file line by line
> > while (! feof( $fh )) {
> > $currentLine = fgets( $fh, 255 );
> > $noTags = str_replace( $tags, $safeTags, $currentLine );
> > print $noTags;
> > }
> >
> > fclose( $fh );
> > print "</pre>\n";
> > }
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
attached mail follows:
M.Sokolewicz wrote:
> Why don't you use:
> highlight_file(__FILE__) ?
I didn't know about that.
Awesome, thanks. :-)
I used the highlight_num from the comments to show line numbers. :-)
attached mail follows:
Rangel Reale wrote:
> Yes, I tried, this works, but I would like to control the send speed more,
> preferably via URL, as this programs will only be accessed by my desktop
> application, and I have full control of them.
ok if its only your application thats going to use this data, you could
1. setup a ftp server that does bandwidth limiting. Then your
application downloads the file via ftp.
2. rsync has a bandwidth limiting option aswell.
>
> But, if there is no other way, this will be the way!
>
> ----- Original Message ----- From: "Greg Donald" <gdonaldgmail.com>
> To: <php-generallists.php.net>
> Sent: Thursday, May 17, 2007 6:55 PM
> Subject: Re: [PHP] Download speed limit
>
>
>> On 5/17/07, Rangel Reale <listasrangelreale.com> wrote:
>>> Hmm that apache module isn't quite what I need, it just accepts or
>>> refuse
>>> connections based on bandwidth usage, it does not throttle the
>>> connection.
>>
>> Have you tried something like this?
>>
>> <?php
>>
>> $file = '/opt/local/apache2/htdocs/test_file.txt';
>>
>> set_time_limit( 0 );
>>
>> $handle = fopen( $file, 'rb' );
>>
>> if( !$handle )
>> {
>> die( 'fopen() failed' );
>> }
>>
>> header( 'Content-Type: text/plain' );
>> header( 'Content-Length: ' . filesize( $handle ) );
>> header('Content-Disposition: attachment; filename="' . basename( $file
>> ) . '"' );
>>
>> while( ( !feof( $handle ) ) && ( connection_status() == 0 ) )
>> {
>> print( fread( $handle, 1024 * 8 ) );
>> sleep( 1 );
>> flush();
>> }
>>
>> fclose( $handle );
>>
>>
>> I get right at 8K/sec using that.
>>
>>
>>
>> --
>> Greg Donald
>> http://destiney.com/
>>
>> --
>> PHP General Mailing List (http://www.php.net/)
>> To unsubscribe, visit: http://www.php.net/unsub.php
>>
>>
>>
>>
>> --
>> No virus found in this incoming message.
>> Checked by AVG Free Edition. Version: 7.5.467 / Virus Database:
>> 269.7.0/803 - Release Date: 13/5/2007 12:17
>>
>>
>
--
Regards,
Clive.
Real Time Travel Connections
{No electrons were harmed in the creation, transmission or reading of
this email. However, many were excited and some may well have enjoyed
the experience.}
attached mail follows:
Rangel Reale wrote:
> Hello!
>
> For my application I need to limit the speed that my application sends data, in my case a binary file.
>
> I need to send the speed as a parameter, like:
>
> sendfile.php?speed=20000
>
> Would send the file at 20kb/s (forgetting about real byte counts for this example).
>
> To send the file, I am doing:
>
> $fp=fopen($this->contentfile,"rb");
> while(!feof($fp)){
> print(fread($fp,1024*8));
> flush();
> ob_flush();
> }
> fclose($fp);
>
> If after ob_flush I do a sleep(), I can limit the speed, but I would like to limit at the speed of the parameter.
>
> Is there a way to do this?
>
> Thanks,
> Rangel
>
Will this mean i can set my ?speed=99999999999999999999999999999999
Excellent!
attached mail follows:
On 5/18/07, Jonathan <haptiKgmail.com> wrote:
> Rangel Reale wrote:
> > Hello!
> >
> > For my application I need to limit the speed that my application sends data, in my case a binary file.
> >
> > I need to send the speed as a parameter, like:
> >
> > sendfile.php?speed=20000
> >
> > Would send the file at 20kb/s (forgetting about real byte counts for this example).
> >
> > To send the file, I am doing:
> >
> > $fp=fopen($this->contentfile,"rb");
> > while(!feof($fp)){
> > print(fread($fp,1024*8));
> > flush();
> > ob_flush();
> > }
> > fclose($fp);
> >
> > If after ob_flush I do a sleep(), I can limit the speed, but I would like to limit at the speed of the parameter.
> >
> > Is there a way to do this?
> >
> > Thanks,
> > Rangel
> >
>
> Will this mean i can set my ?speed=99999999999999999999999999999999
>
> Excellent!
>
Yeah, that's nice, you limit it, but a little bit smart guy can set it
to whatever he/she wants :)
Tijnema
attached mail follows:
----- Original Message -----
From: "Tijnema !" <tijnemagmail.com>
To: "Jonathan" <haptiKgmail.com>
Cc: <php-generallists.php.net>
Sent: Friday, May 18, 2007 12:07 PM
Subject: Re: [PHP] Re: Download speed limit
> On 5/18/07, Jonathan <haptiKgmail.com> wrote:
>> Rangel Reale wrote:
>> > Hello!
>> >
>> > For my application I need to limit the speed that my application sends
>> > data, in my case a binary file.
>> >
>> > I need to send the speed as a parameter, like:
>> >
>> > sendfile.php?speed=20000
>> >
>> > Would send the file at 20kb/s (forgetting about real byte counts for
>> > this example).
>> >
>> > To send the file, I am doing:
>> >
>> > $fp=fopen($this->contentfile,"rb");
>> > while(!feof($fp)){
>> > print(fread($fp,1024*8));
>> > flush();
>> > ob_flush();
>> > }
>> > fclose($fp);
>> >
>> > If after ob_flush I do a sleep(), I can limit the speed, but I would
>> > like to limit at the speed of the parameter.
>> >
>> > Is there a way to do this?
>> >
>> > Thanks,
>> > Rangel
>> >
>>
>> Will this mean i can set my ?speed=99999999999999999999999999999999
>>
>> Excellent!
>>
>
> Yeah, that's nice, you limit it, but a little bit smart guy can set it
> to whatever he/she wants :)
>
> Tijnema
>
Hehehe yes, but as I said in a later message, only my application will be
accessing this page (hopefully), and the problem is not on the sending
server (which has lots of bandwidth) but on the receiving client, where my
downloading is killing all its small bandwidth.
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
>
>
> --
> No virus found in this incoming message.
> Checked by AVG Free Edition. Version: 7.5.467 / Virus Database:
> 269.7.0/803 - Release Date: 13/5/2007 12:17
>
>
attached mail follows:
On 5/18/07, Rangel Reale <listasrangelreale.com> wrote:
>
> ----- Original Message -----
> From: "Tijnema !" <tijnemagmail.com>
> To: "Jonathan" <haptiKgmail.com>
> Cc: <php-generallists.php.net>
> Sent: Friday, May 18, 2007 12:07 PM
> Subject: Re: [PHP] Re: Download speed limit
>
>
> > On 5/18/07, Jonathan <haptiKgmail.com> wrote:
> >> Rangel Reale wrote:
> >> > Hello!
> >> >
> >> > For my application I need to limit the speed that my application sends
> >> > data, in my case a binary file.
> >> >
> >> > I need to send the speed as a parameter, like:
> >> >
> >> > sendfile.php?speed=20000
> >> >
> >> > Would send the file at 20kb/s (forgetting about real byte counts for
> >> > this example).
> >> >
> >> > To send the file, I am doing:
> >> >
> >> > $fp=fopen($this->contentfile,"rb");
> >> > while(!feof($fp)){
> >> > print(fread($fp,1024*8));
> >> > flush();
> >> > ob_flush();
> >> > }
> >> > fclose($fp);
> >> >
> >> > If after ob_flush I do a sleep(), I can limit the speed, but I would
> >> > like to limit at the speed of the parameter.
> >> >
> >> > Is there a way to do this?
> >> >
> >> > Thanks,
> >> > Rangel
> >> >
> >>
> >> Will this mean i can set my ?speed=99999999999999999999999999999999
> >>
> >> Excellent!
> >>
> >
> > Yeah, that's nice, you limit it, but a little bit smart guy can set it
> > to whatever he/she wants :)
> >
> > Tijnema
> >
> Hehehe yes, but as I said in a later message, only my application will be
> accessing this page (hopefully), and the problem is not on the sending
> server (which has lots of bandwidth) but on the receiving client, where my
> downloading is killing all its small bandwidth.
Ok, then there's not a real problem, but to get to your problem, you
could simple tell the script how many data to send per loop, and since
you're sleeping 1 second each loop, should this amount be the same as
the amount specified on the command line.
so, this should work the way you want
$sleep = $_GET['sleep'];
$fp=fopen($this->contentfile,"rb");
while(!feof($fp)){
print(fread($fp,1024*$speed));
flush();
ob_flush();
sleep(1);
}
fclose($fp);
Tijnema
>
> > --
> > PHP General Mailing List (http://www.php.net/)
> > To unsubscribe, visit: http://www.php.net/unsub.php
> >
> >
> >
> >
> > --
> > No virus found in this incoming message.
> > Checked by AVG Free Edition. Version: 7.5.467 / Virus Database:
> > 269.7.0/803 - Release Date: 13/5/2007 12:17
> >
> >
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
attached mail follows:
Greetings,
I had some problems with broser caching behaviors and php name space
collision. I do lot of googling and try to figure what happened and I failed
to figure. So I need help,
Here Details
1-) Browser Cache Beahviors
You know the back button problem. I search the net and found some header
modifications to fix this problems.
Like this
ini_set('session.cache_limiter', 'private');
And this will lead the some caching issues. Time to time browser may forgot or
misbehave with javascripts.
Is there any suggestion for this.
When visitor hit back button and previous page has retun data from post
variables.
1-) Re posting without any message
2-) No content cache
2-) The another problem was developing aproach.
Currently I'm working on large CMS thingy. My project be able to include php
files anytime anywhere and unlimited amount.
So time to time variable names will collide and it was so hard to detect.
Is there any suggestion to avoid these kind of collisions.
Thanks
Sancar
attached mail follows:
Sancar Saran wrote:
> Greetings,
>
> I had some problems with broser caching behaviors and php name space
> collision. I do lot of googling and try to figure what happened and I failed
> to figure. So I need help,
>
> Here Details
>
> 1-) Browser Cache Beahviors
> You know the back button problem. I search the net and found some header
> modifications to fix this problems.
>
> Like this
>
> ini_set('session.cache_limiter', 'private');
that's not a header, it's a php.ini setting. Just not-picking though,
don't have an answer to this as I've personally never had problems with
caching (then again, I also rarely use sessions)
> And this will lead the some caching issues. Time to time browser may forgot or
> misbehave with javascripts.
>
> Is there any suggestion for this.
>
> When visitor hit back button and previous page has retun data from post
> variables.
>
> 1-) Re posting without any message
> 2-) No content cache
>
>
> 2-) The another problem was developing aproach.
>
> Currently I'm working on large CMS thingy. My project be able to include php
> files anytime anywhere and unlimited amount.
>
> So time to time variable names will collide and it was so hard to detect.
Prefix your variables if they're important. You probably couldn't care
less if variables like $i, $j, $k, etc. are overwritten, but variables
holding important content for you should be "secured" by either storing
them in a specific place you know to be safe, or by prefixing them. eg:
$myApp_foo, $myAll_bar, etc. If anyone makes an include for you, they
will be very unlikely to use such names there too. The other way, which
I personally prefer is to put everything important and non-local (ie.
isn't confined to that one file it's run in) in special purpose arrays:
$SETTINGS[various names], $SELF[names], $MYAPP_SAFE[names]
> Is there any suggestion to avoid these kind of collisions.
>
> Thanks
>
> Sancar
attached mail follows:
> Hi there,
>
> I'd like to replace my 'intranet' site with a CMS system to speed up
> the edit process. Some of my requirements are :
>
> - written in PHP :)
> - mysql based
> - documented/'well structured' - to allow development of customizations
> - ability to define which pages or sections are public and which are
> private (and in this case which users can access)
> - use AJAX (not mandatory) but since some access to the page will come
> from dial-up to reduce the need to transfer entire html just to update
> a search or list contents..
>
> thanks
>
http://opensourcecms.com/
Edward
attached mail follows:
> -----Original Message-----
> From: Jim Moseby [mailto:JMosebynrbindustries.com]
> Sent: 17 May 2007 21:29
> To: 'rauhspund'; php-generallists.php.net
> Subject: RE: [PHP] IE7 => end tag?
>
>
> >
> > #-- .meta info
> > include("../plugins/lib/pluginmetadata.php");
> > $_cached = !empty($_POST);
> > ewiki_pmd($_cached);
> > #-- defaults for the separately handled database settings in $db[]
> > if (!($db = $_REQUEST["db"])) {
> > $db = array("type" => NULL,
> > "server" => "localhost",
> > "dbname" => "test",
> > "table" => "ewiki",
> > "dir" => "/tmp",
> > "dba" => "/tmp/wiki.dbm",
> > );
> > }
>
> I don't know if this will fix your problem, but you have an
> extraneous comma
> after'"dba" => "/tmp/wiki.dbm",'. Also try enclosing NULL in
> quotes and see
> if your problem goes away.
>
> JM
>
The extra comma at the end of the array definition is still valid syntax in
PHP. Try for yourself:
php -r '$a = array("a" => "foo", "b" => "bar",); print_r($a);'
NULL is a special type that means just that:
http://uk.php.net/manual/en/language.types.null.php
Enclosing it in quotes will define it as a string, something entirely
different.
The problem described is not to do with the PHP code supplied, but the setup
of the webserver. As Stut correctly said, if PHP code is getting to the
browser then webserver is not configured correctly.
rauhspund, you are actually using a webserver with PHP aren't you and not
just opening the PHP file directly with IE?
Edward
attached mail follows:
>
> The extra comma at the end of the array definition is still
> valid syntax in
> PHP. Try for yourself:
>
> php -r '$a = array("a" => "foo", "b" => "bar",); print_r($a);'
Interesting. Do you mean 'Valid Syntax' in that it 'works without error',
or 'Valid Syntax' in that 'it was designed to work that way'? If the
former, then I would argue as to whether it is valid syntax, since depending
on it would be dangerous. If the latter, then I have learned something new,
and I'd like to know more about why it is designed to work that way, and how
I could use it to my advantage.
>
> NULL is a special type that means just that:
> http://uk.php.net/manual/en/language.types.null.php
>
> Enclosing it in quotes will define it as a string, something entirely
> different.
I am aware of what a NULL is. I suggested the quotes as a troubleshooting
step, since code prior to the NULL was not being displayed. A 'knee jerk'
suggestion, I concede. (Feel free to substitite your own descriptive phrase
for 'knee jerk' if you must) :-)
JM
attached mail follows:
On 18/05/07, Jim Moseby <JMosebynrbindustries.com> wrote:
> >
> > The extra comma at the end of the array definition is still
> > valid syntax in
> > PHP. Try for yourself:
> >
> > php -r '$a = array("a" => "foo", "b" => "bar",); print_r($a);'
>
> Interesting. Do you mean 'Valid Syntax' in that it 'works without error',
> or 'Valid Syntax' in that 'it was designed to work that way'?
It was designed to work that way (see the 'possible_comma' rule in
zend_language_parser.y)
> If the latter, then I have learned something new,
> and I'd like to know more about why it is designed to work that way, and how
> I could use it to my advantage.
Probably because
1. People often remove or comment out elements from lists and forget
to remove the
comma from the new last entry eg:
$config = array(
foo => bar,
// baz => wibble
);
2. Perl already made the final comma optional for similar reasons.
-robin
attached mail follows:
> > The extra comma at the end of the array definition is still
> > valid syntax in
> > PHP. Try for yourself:
> >
> > php -r '$a = array("a" => "foo", "b" => "bar",); print_r($a);'
>
> Interesting. Do you mean 'Valid Syntax' in that it 'works without error',
> or 'Valid Syntax' in that 'it was designed to work that way'? If the
> former, then I would argue as to whether it is valid syntax,
> since depending
> on it would be dangerous. If the latter, then I have learned
> something new,
> and I'd like to know more about why it is designed to work that
> way, and how
> I could use it to my advantage.
I believe it is the latter, i.e. designed to work that way. I read something
about it a few months ago but annoyingly can't find the reference. The
reasoning was to make it easier for developers to manage files that define
large arrays, such as config files. (You can add extra values to the end,
copy/paste lines etc without having to worry too much about the trailing
commas).
It may only be acceptable in newer versions of PHP though.
> >
> > NULL is a special type that means just that:
> > http://uk.php.net/manual/en/language.types.null.php
> >
> > Enclosing it in quotes will define it as a string, something entirely
> > different.
>
> I am aware of what a NULL is. I suggested the quotes as a troubleshooting
> step, since code prior to the NULL was not being displayed. A 'knee jerk'
> suggestion, I concede. (Feel free to substitite your own
> descriptive phrase
> for 'knee jerk' if you must) :-)
No need - I'm just as guilty as anyone for 'knee-jerk' posting :)
attached mail follows:
> -----Original Message-----
> From: revDAVE [mailto:coolcathosting4days.com]
> Sent: 18 May 2007 01:33
> To: php php
> Subject: Re: [PHP] Setting Up A Simple Shopping Cart
>
>
> On 5/17/2007 7:05 AM, "revDAVE" <coolcathosting4days.com> wrote:
>
> > Hello folks,
> >
> > I am a PHP NEWBIE.
> >
> > - I have the following three choices for shopping carts on my server:
> >
> > CubeCart
> > OS Commerce
> > Zen Cart
> >
> > Q: Does anybody have any preferences for creating a simple store?
>
> Both OS Commerce & Zen Cart look pretty cool so far .... Does anyone have
> any preferences?
>
Again, try some at http://opensourcecms.com/. DYOR people.
Edward
attached mail follows:
On 5/18/07, Haig (Home) <hdedeyanvideotron.ca> wrote:
> Hi everyone,
>
> I have a simple script that scans a directory and will output a list of sub
> directories as a hyperlink.
>
> Script is working fine. Only problem I have is that if there is a
> subdirectory called "Image", my script won't see it. If I rename that
> subdirectory to anything else, it will see it.
>
> If I use a standard href line to link that "image" subdirectory, that's fine
> but then it won't show up alphabetically when the other folders are linked.
>
> Any ideas?
>
> Haig
We can't guess what you did wrong, show us relevant parts of your code.
Tijnema
attached mail follows:
On 5/18/07, Tijnema ! <tijnemagmail.com> wrote:
>
> On 5/18/07, Haig (Home) <hdedeyanvideotron.ca> wrote:
> > Hi everyone,
> >
> > I have a simple script that scans a directory and will output a list of
> sub
> > directories as a hyperlink.
> >
> > Script is working fine. Only problem I have is that if there is a
> > subdirectory called "Image", my script won't see it. If I rename that
> > subdirectory to anything else, it will see it.
> >
> > If I use a standard href line to link that "image" subdirectory, that's
> fine
> > but then it won't show up alphabetically when the other folders are
> linked.
> >
> > Any ideas?
> >
> > Haig
>
>
> We can't guess what you did wrong, show us relevant parts of your code.
>
> Tijnema
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
I'm guessing that it's just a typo, but are "Image" (first mention) and
"image" (all lower-case, second mention) actually the exact same directory?
Remember, all POSIX-based systems (*nix, Linux, BSD, MacOS) are all
cAsE-sEnSiTiVe.
Also, in addition to Tijnema's request, please supply your basic server
configuration (WIMP, LAMP, et cetera). For example:
Linux (Redhat 7.1)
Apache 1.3.37
MySQL 3.23
PHP 3.4.4
Just *please* don't tell me you have that configuration! ;-P
--
Daniel P. Brown
[office] (570-) 587-7080 Ext. 272
[mobile] (570-) 766-8107
attached mail follows:
Sorry for the lack of information.
I also was wrong about the subdirectory name. It's "Images" and not
"Image"
The workstation is running WinXP Pro while PHP 5 & Apache 2 are on Suse
10.1.
I also installed apache2 & php5 on a WinXP Pro system and the same
problem occurs.
I have tried 7 workstations and they are all giving the same problem.
Whether the subdirectory is "Images" or "images", it makes no
difference, the problem is still there.
Once I rename that "images" or "Images" directory, all is fine.
Here's the code:
<?php
$path = '//path to directory/';
$dir_handle = opendir($path) or die("Unable to open $path");
$paths = array();
while ($file = readdir($dir_handle))
{
if(!is_dir($file))
{
$paths[] = "$path$file";
}
}
closedir($dir_handle);
sort($paths);
echo '<ul>';
$x="0";
foreach ($paths as $link) {
$show = substr($link,strrpos($link, '/')+1);
echo "<li><a href= 'file://$paths[$x]'>$show</a></li>\n";
$x++;
}
echo '</ul>';
?>
On 5/18/07, Tijnema ! <tijnemagmail.com
<http://ca.f622.mail.yahoo.com/ym/Compose?To=tijnemagmail.com&YY=7077&y
5beta=yes&y5beta=yes&order=down&sort=date&pos=0&view=a&head=b> > wrote:
>
> On 5/18/07, Haig (Home) <hdedeyanvideotron.ca
<http://ca.f622.mail.yahoo.com/ym/Compose?To=hdedeyanvideotron.ca&YY=70
77&y5beta=yes&y5beta=yes&order=down&sort=date&pos=0&view=a&head=b> >
wrote:
> > Hi everyone,
> >
> > I have a simple script that scans a directory and will output a
list of
> sub
> > directories as a hyperlink.
> >
> > Script is working fine. Only problem I have is that if there is a
> > subdirectory called "Image", my script won't see it. If I rename
that
> > subdirectory to anything else, it will see it.
> >
> > If I use a standard href line to link that "image" subdirectory,
that's
> fine
> > but then it won't show up alphabetically when the other folders are
> linked.
> >
> > Any ideas?
> >
> > Haig
>
>
> We can't guess what you did wrong, show us relevant parts of your
code.
>
> Tijnema
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
I'm guessing that it's just a typo, but are "Image" (first mention)
and
"image" (all lower-case, second mention) actually the exact same
directory?
Remember, all POSIX-based systems (*nix, Linux, BSD, MacOS) are all
cAsE-sEnSiTiVe.
Also, in addition to Tijnema's request, please supply your basic
server
configuration (WIMP, LAMP, et cetera). For example:
Linux (Redhat 7.1)
Apache 1.3.37
MySQL 3.23
PHP 3.4.4
Just *please* don't tell me you have that configuration! ;-P
--
Daniel P. Brown
[office] (570-) 587-7080 Ext. 272
[mobile] (570-) 766-8107
attached mail follows:
On 5/18/07, Haig Dedeyan <haigx2omedia.com> wrote:
>
> Sorry for the lack of information.
>
> I also was wrong about the subdirectory name. It's "Images" and not "Image"
>
> The workstation is running WinXP Pro while PHP 5 & Apache 2 are on Suse
> 10.1.
> I also installed apache2 & php5 on a WinXP Pro system and the same problem
> occurs.
>
> I have tried 7 workstations and they are all giving the same problem.
>
> Whether the subdirectory is "Images" or "images", it makes no difference,
> the problem is still there.
>
> Once I rename that "images" or "Images" directory, all is fine.
What are you trying to say here?
It doesn't work with Images and images, but when you change it from
images to Images it works? Clarify yourself please.
>
> Here's the code:
>
>
> <?php
>
>
> $path = '//path to directory/';
> $dir_handle = opendir($path) or die("Unable to open $path");
> $paths = array();
> while ($file = readdir($dir_handle))
> {
> if(!is_dir($file))
> {
> $paths[] = "$path$file";
> }
> }
> closedir($dir_handle);
> sort($paths);
> echo '<ul>';
> $x="0";
> foreach ($paths as $link) {
>
> $show = substr($link,strrpos($link, '/')+1);
> echo "<li><a href=
> 'file://$paths[$x]'>$show</a></li>\n";
> $x++;
> }
> echo '</ul>';
>
> ?>
>
Just did a quick look at your code, and it's quite strange what you have.
First, you said you're script lists subdirectory's, but you're
checking for everything that isn't a dir. So it's normal that your
images subdirectory isn't listed.
Second, why does your path start with // ? one is enough :)
At last, why are you using file:// in your link? You're using a
webserver to display the contents, but file:// links to files on the
local hard drive. Unless the server is running on the same machine
you're visiting the site with, it will fail to point to the right
file.
Tijnema
ps. Please don't top post.
>
>
>
>
> On 5/18/07, Tijnema ! <tijnemagmail.com> wrote:
> >
> > On 5/18/07, Haig (Home) <hdedeyanvideotron.ca> wrote:
> > > Hi everyone,
> > >
> > > I have a simple script that scans a directory and will output a
> list of
> > sub
> > > directories as a hyperlink.
> > >
> > > Script is working fine. Only problem I have is that if there is a
> > > subdirectory called "Image", my script won't see it. If I rename
> that
> > > subdirectory to anything else, it will see it.
> > >
> > > If I use a standard href line to link that "image" subdirectory,
> that's
> > fine
> > > but then it won't show up alphabetically when the other folders are
> > linked.
> > >
> > > Any ideas?
> > >
> > > Haig
> >
> >
> > We can't guess what you did wrong, show us relevant parts of your
> code.
> >
> > Tijnema
> >
> > --
> > PHP General Mailing List (http://www.php.net/)
> > To unsubscribe, visit: http://www.php.net/unsub.php
> >
> >
> I'm guessing that it's just a typo, but are "Image" (first mention)
> and
> "image" (all lower-case, second mention) actually the exact same
> directory?
> Remember, all POSIX-based systems (*nix, Linux, BSD, MacOS) are all
> cAsE-sEnSiTiVe.
>
> Also, in addition to Tijnema's request, please supply your basic
> server
> configuration (WIMP, LAMP, et cetera). For example:
>
> Linux (Redhat 7.1)
> Apache 1.3.37
> MySQL 3.23
> PHP 3.4.4
>
> Just *please* don't tell me you have that configuration! ;-P
>
> --
> Daniel P. Brown
> [office] (570-) 587-7080 Ext. 272
> [mobile] (570-) 766-8107
>
>
>
attached mail follows:
>
> At last, why are you using file:// in your link? You're using a
> webserver to display the contents, but file:// links to files on the
> local hard drive. Unless the server is running on the same machine
> you're visiting the site with, it will fail to point to the right
> file.
>
I'm not positive, but I'm guessing that's why he mentioned the various
workstations.... sounds like he's creating a Desktop-style script, not a web
site script.
--
Daniel P. Brown
[office] (570-) 587-7080 Ext. 272
[mobile] (570-) 766-8107
attached mail follows:
hey guys, i am trying to set up a session so that when a user logs in,
they will stay logged in until they close their browser. i have the
session set up, however i keep getting an error saying:
The page isn't redirecting properly
Firefox has detected that the server is redirecting the request for this
address in a way that will never complete.
----------------------------------------------------------------------
this is my code, any help plz.
----------------------------------------------------------------------
checklogin.php:
<?php
session_start();
//set session variables
$_SESSION['txtSurname'] = $_REQUEST['txtSurname'];
$_SESSION['txtPassword'] = $_REQUEST['txtPassword'];
session_write_close();
include('includes/dbconnect.php');
$nextpage = $_REQUEST['np'];
$profile = $_REQUEST['ob'];
//Matching usernames and passwords
$uname = $_REQUEST['txtSurname'];
$pword = $_REQUEST['txtPassword'];
$user = "SELECT * FROM oldboys WHERE OBSURNAME='" . $uname . "' AND
PWORD='" . $pword . "'";
$ResSql = mysql_query($user) ;
//If any errors then print `em out----------------------------
if (!$ResSql) {
echo("<p>Error performing query: " . mysql_error() . "</p>");
exit();
}
//if user does not exist
if (mysql_num_rows($ResSql)==0) {
echo 'Incorrect username or password have been specified.<br>';
echo '<a href="updlogin.php">Click here to Log In</a>';
exit;
}
else {
header("Location:" . $nextpage . "?ob=" . $_REQUEST['ob'] .
"&uname=" . $_REQUEST['txtSurname'] . "&pword=" .
$_REQUEST['txtPassword']);
}
?>
verify.php:
<?php
session_start();
if(!isset($_SESSION['txtSurname']) && !isset($_SESSION['txtPassword']))
{
header("location:updlogin.php?np=" . $_REQUEST['np'] . "&ob=" .
$_REQUEST['ob']);
}
else {
header("location:" . $nextpage . "?np=" . $_REQUEST['np'] . "&ob=" .
$_REQUEST['ob']);
}
?>
-----------------------------------------------------------------------
attached mail follows:
> -----Original Message-----
> From: Joshua [mailto:joshpixcel.co.za]
> Sent: 18 May 2007 11:43
> To: PHP.net
> Subject: [PHP] stay logged in for session
>
>
> hey guys, i am trying to set up a session so that when a user logs in,
> they will stay logged in until they close their browser. i have the
> session set up, however i keep getting an error saying:
>
> The page isn't redirecting properly
>
> Firefox has detected that the server is redirecting the request for this
> address in a way that will never complete.
>
> ----------------------------------------------------------------------
> this is my code, any help plz.
> ----------------------------------------------------------------------
> checklogin.php:
>
> <?php
> session_start();
> //set session variables
> $_SESSION['txtSurname'] = $_REQUEST['txtSurname'];
> $_SESSION['txtPassword'] = $_REQUEST['txtPassword'];
> session_write_close();
>
> include('includes/dbconnect.php');
>
> $nextpage = $_REQUEST['np'];
> $profile = $_REQUEST['ob'];
>
> //Matching usernames and passwords
> $uname = $_REQUEST['txtSurname'];
> $pword = $_REQUEST['txtPassword'];
> $user = "SELECT * FROM oldboys WHERE OBSURNAME='" . $uname . "' AND
> PWORD='" . $pword . "'";
> $ResSql = mysql_query($user) ;
> //If any errors then print `em out----------------------------
> if (!$ResSql) {
> echo("<p>Error performing query: " . mysql_error() . "</p>");
> exit();
> }
> //if user does not exist
> if (mysql_num_rows($ResSql)==0) {
> echo 'Incorrect username or password have been specified.<br>';
> echo '<a href="updlogin.php">Click here to Log In</a>';
> exit;
> }
> else {
> header("Location:" . $nextpage . "?ob=" . $_REQUEST['ob'] .
> "&uname=" . $_REQUEST['txtSurname'] . "&pword=" .
> $_REQUEST['txtPassword']);
> }
> ?>
>
> verify.php:
>
> <?php
> session_start();
> if(!isset($_SESSION['txtSurname']) && !isset($_SESSION['txtPassword']))
> {
> header("location:updlogin.php?np=" . $_REQUEST['np'] . "&ob=" .
> $_REQUEST['ob']);
> }
> else {
> header("location:" . $nextpage . "?np=" . $_REQUEST['np'] . "&ob=" .
> $_REQUEST['ob']);
> }
> ?>
> -----------------------------------------------------------------------
HTTP Location headers require the full hostname, i.e.
header("Location: http://www.example.com/page_to/redirect/to.php");
As others on this list will say however, you don't have to use a full
redirect. Just use different PHP includes.
E
attached mail follows:
2007. 05. 18, péntek keltezéssel 11.53-kor Edward Kay ezt Ãrta:
>
> > -----Original Message-----
> > From: Joshua [mailto:joshpixcel.co.za]
> > Sent: 18 May 2007 11:43
> > To: PHP.net
> > Subject: [PHP] stay logged in for session
> >
> >
> > hey guys, i am trying to set up a session so that when a user logs in,
> > they will stay logged in until they close their browser. i have the
> > session set up, however i keep getting an error saying:
> >
> > The page isn't redirecting properly
> >
> > Firefox has detected that the server is redirecting the request for this
> > address in a way that will never complete.
> >
> > ----------------------------------------------------------------------
> > this is my code, any help plz.
> > ----------------------------------------------------------------------
> > checklogin.php:
> >
> > <?php
> > session_start();
> > //set session variables
> > $_SESSION['txtSurname'] = $_REQUEST['txtSurname'];
> > $_SESSION['txtPassword'] = $_REQUEST['txtPassword'];
> > session_write_close();
> >
> > include('includes/dbconnect.php');
> >
> > $nextpage = $_REQUEST['np'];
> > $profile = $_REQUEST['ob'];
> >
> > //Matching usernames and passwords
> > $uname = $_REQUEST['txtSurname'];
> > $pword = $_REQUEST['txtPassword'];
> > $user = "SELECT * FROM oldboys WHERE OBSURNAME='" . $uname . "' AND
> > PWORD='" . $pword . "'";
> > $ResSql = mysql_query($user) ;
> > //If any errors then print `em out----------------------------
> > if (!$ResSql) {
> > echo("<p>Error performing query: " . mysql_error() . "</p>");
> > exit();
> > }
> > //if user does not exist
> > if (mysql_num_rows($ResSql)==0) {
> > echo 'Incorrect username or password have been specified.<br>';
> > echo '<a href="updlogin.php">Click here to Log In</a>';
> > exit;
> > }
> > else {
> > header("Location:" . $nextpage . "?ob=" . $_REQUEST['ob'] .
> > "&uname=" . $_REQUEST['txtSurname'] . "&pword=" .
> > $_REQUEST['txtPassword']);
> > }
> > ?>
> >
> > verify.php:
> >
> > <?php
> > session_start();
> > if(!isset($_SESSION['txtSurname']) && !isset($_SESSION['txtPassword']))
> > {
> > header("location:updlogin.php?np=" . $_REQUEST['np'] . "&ob=" .
> > $_REQUEST['ob']);
> > }
> > else {
> > header("location:" . $nextpage . "?np=" . $_REQUEST['np'] . "&ob=" .
> > $_REQUEST['ob']);
> > }
> > ?>
> > -----------------------------------------------------------------------
>
> HTTP Location headers require the full hostname, i.e.
>
> header("Location: http://www.example.com/page_to/redirect/to.php");
that is true, but usually it works with relative url-s also
greets
Zoltán Németh
>
> As others on this list will say however, you don't have to use a full
> redirect. Just use different PHP includes.
>
> E
>
attached mail follows:
> -----Original Message-----
> From: Joshua [mailto:joshpixcel.co.za]
> Sent: 18 May 2007 12:09
> To: Edward Kay
> Subject: RE: [PHP] stay logged in for session
>
>
> On Fri, 2007-05-18 at 11:53 +0100, Edward Kay wrote:
> >
> > > -----Original Message-----
> > > From: Joshua [mailto:joshpixcel.co.za]
> > > Sent: 18 May 2007 11:43
> > > To: PHP.net
> > > Subject: [PHP] stay logged in for session
> > >
> > >
> > > hey guys, i am trying to set up a session so that when a user logs in,
> > > they will stay logged in until they close their browser. i have the
> > > session set up, however i keep getting an error saying:
> > >
> > > The page isn't redirecting properly
> > >
> > > Firefox has detected that the server is redirecting the
> request for this
> > > address in a way that will never complete.
> > >
> > > ----------------------------------------------------------------------
> > > this is my code, any help plz.
> > > ----------------------------------------------------------------------
> > > checklogin.php:
> > >
> > > <?php
> > > session_start();
> > > //set session variables
> > > $_SESSION['txtSurname'] = $_REQUEST['txtSurname'];
> > > $_SESSION['txtPassword'] = $_REQUEST['txtPassword'];
> > > session_write_close();
> > >
> > > include('includes/dbconnect.php');
> > >
> > > $nextpage = $_REQUEST['np'];
> > > $profile = $_REQUEST['ob'];
> > >
> > > //Matching usernames and passwords
> > > $uname = $_REQUEST['txtSurname'];
> > > $pword = $_REQUEST['txtPassword'];
> > > $user = "SELECT * FROM oldboys WHERE OBSURNAME='" . $uname . "' AND
> > > PWORD='" . $pword . "'";
> > > $ResSql = mysql_query($user) ;
> > > //If any errors then print `em out----------------------------
> > > if (!$ResSql) {
> > > echo("<p>Error performing query: " . mysql_error() . "</p>");
> > > exit();
> > > }
> > > //if user does not exist
> > > if (mysql_num_rows($ResSql)==0) {
> > > echo 'Incorrect username or password have been specified.<br>';
> > > echo '<a href="updlogin.php">Click here to Log In</a>';
> > > exit;
> > > }
> > > else {
> > > header("Location:" . $nextpage . "?ob=" . $_REQUEST['ob'] .
> > > "&uname=" . $_REQUEST['txtSurname'] . "&pword=" .
> > > $_REQUEST['txtPassword']);
> > > }
> > > ?>
> > >
> > > verify.php:
> > >
> > > <?php
> > > session_start();
> > > if(!isset($_SESSION['txtSurname']) &&
> !isset($_SESSION['txtPassword']))
> > > {
> > > header("location:updlogin.php?np=" . $_REQUEST['np'] . "&ob=" .
> > > $_REQUEST['ob']);
> > > }
> > > else {
> > > header("location:" . $nextpage . "?np=" . $_REQUEST['np'] . "&ob=" .
> > > $_REQUEST['ob']);
> > > }
> > > ?>
> > >
> -----------------------------------------------------------------------
> >
> > HTTP Location headers require the full hostname, i.e.
> >
> > header("Location: http://www.example.com/page_to/redirect/to.php");
> >
> > As others on this list will say however, you don't have to use a full
> > redirect. Just use different PHP includes.
> >
> > E
> >
> thx so much, it works now.
>
Excellent. Please include the list on replies so that it all gets archived
and others can see your responses.
By the way, I suggest you have a read up on PHP security, especially SQL
injection attacks. Looking at the code above, what would happen if the
username I supplied was the following:
foo'; DELETE FROM oldboys; #
E
attached mail follows:
2007. 05. 18, péntek keltezéssel 12.43-kor Joshua ezt Ãrta:
> hey guys, i am trying to set up a session so that when a user logs in,
> they will stay logged in until they close their browser. i have the
> session set up, however i keep getting an error saying:
>
> The page isn't redirecting properly
>
> Firefox has detected that the server is redirecting the request for this
> address in a way that will never complete.
it might be because one of your pages redirects to another, then the
other one redirects back...
>
> ----------------------------------------------------------------------
> this is my code, any help plz.
> ----------------------------------------------------------------------
> checklogin.php:
>
> <?php
> session_start();
> //set session variables
> $_SESSION['txtSurname'] = $_REQUEST['txtSurname'];
> $_SESSION['txtPassword'] = $_REQUEST['txtPassword'];
why are you using $_REQUEST? I usually prefer using $_GET and $_POST to
avoid confusion
> session_write_close();
>
> include('includes/dbconnect.php');
>
> $nextpage = $_REQUEST['np'];
> $profile = $_REQUEST['ob'];
>
> //Matching usernames and passwords
> $uname = $_REQUEST['txtSurname'];
> $pword = $_REQUEST['txtPassword'];
> $user = "SELECT * FROM oldboys WHERE OBSURNAME='" . $uname . "' AND
> PWORD='" . $pword . "'";
this is just the best way to let hackers do SQL injection on your site.
check those values first, then escape them with mysql_real_escape_string
and pass them to mysql only after it
greets
Zoltán Németh
> $ResSql = mysql_query($user) ;
> //If any errors then print `em out----------------------------
> if (!$ResSql) {
> echo("<p>Error performing query: " . mysql_error() . "</p>");
> exit();
> }
> //if user does not exist
> if (mysql_num_rows($ResSql)==0) {
> echo 'Incorrect username or password have been specified.<br>';
> echo '<a href="updlogin.php">Click here to Log In</a>';
> exit;
> }
> else {
> header("Location:" . $nextpage . "?ob=" . $_REQUEST['ob'] .
> "&uname=" . $_REQUEST['txtSurname'] . "&pword=" .
> $_REQUEST['txtPassword']);
> }
> ?>
>
> verify.php:
>
> <?php
> session_start();
> if(!isset($_SESSION['txtSurname']) && !isset($_SESSION['txtPassword']))
> {
> header("location:updlogin.php?np=" . $_REQUEST['np'] . "&ob=" .
> $_REQUEST['ob']);
> }
> else {
> header("location:" . $nextpage . "?np=" . $_REQUEST['np'] . "&ob=" .
> $_REQUEST['ob']);
> }
> ?>
> -----------------------------------------------------------------------
>
attached mail follows:
Exactly!
I still can't believe how many sites out there have the SQL injection
problem.
--
itoctopus - http://www.itoctopus.com
""Edward Kay"" <edwardlabhut.com> wrote in message
news:DMEGJFCOCHBGNBCHNDHGAENGHNAA.edwardlabhut.com...
>
>
>> -----Original Message-----
>> From: Joshua [mailto:joshpixcel.co.za]
>> Sent: 18 May 2007 12:09
>> To: Edward Kay
>> Subject: RE: [PHP] stay logged in for session
>>
>>
>> On Fri, 2007-05-18 at 11:53 +0100, Edward Kay wrote:
>> >
>> > > -----Original Message-----
>> > > From: Joshua [mailto:joshpixcel.co.za]
>> > > Sent: 18 May 2007 11:43
>> > > To: PHP.net
>> > > Subject: [PHP] stay logged in for session
>> > >
>> > >
>> > > hey guys, i am trying to set up a session so that when a user logs
>> > > in,
>> > > they will stay logged in until they close their browser. i have the
>> > > session set up, however i keep getting an error saying:
>> > >
>> > > The page isn't redirecting properly
>> > >
>> > > Firefox has detected that the server is redirecting the
>> request for this
>> > > address in a way that will never complete.
>> > >
>> > > ----------------------------------------------------------------------
>> > > this is my code, any help plz.
>> > > ----------------------------------------------------------------------
>> > > checklogin.php:
>> > >
>> > > <?php
>> > > session_start();
>> > > //set session variables
>> > > $_SESSION['txtSurname'] = $_REQUEST['txtSurname'];
>> > > $_SESSION['txtPassword'] = $_REQUEST['txtPassword'];
>> > > session_write_close();
>> > >
>> > > include('includes/dbconnect.php');
>> > >
>> > > $nextpage = $_REQUEST['np'];
>> > > $profile = $_REQUEST['ob'];
>> > >
>> > > //Matching usernames and passwords
>> > > $uname = $_REQUEST['txtSurname'];
>> > > $pword = $_REQUEST['txtPassword'];
>> > > $user = "SELECT * FROM oldboys WHERE OBSURNAME='" . $uname . "' AND
>> > > PWORD='" . $pword . "'";
>> > > $ResSql = mysql_query($user) ;
>> > > //If any errors then print `em out----------------------------
>> > > if (!$ResSql) {
>> > > echo("<p>Error performing query: " . mysql_error() . "</p>");
>> > > exit();
>> > > }
>> > > //if user does not exist
>> > > if (mysql_num_rows($ResSql)==0) {
>> > > echo 'Incorrect username or password have been specified.<br>';
>> > > echo '<a href="updlogin.php">Click here to Log In</a>';
>> > > exit;
>> > > }
>> > > else {
>> > > header("Location:" . $nextpage . "?ob=" . $_REQUEST['ob'] .
>> > > "&uname=" . $_REQUEST['txtSurname'] . "&pword=" .
>> > > $_REQUEST['txtPassword']);
>> > > }
>> > > ?>
>> > >
>> > > verify.php:
>> > >
>> > > <?php
>> > > session_start();
>> > > if(!isset($_SESSION['txtSurname']) &&
>> !isset($_SESSION['txtPassword']))
>> > > {
>> > > header("location:updlogin.php?np=" . $_REQUEST['np'] . "&ob=" .
>> > > $_REQUEST['ob']);
>> > > }
>> > > else {
>> > > header("location:" . $nextpage . "?np=" . $_REQUEST['np'] . "&ob="
>> > > .
>> > > $_REQUEST['ob']);
>> > > }
>> > > ?>
>> > >
>> -----------------------------------------------------------------------
>> >
>> > HTTP Location headers require the full hostname, i.e.
>> >
>> > header("Location: http://www.example.com/page_to/redirect/to.php");
>> >
>> > As others on this list will say however, you don't have to use a full
>> > redirect. Just use different PHP includes.
>> >
>> > E
>> >
>> thx so much, it works now.
>>
>
> Excellent. Please include the list on replies so that it all gets archived
> and others can see your responses.
>
> By the way, I suggest you have a read up on PHP security, especially SQL
> injection attacks. Looking at the code above, what would happen if the
> username I supplied was the following:
>
> foo'; DELETE FROM oldboys; #
>
> E
attached mail follows:
> > HTTP Location headers require the full hostname, i.e.
> >
> > header("Location: http://www.example.com/page_to/redirect/to.php");
>
> that is true, but usually it works with relative url-s also
>
> greets
> Zoltán Németh
>
Just because some user agents handle non-standard data doesn't make it correct. The HTTP spec says it has to be an absolute URI [1] so until that changes, I'll keep using and recommending absolute URIs.
E
[1] http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.30
attached mail follows:
Hi Edward,
Friday, May 18, 2007, 12:43:43 PM, you wrote:
> Just because some user agents handle non-standard data doesn't make
> it correct.
You mean user agents follow RFCs to the letter? :)
Since when? :)
I do agree with your comment, but it's a LOT more than "some user
agents". "Every browser in popular use today" would be closer to the
mark. Hell, even the old-guard allowed for Location headers without an
absolute URI.
You *should* specify the full URI, and let's face it - it's just lazy
not to - but unlike the myriad of CSS snafu's out there it's not like
you are walking into a pit of doom and hellfire if you don't, because
I'd wager 99.9% of your visitors would never even be affected, and the
.1% that are probably just dusted off a beta build of NCSA Mosaic to
prove their point ;)
Cheers,
Rich
--
Zend Certified Engineer
http://www.corephp.co.uk
"Never trust a computer you can't throw out of a window"
attached mail follows:
2007. 05. 18, péntek keltezéssel 12.43-kor Edward Kay ezt Ãrta:
> > > HTTP Location headers require the full hostname, i.e.
> > >
> > > header("Location: http://www.example.com/page_to/redirect/to.php");
> >
> > that is true, but usually it works with relative url-s also
> >
> > greets
> > Zoltán Németh
> >
>
> Just because some user agents handle non-standard data doesn't make it correct. The HTTP spec says it has to be an absolute URI [1] so until that changes, I'll keep using and recommending absolute URIs.
>
> E
>
> [1] http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.30
>
yes I know, you're right. I just wanted to add some additional info, but
with saying "usually" I meant if you want to be sure, don't rely on
this. I personally do not rely on this anymore, but some of my older
scripts do and they all work up until now. maybe in the future I will
have to rewrite them according to this requirement, but I hope not in
the near future ;)
greets
Zoltán Németh
attached mail follows:
Hi,
I am looking to send a HTML page via a PHP script.
The currentl method I use is :
mail($email,"Kuldip Test email for multiple reciptient -
$coursename - $coursedate","
TEST
", "FROM: $adminemail");
However I can not see how to send HTML ?.
Can you help ?.
Kuldip Mond
FGI Ltd
tel: +44(0)1926 405 780
fax: +44(0)1926 405 778
email: kuldip.mondfgiltd.co.uk <mailto:akuldip.mondfgiltd.co.uk>
Upgrade to ITIL v3 - Click here for Free Seminars. ITIL v3 White Paper also available
--------------------------------------------------------
This message is confidential and may also be legally privileged. The information is intended for the use of the individual to whom it is addressed. Disclosure of the information contained is, or may be, prohibited by law. If you are not the intended recipient, please return this mail to the sender and delete the message. You should not copy it or use it for any purpose, nor disclose its contents to any other person. We thank you for your co-operation. FGI Ltd, Warwick Innovation Centre, Warwick Technology Park, Gallows Hill, Warwickshire, CV34 6UW. Registered in England No. 4385250
--------------------------------------------------------
attached mail follows:
Might want to put a small bit of effort in first...
http://us.php.net/manual/en/function.mail.php
Example 1075
""Kuldip Mond"" <Kuldipfgiltd.co.uk> wrote in message
news:1C6E1B1C1BAA1042BEE5F11A7B581D3A12ECD9srv2000.FGILTD.local...
Hi,
I am looking to send a HTML page via a PHP script.
The currentl method I use is :
mail($email,"Kuldip Test email for multiple reciptient -
$coursename - $coursedate","
TEST
", "FROM: $adminemail");
However I can not see how to send HTML ?.
Can you help ?.
Kuldip Mond
FGI Ltd
tel: +44(0)1926 405 780
fax: +44(0)1926 405 778
email: kuldip.mondfgiltd.co.uk <mailto:akuldip.mondfgiltd.co.uk>
Upgrade to ITIL v3 - Click here for Free Seminars. ITIL v3 White Paper also
available
--------------------------------------------------------
This message is confidential and may also be legally privileged. The
information is intended for the use of the individual to whom it is
addressed. Disclosure of the information contained is, or may be, prohibited
by law. If you are not the intended recipient, please return this mail to
the sender and delete the message. You should not copy it or use it for any
purpose, nor disclose its contents to any other person. We thank you for
your co-operation. FGI Ltd, Warwick Innovation Centre, Warwick Technology
Park, Gallows Hill, Warwickshire, CV34 6UW. Registered in England No.
4385250
--------------------------------------------------------
attached mail follows:
Kuldip Mond wrote:
> Hi,
>
>
>
> I am looking to send a HTML page via a PHP script.
>
>
>
> The currentl method I use is :
>
>
>
> mail($email,"Kuldip Test email for multiple reciptient -
> $coursename - $coursedate","
>
> TEST
>
> ", "FROM: $adminemail");
>
>
>
>
>
> However I can not see how to send HTML ?.
>
>
>
> Can you help ?.
>
> Kuldip Mond
> FGI Ltd
>
> tel: +44(0)1926 405 780
> fax: +44(0)1926 405 778
> email: kuldip.mond