|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
php-general-digest-help
lists.php.net
Date: Sat Feb 16 2008 - 17:40:05 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
php-general Digest 16 Feb 2008 23:40:05 -0000 Issue 5297
Topics (messages 269405 through 269420):
Re: Gzipped output
269405 by: Per Jessen
269417 by: Michael McGlothlin
Fwrite Function
269406 by: Yuval Schwartz
269408 by: Bastien Koert
Re: check if website has www. in front of domain
269407 by: Christoph
Re: XSLTProcessor without validation
269409 by: Siegfried Gipp
269410 by: Siegfried Gipp
269411 by: Siegfried Gipp
Re: www. not working
269412 by: Nathan Rixham
269414 by: Shawn McKenzie
Re: Uploading PDF
269413 by: Martin Marques
Session destruction problem
269415 by: Adil Drissi
Protected ZIP file with password
269416 by: Petrus Bastos
PHP/mySQL dropping zeros after inserting number into record
269418 by: Rob Gould
269419 by: Bastien Koert
269420 by: Emilio Astarita
Administrivia:
To subscribe to the digest, e-mail:
php-general-digest-subscribelists.php.net
To unsubscribe from the digest, e-mail:
php-general-digest-unsubscribelists.php.net
To post to the list, e-mail:
php-generallists.php.net
----------------------------------------------------------------------
attached mail follows:
Eric Butera wrote:
> Let us look at XSS now. http://sla.ckers.org/forum/list.php?2 Looks
> like there are quite a few of those too. If Google/Yahoo can't stop
> this stuff how are us mere mortals supposed to?
In my experience, the bigger the organisation, the more mere mortals.
Also, a small team has a much better of chance of getting things right
than a big team.
/Per Jessen, Zürich
attached mail follows:
>> Let us look at XSS now. http://sla.ckers.org/forum/list.php?2 Looks
>> like there are quite a few of those too. If Google/Yahoo can't stop
>> this stuff how are us mere mortals supposed to?
>>
> In my experience, the bigger the organisation, the more mere mortals.
> Also, a small team has a much better of chance of getting things right
> than a big team
What needs to happen, IMO, is for the browser manufacturers to create a
way for users and website programmers to disable scripting in the web
page body on a per site or per page basis. Why not be able to supply a
meta tag that will only let scripting be attached in the head portion of
the page and only from a file. Perfect use for Javascript behaviors to
attach code to what's in the page body.
That'd stop a lot of XSS issues and it'd force developers to write
better code.
--
Michael McGlothlin
Southwest Plumbing Supply
attached mail follows:
Hello,
Can you please help me, I am writing code where I create a file and write to
it from a form on a webpage and then read and display this file on the
webpage.
I want to change the color of the text that is written to the file.
Do you know how I can do this?
This is some of my code if you need clarification:
* $boardFile = "MessageBoard.txt";
$boardFileHandle = fopen($boardFile,'a') or die("can't open file");
fwrite($boardFileHandle, $name);
fwrite($boardFileHandle, $talk);
fclose($boardFileHandle);
}
$boardFile = "MessageBoard.txt";
$boardFileHandle = fopen($boardFile,"r");
$talkR = fread($boardFileHandle, filesize($boardFile));
fclose($boardFileHandle);
echo $talkR;*
**
**
Thanks
attached mail follows:
Message-ID: <BAY135-W30A5A931E94E6B883F292C9D270
phx.gbl>
From: Bastien Koert <bastien_k
hotmail.com>
To: Yuval Schwartz <yuval.schwartz
gmail.com>, <php-generallists.php.net>
Date: Sat, 16 Feb 2008 08:50:06 -0500
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Subject: RE: [PHP] Fwrite Function
Its a text file and so doesn't support markup. You could write out html int=
o the file that does mark it up and could be displayed to the user via the =
browser...or you could use regex or str_replace to mark up certain text on =
the read of the file to display to the user
bastien
----------------------------------------
> Date: Sat, 16 Feb 2008 14:03:26 +0200
> From: yuval.schwartzgmail.com
> To: php-generallists.php.net
> Subject: [PHP] Fwrite Function
>=20
> Hello,
>=20
> Can you please help me, I am writing code where I create a file and write=
to
> it from a form on a webpage and then read and display this file on the
> webpage.
> I want to change the color of the text that is written to the file.
> Do you know how I can do this?
>=20
> This is some of my code if you need clarification:
> * $boardFile =3D "MessageBoard.txt";
> $boardFileHandle =3D fopen($boardFile,'a') or die("can't open file");
> fwrite($boardFileHandle, $name);
> fwrite($boardFileHandle, $talk);
> fclose($boardFileHandle);
> }
> $boardFile =3D "MessageBoard.txt";
> $boardFileHandle =3D fopen($boardFile,"r");
> $talkR =3D fread($boardFileHandle, filesize($boardFile));
> fclose($boardFileHandle);
> echo $talkR;*
> **
> **
> Thanks
_________________________________________________________________
attached mail follows:
>> // Check if site is preceeded by 'WWW'
>> public function checkWWW() {
>> $myDomain = $_SERVER['SERVER_NAME'];
>> $FindWWW = 'wwww.';
>> $POS = strpos($myDomain, $FindWWW);
>> if ($POS === false) {
>> return false;
>> } else {
>> return true;
>> }
>> }
>> any idea why this is not working? just trying to test if the site is
>> www.site.com and not site.com
> Try this:
Or just change this:
$FindWWW = 'wwww.';
to this:
$FindWWW = 'www.';
Looks like a simple typo. That having been said, however, I think that
Richard's solution is more elegant.
thnx,
Chris
attached mail follows:
Am Freitag, 15. Februar 2008 10:13:15 schrieb Peter Ford:
> What if you don't have a DTD in the XML to validate it with?
> I haven't tested it but it was something that worked in the Java XML
> processing stuff. No DTD, no validation: simple!
> So have you tried stripping the DOCTYPE declaration before XSLTing the XML?
Interesting idea. No, i have not tried it. Problem: At least one of the files
to be parsed is xhtml. And the result is, besides others, xhtml and html.
Ah, BTW: Parsing the rss file is very fast. So indeed this might help. But
unfortunately i need the DOCTYPE in the (x)html files, at least in the
resulting files.
But indeed interesting idea. I'll think about it.
attached mail follows:
Am Freitag, 15. Februar 2008 15:35:02 schrieb Andrew Ballard:
> It's there for me as well. (Firefox and IE6, Windows XP). Any chance you've
> got a browser plugin or other "feature" that is blocking the image?
I thought it was privoxy, but i tried without proxy and had the same result. I
copied the url out of the source code and tried to load it directly and got
nothing.
Firefox 2.0.0.12, Kubuntu Linux. No idea.
Regards
Siegfried
attached mail follows:
Am Freitag, 15. Februar 2008 15:35:02 schrieb Andrew Ballard:
> It's there for me as well. (Firefox and IE6, Windows XP). Any chance you've
> got a browser plugin or other "feature" that is blocking the image?
I just tried it with Firefox in safe mode, same result: No captcha.
attached mail follows:
Shawn McKenzie wrote:
> Shawn McKenzie wrote:
>> Shawn McKenzie wrote:
>>> Jim Lucas wrote:
>>>> nihilism machine wrote:
>>>>> this still does not work, if a domain has no preceeding www. it
>>>>> redirects to http://www.www.site.com, if it has a www. it goes to
>>>>> www.www.mydomain.com, any ideas?
>>>>>
>>>> If you are running Apache, you do realize that all of this can be done
>>>> in Apache instead of PHP right?
>>>>
>>>> Here is an example of what I have on my domain.
>>>>
>>>> <VirtualHost x.x.x.x:80>
>>>> ServerName example.com
>>>> ServerAlias wwww.example.com
>>>> ServerAlias ww.example.com
>>>> RedirectMatch (.*) http://www.example.com$1
>>>> </VirtualHost>
>>>>
>>>>
>>>>
>>>> Jim Lucas
>>> Or in DNS zone file (assuming you have an A record for example.com):
>>>
>>> www.example.com. IN CNAME example.com.
>>>
>>> Many ways to skin a cat, and they are all fun!
>>>
>>> -Shawn
>> Nevermind. I guess this would already be in place or the conf,
>> .htaccess or PHP wouldn't even be running. :-(
>
> I thought about starting a new thread for every different idea that I
> had in reply to this post. What do y'all think?
>
> -Shawn
worth noting somewhere on the net, not quite sure if here is the best
place for it to be honest.
attached mail follows:
Nathan Rixham wrote:
> Shawn McKenzie wrote:
>> Shawn McKenzie wrote:
>>> Shawn McKenzie wrote:
>>>> Jim Lucas wrote:
>>>>> nihilism machine wrote:
>>>>>> this still does not work, if a domain has no preceeding www. it
>>>>>> redirects to http://www.www.site.com, if it has a www. it goes to
>>>>>> www.www.mydomain.com, any ideas?
>>>>>>
>>>>> If you are running Apache, you do realize that all of this can be done
>>>>> in Apache instead of PHP right?
>>>>>
>>>>> Here is an example of what I have on my domain.
>>>>>
>>>>> <VirtualHost x.x.x.x:80>
>>>>> ServerName example.com
>>>>> ServerAlias wwww.example.com
>>>>> ServerAlias ww.example.com
>>>>> RedirectMatch (.*) http://www.example.com$1
>>>>> </VirtualHost>
>>>>>
>>>>>
>>>>>
>>>>> Jim Lucas
>>>> Or in DNS zone file (assuming you have an A record for example.com):
>>>>
>>>> www.example.com. IN CNAME example.com.
>>>>
>>>> Many ways to skin a cat, and they are all fun!
>>>>
>>>> -Shawn
>>> Nevermind. I guess this would already be in place or the conf,
>>> .htaccess or PHP wouldn't even be running. :-(
>>
>> I thought about starting a new thread for every different idea that I
>> had in reply to this post. What do y'all think?
>>
>> -Shawn
>
> worth noting somewhere on the net, not quite sure if here is the best
> place for it to be honest.
Here is where I saw it. Maybe you missed it?
-Shawn
attached mail follows:
Pastor Steve escribió:
> Greetings,
>
> I am getting an error when I am trying to upload a PDF file through a
> script.
>
> When I do a print_r($_FILES) I get the following:
>
> Array
> (
> [userfile] => Array
> (
> [name] => document.pdf
> [type] =>
> [tmp_name] =>
> [error] => 2
Error 2:
http://us3.php.net/manual/en/features.file-upload.errors.php
You exceeded the MAX_FILE_SIZE size.
attached mail follows:
Hi everybody,
I need help with sessions.
I have a simple authentification relying only on
sessions (i don't use cookies). After the user submits
his username and password, the script checks if that
corresponds to a record in a mysql table. If this is
the case "$_SESSION['sessioname'] = $_POST['login'];".
the $_SESSION['sessioname'] is checked in subsequent
pages to see if the user is connected or not.
The problem is after the user logs out, and after that
uses the previous button of the browser he becomes
connected. How can i prevent this please.
Here is my logout.php:
<?php
session_start();
unset($_SESSION["sessioname"]);
session_destroy();
header("location: index.php");
?>
Thank you for advance
____________________________________________________________________________________
Looking for last minute shopping deals?
Find them fast with Yahoo! Search. http://tools.search.yahoo.com/newsearch/category.php?category=shopping
attached mail follows:
Hey folks,
Do you know how can I create a protected zip file with password? Is
there anyway? I've search on the internet, but without success.
Thank's in advance,
Petrus Bastos.
attached mail follows:
Date: Sat, 16 Feb 2008 15:22:17 -0800
From: Rob Gould <gouldimg
mac.com>
To: php-general
lists.php.net
Message-ID: <ACA62723-0118-1000-8445-D55AEA939730-Webmail-10019
mac.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Subject: PHP/mySQL dropping zeros after inserting number into record
I've got a PHP script that inserts "00012345678" into a record in a mySQL database (it's a barcode). Things work ok unless the number has preceding zeros, and then the zeros get cut off and all I get is "12345678".
I have the mySQL database fieldtype set to bigint(14). If the maximum length a barcode can be is 14, is there a better fieldtype to use that will keep the zeros?
(or some way for PHP to tell mySQL not to chop off the zeros?)
attached mail follows:
char(14) is a better data type
bastien
----------------------------------------
> Date: Sat, 16 Feb 2008 15:22:17 -0800
> From: gouldimgmac.com
> To: php-generallists.php.net
> Subject: [PHP] PHP/mySQL dropping zeros after inserting number into record
>
> I've got a PHP script that inserts "00012345678" into a record in a mySQL database (it's a barcode). Things work ok unless the number has preceding zeros, and then the zeros get cut off and all I get is "12345678".
>
> I have the mySQL database fieldtype set to bigint(14). If the maximum length a barcode can be is 14, is there a better fieldtype to use that will keep the zeros?
>
> (or some way for PHP to tell mySQL not to chop off the zeros?)
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
_________________________________________________________________
attached mail follows:
Rob Gould <gouldimgmac.com> writes:
> I've got a PHP script that inserts "00012345678" into a record in a
> mySQL database (it's a barcode). Things work ok unless the number has
> preceding zeros, and then the zeros get cut off and all I get is
> "12345678".
>
> I have the mySQL database fieldtype set to bigint(14). If the maximum
> length a barcode can be is 14, is there a better fieldtype to use that
> will keep the zeros?
Use ZEROFILL, example:
CREATE TABLE `db`.`table` (
`barcode` integer(14) ZEROFILL NOT NULL
)
--
Emilio Astarita <emilio.astaritagmail.com>
- application/x-pkcs7-signature attachment: S/MIME Cryptographic Signature
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]