php-general Digest 2 Mar 2001 19:06:19 -0000 Issue 543

Fri, 02 Mar 2001 11:10:16 -0800 


php-general Digest 2 Mar 2001 19:06:19 -0000 Issue 543

Topics (messages 42302 through 42383):

Re: Munging hidden/form variables
        42302 by: php3.developersdesk.com
        42303 by: php3.developersdesk.com
        42307 by: Harshdeep S Jawanda
        42324 by: Christian Reiniger
        42336 by: Bruce Molyneux
        42355 by: Curt Seeliger
        42356 by: Boget, Chris

Re: Problem in renaming file]
        42304 by: Sebastian Bergmann
        42321 by: Hrishi
        42322 by: Hrishi

Re: HREFs that can't be
        42305 by: php3.developersdesk.com
        42308 by: Carsten Gehling
        42312 by: CC Zona
        42337 by: Boget, Chris
        42343 by: Ernest E Vogelsinger
        42347 by: Boget, Chris
        42349 by: Boget, Chris
        42352 by: Robert Vetter
        42354 by: Boget, Chris
        42360 by: Robert Vetter
        42363 by: Boget, Chris

PHP's connection handling
        42306 by: Milan Mlynarcik

Tutorial?
        42309 by: Tristan.Pretty.risk.sungard.com
        42311 by: Tristan.Pretty.risk.sungard.com
        42338 by: John Ashton
        42344 by: Jeff Oien
        42346 by: Brian Paulson

Images Upload Password Protect
        42310 by: Squash Buckler

Re: PHP single user??
        42313 by: Yasuo Ohgaki

Re: including html
        42314 by: Yasuo Ohgaki

image issues
        42315 by: John LYC

Re: Double Click
        42316 by: Yasuo Ohgaki

File upload not for Netscape?
        42317 by: Dhaval Desai

function questions
        42318 by: kevin1

session  lifetime
        42319 by: lagi

Re: Javascript and Php
        42320 by: Christian Reiniger

Re: Bitwise solution?
        42323 by: Christian Reiniger
        42345 by: Boget, Chris

Re: php and javascript
        42325 by: Christian Reiniger
        42340 by: John Ashton

Re: Help - I can't create jpegs with GD
        42326 by: Christian Reiniger
        42361 by: Cherie Benoit

Re: whats the message count ?
        42327 by: Christian Reiniger

Re: Loss of connection handle object
        42328 by: Yasuo Ohgaki

Simple question!!!
        42329 by: Ricardo D'Aguiar
        42330 by: Adam Wright
        42331 by: CC Zona
        42332 by: Sue Bailey
        42365 by: Ricardo D'Aguiar

i wanna get URL inputed by user's browser.
        42333 by: cafe.phpcafe.net
        42334 by: cavelife

Re: can't start apache
        42335 by: Scott Wagner

Session, cookies not allowed, ssl
        42339 by: Carola Meyberg

security concerns with PHP4 module
        42341 by: Davydd Cook

undefined symbol (PayFlow Pro)
        42342 by: Robert Covell
        42350 by: Robert Covell

Running php code inside of a string within a php script..
        42348 by: Aviv Revach
        42364 by: Lucas Persona
        42371 by: Aviv Revach
        42376 by: Lucas Persona

server side cookies
        42351 by: Jeff

how can i extract from such an array??
        42353 by: Sandeep Hundal
        42358 by: Data Driven Design

help parsing data files
        42357 by: Walgamotte, David
        42379 by: Hoover, Josh

Re: PostgreSQL vs InterBase
        42359 by: Meir kriheli

[Resend]
        42362 by: jimmythetulip190.hotmail.com

strip ^M's ??
        42366 by: Brandon Orther
        42367 by: Nathan Cassano
        42368 by: Walgamotte, David
        42370 by: Brandon Orther

How to ready Apache Server or Image Functions
        42369 by: Karl J. Stubsjoen
        42372 by: Jack Dempsey

Re: Hebrew websites transition with php3 ..
        42373 by: Aviv Revach
        42378 by: Boaz Yahav

Does anyone know if there exist an job-ad script?
        42374 by: David Tandberg-Johansen

session won΄t use cookies
        42375 by: Tobias Talltorp

Re: [PHP-DEV] pspell/aspell breaking
        42377 by: Seth Northrop

linking to specific spot on map?
        42380 by: Floyd Baker
        42381 by: Jack Dempsey

Splitting a complex string problem
        42382 by: rm

MySQL Create Table Problem
        42383 by: Jeff Oien

Administrivia:

To subscribe to the digest, e-mail:
        [EMAIL PROTECTED]

To unsubscribe from the digest, e-mail:
        [EMAIL PROTECTED]

To post to the list, e-mail:
        [EMAIL PROTECTED]


----------------------------------------------------------------------


Addressed to: "Chris" <[EMAIL PROTECTED]>
              [EMAIL PROTECTED]

** Reply to note from "Chris" <[EMAIL PROTECTED]> Thu, 1 Mar 2001 15:43:25 -0800
>
> Would it not be possible to have both the form page and the script page that
> handles the form be generated o the fly with random filenames?
>
> The form page would point to the random generated script page, and the
> script page could delete itself after it is proccessed. You would also want
> a cron to delete any files in case they never bothered to submit the form.
>
> Can anyone see a problem with this?


That makes it a little harder, but I can just view source and hit the
page a couple of times, and I will see that the Action="" in the <FORM>
tag changes and know I have to go back one step to get it.  If I have to
I can emulate a person coming in from the home page, walking all the
links to the form, then entering it.


  I hit the page that generates the random name.

  It returns the random name.

  I use it in my following request to get the form.

  I fill in the form and send it.


Maybe you can make it  'not worth the effort'  for a hacker, but be
careful you don't make it  'not worth the errort' for your legitimate
visitors.

The big problem you have, is if I can fill it in by hand, I can watch
what passes over the network and write a program to emulate it.  What a
browser can do is very limited, and even things like headers that are
not normaly visible when you view source are visible to a network
sniffer.




Rick Widmer
Internet Marketing Specialists
http://www.developersdesk.com



Addressed to: "Simon Garner" <[EMAIL PROTECTED]>
              "Chris" <[EMAIL PROTECTED]>
              "php" <[EMAIL PROTECTED]>

** Reply to note from "Simon Garner" <[EMAIL PROTECTED]> Fri, 2 Mar 2001 13:05:00 
+1300
>
> So how do you verify that the logged in user is allowed to act on behalf of
> the other ID? You just have to keep reverifying that the client is allowed
> to do what they're doing.
>

I suggest it is time to take a look at sessions:

   http://www.php.net/manual/en/html/ref.session.html


Things get easier if you only allow a small group of people into the
site.  You won't be able to keep someone who knows a valid username and
password from exploiting things, but you can limit the possible exploits
to what you allow a user to do.

I suggest you use a SSL secured server any time you are sending
passwords across the net.  That way they can only be intercepted by
someone with access to the authorized user's machine, or someone with
access to your machine.  SSL is not magic, all it does is prevent
someone along the way from snooping.

When someone enters a valid username and password, create a session and
store all the temporary data on the server.  If it is never sent to the
browser, there is no way for someone on the other end to modify it.  A
PHP session ID is a reasonably secure random number that is hard to
guess.  It is even harder to guess the session ID, user name and
password all at the same time.

That still does not stop me, a valid user who can use the system from a
browser, from being able to write a script that fakes my user action.
It  does allow you much more control to make sure that neither me or my
robot are able to do anything you don't want me to do.



> It's a chore I know - security usually is :(

Yep!




Rick Widmer
Internet Marketing Specialists
http://www.developersdesk.com



Hi,

How about the following:

  1. Assign a session id to the form every time you generate it.
  2. Maintain that session id on the server side in a sort of cache for a
     specific amount of time (say, T) only. Time-out and delete session id
     entries that haven't been used within time period T.
  3. Have the form page refresh itself every T minutes/seconds etc. (for the
     convenience[1] of a genuine user).
  4. Ensure that a form with a particular session id can be submitted only
     once.
       1. Deleting the session id from the session id cache the first time a
          form is submitted should ensure this. This would lead to the concept
          of "using up" or "consuming" a session id.
  5. Don't process any form that doesn't have a corresponding valid session id
     stored in the session id cache.

While the approach I have outlined above will be susceptible to eavesdropping
(session ids can be sniffed out), that can easily be taken care of by sending
out the form over an HTTPS session.

Of course, if the attacker sets up a robot to request forms from the actual
server and then keeps on submitting spurious data, you're in trouble. There's
very little that can be done against an attack of this sort. You could perhaps
try to keep track of the time difference between the serving of the form and
its submission. This too, is open to subversion.

Please do point out any loopholes you find in the approach mentioned above.

------------------------

[1]

     If a "genuine" user stops to do something else after partially
     filling out the form, then this setup could become a nuisance.

"Boget, Chris" wrote:

> Well, this was part of what I was going to do.  I was going to check
> to see if the request method was post and if the referer was from
> our host (not just the form/page).  If all that was true, then process
> the form.  If not, don't.
> However, I know that the $HTTP_REFERER variable is not at all
> reliable.  On that note, what browsers/versions would not send this
> information for Apache/PHP to set?  I know it is because of the browser
> that the client is using that this variable is unreliable.  But what those
> browsers/versions are, I don't know and am hoping someone can
> answer.
>
> Chris

--
Regards,
Harshdeep Singh Jawanda.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Member of Technical Staff,                     [O]+91-020-5676700 X-474
Persistent Systems Pvt. Ltd.,                  [R]+91-020-5890053
[EMAIL PROTECTED]                               [EMAIL PROTECTED]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~





On Friday 02 March 2001 00:22, you wrote:
> I can think of one way that you can take in an attempy to prevent
> this.
> It is not totally fool proof but it will make it more difficult
> to send spoof data:
>
> 1) Check your HTTP refereer when the form is submitted. If the
> referer is not from your host then don't process the form.
> Of course this can be faked quite easily if this person knows
> what (s)he doing.

And it would prevent people who don't sent Referrer headers from using 
the form

-- 
Christian Reiniger
LGDC Webmaster (http://sunsite.dk/lgdc/)

The use of COBOL cripples the mind; its teaching should, therefore,
be regarded as a criminal offence.

- Edsger W. Dijkstra



It's probably a good idea to stop using hidden form fields.  Save your state
data securely, use sessions etc.

Then you only have the usual problem of validating the data you wanted the
user to send you , instead of also the hidden data you were hoping they
would leave alone!

HTH

Cheers

Bruce

ps I may be a little late with this since I'm reading the digest!

Bruce Molyneux 
emeraldsoft.co.uk

-----Original Message-----
From: Chris [mailto:[EMAIL PROTECTED]]
Sent: Friday, March 02, 2001 12:03 AM
To: php
Subject: Re: [PHP] Munging hidden/form variables





'Boget, Chris' wrote:
> 
> > Don't bother with checking the HTTP_REFERER - it can be easily forged.
> > There is a very simple solution to this problem -- validate the data from
> > the form!
> [snip] 
> > You should be doing this anyway, since who knows what the user could 
> > type in your input box. Nevermind if somebody makes a copy of your 
> > form. Never never never trust the client.
> 
> I'm already doing this.  However, if I have a hidden variable containing
> a value of the current user I'm working with, that value can be changed
> to something else and it would pass the test.  However, I need to find a
> way to determine if something like that has happened.  That's where my
> description of what I was thinking of doing came from.

Well, anything you get back from the client will be as GET variables, I
think.  So, if your forms only use POST variables, and you've turned on
track_vars, then you can get your variables through $HTTP_POST_VARS()
like $foo=$HTTP_POST_VARS('foo');  If I'm wrong on this, I'm sure
someone will let me know.

-- 
Curt Seeliger            
OAO Corporation, EPA/WED contractor 
541/754-4638           
[EMAIL PROTECTED]     



> Well, anything you get back from the client will be as GET 
> variables, I think.  So, if your forms only use POST variables, 
> and you've turned on track_vars, then you can get your variables 
> through $HTTP_POST_VARS() like $foo=$HTTP_POST_VARS('foo');  
> If I'm wrong on this, I'm sure someone will let me know.

Well, if there is a GET and a POST variable of the same name, 
the POST value will be used instead.  This is a built in security
measure of either PHP, Apache or both.
However, what you suggest does not prevent someone from
viewing and saving the source to their machine, modify the
form variables and submit the version of the form on their local
machine.  Doing this will set everything as a POST and will
bypass the check suggested above.

This goes back to what I said initially.  I can check to see if
the REQUEST_METHOD is POST and check the HTTP_REFERER
to see if it is from our host (which it wouldn't be if the user 
submitted the form from their local machine.  However, the
problem arises in that the HTTP_REFERER isn't always set
because some browsers do not send that information to the 
server.

So this leads me to the (another) question I had, but am not
sure anyone said, at what time and/or in what instances and/or
what browsers/versions do not send the HTTP_REFERER
information?

I really appreciate all the help and information everyone has
given with regards to this issue.  You guys are great.

Chris



Carrie KL Tam wrote:
> Hi Sebastian,
> 
> Don't understand why the following code keep telling me the error "Rename
> failed (Invalid argument)":
> <?php
> $forig = 'd:/pict/orig/YI3 ?a.3WOHF';
> $fcopy = 'd:/pict/copy/test1';
> if (rename($sourcepath,$ftppath))
> {
>   echo "pass 1\n";
> }
> ?>
> 
> Pls advise
> 
> Cheers,
> Carrie Tam
> [EMAIL PROTECTED]

-- 
 sebastian bergmann         e-mail :              [EMAIL PROTECTED]
                          homepage :      http://www.sebastian-bergmann.de
                       make a gift : http://wishlist.sebastian-bergmann.de
 measure the usability of your web application -> http://phpOpenTracker.de



Sebastian Bergmann wrote:

> Carrie KL Tam wrote:
>> Hi Sebastian,
>> 
>> Don't understand why the following code keep telling me the error "Rename
>> failed (Invalid argument)":
>> <?php
>> $forig = 'd:/pict/orig/YI3 ?a.3WOHF';

way i see it, ? and * (among others) are special chars in wind0ze

cheers,
hrishi

>> $fcopy = 'd:/pict/copy/test1';
>> if (rename($sourcepath,$ftppath))
>> {
>>   echo "pass 1\n";
>> }
>> ?>
>> 
>> Pls advise
>> 
>> Cheers,
>> Carrie Tam
>> [EMAIL PROTECTED]
> 

-- 
--
Yeah, there are more important things in life
than money, but they won't go out with you if
you don't have any.



Hrishi wrote:

> Sebastian Bergmann wrote:
> 
>> Carrie KL Tam wrote:
>>> Hi Sebastian,
>>> 
>>> Don't understand why the following code keep telling me the error
>>> "Rename failed (Invalid argument)":
>>> <?php
>>> $forig = 'd:/pict/orig/YI3 ?a.3WOHF';
>>> $fcopy = 'd:/pict/copy/test1';
>>> if (rename($sourcepath,$ftppath))
>>> {
>>>   echo "pass 1\n";
>>> }
>>> ?>
whoa there.

what is sourcepath? what is ftppath? what do the variables forig and fcopy 
do ?

was a bit hasty in answering that :)

-- 
--
Yeah, there are more important things in life
than money, but they won't go out with you if
you don't have any.



Addressed to: [EMAIL PROTECTED]
              [EMAIL PROTECTED]

** Reply to note from CC Zona <[EMAIL PROTECTED]> Thu, 01 Mar 2001 20:05:55 -0800
>
> In article <[EMAIL PROTECTED]>,
>  [EMAIL PROTECTED] ("Boget, Chris") wrote:
>
> > Also, how would I set the (previously GET) vars up as session
> > variables?  I'd have to post to yet another script which
> > would set the session variables and in turn SUBMIT (with just
> > the SESSID this time) to the actual page (remember, I can no
> > longer use any GET variables so the header() function would
> > be out) that is the final destination...
>
> Just include the SID as a hidden input.  It'll be POSTED to the next page
> right along with your other variables.  There's even a way to configure
> your php.ini file so that PHP includes the hidden SID for you.  I forget
> which setting it is--maybe "trans-id" or something like that...?  Poke
> around in the the "configuration" chapter of the manual; it's in there.


That won't work.  Clicking on a link does not trigger sending of fields
(hidden or not).


There are only three places you can pass data without using forms, and
using buttons, or images to trigger a POST of the data.


1.  Get parameters after a ?

2.  Cookies.

3.  In the URL itself.


Why do you want to eliminate all get params and cookies?  That might
have a lot of control as to what the best approach will be.




Rick Widmer
Internet Marketing Specialists
http://www.developersdesk.com



From: <[EMAIL PROTECTED]>
Sent: Friday, March 02, 2001 9:12 AM


>> Just include the SID as a hidden input.  It'll be POSTED to the next page
>> right along with your other variables.  There's even a way to configure
>> your php.ini file so that PHP includes the hidden SID for you.  I forget
>> which setting it is--maybe "trans-id" or something like that...?  Poke
>> around in the the "configuration" chapter of the manual; it's in there.

> That won't work.  Clicking on a link does not trigger sending of fields
> (hidden or not).

No? How about:

<form name=myForm method=post action=...>
<input bla bla bla...>
</form>

<a href="javascript:document.myForm.submit();">Click here</a>

<a href="#" onclick="document.myForm.submit();return false;">or here</a>

- Carsten






In article <[EMAIL PROTECTED]>,
 [EMAIL PROTECTED] wrote:

> > > Also, how would I set the (previously GET) vars up as session
> > > variables?  I'd have to post to yet another script which
> > > would set the session variables and in turn SUBMIT (with just
> > > the SESSID this time) to the actual page (remember, I can no
> > > longer use any GET variables so the header() function would
> > > be out) that is the final destination...
> >   
> > Just include the SID as a hidden input.  It'll be POSTED to the next page 
> > right along with your other variables.  There's even a way to configure 
> > your php.ini file so that PHP includes the hidden SID for you.  I forget 
> > which setting it is--maybe "trans-id" or something like that...?  Poke 
> > around in the the "configuration" chapter of the manual; it's in there.
> 
> 
> That won't work.  Clicking on a link does not trigger sending of fields
> (hidden or not).
> 
> 
> There are only three places you can pass data without using forms, and
> using buttons, or images to trigger a POST of the data.

Did you read his previous comments?  He *is planning to pass the info in a 
form, one for each link...

-- 
CC



> Just include the SID as a hidden input.  It'll be POSTED to 
> the next page right along with your other variables.  

Right.

> There's even a way to configure your php.ini file so that PHP 
> includes the hidden SID for you.  I forget which setting it 
> is--maybe "trans-id" or something like that...?  

It is "--enable-trans-sid" and it is turned on.  However, the
problem is that it doesn't work. :(  If the user does not have
cookies turned on, the SID will not be sent through to the next
page on HREFs (I know you have to do it manually when using
the header() function, but it should be automatically appended
when using HRREFs, but it's not. :(  )

Chris



At 14:07 02.03.2001, Boget, Chris said:
--------------------[snip]--------------------
>It is "--enable-trans-sid" and it is turned on.  However, the
>problem is that it doesn't work. :(  If the user does not have
>cookies turned on, the SID will not be sent through to the next
>page on HREFs (I know you have to do it manually when using
>the header() function, but it should be automatically appended
>when using HRREFs, but it's not. :(  )
--------------------[snip]-------------------- 

A little checklist:

Have you:
- checked the INI file setting "url_rewriter.tags"? With the default
installation this is empty, the needed contents are on a comment line.
The line should read
    url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry"

Are you:
- explicitly starting a session with session_start() ?
  if not, try to explicitly start it
- receiving an (old or outdated) PHPSESSID cookie from the browser?
  Maybe Php decides it's not necessary to rewrite the URLs


     ...ebird

   >O     Ernest E. Vogelsinger
   (\)    http://www.1-at-web.at/
    ^     ICQ#   13394035




> There are only three places you can pass data without using forms, and
> using buttons, or images to trigger a POST of the data.
> 1.  Get parameters after a ?
> 2.  Cookies.
> 3.  In the URL itself.

How is 3 different from 1?

> Why do you want to eliminate all get params and cookies?  That might
> have a lot of control as to what the best approach will be.

GET because they can be modified and Cookies because not all users
will have them turned on.

Chris



> > That won't work.  Clicking on a link does not trigger 
> > sending of fields (hidden or not).
> No? How about:
> <form name=myForm method=post action=...>
> <input bla bla bla...>
> </form>
> <a href="javascript:document.myForm.submit();">Click here</a>
> <a href="#" onclick="document.myForm.submit();return 
> false;">or here</a>

This would require a form for every link and that was something I
illustrated earlier as one of the possibilities I had come up with.  But
it was a possibility that I was trying to avoid...

Chris





"Boget, Chris" wrote:
> 
> > > That won't work.  Clicking on a link does not trigger
> > > sending of fields (hidden or not).
> > No? How about:
> > <form name=myForm method=post action=...>
> > <input bla bla bla...>
> > </form>
> > <a href="javascript:document.myForm.submit();">Click here</a>
> > <a href="#" onclick="document.myForm.submit();return
> > false;">or here</a>
> 
> This would require a form for every link and that was something I
> illustrated earlier as one of the possibilities I had come up with.  But
> it was a possibility that I was trying to avoid...
> 
> Chris

No, you could do following:

<a
href="javascript:document.myForm.action='theLink';document.myForm.submit();">Click
here</a>

...for each link. And you'd have one single form.

BTW. In you first email you wrote: "plan they are pushing is to make our
site(s) free of all GET variables".
Who are "they"?

Robert



> > This would require a form for every link and that was something I
> > illustrated earlier as one of the possibilities I had come 
> > up with.  But it was a possibility that I was trying to avoid...
> No, you could do following:
> <a
> href="javascript:document.myForm.action='theLink';document.myF
> orm.submit();">Click here</a>
> ...for each link. And you'd have one single form.

It couldn't be that generic because as I pointed out in my initial email,
each link can have a variable number of GET variables and not all of
them would have the same name (though, some would).
 
> BTW. In you first email you wrote: "plan they are pushing is 
> to make our site(s) free of all GET variables".
> Who are "they"?

My superiors.

Chris





"Boget, Chris" wrote:
> 
> > > This would require a form for every link and that was something I
> > > illustrated earlier as one of the possibilities I had come
> > > up with.  But it was a possibility that I was trying to avoid...
> > No, you could do following:
> > <a
> > href="javascript:document.myForm.action='theLink';document.myF
> > orm.submit();">Click here</a>
> > ...for each link. And you'd have one single form.
> 
> It couldn't be that generic because as I pointed out in my initial email,
> each link can have a variable number of GET variables and not all of
> them would have the same name (though, some would).

Then you'd have to insert hidden fields for all possible variables in
the form.

 
> > BTW. In you first email you wrote: "plan they are pushing is
> > to make our site(s) free of all GET variables".
> > Who are "they"?
> 
> My superiors.

I bet they have nothing better to do than to say: "What are those funny
characters next to the internet address? We don't like them. They don't
let our site look seriously. And we _are_ a very serious company. They
must diappear right away!!"

Robert



> --------------------[snip]--------------------
> >It is "--enable-trans-sid" and it is turned on.  However, the
> >problem is that it doesn't work. :(  If the user does not have
> >cookies turned on, the SID will not be sent through to the next
> >page on HREFs (I know you have to do it manually when using
> >the header() function, but it should be automatically appended
> >when using HRREFs, but it's not. :(  )
> --------------------[snip]-------------------- 
> A little checklist:
> Have you:
> - checked the INI file setting "url_rewriter.tags"? With the default
> installation this is empty, the needed contents are on a comment line.
> The line should read
>     url_rewriter.tags = 
> "a=href,area=href,frame=src,input=src,form=fakeentry"

This wasn't in there, but have since added it.

> Are you:
> - explicitly starting a session with session_start() ?
>   if not, try to explicitly start it

Yes

> - receiving an (old or outdated) PHPSESSID cookie from the browser?
>   Maybe Php decides it's not necessary to rewrite the URLs

No.

This still is not working and *any* help at all on how I can get it
working would be greatly apprecaited!!

Here are the relevant directives (as reported by PHPINFO:

Directive  Local_Value  Master_Value

session.use_trans_sid 1 1 
session.auto_start Off Off 
session.cache_expire 180 180 
session.cache_limiter nocache nocache 
session.cookie_domain no value no value 
session.cookie_lifetime 0 0 
session.entropy_file no value no value 
session.entropy_length 0 0 
session.gc_maxlifetime 1440 1440 
session.gc_probability 1 1 
session.name PHPSESSID PHPSESSID 
session.referer_check no value no value 
session.save_handler files files 
session.serialize_handler php php 
session.use_cookies On On 

Here is some sample code I am using.  All I am doing
here is to test to see if the SESSID is being passed on
the URL when an HREF is clicked when the browser
has cookies turned OFF.  If cookies are turned on, using
this same code, I'll get the same session ID reported
every time.  But with cookies turned off, I get different
session IDs every time.

Page1:
<script language="php">

  session_start();
        
  echo "Your session ID is : " . session_id() . "<br><br>\n";

  echo "<a href=\"page2.php\">Page 2</a><br>\n";
        
</script>

Page2:
<script language="php">

  session_start();
        
  echo "Your session ID is : " . session_id() . "<br><br>\n";

  echo "<a href=\"page1.php\">Page 1</a><br>\n";
        
</script>


Any insight into my problem would be greatly apprecaited.

Chris




I'm writing download counter application. I would like to add a speciall 
functio0nality that determines wheater download was sucess or not. The only one 
solution how to do it I found is PHP's connection handling. 

I'm getting connection status via connection_status() function which is call in 
function that have been registred as ahutdown function:

    function mail_status()
    {
        mail("[EMAIL PROTECTED]", "connection", connection_status());
    }

    register_shutdown_function("mail_status");

Then I send header that tell browser to establish download:

    header("Content-Type: application/zip");

And then I'm trying to send output which i read from DB(size of 10KB):

    echo $content;

All works well, but when i hit cancel button in download dialog window status is 
NORMAL and not ABORTED.
When i put this instead of line before it returns ABORTED.

    for($i=0;$i<10000;$i++){ echo $i; };

So ... how could I recognize if Cancel button was pressed in download dialog window ???
-------------------------------------------------------------
Milan Mlynarcik
Web Programmer
Charmed Technology Slovakia
Nam. sv. Egidia 16/37
058 01 Poprad, Slovakia
E-mail: [EMAIL PROTECTED]
Office: 00421 92 7881 874
Mobile: 00421 905 964 535
Web page: http://www.charmed.com/
-------------------------------------------------------------





Hi there,
Iam new to the world of PHP, and after my boss told me to learn PHP and MySQL, I
found my way here.
I am gettign to frips with MySQL, and Basic PHP seems to be sticking in my
brain, but I'd really appreciate it if you guys could point me in the direction
of a good on-line tutorial that'd point out the basics of geting these two
technologies to talk to one another.

Ultimatly, I'd like to have  a login screen, that checkes user name against
password on my Database.

You guys were recommended to me by a subscriber from another list, I hoep you
can help.

Thanks in advance,
Tris...





**********************************************************************
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. If you have received this email in error please notify
the system manager.

This footnote also confirms that this email message has been swept by
MIMEsweeper for the presence of computer viruses.


**********************************************************************





Hi there,
Iam new to the world of PHP, and after my boss told me to learn PHP and MySQL, I
found my way here.
I am gettign to frips with MySQL, and Basic PHP seems to be sticking in my
brain, but I'd really appreciate it if you guys could point me in the direction
of a good on-line tutorial that'd point out the basics of geting these two
technologies to talk to one another.

Ultimatly, I'd like to have  a login screen, that checkes user name against
password on my Database.

You guys were recommended to me by a subscriber from another list, I hoep you
can help.

Thanks in advance,
Tris...





**********************************************************************
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. If you have received this email in error please notify
the system manager.

This footnote also confirms that this email message has been swept by
MIMEsweeper for the presence of computer viruses.


**********************************************************************



Hey,

There are a million different sites that have hordes of information to
offer,
One of my favourites is phpbuilder.  For a list of more links please visit
the
php.net pages.  In the link section there are a few good links.

Here is a link to some basic php/mysql stuff,

http://www.phpbuilder.com/columns/tim20010110.php3


Best of luck,

John Ashton
[EMAIL PROTECTED]
The Data Source Network
http://www.thedatasource.net

> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]
> Sent: March 2, 2001 3:36 AM
> To: [EMAIL PROTECTED]
> Subject: [PHP] Tutorial?
>
>
>
>
> Hi there,
> Iam new to the world of PHP, and after my boss told me to learn
> PHP and MySQL, I
> found my way here.
> I am gettign to frips with MySQL, and Basic PHP seems to be sticking in my
> brain, but I'd really appreciate it if you guys could point me in
> the direction
> of a good on-line tutorial that'd point out the basics of geting these two
> technologies to talk to one another.
>
> Ultimatly, I'd like to have  a login screen, that checkes user
> name against
> password on my Database.
>
> You guys were recommended to me by a subscriber from another
> list, I hoep you
> can help.
>
> Thanks in advance,
> Tris...
>
>
>
>
>
> **********************************************************************
> This email and any files transmitted with it are confidential and
> intended solely for the use of the individual or entity to whom they
> are addressed. If you have received this email in error please notify
> the system manager.
>
> This footnote also confirms that this email message has been swept by
> MIMEsweeper for the presence of computer viruses.
>
>
> **********************************************************************
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> To contact the list administrators, e-mail: [EMAIL PROTECTED]
>
>




I started with this:
http://www.php.net/tut.php
went from there. Also
http://www.thickbook.com/
has some good stuff. 
Jeff Oien

> Hi there,
> Iam new to the world of PHP, and after my boss told me to learn PHP and MySQL, I
> found my way here.
> I am gettign to frips with MySQL, and Basic PHP seems to be sticking in my
> brain, but I'd really appreciate it if you guys could point me in the direction
> of a good on-line tutorial that'd point out the basics of geting these two
> technologies to talk to one another.
> 
> Ultimatly, I'd like to have  a login screen, that checkes user name against
> password on my Database.
> 
> You guys were recommended to me by a subscriber from another list, I hoep you
> can help.
> 
> Thanks in advance,
> Tris...
> 
> 
> 
> 
> 
> **********************************************************************
> This email and any files transmitted with it are confidential and
> intended solely for the use of the individual or entity to whom they
> are addressed. If you have received this email in error please notify
> the system manager.
> 
> This footnote also confirms that this email message has been swept by
> MIMEsweeper for the presence of computer viruses.
> 
> 
> **********************************************************************
> 
> -- 
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> To contact the list administrators, e-mail: [EMAIL PROTECTED]
> 



You might also go to http://www.devshed.com they have a very good php
section.

For code to look at go to http://www.weberdev.com/ or http://www.zend.com

Thank you
Brian Paulson
Sr. Web Developer
[EMAIL PROTECTED]
http://www.chieftain.com
1-800-269-6397

-----Original Message-----
From: Jeff Oien [mailto:[EMAIL PROTECTED]]
Sent: Friday, March 02, 2001 7:49 AM
To: PHP
Subject: RE: [PHP] Tutorial?


I started with this:
http://www.php.net/tut.php
went from there. Also
http://www.thickbook.com/
has some good stuff.
Jeff Oien

> Hi there,
> Iam new to the world of PHP, and after my boss told me to learn PHP and
MySQL, I
> found my way here.
> I am gettign to frips with MySQL, and Basic PHP seems to be sticking in my
> brain, but I'd really appreciate it if you guys could point me in the
direction
> of a good on-line tutorial that'd point out the basics of geting these two
> technologies to talk to one another.
>
> Ultimatly, I'd like to have  a login screen, that checkes user name
against
> password on my Database.
>
> You guys were recommended to me by a subscriber from another list, I hoep
you
> can help.
>
> Thanks in advance,
> Tris...
>
>
>
>
>
> **********************************************************************
> This email and any files transmitted with it are confidential and
> intended solely for the use of the individual or entity to whom they
> are addressed. If you have received this email in error please notify
> the system manager.
>
> This footnote also confirms that this email message has been swept by
> MIMEsweeper for the presence of computer viruses.
>
>
> **********************************************************************
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> To contact the list administrators, e-mail: [EMAIL PROTECTED]
>

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]






I'm concepting a system in php that offers user level password protected
upload / download of image files - certain users would only be able to
access certain files.

The file sizes could be anywhere from 1mb on up to 25mb.

I am thinking of storing the (user uploaded and downloadable) files outside
of the www directory (if that is possible with php) and using mysql to track
files and associate them with users.  I would like to pose a few questions:

1.  How would you get around scrip timeouts on huge 25mb files.

        1a.  In a virtually hosted situation, how much php can a server
provide if 5 people are tying up connections/php with 25mb downloads.

2.  If it is possible to upload files outside of the www directory via php,
would this bring added security concerns to the site.  I don't wan't the
files to be browseable by J.Q. Public.

3.  Is there a better solution using straight ftp connections that could
also provides user level password protection - keeping in mind that users
would need the capacity to create an account and upload a file without an
administrator having to create directories and passwords.

Thanks in advance for any ideas/opinions/etc.

Kevin


$[EMAIL PROTECTED] > > Todd Cary <[EMAIL PROTECTED]> wrote in message > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > I am having a very strange problem: PHP 4.0.4 on a NT 4 platform with > > IIS 5 is only allowing one surfer to do a DB Select. If the DB is busy > > with the first user, the page is not available to other users. And I > > have no problems with Win 2K. > > > > Am I missing something very obvious? > What is your DB, are you using MS-SQL Server? If it is Developer Edition, I believe it allows only 1 db connection. (Has MS changed this restriction? Number of connections developer edition can accept may wrong. I don't remember well. Correct me if it is wrong.) Or didn't you setup DB to accept only 1 connection? Sounds like this is the reason to me. Regards, Yasuo Ohgaki 


>
> Marcos wrote:
>
> >     index.php
> >         include ('info.html)
>
> I think
>
>      readfile($inputFileName);
>
> would be a better option.
>

FYI

You might want to add headers using header() with readfile().

PHP does not parse with readfile(), so it is more efficient. i.e. PHP does
not look for <?php ?>.
(I use include() always, though)

Regards,

Yasuo Ohgaki



GIF89a ÷ƺ–ÿÛQßΦ¶¦ŠM=ÿãqÿßaçßÂκš–Šuÿãu÷ï릚}-
®¢†Æ¶–meY®ž†‚yiqmYÿãeyuqïç×ÿ×Aÿãyÿ玎y5¾²–ÿÛMÿ×5×ƶïëÛ¾–Žqï׆žŽmÿÛ=ß×ÛiUÿÒ$Φ¶®–ÿÛEðð
b&X¤ððððD¢¯âWÏÀbð¨h7‘?€“€“<!`Ȥ
*.X¤ðððððŽ?X¤›ðððð¶¤ÀbðXM!ùØ, ¡18p Á&\?¡Š
p?A¡€”pàA 4dX?Áà?$(Pù@?ė (ÀA͛ >˜@?J
?—3/?@(?,èpA€¥Ðú€‚ÏJ›Bxڑ@¯3?à U«Ù¾*»õ?Y âz1‚‚
&ü¥! ¼\ Ó@@;

i have the above in my database,,...
it is a gif.. that i store as a blob... using fread("*.gif");

then i do this to retrive it...
<img src=\"getpic.php?ID=".$ID."\">

//in getpic.php
$query =  "select pic from table where id = '$ID'";
$result = @MYSQL_QUERY($query);
$data = @MYSQL_RESULT($result,0, "diagram");

Header("Content-type: image/gif");
print $data;

//////////
this will siplay my img, my gif..
now the problem is that i want to use function like GetImageSize()..
on this pics.. how do i do it?

john





> A tactic I've been planning to use, but don't know if it actually works or
> not, is to disable the button first thing in its onClick so the second
click
> occurs on a disabled button.  Does anybody know if this actually works or
> not?
>
> - Theo

How do you determine if the click is the first time, when user send form,
decide to go back to previous page using browser's back button? It's
impossible to determine the click is the first or not using JavaScript.
(It's only works browser does not send form data immediately and it allow
users to send form data while it is sending form data or waiting response
from server. Is this what you want to prevent? Then it works.)

John's uses hash to compare posted values are the same as in DB, it works.
In many cases, it may be a preferred way. If you are just worried about
sending form data multiple times using browser's back button, you can do as
follows using session var.

switch ($task) {
  case 'update':
    if ($HTTP_SESSION_VAR['FORM_DATA_SENT']==false) {
         // do update
    }
    $HTTP_SESSION_VAR['FORM_DATA_SENT'] = true;
    break;
  case 'show_form':
    $HTTP_SESSION_VAR['FORM_DATA_SENT'] = false;
     // show form
    break;
}

Regards,

Yasuo Ohgaki

>
> -----Original Message-----
> From: John Huggins [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, February 28, 2001 3:04 PM
> To: Manuel Lemos; [EMAIL PROTECTED]
> Subject: RE: [PHP] Double Click
>
>
> If you are lucky and are feeding this form data to a database, you can
> create a unique hash field from other fields that would not change from
> click 1 to click 2.  Then just make the database treat the hash as a
unique
> index and it should prevent double entries.  Works for me.
>
> Other advice is to not tell the double clicker that had an error; Just
> silently ignore their second request.
>
> > -----Original Message-----
> > From: Manuel Lemos [mailto:[EMAIL PROTECTED]]
> > Sent: Wednesday, February 28, 2001 2:55 PM
> > To: [EMAIL PROTECTED]
> > Subject: Re: [PHP] Double Click
> >
> >
> > Hello Fabian,
> >
> > On 28-Feb-01 03:01:02, you wrote:
> >
> >
> > >Hi,
> >
> > >I have a page, and when I have to add a product I use a form,
> > many people are
> > >used to make double click in every task, so when the product is
> > sent with a
> > >double click in the send button, the program send it twice to
> > the data base.
> >
> > >What can I do to prevent this?
> >
> > You may want to try this forms generation class that lets you define a
> > warning message that shows when the user attempts to submit a form more
> > than once.
> >
> > http://phpclasses.UpperDesign.com/browse.html/package/1
> >
> > Regards,
> > Manuel Lemos
> >
> > Web Programming Components using PHP Classes.
> > Look at: http://phpclasses.UpperDesign.com/?[EMAIL PROTECTED]
> > --
> > E-mail: [EMAIL PROTECTED]
> > URL: http://www.mlemos.e-na.net/
> > PGP key: http://www.mlemos.e-na.net/ManuelLemos.pgp
> > --
> >
> >
> > --
> > PHP General Mailing List (http://www.php.net/)
> > To unsubscribe, e-mail: [EMAIL PROTECTED]
> > For additional commands, e-mail: [EMAIL PROTECTED]
> > To contact the list administrators, e-mail: [EMAIL PROTECTED]
> >
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> To contact the list administrators, e-mail: [EMAIL PROTECTED]
>
>



Hi!

File upload doesn't seem to work from Netscape.
It works with Internet Explorer.

In netscape it says Network Error Occured..

Why's that..?

Thanl You!
Dhaval Desai

__________________________________________________
Do You Yahoo!?
Get email at your own domain with Yahoo! Mail. 
http://personal.mail.yahoo.com/



I have a here doc:

print <<<END
Hey there foo::bar($baz) how are you doing?
END;

foo::bar is a method that returns the name of $baz. I can't seem to get 
that to interpolate properly. It would make my life cleaner and easier 
if this could work. Is this at all possible?





Hi All,

I would like too keep a session going from between 1 to 3 days user
selectable via my authentication system.
If i change the php.ini then the session will not be changeable how can I do
it without changing the lifetime variable?

Regards Lagi




On Thursday 01 March 2001 13:19, you wrote:

> I'd like to include an inc file once a button id cliked!

You can only request a new page. Period.
PHP runs on the server, button clicks are evaluated on the client 
(browser).

-- 
Christian Reiniger
LGDC Webmaster (http://sunsite.dk/lgdc/)

The use of COBOL cripples the mind; its teaching should, therefore,
be regarded as a criminal offence.

- Edsger W. Dijkstra



On Thursday 01 March 2001 20:58, you wrote:

> But that would give me a value of a variable variable.
> And I need a numerical value so
>
> $var1 ="joe";
> $var2 = date( "U" );
>
> echo "$var1$var2";
>
> won't do me any good.

Ahhh. You want to use the mcrypt functions or simply crypt() ?

-- 
Christian Reiniger
LGDC Webmaster (http://sunsite.dk/lgdc/)

The use of COBOL cripples the mind; its teaching should, therefore,
be regarded as a criminal offence.

- Edsger W. Dijkstra



> > I have 2 values.  The first is a constant while the second is not.
> Is the first value a numerical value (real/integer?) or a 
> string value?

String.

This is what I've come up with and it seems to work pretty ok.
What do you guys think?

(test code to illustrate a point; other than the XORing, not 
what I'm actually going to do with the "live" code)

<script language="php">

    $uniqueArray = array();
    for( $i = 0; $i <= 100; $i++ ) {
        $certnum = date( "U" );  // what the second variable is always set
to
                
        if( $certnum == $lastCertNum ) {
            sleep( 1 );
                        
        }
                
        $uid = ( $uid == "nsa000" ) ? "mdb000" : "nsa000";  // sample first
variable
                
        $uniqueNum = ( hexdec( $uid ) ^ $certnum );
                
        echo "$uid ^ $certnum = $uniqueNum<br>\n";
        if( in_array( $uniqueNum, $uniqueArray )) {
            echo "Not a unique number!<br><br>\n";
                        
        }
                
        $uniqueArray[] = $uniqueNum;
        
        flush();
                
        $lastCertNum = $certnum;
                
    }

</script>



Chris



On Friday 02 March 2001 06:21, you wrote:
> Hello,
>
> Are there any good examples of producing embedded javascript code in a
> php file?

<?php
  somecode
?>
<script language='javascript'>
  sglfjh s
</script>
<?php 
  more code
?>

-- 
Christian Reiniger
LGDC Webmaster (http://sunsite.dk/lgdc/)

The use of COBOL cripples the mind; its teaching should, therefore,
be regarded as a criminal offence.

- Edsger W. Dijkstra



Well not sure what ya need an example of :)
php is php and javascript is javascript.  

What excatly do you need help wiht ?

> -----Original Message-----
> From: Christian Reiniger [mailto:[EMAIL PROTECTED]]
> Sent: March 2, 2001 5:34 AM
> To: Php-General@Lists. Php. Net
> Subject: Re: [PHP] php and javascript
> 
> 
> On Friday 02 March 2001 06:21, you wrote:
> > Hello,
> >
> > Are there any good examples of producing embedded javascript code in a
> > php file?
> 
> <?php
>   somecode
> ?>
> <script language='javascript'>
>   sglfjh s
> </script>
> <?php 
>   more code
> ?>
> 
> -- 
> Christian Reiniger
> LGDC Webmaster (http://sunsite.dk/lgdc/)
> 
> The use of COBOL cripples the mind; its teaching should, therefore,
> be regarded as a criminal offence.
> 
> - Edsger W. Dijkstra
> 
> -- 
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> To contact the list administrators, e-mail: [EMAIL PROTECTED]
> 
> 



On Friday 02 March 2001 06:46, you wrote:
> I can't create or manipulate jpegs, but pngs work fine. I am using a
> hosting service. They installed GD 1.8.4 with jpeg support a few days
> ago, but I'm thinking they did it wrong. I'm using code I know works
> because it's straight out of the PHP Cookbook. What do I need to tell
> them to correct the problem?

Depends on what errors you get. "I can't create or manipulate jpegs" 
isn't particularly helpful...

-- 
Christian Reiniger
LGDC Webmaster (http://sunsite.dk/lgdc/)

The use of COBOL cripples the mind; its teaching should, therefore,
be regarded as a criminal offence.

- Edsger W. Dijkstra



> Depends on what errors you get. "I can't create or manipulate jpegs"
> isn't particularly helpful...

OK, it returns a broken image and when I download that the resulting file
reads "ImageJpeg: No JPG support in this PHP build". But tech support says
they installed the jpeg support and that they did it correctly.

I've tried using code that Rasmus wrote, too. And that definitely should
work. :)

-- 
Cherie Benoit





On Thursday 01 March 2001 12:51, you wrote:

> 2. i can order "old" mails from the script who managed this folder
> right ? but i need to say what number i want.. like i want number
> 499-550 .. so my question what number do we have actually ? (i suppose
> it started with one, but where are we right now?)

Look at the headers of one of the messages. They contain a line of the 
form
X-From_: [EMAIL PROTECTED]

The 42156 in there is the message number

-- 
Christian Reiniger
LGDC Webmaster (http://sunsite.dk/lgdc/)

The use of COBOL cripples the mind; its teaching should, therefore,
be regarded as a criminal offence.

- Edsger W. Dijkstra



I was curious, so I made simple test code, it seems works fine for PHP4.0.4
as Apache 1.3.17 module running under RedHat Linux 7.0.1. (Besides, I have
very similar code that you have. It works for me)

What is your environment?

If you are 100% sure that you don't have bug in code, I suggest to fill bug
report with your code.

Regards,

Yasuo Ohgaki

---
My test code output

=== BEGIN ===
Resource id #1                <= database link resource
Resource id #2                <= query result resource
Object                             <= PgSql db object
Resource id #3                 <= query result resource
=== END ===

This is my test code

<?php

class DB_PGSQL {
 var $res_connection;
 var $res_result;

 function DB_PGSQL($connect_string) {
  $this->res_connection = pg_pConnect($connect_string);
 }

 function Query($sql) {
  $this->res_result = pg_Exec($this->res_connection, $sql);
  return $this->res_result;
 }
}

class DB {
 var $database;
 var $source_type;

 function DB($source_type, $connect_string) {
  $this->source_type = $source_type;
  switch ($source_type) {
   case 'PGSQL':
    $this->database = new DB_PGSQL($connect_string);
    break;
  }
 }

 function Query($sql) {
  $this->database->Query($sql);
 }
}

$db = new DB('PGSQL','dbname=db_session host=dev user=yohgaki');

ECHO $db->database->res_connection;echo '<br>';
$db->database->Query('SELECT * FROM sys_session'); // CALL PGSQL class'
Query() directly
ECHO $db->database->res_result;echo '<br>';

ECHO $db->database;echo '<br>';
$db->Query('SELECT * FROM sys_session'); // CALL PGSQL class' Query()
INdirectly
ECHO $db->database->res_result;echo '<br>';

?>



> Well, you already have code to PostgreSQLDataSource ... the other object
> just encapsulates it ...
>
> ok heres some more code:
>
> class AbstractDataSourceManager
> {
>    var $dataSourceName;
>    var $dataSource;
>    var $error_handler;
>
> ...
>
>     function open()
>    {
>       <make $dataSource object with connection params>
>
>       if (is_Object($dataSource))
>          return $dataSource->open();
>       else
>          return false;
>    }
>
>    function executeQuery( $queryString )
>    {
>       return $this->dataSource->executeQuery($queryString);
>    }
> }
>
> --------------------
> Test Code:
>
> if ($HTTP_GET_VARS["testno"]==7)
> {
>  $manualNameTest = new
>
AbstractDataSourceManager("PostgreSQLDataSource","","","wwwuser","","rp2");
>  $result = $manualNameTest->executeQuery("select * from requirements;");
>
>  $db = new PostgreSQLDataSource('','','wwwuser','','template1');
>  $db->open();
>  echo $db->connection."<BR>";
>  echo $db->executeQuery("select * from issues;");
> }
>
> ----------------------
> Test Output:
>
> The connection in open() is :Resource id #1
> The connection in executeQuery() is :''
>
> Warning: Supplied argument is not a valid PostgreSQL link resource in
> /var/wwwroot/php/PostgreSQLDataSource.php on line 67 <this is the
> pg_pConnect line...>
> The connection in open() is :Resource id #2
> Resource id #2
> The connection in executeQuery() is :'Resource id #2'
> Object
> ----------------
>
> So in other words, the one using the encapsulator doesnt work - it seems
to
> lose $this->connection in PostgreSQLDataSource when its contained in
> AbstractDataSourceManager !
>
> ... theres something screwball here - i mean - an object should be able to
> access its own properties in any scope at any time shouldnt it ?
>
> This is totally screwing me here ...
>
> AndrewH
>
> ----- Original Message -----
> From: "Andrew Hill" <[EMAIL PROTECTED]>
> To: "Andrew Halliday" <[EMAIL PROTECTED]>;
<[EMAIL PROTECTED]>
> Sent: Friday, March 02, 2001 11:53 AM
> Subject: Re: [PHP] Loss of connection handle object
>
>
> > Perhaps if you showed us some code?
> >
> > Best regards,
> > Andrew
> >
> >
> > On 3/1/01 7:35 PM, "Andrew Halliday" <[EMAIL PROTECTED]> wrote:
> >
> > > open() is simply supposed to open the connection to the database and
> store
> > > it in $this->connection.
> > > As you can see - it gets the connection info from either the objects
> > > properties or from parameters passed to it.
> > > Can you see what Ive done wrong...if anything?!?!
> > >
> > > AndrewH
> > >
> > > ----- Original Message -----
> > > From: "Andrew Hill" <[EMAIL PROTECTED]>
> > > To: "Andrew Halliday" <[EMAIL PROTECTED]>;
> <[EMAIL PROTECTED]>
> > > Sent: Friday, March 02, 2001 11:13 AM
> > > Subject: Re: [PHP] Loss of connection handle object
> > >
> > >
> > >> Andrew,
> > >>
> > >> What is the open() function?
> > >>
> > >> Best regards,
> > >> Andrew
> > >> ---------------------------------------
> > >> Andrew Hill - OpenLink Software
> > >> Director Technology Evangelism
> > >> eBusiness Infrastructure Technology
> > >> http://www.openlinksw.com
> > >>
> > >>
> > >>
> > >>
> > >> On 3/1/01 7:27 PM, "Andrew Halliday" <[EMAIL PROTECTED]> wrote:
> > >>
> > >>> Okay - Im writing an object to wrap a database.
> > >>> The key problem is this:
> > >>>   - it declares a connection var as an object property
> > >>>   - the open() function opens the connection to the database and
> stores
> > >>> the handle in $this->connection
> > >>>   - the executeQuery() method complains about not having a valid
> handle,
> > >>> because by then, somehow, $this->connection==null!!!
> > >>>
> > >>> Any ideas?-i swear its just something stupid ive missed ...
> > >>>
> > >>> HELP!
> > >>>
> > >>> Thanx in advance,
> > >>> AndrewH
> > >>>
> > >>> -------------------------------------------------------------
> > >>> The code following this returns the following to the browser:
> > >>> -------------------------------------------------------------
> > >>> The connection in open() is :Resource id #1
> > >>> The connection in executeQuery() is :''
> > >>>
> > >>> Warning: Supplied argument is not a valid PostgreSQL link resource
in
> > >>> /var/wwwroot/php/PostgreSQLDataSource.php on line 67
> > >>>
> > >>>
> > >>> -------------------------------------------------------------
> > >>>
> > >>>
> > >>> class PostgreSQLDataSource
> > >>> {
> > >>>  var $connection;
> > >>>  var $lastResultSet;
> > >>>  var $error_handler;
> > >>>
> > >>>  var $host, $port, $username, $password, $database;
> > >>>
> > >>>  function PostgreSQLDataSource($host, $port, $username, $password,
> > >>> $database)
> > >>>  {
> > >>>     global $error_handler;
> > >>>     $this->error_handler = $error_handler;
> > >>>
> > >>>     $this->host = $host;
> > >>>     $this->port = $port;
> > >>>     $this->username = $username;
> > >>>     $this->password = $password;
> > >>>     $this->database = $database;
> > >>>
> > >>>     //Legacy behaviour: $this->open($host, $port, $username,
> $password,
> > >>> $database);
> > >>>  }
> > >>>
> > >>>  function open(/*variable arg list*/)
> > >>>  {
> > >>>     $connectionString = "";
> > >>>
> > >>>     if (func_num_args() == 5)
> > >>>     {
> > >>>        $this->host = func_get_arg(0);
> > >>>        $this->port = func_get_arg(1);
> > >>>        $this->username = func_get_arg(2);
> > >>>        $this->password = func_get_arg(3);
> > >>>        $this->database = func_get_arg(4);
> > >>>     }
> > >>>
> > >>>     if ($this->host)
> > >>>        $connectionString .= " host=".$this->host;
> > >>>     if ($this->port)
> > >>>        $connectionString .= " port=".$this->port;
> > >>>     if ($this->username)
> > >>>        $connectionString .= " user=".$this->username;
> > >>>     if ($this->password)
> > >>>        $connectionString .= " password=".$this->password;
> > >>>     if ($this->database)
> > >>>        $connectionString .= " dbname=".$this->database;
> > >>>
> > >>>     $this->connection = pg_Connect($connectionString);
> > >>> echo "The connection in open() is :".$this->connection."<BR>";
> > >>>     if ($this->connection == false)
> > >>>        return false;
> > >>>     else
> > >>>        return true;
> > >>>  }
> > >>>
> > >>>  function close()
> > >>>  {
> > >>>     return pg_Close($this->connection);
> > >>>  }
> > >>>
> > >>>  function executeQuery($queryString)
> > >>>  {
> > >>> echo "The connection in executeQuery() is
> :'".$this->connection."'<BR>";
> > >>>     $this->lastResultSet = pg_exec($this->connection,$queryString);
> > >>>     return new Iterator($this);
> > >>>  }
> > >>>
> > >>>  /*PRIVATE FUNCTIONS:*/
> > >>>  function getRow($row)
> > >>>  {
> > >>>     return pg_fetch_array($this->lastResultSet,$row);
> > >>>  }
> > >>>
> > >>>  function getResultLength()
> > >>>  {
> > >>>     return count($this->lastResultSet);
> > >>>  }
> > >>> }
> > >>>
> > >>>
> > >>>
> > >>>
> > >>
> > >
> >
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> To contact the list administrators, e-mail: [EMAIL PROTECTED]
>
>



Hi,
Imagine the following script:

<HTML>
<TITLE>Some Title</TITLE>
<BODY>
<?php
    $var = 1;
    if ($var == 1) {
        die ("I'm dead");
    }
    echo "I'm alive";
?>
</BODY>
</HTML>

If I try to execute via Internet Explorer ("5.x") apparently every thing
works fine.
It shows the string "I'm dead".

But if I use the Netscape 4.7x, I get a blank screen.
When I view the Source Code ("HTML code in Netscape") it shows:

<HTML>
<TITLE>Some Title</TITLE>
<BODY>
I'm dead

Netscape can't render the page if its missing the </BODY> and </HTML>
tags in the end.
I already used 'return' end 'exit' functions but with the same result.

There is some configuration parameter to the PHP server to send the rest
of HTML code after exit the script or workaround?

Thanks,






Don't use die (die just stops everything, nothing else gets send). 

> <HTML>
> <TITLE>Some Title</TITLE>
> <BODY>
> <?php
>     $var = 1;
>     if ($var == 1) {
>         echo ("I'm dead");
>     } else {
>         echo "I'm alive";
>     }
> ?>
> </BODY>
> </HTML>

----- Original Message ----- 
From: "Ricardo D'Aguiar" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Friday, March 02, 2001 10:54 AM
Subject: [PHP] Simple question!!!


> Hi,
> Imagine the following script:
> 
> <HTML>
> <TITLE>Some Title</TITLE>
> <BODY>
> <?php
>     $var = 1;
>     if ($var == 1) {
>         die ("I'm dead");
>     }
>     echo "I'm alive";
> ?>
> </BODY>
> </HTML>
> 
> If I try to execute via Internet Explorer ("5.x") apparently every thing
> works fine.
> It shows the string "I'm dead".
> 
> But if I use the Netscape 4.7x, I get a blank screen.
> When I view the Source Code ("HTML code in Netscape") it shows:
> 
> <HTML>
> <TITLE>Some Title</TITLE>
> <BODY>
> I'm dead
> 
> Netscape can't render the page if its missing the </BODY> and </HTML>
> tags in the end.
> I already used 'return' end 'exit' functions but with the same result.
> 
> There is some configuration parameter to the PHP server to send the rest
> of HTML code after exit the script or workaround?
> 
> Thanks,
> 
> 
> 
> 
> -- 
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> To contact the list administrators, e-mail: [EMAIL PROTECTED]
> 
> 




In article <[EMAIL PROTECTED]>,
 [EMAIL PROTECTED] (Ricardo D'Aguiar) wrote:

> Imagine the following script:
> 
> <HTML>
> <TITLE>Some Title</TITLE>
> <BODY>
> <?php
>     $var = 1;
>     if ($var == 1) {
>         die ("I'm dead");
>     }
>     echo "I'm alive";
> ?>
> </BODY>
> </HTML>
> 
> If I try to execute via Internet Explorer ("5.x") apparently every thing
> works fine.
> It shows the string "I'm dead".
> 
> But if I use the Netscape 4.7x, I get a blank screen.
> When I view the Source Code ("HTML code in Netscape") it shows:
> 
> <HTML>
> <TITLE>Some Title</TITLE>
> <BODY>
> I'm dead
> 
> Netscape can't render the page if its missing the </BODY> and </HTML>
> tags in the end.
> I already used 'return' end 'exit' functions but with the same result.
> 
> There is some configuration parameter to the PHP server to send the rest
> of HTML code after exit the script or workaround?

Is it an option to just move the code below the </html> tag?  Another 
option would be to echo the closing tags from within the conditional, prior 
to calling the die().  I believe output buffering can also be used to 
achieve what you want, but someone else will have to explain how (whether?) 
that can be done here.

-- 
CC



I'm sure there are more officially correct ways of doing it, but I've always
echoed /body /html before the die happens.

Sue

----- Original Message -----
From: Ricardo D'Aguiar <[EMAIL PROTECTED]>
> Imagine the following script:
>
> <HTML>
> <TITLE>Some Title</TITLE>
> <BODY>
> <?php
>     $var = 1;
>     if ($var == 1) {
>         die ("I'm dead");
>     }
>     echo "I'm alive";
> ?>
> </BODY>
> </HTML>
>
> If I try to execute via Internet Explorer ("5.x") apparently every thing
> works fine.
> It shows the string "I'm dead".
>
> But if I use the Netscape 4.7x, I get a blank screen.
> When I view the Source Code ("HTML code in Netscape") it shows:
>
> <HTML>
> <TITLE>Some Title</TITLE>
> <BODY>
> I'm dead
>
> Netscape can't render the page if its missing the </BODY> and </HTML>
> tags in the end.
> I already used 'return' end 'exit' functions but with the same result.
>
> There is some configuration parameter to the PHP server to send the rest
> of HTML code after exit the script or workaround?





Hi,

CC wrote:
>(...)Another option would be to echo the closing tags from within the conditional, 
>prior 
>to calling the die().
I already thought that, but if I want to use the die function inside another
function that can be called anywhere in the script (inside a table or form) I've
possibly the same problem.

>I believe output buffering can also be used to 
>achieve what you want, but someone else will have to explain how (whether?) 
>that can be done here.
That a good idea, I thinks it is a new feature of PHP 4.0.

Thanks ...
+++++++++++++++++++++++++++++++
Ricardo D'Aguiar
MemoSis - Sistemas Informáticos
Portugal
+++++++++++++++++++++++++++++++



hi~

#cat httpd.conf | grep ErrorDocument
ErrorDocument 404 http://aaa.bbb.ccc.ddd/404.php

i wanna get URL inputed by user's browser.


# cat 404.php
<?
$pre_url = $HTTP_SERVER_VARS[HTTP_REFERER];
echo "$pre_url";
?>

have a good time~. :)



hi~

#cat httpd.conf | grep ErrorDocument
ErrorDocument 404 http://aaa.bbb.ccc.ddd/404.php

i wanna get URL inputed by user's browser.


# cat 404.php
<?
$pre_url = $HTTP_SERVER_VARS[HTTP_REFERER];
echo "$pre_url";
?>

have a good time~. :)





----- Original Message ----- 
From: Scott Wagner 
To: php 
Sent: Thursday, March 01, 2001 11:55 PM
Subject: can't start apache


Hi
I just installed mysql, apache and php4 on Linux Mandrake 7.0 from a cd I got with the 
book "PHP Fast and Easy"  After installing apache it seemed ok and started normally.  
But after installing PHP4 I get the following error message when I try to start apache:

Syntax error on line 207 of httpd. config: cannot load 
/usr/apache_1.3.12/libexec/libphp4.so into server: 
/usr/loca/apache_1.3.12/libexec/libphp4.so: undefined symbol: mysql_init

 I used the following command to build php4:
./configure --with-mysql=/usr/local/mysql-3.22.32-pc-linux-gnu-i686/ 
--with-apxs=/usr/local/apache_1.3.12/bin/apxs

Including ./configure --activate-module=src/modules/modules/p in installation fails, 
saying directories do not exist.  Looking at previous output it appears that the 
modules have already been activated.

Any hints in a newbie-friendly format would be greatly appreciated.
Thanks,
SW




Hello everybody,

I am fairly new to php and have the following problem:

I wrote an application that uses sessionhandling. I will enclose parts
of the code below.
It runs fine under Netscape 4.74, or Explorer 5 and also under other
Browsers.
Problems arise under Netscape 4.6 when cookies are not allowed.

When I ask for the startpage, only one of three parts of a frame
appears, and disappears again,
and another part of the frame is briefly displayed and disappears again.
It keeps flickering and doesnt stop.
I have also seen a browser where it was flickering a few seconds but
then finally the
page was properly displayed. I thought that was because PHP seems to set
cookies, but if that doesnt
work it uses its own sessionmanagement. 
Something seems to go wrong in our case.
My boss thinks our problem has something to do with cookies,
as it runs fine as long as cookies are enabled. It also runs fine if we
order it via https (SSL).

Do you have any clue what could go wrong and how I could try to fix
it???
Why does it work with SSL?

I hope I have been precisely enough in describing my problem. I tried as
hard as I could ;-)
If not please ask for more information.

Thank you very much for your help!!!!!


Here is part of the code:

The following function is called on top of every page that I wrote by 
<?php

top_of_page(getenv("SCRIPT_FILENAME"));

?>
<HTML and the rest of html and php-Code.
------------------------------------------------------------------------------------


function top_of_page($page_name, $db_persistent_connection = true,
$redirect = true)
{
        /*
        Error reporting
        */
        error_reporting(255);
        
        global $db, $sess_rolle, $sess_ben_id, $QUERY_STRING;

        /*
        QUERY_STRING 
        */
        build_query_string();


        /*
        free $page_name from path
        */
        $page_name = basename($page_name);
                
        /*
        Headers to prevent page from being cached
        */
        header ("Expires: Mon, 26 Jul 1997 05:00:00 GMT");    // Date in the
past
        header ("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
// always modified
        header ("Cache-Control: no-cache, must-revalidate");  //
HTTP/1.1
        header ("Pragma: no-cache");                          // HTTP/1.0
        
        /*
        Set PHP Options
        */
        ignore_user_abort(TRUE);

        /*
        Open Handle to DB (PostgreSQL)
        */
        if ($db_persistent_connection)
        {       @$db=pg_pconnect("dbname=license port=5432 user=postgres
password=a73hui09w"); }
        else
        {       @$db=pg_connect("dbname=license port=5432 user=postgres
password=a73hui09w"); }
        if (!$db)
        {
                /*
                redirect client to error page
                if connect was not successful
                */
                header("Location: ../error/db_err.html");
                return TRUE;
        }

        /*
        Start Session
        ALERT! If browser rejects all cookies, 
        the server only returns empty documents.
        */
        @session_start();
        if (!session_is_registered("sess_rolle"))
        {
                /*
                New session! goto index page!
                */
                $sess_rolle=-1;
                session_register("sess_rolle");
                $sess_ben_id=-1;
                session_register("sess_ben_id");
                $sess_message="";
                session_register("sess_message");
                
                writeLog("utils.inc.php", "session started", true);
                
                
                if ($page_name!="index.php" and $redirect)
                {
                        header("Location: index.php?" . SID);
                        exit;
                }       
        }       

----------------------------------------------------------------------------------


Greetings, all.

I'm a relative newcomer to PHP, looking into the possibilities of setting up
a LAMP (Linux, Apache, MySQL, PHP, and Perl) platform for a new web server.
We have everything set up and running currently, with PHP 4.04 running as an
Apache module.  We'd like to pitch this to the higher-ups as a good thing
for our site and our customers (who would also be able to use PHP), but we
first have to address some security concerns.

Namely, we're thinking it would be nice for users to be able to write
scripts which would generate and store files within their home directories.
However, because PHP runs as nobody, any such file would essentially need
writable permission for every user.  This leaves any PHP-written file
vulnerable to exploitation by anybody with a site on the server and some
knowledge of PHP.

Essentially, I'm wondering if there's any way in this situation for a PHP
script to inherit the permissions of the user that owns it.  This would
allow us (and our users) to write freely within the confines of our own
directories.  Nice thought, but I'm really beginning to wonder if it's
doable.

Any input or suggestions which could be offered would be very much
appreciated.  Thanks.




Does anyone know how to fix the following problem?  I have configured php
with --with-pfpro=/usr/local and it does not complain about the header or
the library.

root@server5:/usr/local/apache/conf# ../bin/apachectl configtest
Syntax error on line 213 of /usr/local/apache1317/conf/httpd.conf:
Cannot load /usr/local/apache1317/libexec/libphp4.so into server:
/usr/local/apa
che1317/libexec/libphp4.so: undefined symbol: PNVersion
root@server5:/usr/local/apache/conf#

I have run into this before with other undefined symbols but have just
reconfigured php to included the library.  Any ideas?

-Bob




When I try compile php I get the following error that is directly related to
PNVersion:

root@server5:/usr/local/phpApache/php-4.0.4pl1# make > make.out
pfpro.c: In function `php_if_pfpro_version':
pfpro.c:129: warning: initialization makes pointer from integer without a
cast
root@server5:/usr/local/phpApache/php-4.0.4pl1#

The code in pfpro.c that is affected is:
/* {{{ proto string pfpro_version()
   Returns the version of the Payflow Pro library */
PHP_FUNCTION(pfpro_version)
{
        if (ZEND_NUM_ARGS() != 0) {
                WRONG_PARAM_COUNT;
        }

        RETURN_STRING(PNVersion(), 1);
}

Is it just a coincidence that this is bombing out as well as the undefined
symbol...

-Bob


-----Original Message-----
From: Robert Covell [mailto:[EMAIL PROTECTED]]
Sent: Friday, March 02, 2001 7:51 AM
To: [EMAIL PROTECTED]
Subject: [PHP] undefined symbol (PayFlow Pro)


Does anyone know how to fix the following problem?  I have configured php
with --with-pfpro=/usr/local and it does not complain about the header or
the library.

root@server5:/usr/local/apache/conf# ../bin/apachectl configtest
Syntax error on line 213 of /usr/local/apache1317/conf/httpd.conf:
Cannot load /usr/local/apache1317/libexec/libphp4.so into server:
/usr/local/apa
che1317/libexec/libphp4.so: undefined symbol: PNVersion
root@server5:/usr/local/apache/conf#

I have run into this before with other undefined symbols but have just
reconfigured php to included the library.  Any ideas?

-Bob


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]





Hello!

I'm facing a problem.

Inside of a php3 script - I have a string that contains html code as well 
as php3 code.

At start, when I tried ECHOing the string to screen, the php commands 
weren't activated
and viewing the source of the generated page allowed me to see that they 
were just left
as they are, without any compilation.

How can I make those php3 commands to work as they supposed to?


Thank you in advance -

   Aviv Revach

     BRILLIANeT Website -
   http://www.brillianet.com/




Hy there!

Aviv Revach wrote:
> How can I make those php3 commands to work as they supposed to?

  Take a look at the eval() function
http://www.php.net/manual/en/function.eval.php
  It does exactly what you are looking for...

See you,
-- 
Lucas Persona                            ICQ #17635618
[EMAIL PROTECTED]               +55 19 451 6300
-------------------------------------------------------
Widesoft Sistemas Ltda      http://www.widesoft.com.br



Hey!

At 14:29 02/03/01 -0300, Lucas Persona wrote:
>Hy there!
>
>Aviv Revach wrote:
> > How can I make those php3 commands to work as they supposed to?
>
>   Take a look at the eval() function
>http://www.php.net/manual/en/function.eval.php
>   It does exactly what you are looking for...

Actually it doesn't. My string does not(!!) contains only php code.
It contains HTML tags, text, and php code (called with <?php ?>).

Now, What should I do in order to run both the html tags and the php commands
in it?


Thank you in advance -

   Aviv Revach

     BRILLIANeT Website -
   http://www.brillianet.com/




Hey,

Aviv Revach wrote:
> At 14:29 02/03/01 -0300, Lucas Persona wrote:
> >Aviv Revach wrote:
> > > How can I make those php3 commands to work as they supposed to?
> >   Take a look at the eval() function
> >http://www.php.net/manual/en/function.eval.php
> 
> Actually it doesn't. My string does not(!!) contains only php code.
> It contains HTML tags, text, and php code (called with <?php ?>).

I don't know any real function that does it...others could know
something more about this, but if nothing is presented to you, you could
do something like:
 - get all the '<?php' '?>' tags' position and separe them from the
other code (that will be HTML);
 - you will have two things (could be an array of data). One is all the
php code and the other is the HTML code; If you create a bidimensional
array you can create a sequence of php and html code, or better than
that, create a vector that will have the Data Type (HTML or PHP) and the
value (the code)
 - Then, for each row or field of you array/vector , you check if it is
php code (then use eval) or HTML (then use echo).

Hope this helps,
-- 
Lucas Persona                            ICQ #17635618
[EMAIL PROTECTED]               +55 19 451 6300
-------------------------------------------------------
Widesoft Sistemas Ltda      http://www.widesoft.com.br



Does anyone know how to set server side cookies in php?  Or can you
point me to a link on how to do this.
Please note that I am not asking how to set client side cookies.

Thanks,

Jeff




hi all, just a quick question.

i've made a personal addressbook, the code for which i'm going to
release soon (best probably for newbies). anyway, i want to make it
so that i can pass multiple email address from one page to another.

basically it'll be a form select function like :
<select name="$emailto[]";>
  <option name="email1">name1
  <option name="email2">name2
  <option name="email3">name3
  <option name="email4">name4
</select>

now say i select name 1 and 4. i want to extract the emails on the
page the variables are passed to, seperated by a comma.

any piece of code??

thanks!

/sunny

__________________________________________________
Do You Yahoo!?
Get email at your own domain with Yahoo! Mail. 
http://personal.mail.yahoo.com/



$email_list = implode(",",$emailto);

The name in your select probably doesn't need the $

Data Driven Design
PO Box 1084
Holly Hill, Florida 32117

http://www.datadrivendesign.com
http://www.rossidesigns.net
----- Original Message ----- 
From: "Sandeep Hundal" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Friday, March 02, 2001 11:28 AM
Subject: [PHP] how can i extract from such an array??


> hi all, just a quick question.
> 
> i've made a personal addressbook, the code for which i'm going to
> release soon (best probably for newbies). anyway, i want to make it
> so that i can pass multiple email address from one page to another.
> 
> basically it'll be a form select function like :
> <select name="$emailto[]";>
>   <option name="email1">name1
>   <option name="email2">name2
>   <option name="email3">name3
>   <option name="email4">name4
> </select>
> 
> now say i select name 1 and 4. i want to extract the emails on the
> page the variables are passed to, seperated by a comma.
> 
> any piece of code??
> 
> thanks!
> 
> /sunny
> 
> __________________________________________________
> Do You Yahoo!?
> Get email at your own domain with Yahoo! Mail. 
> http://personal.mail.yahoo.com/
> 
> -- 
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> To contact the list administrators, e-mail: [EMAIL PROTECTED]
> 





Php is not parsing .data files, I have the following in Apache config.


AddType application/x-httpd-php phtml php php3 data 


Thanks,
David



Try putting this in your config in place of what you currently have:

AddType application/x-httpd-php phtml
AddType application/x-httpd-php php
AddType application/x-httpd-php php3
AddType application/x-httpd-php data

Then restart Apache and see if that does it for you.

Josh Hoover
KnowledgeStorm, Inc.

Searching for a new IT solution for your company? Need to improve your
product marketing? 
Visit KnowledgeStorm at www.knowledgestorm.com to learn how we can simplify
the process for you.
KnowledgeStorm - Your IT Search Starts Here 


> Php is not parsing .data files, I have the following in Apache config.
>  
> AddType application/x-httpd-php phtml php php3 data 



On Friday 02 March 2001 00:23, Shaun Thomas wrote:
> On Thu, 1 Mar 2001, Meir kriheli wrote:
> > I use both of the databases (Interbase 6.01 and PostgreSQL 7.1beta4).
> >
> > PostgreSQL has more features comapared to Interbase (the procedureal
> > language is very robust and there are many datatyps to choose from. Also
> > you can have some kind of object support in it to inherit tables for
> > example), but it's windows implemenation is very hard (at least for me, I
> > like to compile it).
>
> Postgres also has a nasty show-stopping bug they don't seem to want to
> fix.  Try making a stored procedure with many parameters, and send
> a single null to it.  I dare you.  I so love having all of my other
> parameters, and the return value of the function turned into null because
> postgres can't tell where a null occoured.

I don't like stored procedures, or functions in any programming language that 
accepts many parameters, and I avoid the as much as I can. Those things are 
hard to debug and write (hmm, what paraemeters should go here ? :-( ) and 
they hinder the readability of the code.

As for null values, I don't use them as well, I work with different databases 
and each one has their quirks about null. Basiclly null is undefined and 
should stay that way. Usually I decide on an invalid value (such as -1) and 
pass it to the function.

> I also love the fact that you can't drop foreign keys, modify columns,
> drop columns without rebuilding the entire table, etc.  We use it here,
> but it makes me want to pull my hair out.  If someone would just combine
> postgres and mysql, we'd have the best database in the universe.  Fast and
> stable, with all of the RDBMS anyone could want.

Well I can do all of this in mysql because there's no referential integrity. 
You can't drop or modify a column which is reference by a foreign key, 
beacuse  that would break the integrity. You don't need to rebuld the table,
just drop the foriegn key and off you go.

> But as it stands, postgres is still a bit player with an incomplete
> feature set.  But I don't want to start a holy war here, so I'll drop it.

OK.

> > As for speed both are very fast (even when compared to commerical DB, in
> > my tests the deafult install of Interbase outperfomed the default install
> > of Oracle 8i about 10X, tested on P166 with 96MB and PII400 with 192MB).
>
> This only occours if you don't know how to optimize Oracle.  Oracle is
> *very* picky about *everything*.  You need index tablespaces on separate
> disks from the data tablespaces, and yet another one for system
> tablespaces.  You should also have one for archive logs, redo logs, and of
> course your temporary tables.  Setting it to threading mode is also nice
> for connection pooling and to stop killing your machine under heavy load.
>
> That, and the machines you've quoted are in no way powerful enough for
> production Oracle databases, period.  You should also run oracle on some
> kind of Solaris/Sun combo.  Raw mount points direct to the actual disks is
> ideal, but loopback filesystems work just as well. Remember to cluster
> your raid into 4 - 6 arrays of 3+ disks, too.  There is no such thing as a
> default Oracle install, because installing oracle on a single user machine
> with one disk and only a little ram (yes, anything under 512 is very
> little for Oracle) will make Oracle look like a piece of crap.
>
> The point about Oracle is that it *lets* you do all of those
> optimizations, and if you're good at it, it will outperform almost any
> other database you throw at it.  Trust me on this one.

Well let me see,

1. I have several databases to choose from, Which give me the performance I 
need.

2. I don't have to be a DBA to manage them, I don't have to use raids to get 
performance and I don't have to split indexes between hard disks to get 
adaquete preformence.

3. I don't a supercomputer and I can use them in moderate hardware for my 
needs, and I don't have to dedicate plenty of RAM to them.

4. This databases are open-source and don't have linking problems. Anyone 
tried to install Oracle 8.0.5 on Linux (patch-O-rama for Glibc). 8i is a 
resource hog (JVM in the database, are they nuts ?) and i won;t touch it with 
a stick,

5. I can expect this databases to work for me out of the box (out of the 
install in this case)

6. All this databases are free and I can choose the one I want according to 
the task I'm facing, without paying outrages licensing fee to Oracle, and 
spending lots of money on unnedded hardware.

Isn't the choice obvious ? Why would anyone touch Oracle - I guess it is only 
because of their hype and spin - much like some other company I won't mention.

BTW, I was in Oracle's OPP program for quite a while, but left it when 8i 
came out, it was an overkill. (But I sure miss those Oracle parties, They 
were outrages, or as one of their representives said to me, they had lots of 
money the needed to spend).

OK, I'll stop now, I'm running out of air, I think I'm turning blue, Help !! 
Help !! someone ? anyo.... ahhhhhhhhhh  ^^^_^^_^___________________
-- 
Meir Kriheli

  There's someone in my head, but it's not me - Pink Floyd




[Resend]  Was Not Able To Take Last Entry..  Please Fill Out Again.

Hey... We Haven't Talked In So Long!!  How Have You Been?
Thought I would Forward you this email!

I usually delete these but I opened this one, like what I saw, 
and thought you would like to see this.

http://%33%35%30%36%35%36%31%34%39%37/cc%63v%76%76%78%78%78%7A%7A%7A%38%398%39/

IF THE LINK IS NOT HIGHLIGHTED OR YOU CANNOT CLICK ON IT.
COPY AND PASTE IT IN YOUR BROWSER.












Hello,

I am making a PHP script that upload formmail into people web directory with
all the settings easily configured on a web based setup screen.  Is there a
way to have php remove all ^M (Control M) from the file before it uploads it
to the server?

Thank you,

--------------------------------------------
Brandon Orther
WebIntellects Design/Development Manager
[EMAIL PROTECTED]
800-994-6364
www.webintellects.com
--------------------------------------------




Here is a solution I can up with to solve all the CR and LF funniness coming
from different web browsers.

$input = ereg_replace("\r\n|\n|\r", "\n", $input);

-----Original Message-----
From: Brandon Orther [mailto:[EMAIL PROTECTED]]
Sent: Friday, March 02, 2001 9:43 AM
To: PHP User Group
Subject: [PHP] strip ^M's ??


Hello,

I am making a PHP script that upload formmail into people web directory with
all the settings easily configured on a web based setup screen.  Is there a
way to have php remove all ^M (Control M) from the file before it uploads it
to the server?

Thank you,

--------------------------------------------
Brandon Orther
WebIntellects Design/Development Manager
[EMAIL PROTECTED]
800-994-6364
www.webintellects.com
--------------------------------------------


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]




use the dos2unix utility

-----Original Message-----
From: Brandon Orther [mailto:[EMAIL PROTECTED]]
Sent: Friday, March 02, 2001 11:43 AM
To: PHP User Group
Subject: [PHP] strip ^M's ??


Hello,

I am making a PHP script that upload formmail into people web directory with
all the settings easily configured on a web based setup screen.  Is there a
way to have php remove all ^M (Control M) from the file before it uploads it
to the server?

Thank you,

--------------------------------------------
Brandon Orther
WebIntellects Design/Development Manager
[EMAIL PROTECTED]
800-994-6364
www.webintellects.com
--------------------------------------------


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]



Thanks!

Werked Great d;-Þ

-----Original Message-----
From: Nathan Cassano [mailto:[EMAIL PROTECTED]]
Sent: Friday, March 02, 2001 9:46 AM
To: 'Brandon Orther'; [EMAIL PROTECTED]
Subject: RE: [PHP] strip ^M's ??


Here is a solution I can up with to solve all the CR and LF funniness coming
from different web browsers.

$input = ereg_replace("\r\n|\n|\r", "\n", $input);

-----Original Message-----
From: Brandon Orther [mailto:[EMAIL PROTECTED]]
Sent: Friday, March 02, 2001 9:43 AM
To: PHP User Group
Subject: [PHP] strip ^M's ??


Hello,

I am making a PHP script that upload formmail into people web directory with
all the settings easily configured on a web based setup screen.  Is there a
way to have php remove all ^M (Control M) from the file before it uploads it
to the server?

Thank you,

--------------------------------------------
Brandon Orther
WebIntellects Design/Development Manager
[EMAIL PROTECTED]
800-994-6364
www.webintellects.com
--------------------------------------------


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]




Hello,

I'm trying to to Image manipulation using PHP.  It faild at the first Image
Call (imagefontheight)!  So I guess I need to compile my PHP server to
support the extendid list of image functions.  What are the steps to doing
this?

Thanks!




http://www.php.net/manual/en/ref.image.php

~jack

"Karl J. Stubsjoen" wrote:
> 
> Hello,
> 
> I'm trying to to Image manipulation using PHP.  It faild at the first Image
> Call (imagefontheight)!  So I guess I need to compile my PHP server to
> support the extendid list of image functions.  What are the steps to doing
> this?
> 
> Thanks!
> 
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> To contact the list administrators, e-mail: [EMAIL PROTECTED]



Hey!

About Netscape's Hebrew support.. soon... but not yet..

 >And one more thing, the different browsers on PalmPilots (AvantGo , 
webClient
 >etc.) rely on palm's Hebrew support which is only logical, no visual support
 >in palm).

Oh, good to know.


 >If I'm not out of line here, can you tell me what this site is about, and
 >what kind of audienece accessing it you excpect ? If it is for the common
 >people, most of them will use IE, I guess they don't even know how to 
install
 >netscape for themself, and most of them even don't know how to change their
 >homepage :-(


Well, I'm building this site for a shop. It's audience will probably be 
adults between ages
of 25 to 55. They won't be Internet wizards, but this shop is rather 
expensive so they will
probably be more than just common people.

 >There's no easy solution for this and many Hebrew site developers are having
 >hard time trying to figure out what to do.

 >Maybe you should run a poll on your site (should be written in visual
 >encoding - of course) asking the visitors for their opinions.

hmmmm..... I'm getting tired from this Hebrew issue.. This is probably the 
reason to
change my profession..  ;(


Still no quick answers.. you chose to ignore Visual-Only browsers.
You told me that many Hebrew website developers didn't.
What should I do??


Thank you in advance -

   Aviv Revach

XOR-Coders Mega Programming Resource Site! -
         http://members.xoom.com/xorcoders/




Why build your own shop when you can build one with NetVision (Nana)
or Walla shops?

Sincerely

      berber

Visit http://www.weberdev.com Today!!! 
To see where PHP might take you tomorrow.
 

-----Original Message-----
From: Aviv Revach [mailto:[EMAIL PROTECTED]]
Sent: Thursday, March 01, 2001 8:14 PM
To: Meir kriheli; [EMAIL PROTECTED]
Subject: Re: [PHP] Hebrew websites transition with php3 ..


Hey!

About Netscape's Hebrew support.. soon... but not yet..

 >And one more thing, the different browsers on PalmPilots (AvantGo , 
webClient
 >etc.) rely on palm's Hebrew support which is only logical, no visual
support
 >in palm).

Oh, good to know.


 >If I'm not out of line here, can you tell me what this site is about, and
 >what kind of audienece accessing it you excpect ? If it is for the common
 >people, most of them will use IE, I guess they don't even know how to 
install
 >netscape for themself, and most of them even don't know how to change
their
 >homepage :-(


Well, I'm building this site for a shop. It's audience will probably be 
adults between ages
of 25 to 55. They won't be Internet wizards, but this shop is rather 
expensive so they will
probably be more than just common people.

 >There's no easy solution for this and many Hebrew site developers are
having
 >hard time trying to figure out what to do.

 >Maybe you should run a poll on your site (should be written in visual
 >encoding - of course) asking the visitors for their opinions.

hmmmm..... I'm getting tired from this Hebrew issue.. This is probably the 
reason to
change my profession..  ;(


Still no quick answers.. you chose to ignore Visual-Only browsers.
You told me that many Hebrew website developers didn't.
What should I do??


Thank you in advance -

   Aviv Revach

XOR-Coders Mega Programming Resource Site! -
         http://members.xoom.com/xorcoders/


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]



Does anyone know if there exist an job-ad script?

David





I have a problem with the session not using cookies.

The code below doesn΄t seem to set a cookie even though my php.ini has it
set.
If I use the header after initializing the session, nothing appears in
getsess.php.
If I click the link on the other hand, the PHPSESSID-variable is added to
the URL.

What do I do to enable the cookies?
(I know how ordinary cookies work and how to set and delete them=

<?
// -- default.php -->
if ($submit) {

 $pref_username = "tobias";
 $pref_password = "password";

 if ($pref_username == $username && $pref_password == $password) {
 session_start();

 session_register("SESSION");
 $SESSION["username"] = $username;
 $SESSION["password"] = $password;
 // header("Location: getsess.php");
 // echo "<a href=getsess.php>go</a>";
 } else {
 header("Location: $PHP_SELF?username=$username");
 }
}
?>

<form method="post" action="<? echo $PHP_SELF; ?>">
Username: <input type="text" name="username" value="<? echo $username; ?>">
<br>
Password: <input type="text" name="password">
<br>
<input type="submit" name="submit">
</form>

// -- getsess.php -->
<?
session_start();
echo $SESSION["username"];
echo $SESSION["password"];
?>

What am I missing?

Thanks
// Tobias






On Fri, 2 Mar 2001, PHP development @echospace wrote:

> I remember being able to compile, but not use pspell on a RH7 machine. Never had 
>time to look into it. Maybe now I will. Compile problems might be due to the fact 
>that gcc 2.96 is behaving oddly - I couldn't compile half the things with it 
>properly. Try recent egcs instead. It looks however that I can't blame compiler only 
>in your case. If you can't get it resolved, could you please submit a bug report with 
>the part of the output where compile fails (not just *that* very line, but like 50 
>preceding lines too - a larger chunk so I can see)
>>> 

Hmmm.  So, I try to recompile to reproduce the error, this time advancing
back to .12; I compile; no errors AND the module error goes away (thus,
it works great as it always had on RH6.2).

Weird.

These are the only two things I can think of.

My progression was this; get .12 (it failed to compile; (php+apache -
pspell/aspell compiled fine), read php-dev, saw there might be issues so I
reverted back to .11.2 (pspell).  It compiled, but, with the aspell module
issue.  Figured perhaps it was the most recent aspell (I had gotten
aspell-.33); so, I reverted that back to 32.6; recompiled still got aspell
module issues.  Noted that RH7 have some glibc issues (and, it had caused
some other issues with aspell/pspell); updated both glibc and gcc from
redhat (rpm updates), recompiled, still had aspell module issues with PHP.  
Finally, to replicate the compile error I went BACK to pspell .12,
recompiled, everything worked.

So, the two things I can think of is:

a) the newest aspell libraries are causing problems either in the compile
or in the aspell module loading

b) redhat's buggy glibc/gcc

the only odd thing was that I can't necessarily isolate either of these as
the cause.  But, aspell 32.6+pspell .12+updated RH glibc 2.2-12 &
gcc-2.96-69 + apache 1.3.14 + php-4.0.4pl1 works on RH 7 now.  My
inclination is that it's aspell, since, the same behavior existed with
both stock and updated glibc and gcc.
 

> 
> 
> 
> ----- Original Message -----
> From: Seth Northrop 
> To: [EMAIL PROTECTED],[EMAIL PROTECTED]
> Sent: Thu, 1 Mar 2001 18:41:25 -0800 (PST)
> Subject: [PHP-DEV] pspell/aspell breaking 
> 
> 
> Setup:
> aspell-.32.6
> pspell-.11.2
> php-4.0.4pl1
> apache_1.3.14
> RH 7.0
> glibc 2.2-12
> gcc-2.96-69
> 
> Procedure:
> ./pspell-.11.2/configure 
> make && make install
> 
> ./aspell-.32.6/configure 
> make && make install
> 
> ./php-4.0.4pl1/configure --without-gd --with-mysql
> --with-config-file-path=/usr/local/apache/etc --enable-debug=no
> --with-pspell --with-apache=/usr/local/src/apache_1.3.14
> make && make install
> 
> ./apache_1.3.14/configure --prefix=/usr/local/apache --with-layout=GNU
> --disable-module=userdir --disable-module=include
> --activate-module=src/modules/php4/libphp4.a
> make && make install
> 
> Results in:
> Warning: PSPELL couldn't open the dictionary. reason: Unable to load the
> "aspell" module. in foo.inc on line 564
> 
> Aspell works great on the command line. Am I missing something? 
> 
> Incidently, I can't even get php to compile with pspell-.12
> 
> Ideas?
> Seth
> 
> 
> 








Hi..  We have a city map using co-ordinates to link to specific info on various
buildings, etc.  The links bring up an information page with data and photos for
each building locations on the map.

My question is, when this information page is accessed from another direction,
say a menu, can there be a link that operates in 'reverse', back to the map and
the building in question?   We still want people to see the map, relating to a
specific building, whether they start there or end up there. 

I thought the map could perhaps position itself so that the point of interest is
always in the center, or that it blinks, or has a arrow pointing to it.  It
doesn't matter what the final display looks like, just that is shows a
particular location clearly.  

Can anyone say if this is even possible?  

Thanks.

Floyd

--




Hey Floyd,

You can do lots with dynamic info using gd and PHP's image functions...
for example, you could read the map into a new image, draw a circle
around the area in question, then output this new picture...check out
php.net's info on images:

http://www.php.net/manual/en/ref.image.php

best of luck,

~jack

Floyd Baker wrote:
> 
> Hi..  We have a city map using co-ordinates to link to specific info on various
> buildings, etc.  The links bring up an information page with data and photos for
> each building locations on the map.
> 
> My question is, when this information page is accessed from another direction,
> say a menu, can there be a link that operates in 'reverse', back to the map and
> the building in question?   We still want people to see the map, relating to a
> specific building, whether they start there or end up there.
> 
> I thought the map could perhaps position itself so that the point of interest is
> always in the center, or that it blinks, or has a arrow pointing to it.  It
> doesn't matter what the final display looks like, just that is shows a
> particular location clearly.
> 
> Can anyone say if this is even possible?
> 
> Thanks.
> 
> Floyd
> 
> --
> 
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> To contact the list administrators, e-mail: [EMAIL PROTECTED]



I have a string that can be any length and contain any
number or words.  Each string also has,  somewhere
near end, a list of parameters that can begin with any
number of five or six different parameter markers. I
need to find the position of the first of these
parameters markers, which can be in any order, so I
can seperate the user string from the parameters...and
I can't change the way the information is provided.

The only way I could get this to work is, since
there's only five different markers, locate the
position of each marker in the string, stick it in an
array, sort the array and find the first element that
is greater than 3 (the strpos uses an offset of 3
since the user portion of the string cannot be less
than three charcters long plus a space), this element
has to be the marker and position that begins the
parameter portion of the string.

Anyone know of a better more elegant ( read as faster)
way to handle this problem. 

rm

__________________________________________________
Do You Yahoo!?
Get email at your own domain with Yahoo! Mail. 
http://personal.mail.yahoo.com/



This is driving me nuts. I really tried to figure it out
myself. I have a form for creating a table. The form
fields have field_name field_type field_length, and
checkboxes for not_null, auto_increment and primary.

When I check the primary key checkbox it always makes
the first field the primary key no matter what. And it
makes two date fields I enter NULL and the rest NOT
NULL no matter what I put in the checkboxes. The code
is below along with a printout of the SQL query. I only
wanted suffix and death date to be null. This is combination
from PHP Fast and Easy and MySQL by Dubois.

$sql = "CREATE TABLE $table_name (";

for ($i = 0; $i < count($field_name); $i++) {

        $sql .= "$field_name[$i] $field_type[$i]";

        if ($not_null[$i] == "Y") {
                $additional = " NOT NULL";
        } else {
                $additional = " NULL";
        }

        if ($auto_increment[$i] == "Y") {
                $additional .= " AUTO_INCREMENT";
        } else {
                $additional .= "";
        }

        if ($primary[$i] == "Y") {
                $additional .= " primary key";

        } else {
                $additional .= "";
        }

        if ($field_length[$i] != "") {
                $sql .= "($field_length[$i]) $additional,";
        } else {
                $sql .= " $additional,";
        }

}

$sql = substr($sql, 0, -1);

$sql .= ")";

------------

CREATE TABLE president (last_name varchar(15) NOT NULL primary key,first_name
varchar(15) NOT NULL,suffix varchar(5) NOT NULL,city varchar(20) NOT NULL,state
varchar(2) NOT NULL,birth date NULL,death date NULL)

Reply via email to