php-general Digest 5 Oct 2003 04:21:30 -0000 Issue 2336
Topics (messages 165038 through 165078):
Global varialbes in functions
165038 by: Jeff McKeon
165039 by: Matt Schroebel
165040 by: Jeff McKeon
Design Pattern Goulash Was: Committing OO Sin
165041 by: Gerard Samuel
Re: XML Application Objects
165042 by: rush
165043 by: rush
Re: PHP coders spare time [OT}
165044 by: Ryan A
$_SERVER['REMOTE_HOST']
165045 by: John Taylor-Johnston
165046 by: Marek Kilimajer
165050 by: Ryan A
165060 by: Chris Shiflett
165078 by: John Nichel
Re: embedding code
165047 by: John Taylor-Johnston
165048 by: John Taylor-Johnston
165053 by: Jason Wong
Re: hotscripts style program
165049 by: olinux
hotscripts style program (conclusion)
165051 by: Ryan A
changing from Apache mod to CGI
165052 by: Cristian Lavaque
165054 by: Jason Wong
165055 by: messju mohr
165056 by: Cristian Lavaque
165057 by: Jason Wong
165062 by: messju mohr
Re: Tracking IP Addresses
165058 by: Mika Tuupola
165059 by: Mika Tuupola
165061 by: Mika Tuupola
Re: PHP and .HTACCESS
165063 by: Mika Tuupola
165064 by: Curt Zirzow
Re: Attempt at putting greedy htmlspecialchars on a diet
165065 by: Gerard Samuel
165074 by: Curt Zirzow
165077 by: Curt Zirzow
returning a variable from a class function? plus other probs
165066 by: Kirk Babb
165067 by: Javier Muniz
165068 by: Dan Anderson
165069 by: Kirk Babb
165070 by: Curt Zirzow
165071 by: Dan Anderson
165072 by: Dan Anderson
165075 by: Kirk Babb
165076 by: Curt Zirzow
Apache API?
165073 by: \[ASDF\] Jeremy
Administrivia:
To subscribe to the digest, e-mail:
[EMAIL PROTECTED]
To unsubscribe from the digest, e-mail:
[EMAIL PROTECTED]
To post to the list, e-mail:
[EMAIL PROTECTED]
----------------------------------------------------------------------
--- Begin Message ---
I've got a page that is passed the global variable 'ticketnumber' in the
url.
In my first two functions on the page I can call this variable using
$_GET['ticketid'] no problem.
However on the third funtion I get an undefined index error for
'ticketid'
Anyone know why?
Thanks,
Jeff
--- End Message ---
--- Begin Message ---
Jeff McKeon said on Saturday, October 04, 2003 at 11:35 AM
>However on the third funtion I get an undefined index error for
'>ticketid'
Post some code ...
--- End Message ---
--- Begin Message ---
Sorry, I just figured it out. The third function was getting it's data
from a form submit using post and I didn't include a hidden input field
with the $_GET[''] variable as a value.
Jeff
> -----Original Message-----
> From: Jeff McKeon
> Sent: Saturday, October 04, 2003 11:35 AM
> To: php
> Subject: [PHP] Global varialbes in functions
>
>
> I've got a page that is passed the global variable
> 'ticketnumber' in the url.
>
> In my first two functions on the page I can call this
> variable using $_GET['ticketid'] no problem.
>
> However on the third funtion I get an undefined index error
> for 'ticketid'
>
> Anyone know why?
>
> Thanks,
>
> Jeff
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
--- End Message ---
--- Begin Message ---
Robert Cummings wrote:
Feel free to ask questions
I couldn't come up with anything substantial via other examples, so I
fell back on a similar
structure that Im currently using in my DB code.
The goals:
1. To be able to have the child classes to talk to one another.
2. To be able to have the parent class talk to the child class and vice
versa.
3. Not have multiple references to objects (ie two classes having
references to the db class for example).
4. Not really a primary goal, but have the capability to juggle one
object in procedural land.
The example code meets all 3(4) goals, and Im looking for constructive
critisism.
Thanks
--------
<?php
header('content-type: text/plain');
$bar = new mm;
var_dump($bar->ExecuteSQL()); // Call parent method in procedural land
var_dump($bar->DisplayPage()); // Call parent method in procedural land
var_dump($bar->foo['db']->db); // Call child variable in procedural land
// Parent class with methods that wrap child method(s)
class mm
{
var $foo;
function mm()
{
$this->foo['db'] = new db;
$this->foo['tpl'] = new smarty;
}
function ExecuteSQL()
{
return $this->foo['db']->execute($this); // Talking to children
}
function DisplayPage()
{
return $this->foo['tpl']->display($this); // Talking to children
}
}
// Child class
class db
{
var $db = 'database';
function execute(&$mm)
{
return 'execute';
}
}
// Child class
class smarty
{
function display(&$mm)
{
// Talking to parent (which is capable of talking to other children)
var_dump($mm->ExecuteSQL());
return 'display';
}
}
?>
--- End Message ---
--- Begin Message ---
"Terence" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
> <<warning: very personal opinion to follow...>>
> If you *do* finally decide to master XSLT, you have to conclude that
> *any* other templating system is a complete/utter waste of time. (all
> authors of ``yet another PHP templating system'', please try not to be
> offended). I'm not talking about features/functionality either (for
> which XSLT is more than adequate), I'm talking about sheer
> bothersomeness. ie. I'm fundamentally lazy and I couldn't be bothered
> learning "snazzy g.o.a.t. [proprietary] templaty goodness system" --
> "crappy" or otherwise -- I don't care how fantastic it is. The reason
> why the PHP template has been re-invented so many times, is becuase
> there is something missing - IMHO, XSLT fits that gap more than "good
> enough". And since it is a standard, it will only get better -- it has a
> future. And that, my friends, it good enough for me (being that I am
> lazy and all).
Well, I completely agree with you that there is no "one size fits all"
solution for templates, and that one should choose what suites him best.
Anyway, in similar "very personal" way, especially since I am naturaly
biased, I will like to point out my reasons why I prefere my php template
system compared to the xml+xslt combination:
a) xslt templates are "fat" or "dirty" ones if you will, meaning they
contain code, effectively nullifying my major reason to use templates:
separation of html from code. Some people prefer "fat" templetes and try to
stuff whole presentation logic in them while only models reside in php, but
prefer "thin" or "clean" templates, where template is basically resource
produced independently by designer, and php runs presentation and model
code. With fat templates, they usualy get to complex to be coded by web
designers, so they have to be poked by programmers, which means that it is
much more difficult to split the job. Also means that programmer has to code
in 2 languages, php, and in some template language, while in thin templates
model he can code in one language domain.
b) working with xml+xslt requires more footwork than with TT.
Well, again, it is just my reasons. Other people may have other needs and
preferences.
rush
--
http://www.templatetamer.com/
--- End Message ---
--- Begin Message ---
"Terence" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
> <<warning: very personal opinion to follow...>>
> If you *do* finally decide to master XSLT, you have to conclude that
> *any* other templating system is a complete/utter waste of time. (all
> authors of ``yet another PHP templating system'', please try not to be
> offended). I'm not talking about features/functionality either (for
> which XSLT is more than adequate), I'm talking about sheer
> bothersomeness. ie. I'm fundamentally lazy and I couldn't be bothered
> learning "snazzy g.o.a.t. [proprietary] templaty goodness system" --
> "crappy" or otherwise -- I don't care how fantastic it is. The reason
> why the PHP template has been re-invented so many times, is becuase
> there is something missing - IMHO, XSLT fits that gap more than "good
> enough". And since it is a standard, it will only get better -- it has a
> future. And that, my friends, it good enough for me (being that I am
> lazy and all).
Well, I completely agree with you that there is no "one size fits all"
solution for templates, and that one should choose what suites him best.
Anyway, in similar "very personal" way, especially since I am naturaly
biased, I will like to point out my reasons why I prefere my php template
system compared to the xml+xslt combination:
a) xslt templates are "fat" or "dirty" ones if you will, meaning they
contain code, effectively nullifying my major reason to use templates:
separation of html from code. Some people prefer "fat" templetes and try to
stuff whole presentation logic in them while only models reside in php, but
prefer "thin" or "clean" templates, where template is basically resource
produced independently by designer, and php runs presentation and model
code. With fat templates, they usualy get to complex to be coded by web
designers, so they have to be poked by programmers, which means that it is
much more difficult to split the job. Also means that programmer has to code
in 2 languages, php, and in some template language, while in thin templates
model he can code in one language domain.
b) working with xml+xslt requires more footwork than with TT.
Well, again, it is just my reasons. Other people may have other needs and
preferences.
rush
--
http://www.templatetamer.com/
--- End Message ---
--- Begin Message ---
Sooner or later everyones luck runs out :-D
Cheers,
-Ryan
> If his wife knew to add that, I think the cat would already be out of the
bag.
>
>
> On Saturday 04 October 2003 05:37 am, Ryan A wrote:
> > Hehehe, pretty funny.
> > But guess what happens if you just add 3 letters in front of your name
and
> > search.....
> > eg
> > "php john w holmes"
> > http://www.google.se/search?q=php+john+w+holmes&hl=en&ie=UTF-8&oe=UTF-8
> >
> > you would have to get ready to push up daisys :-D
> >
> >
> >
> > Cheers,
> > -Ryan
> >
> > > Ryan A wrote:
> > > > I think you're on thin ice dude, all she has to do is type your name
in
> > > > google and guess what....after she catches up with you...you're not
> >
> > gonna be
> >
> > > > able to move even your little finger to type no more :-D
> > >
> > > Dude... have you EVER typed my name into google?? You may be amazed at
> > > the other careers I've had! ;)
> > >
> > > --
> > > ---John Holmes...
> > >
> > > Amazon Wishlist: www.amazon.com/o/registry/3BEXC84AB3A5E/
> > >
> > > php|architect: The Magazine for PHP Professionals – www.phparch.com
> > >
> > > --
> > > PHP General Mailing List (http://www.php.net/)
> > > To unsubscribe, visit: http://www.php.net/unsub.php
>
> --
> Evan Nemerson
> [EMAIL PROTECTED]
>
>
--- End Message ---
--- Begin Message ---
PHP is Open Source. This is the general forum. Here is my suggestion:
Create $_SERVER['REMOTE_HOST'] as a variable.
$gethost = gethostbyaddr($_SERVER['REMOTE_ADDR']);
is getting old. Anyone agree?
--- End Message ---
--- Begin Message ---
John Taylor-Johnston wrote:
PHP is Open Source. This is the general forum. Here is my suggestion:
Create $_SERVER['REMOTE_HOST'] as a variable.
$gethost = gethostbyaddr($_SERVER['REMOTE_ADDR']);
is getting old. Anyone agree?
The problem is that gethostbyaddr is an expesive call, DNS server must
be contacted. And most of the time you don't need it.
--- End Message ---
--- Begin Message ---
> The problem is that gethostbyaddr is an expesive call, DNS server must
> be contacted. And most of the time you don't need it.
Yep, its quite a pain in the ass as i found out the hard way, i had a
banner software setup displaying upto 6 differient banners (and differient
types. eg: text, banner, box etc) in a single page only after gethostbyaddr
and damn, did it take long...as i turned off that option in the setting I
got a performance boost of over 120%
HTH.
Cheers,
-Ryan
> John Taylor-Johnston wrote:
> > PHP is Open Source. This is the general forum. Here is my suggestion:
> >
> > Create $_SERVER['REMOTE_HOST'] as a variable.
> >
> > $gethost = gethostbyaddr($_SERVER['REMOTE_ADDR']);
> >
> > is getting old. Anyone agree?
> >
>
> The problem is that gethostbyaddr is an expesive call, DNS server must
> be contacted. And most of the time you don't need it.
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
>
--- End Message ---
--- Begin Message ---
--- John Taylor-Johnston <[EMAIL PROTECTED]> wrote:
> PHP is Open Source. This is the general forum. Here is my suggestion:
>
> Create $_SERVER['REMOTE_HOST'] as a variable.
>
> $gethost = gethostbyaddr($_SERVER['REMOTE_ADDR']);
>
> is getting old. Anyone agree?
What do you mean by getting old? You think calling that one function is too
much typing, so you want to force a host lookup for every client?
If so, I could potentially see this as a non-default configuration option.
However, I would be opposed to even allowing that as an option, because it
would lead to so much spam on this list from people who force that lookup and
then can't figure out why their performance just hit rock bottom.
So, no, I don't agree. :-)
Chris
=====
My Blog
http://shiflett.org/
HTTP Developer's Handbook
http://httphandbook.org/
RAMP Training Courses
http://www.nyphp.org/ramp
--- End Message ---
--- Begin Message ---
John Taylor-Johnston wrote:
PHP is Open Source. This is the general forum. Here is my suggestion:
Create $_SERVER['REMOTE_HOST'] as a variable.
$gethost = gethostbyaddr($_SERVER['REMOTE_ADDR']);
is getting old. Anyone agree?
Nope, sorry. I don't want my install of PHP to make a DNS lookup
everytime someone visits my site.
--
By-Tor.com
It's all about the Rush
http://www.by-tor.com
--- End Message ---
--- Begin Message ---
How do you do that?
> Wouldn't it be a WHOLE lot smarter to just disable/enable PHP for
> specific sites/folders, etc? What web server are you using?
Anyone?
--- End Message ---
--- Begin Message ---
How do you do that?
> Wouldn't it be a WHOLE lot smarter to just disable/enable PHP for
> specific sites/folders, etc? What web server are you using?
Anyone?
--- End Message ---
--- Begin Message ---
On Sunday 05 October 2003 02:58, John Taylor-Johnston wrote:
> How do you do that?
>
> > Wouldn't it be a WHOLE lot smarter to just disable/enable PHP for
> > specific sites/folders, etc? What web server are you using?
>
> Anyone?
In short, you need the following (apache) directive inside the virtual hosts
definitions of the hosts in which you DO NOT want php to be run:
php_value engine 0
For full details read the apache docs.
--
Jason Wong -> Gremlins Associates -> www.gremlins.biz
Open Source Software Systems Integrators
* Web Design & Hosting * Internet & Intranet Applications Development *
------------------------------------------
Search the list archives before you post
http://marc.theaimsgroup.com/?l=php-general
------------------------------------------
/*
Keep up the good work! But please don't ask me to help.
*/
--- End Message ---
--- Begin Message ---
here's a decent article outlining how to build a
directory. including code samples:
http://www.webreference.com/perl/xhoo/php1/
olinux
--- Marek Kilimajer <[EMAIL PROTECTED]> wrote:
> You need to create a recursive function:
>
> // pseudo code
> function count_content($cat_id) {
> SELECT COUNT(*) FROM content WHERE cat_id='$cat_id'
> $count=sql_result();
> SELECT cat_id FROM categories WHERE
> cat_id='$cat_id'
> while($cat_id2 = sql_result()) {
> $count += count_content($cat_id2);
> }
> return $count;
> }
>
> Ryan A wrote:
> > Hey,
> > Anybody have any code or links to explain how to
> make a program like the one
> > running on hotscripts?
> > eg:
> > when you visit there you have a couple of
> categories like : ASP, JAVA, PHP
> > etc
> > (if you select php)
> > PHP
> > --Scripts
> > --Books
> > --tutorials
> > (if you select scripts)
> > --Scripts
> > ----category1(324)
> > ----category2(24)
> > ----category3(54)
> > etc
> >
> > the number in brackets at the side of the category
> says how many records....
> >
> > I downloaded PHPlinks but have been unable to
> understand it.
> > Another good place that i visited was
> >
>
http://www.hotscripts.com/PHP/Scripts_and_Programs/Software_Repository/index.html
> > and even searched on google but cant find much.
> >
> > Any help appreciated.
> >
> > Thanks,
> > -Ryan
> >
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
__________________________________
Do you Yahoo!?
The New Yahoo! Shopping - with improved product search
http://shopping.yahoo.com
--- End Message ---
--- Begin Message ---
Hey all,
Thanks to everyone who replied.
I did a couple more searches on google and found that i was using the wrong
search words, after visiting quite a few sites i saw that what i was looking
for is called a "link farm" (would never have guessed that in a million
years), got a nice link to
http://scripts.webmastersite.net/wsnlinks/index.php?section=features which
has pretty much all i need.. so i think i'll buy it.
If you go there i think you will agree that the script is pretty cheap for
its features...and the other nice part is knowing that i'll be supporting a
fellow programmer.
Cheers,
-Ryan
--- End Message ---
--- Begin Message ---
My webhost announced that it's changing PHP from Apache module to CGI. I
know nothing about this, so I'd like to know what I should change in my
scripts so they still run, or they'll work the same?
Thank you for your time.
Cristian
--- End Message ---
--- Begin Message ---
On Sunday 05 October 2003 04:47, Cristian Lavaque wrote:
> My webhost announced that it's changing PHP from Apache module to CGI. I
> know nothing about this, so I'd like to know what I should change in my
> scripts so they still run, or they'll work the same?
Did they give any convincing reason for the change? They seem to be taking a
step backwards by switching to CGI. Maybe you should consider changing hosts.
--
Jason Wong -> Gremlins Associates -> www.gremlins.biz
Open Source Software Systems Integrators
* Web Design & Hosting * Internet & Intranet Applications Development *
------------------------------------------
Search the list archives before you post
http://marc.theaimsgroup.com/?l=php-general
------------------------------------------
/*
One difference between a man and a machine is that a machine is quiet
when well oiled.
*/
--- End Message ---
--- Begin Message ---
On Sun, Oct 05, 2003 at 03:59:21AM +0800, Jason Wong wrote:
> On Sunday 05 October 2003 04:47, Cristian Lavaque wrote:
> > My webhost announced that it's changing PHP from Apache module to CGI. I
> > know nothing about this, so I'd like to know what I should change in my
> > scripts so they still run, or they'll work the same?
you should ask this question to your webhost in the first place.
roughly all functions mentionend at
http://php.net/manual/en/ref.apache.php won't be available anymore. it
is not unlikely that the change is fully transparent to your scripts
(read: no change of php-code needed).
> Did they give any convincing reason for the change? They seem to be taking a
> step backwards by switching to CGI. Maybe you should consider changing hosts.
the cgi-sapi has a big advantage in a shared hosting environment:
suexec - your php-scripts run with a distict uid for each customer.
this is by far better than the half-baked crutch called safe-mode. the
fact that the cgi-sapi's performance is worse than apache-sapi's
shouldn't bother you as much as security. your webhost will decide how
many customers (=virtual hosts) he puts on one machine anyway and
that's by far more noticable than the differences between
cgi-sapi/apache-sapi, IMHO.
just my thoughts.
messju
> --
> Jason Wong -> Gremlins Associates -> www.gremlins.biz
> Open Source Software Systems Integrators
> * Web Design & Hosting * Internet & Intranet Applications Development *
> ------------------------------------------
> Search the list archives before you post
> http://marc.theaimsgroup.com/?l=php-general
> ------------------------------------------
> /*
> One difference between a man and a machine is that a machine is quiet
> when well oiled.
> */
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
--- End Message ---
--- Begin Message ---
Messju Mohr wrote:
> On Sun, Oct 05, 2003 at 03:59:21AM +0800, Jason Wong wrote:
>> On Sunday 05 October 2003 04:47, Cristian Lavaque wrote:
>>> My webhost announced that it's changing PHP from Apache module to
>>> CGI. I know nothing about this, so I'd like to know what I should
>>> change in my scripts so they still run, or they'll work the same?
>
> you should ask this question to your webhost in the first place.
This was asked, he said that it wouldn't affect, but right after the change
to one of the servers, a user complained about $_SERVER['PHP_SELF'] not
working, but there weren't more details on what it'd affect to have that
change
> roughly all functions mentionend at
> http://php.net/manual/en/ref.apache.php won't be available anymore. it
> is not unlikely that the change is fully transparent to your scripts
> (read: no change of php-code needed).
hmm.. I haven't used those yet, but maybe my forum does, I'll have to
check.. I read in the thread where this was announced that
$_SERVER['PHP_SELF'] wasn't working after the change
>> Did they give any convincing reason for the change? They seem to be
>> taking a step backwards by switching to CGI. Maybe you should
>> consider changing hosts.
>
> the cgi-sapi has a big advantage in a shared hosting environment:
> suexec - your php-scripts run with a distict uid for each customer.
>
> this is by far better than the half-baked crutch called safe-mode. the
> fact that the cgi-sapi's performance is worse than apache-sapi's
> shouldn't bother you as much as security. your webhost will decide how
> many customers (=virtual hosts) he puts on one machine anyway and
> that's by far more noticable than the differences between
> cgi-sapi/apache-sapi, IMHO.
Yes, the reason was to control the accounts separately regarding PHP and
Yes, I've been having thoughts about changing hosts. I'm with this one cause
it gives pretty well for what I pay.
Any other thing I should keep an eye on for when the change happens to my
server?
Cristian
--- End Message ---
--- Begin Message ---
On Sunday 05 October 2003 04:24, messju mohr wrote:
> the cgi-sapi has a big advantage in a shared hosting environment:
> suexec - your php-scripts run with a distict uid for each customer.
>
> this is by far better than the half-baked crutch called safe-mode. the
> fact that the cgi-sapi's performance is worse than apache-sapi's
> shouldn't bother you as much as security. your webhost will decide how
> many customers (=virtual hosts) he puts on one machine anyway and
> that's by far more noticable than the differences between
> cgi-sapi/apache-sapi, IMHO.
A proper virtual hosting solution is what all vendors (of shared hosting
environments) should provide, with each user having their own virtual root.
--
Jason Wong -> Gremlins Associates -> www.gremlins.biz
Open Source Software Systems Integrators
* Web Design & Hosting * Internet & Intranet Applications Development *
------------------------------------------
Search the list archives before you post
http://marc.theaimsgroup.com/?l=php-general
------------------------------------------
/*
Dyslexics have more fnu.
*/
--- End Message ---
--- Begin Message ---
On Sun, Oct 05, 2003 at 05:28:49AM +0800, Jason Wong wrote:
> On Sunday 05 October 2003 04:24, messju mohr wrote:
>
> > the cgi-sapi has a big advantage in a shared hosting environment:
> > suexec - your php-scripts run with a distict uid for each customer.
> >
> > this is by far better than the half-baked crutch called safe-mode. the
> > fact that the cgi-sapi's performance is worse than apache-sapi's
> > shouldn't bother you as much as security. your webhost will decide how
> > many customers (=virtual hosts) he puts on one machine anyway and
> > that's by far more noticable than the differences between
> > cgi-sapi/apache-sapi, IMHO.
>
> A proper virtual hosting solution is what all vendors (of shared hosting
> environments) should provide, with each user having their own virtual root.
you mean a chroot-jail for each virtual host? yes that would be the
right thing. but to my knowledge this can not be done with apache 1.3
out of the box. apache 2's perchild-MPM should be capable of this, but
the last time i checked it was far away from production-quality if
working at all.
--- End Message ---
--- Begin Message ---
On Fri, 3 Oct 2003, Stephen Craton wrote:
> I'm wanting to track IP addresses by pinpointing their geological location
> (country and whatever) but I have no idea how to go about doing this. I've
> been searching on the net and PHP websites all day but with no luck. Can
> anyone point me towards a tutorial site or explain to it for me? Thanks in
> advance!
http://www.appelsiini.net/~tuupola/php/I18N_ISO_3166/
--
Mika Tuupola http://www.appelsiini.net/~tuupola/
--- End Message ---
--- Begin Message ---
On Fri, 3 Oct 2003, Larry Rosenman wrote:
> IP's are not locked to a geographical area.
> Period.
APNIC, RIPE, ARIN and LACNIC store country information
on assigned ip network blocks like this:
-cut-
apnic|MO|asn|4609|1|19950615|allocated
apnic|KR|asn|4670|1|19950616|allocated
apnic|SB|ipv4|202.63.254.0|512|19950618|assigned
apnic|JP|ipv4|202.232.0.0|262144|19950618|allocated
-cut-
this is where the ip to country databases get their information
from.
--
Mika Tuupola http://www.appelsiini.net/~tuupola/
--- End Message ---
--- Begin Message ---
On Sun, 5 Oct 2003, Mika Tuupola wrote:
> On Fri, 3 Oct 2003, Stephen Craton wrote:
>
> > I'm wanting to track IP addresses by pinpointing their geological location
> > (country and whatever) but I have no idea how to go about doing this. I've
> > been searching on the net and PHP websites all day but with no luck. Can
> > anyone point me towards a tutorial site or explain to it for me? Thanks in
> > advance!
>
> http://www.appelsiini.net/~tuupola/php/I18N_ISO_3166/
Argh, sorry wrong link. I ment:
http://www.appelsiini.net/~tuupola/php/I18N_IP2Country/
--
Mika Tuupola http://www.appelsiini.net/~tuupola/
--- End Message ---
--- Begin Message ---
On Fri, 3 Oct 2003, Marek Kilimajer wrote:
> > thing that I can not find anywhere is how to code it so a user can click logoff
> > and have it route them to another page and remove their authentication that was
> > set.
> it is virtualy impossible to make the browser forget the credentials.
It can be done in few ways, but IIRC none of them
is guaranteed to work with _every_ browser. Simplest one
is to use a new IE6 (SP1) feature by calling javascript:
-cut-
<a href="#" onclick="
document.execCommand('ClearAuthenticationCache');
alert('You have been logged out!');
">Logout</a>
-cut-
This of course is quite useless sinse it only works with
IE6.
A second way would be to overwrite the cached credentials with
fake ones. For that you would need to do another .htaccess
protected directory. Lets call it /logout/. You create the
.htaccess and .htpasswd file. Create user 'fake' with
password 'fake' (only for this directory).
Then you would create a logout link with:
-cut-
<a href="http://fake:[EMAIL PROTECTED]/logout/">Logout</a>
-cut-
This should overwrite the credentials with most browser, but
again is not guaranteed to work with every browser.
--
Mika Tuupola http://www.appelsiini.net/~tuupola/
--- End Message ---
--- Begin Message ---
* Thus wrote Marek Kilimajer ([EMAIL PROTECTED]):
> it is virtualy impossible to make the browser forget the credentials.
You sorta of can. If you redirect the user to something like:
http://username:[EMAIL PROTECTED]/path/
The browser will/should forget the credentials.
Curt
--
List Stats: http://zirzow.dyndns.org/html/mlists/php_general/
"I used to think I was indecisive, but now I'm not so sure."
--- End Message ---
--- Begin Message ---
- Edwin - wrote:
"Far east languages" are not necessarily in this form: "&#nnnnn;" So,
running htmlspecialchars() on, say, Japanese characters would do NO
harm since &, ", ', <, > are NOT Japanese characters ;)
Or, am I missing something? :)
Not exactly. When storing "far east languages" in a database for
example, thats the format its stored as.
&#xxxxx;
Also, I've seen it in that form in the $_POST array from a form.
--- End Message ---
--- Begin Message ---
* Thus wrote Gerard Samuel ([EMAIL PROTECTED]):
> - Edwin - wrote:
>
> >"Far east languages" are not necessarily in this form: "&#nnnnn;" So,
> >
> >running htmlspecialchars() on, say, Japanese characters would do NO
> >harm since &, ", ', <, > are NOT Japanese characters ;)
> >
> >Or, am I missing something? :)
> >
> Not exactly. When storing "far east languages" in a database for
> example, thats the format its stored as.
> &#xxxxx;
> Also, I've seen it in that form in the $_POST array from a form.
That is an html entity and is not how it is stored. How that entity
gets displayed depends entirely on what encoding you have set for
the page.
The japanese characters (charset ISO-2022-JP) to use to display the
phrase for 'Contents' is:
^[$B$3$s$F$s$D^[(B
(^[ == escape character)
I can store those exact characters (with the proper escape
character) in a database without a problem
Curt
--
List Stats: http://zirzow.dyndns.org/html/mlists/php_general/
"I used to think I was indecisive, but now I'm not so sure."
--- End Message ---
--- Begin Message ---
* Thus wrote Gerard Samuel ([EMAIL PROTECTED]):
> CPT John W. Holmes wrote:
>
> >From: "Eugene Lee" <[EMAIL PROTECTED]>
> >
> >
> >
> >>On Wed, Oct 01, 2003 at 01:12:16AM -0400, Gerard Samuel wrote:
> >>:
> >>: Got a problem with htmlspecialchars being too greedy, where
> >>: for example, it converts
> >>: &foo;
> >>: to
> >>: &foo;
> >>:
> >>: Yes it displays correctly in the browser for some content, but not all.
> >>: (an example is posted below)
> >>: So I came up with this example code, but not sure if there is an
> >>: easier/better way to get the correct end result.
> >>: If there is a better way, feel free to let me know.
> >>: Thanks
> >>:
> >>: Note: I dont read/speak chinese, so if its offensive please forgive me.
> >>:
> >>: ------
> >>: <?php
> >>:
> >>: $foo = '中文 & http://www.foo.com/index.php?foo=1&bar=2';
> >>
> >>
> >>
> >
> >Maybe you should run html_entity_decode() on the string first, then run
> >encode again. The decode will take 中 and turn it into it's actual
> >character but not affect anything else. Then the recoding will turn it back
> >into 中 and also encode any other characters.
> >
> John, a good idea, but unfortunately, after some tests, and re-reading
> the manual, it seems html_entity_decode(),
> only recognises "html entities". Not ascii values of language characters.
> So Im going to push ahead with my code, and see if it breaks anything :)
hmm.. take a look at
http://php.net/manual/en/function.get-html-translation-table.php
That will do exactly what john suggested.
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
Curt
--
List Stats: http://zirzow.dyndns.org/html/mlists/php_general/
"I used to think I was indecisive, but now I'm not so sure."
--- End Message ---
--- Begin Message ---
I'm new at OO and still a newbie at PHP despite hacking away at it for a
while (admittedly off and on). I'm creating a signup form for alumni of our
department, and I'm trying to verify that they have not signed up previously
before allowing their data to be inserted. Trouble has ensued! :)
In the following code:
class alumnus {
function
addAlum($fname,$lname,$tel,$address,$city,$state,$zipcode,$country,$email) {
$conxn = mysql_connect('localhost','root','redtail.7') or fail("Could
not connect: ".mysql_error());
$dbSelect = mysql_select_db("alumni", $conxn) or fail("Could not select
database: ".mysql_error());
$chk = "Select id, fname from contact_info where email =" . $email;
$result = mysql_query($chk);
$dataSet = mysql_fetch_array($result);
$fields = mysql_num_fields($dataSet);
if ($fields=="0") {
$insertData = "INSERT into contact_info
(fname,lname,tel,address,city,state,zipcode,country,email)
VALUES
('$fname','$lname','$tel','$address','$city','$state','$zipcode','$country',
'$email')";
$query = mysql_query($insertData);
if ($query) {
$bool="true";
return $bool;
}
}
}
I keep getting "supplied argument is not a valid MySQL result resource" for
the lines using mysql_fetch_array and mysql_num_fields - I've looked up the
functions but it doesn't seem like I'm misusing them. PLUS my $bool doesn't
show up outside like I'd like it to. Can somebody guide me on the right
path here?
Thanks!
--- End Message ---
--- Begin Message ---
Your sql statement is generating an error. You can test for this using
mysql_errno and mysql_error to test for and view the error, respectively.
The likely cause of the SQL error is that you are not putting quotes (')
around your string for the email query, the proper query would look like:
$chk = "select id, fname from contact_info where email = '$email'";
Hope that helps!
-----Original Message-----
From: Kirk Babb [mailto:[EMAIL PROTECTED]
Sent: Saturday, October 04, 2003 5:28 PM
To: [EMAIL PROTECTED]
Subject: [PHP] returning a variable from a class function? plus other probs
I'm new at OO and still a newbie at PHP despite hacking away at it for a
while (admittedly off and on). I'm creating a signup form for alumni of our
department, and I'm trying to verify that they have not signed up previously
before allowing their data to be inserted. Trouble has ensued! :)
In the following code:
class alumnus {
function
addAlum($fname,$lname,$tel,$address,$city,$state,$zipcode,$country,$email) {
$conxn = mysql_connect('localhost','root','redtail.7') or fail("Could
not connect: ".mysql_error());
$dbSelect = mysql_select_db("alumni", $conxn) or fail("Could not select
database: ".mysql_error());
$chk = "Select id, fname from contact_info where email =" . $email;
$result = mysql_query($chk);
$dataSet = mysql_fetch_array($result);
$fields = mysql_num_fields($dataSet);
if ($fields=="0") {
$insertData = "INSERT into contact_info
(fname,lname,tel,address,city,state,zipcode,country,email)
VALUES
('$fname','$lname','$tel','$address','$city','$state','$zipcode','$country',
'$email')";
$query = mysql_query($insertData);
if ($query) {
$bool="true";
return $bool;
}
}
}
I keep getting "supplied argument is not a valid MySQL result resource" for
the lines using mysql_fetch_array and mysql_num_fields - I've looked up the
functions but it doesn't seem like I'm misusing them. PLUS my $bool doesn't
show up outside like I'd like it to. Can somebody guide me on the right
path here?
Thanks!
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--- End Message ---
--- Begin Message ---
A couple of things...
> $conxn = mysql_connect('localhost','root','redtail.7') or fail("Could
> not connect: ".mysql_error());
Create a script inc.mysqlconnect.php that connects and selects and
require_once() it on all of your files that need to connect to the
database. This will save overhead because each script will not require
a new connection, and also if you ever have to migrate the script it
will save you pain (i.e. you won't need to update the host, username,
and password for all lines in all scripts. Oh, btw, I hope that isn't
your real password and you really aren't connecting as root. Both are
major security no nos.
> $chk = "Select id, fname from contact_info where email =" . $email;
You need to quote the email. So perhaps the following would be more
appropriate:
$chk = "SELECT id, fname FROM contact_info WHERE email = \"{$email}\"";
> ('$fname','$lname','$tel','$address','$city','$state','$zipcode','$country',
> '$email')";
I believe there is some problems using 's and not "s. Try using "s
above.
> I keep getting "supplied argument is not a valid MySQL result resource" for
> the lines using mysql_fetch_array and mysql_num_fields - I've looked up the
If you fetch an array on a failure you don't have a resource to get.
mysql_query() returns an array. See the correction of $email above and
e-mail above if there is some problems.
HTH,
-Dan
--- End Message ---
--- Begin Message ---
Dan,
Thanks so much for the help - I learned a lot from your reply. I'll chew on
this a while and go from there. BTW- yes, that really was my user and pwd
up until now! Dumb now I realize, thanks for pointing that out. I've
created a new root pwd, and created a user with access only to the "alumni"
db.
Thanks again.
-Kirk
--- End Message ---
--- Begin Message ---
* Thus wrote Dan Anderson ([EMAIL PROTECTED]):
>
> > $chk = "Select id, fname from contact_info where email =" . $email;
>
> You need to quote the email. So perhaps the following would be more
> appropriate:
>
> $chk = "SELECT id, fname FROM contact_info WHERE email = \"{$email}\"";
>
> > ('$fname','$lname','$tel','$address','$city','$state','$zipcode','$country',
> > '$email')";
>
> I believe there is some problems using 's and not "s. Try using "s
> above.
Using ' is prefered IIRC, and also escaping all the data before sending
it to the database:
$fname = mysql_real_escape_string($fname);
Curt
--
List Stats: http://zirzow.dyndns.org/html/mlists/php_general/
"I used to think I was indecisive, but now I'm not so sure."
--- End Message ---
--- Begin Message ---
> Using ' is prefered IIRC, and also escaping all the data before sending
> it to the database:
Hmmm. Perhaps Emacs isn't converting from Unicode to ASCII properly?
::shrugs:: I just know sometimes my queries don't work if I use ' .
-Dan
--- End Message ---
--- Begin Message ---
> up until now! Dumb now I realize, thanks for pointing that out. I've
> created a new root pwd, and created a user with access only to the "alumni"
If you want to be super secure you should create several users. Once
for SELECTing, one for INSERTing, etc. Juggling resource handles gets
tricky though. But basically the idea is this:
If a user or viewer of your site can figure out what you're using to
select from / whatever in the database, they may try passing a query
into the database. For instance, if you were using a form for email, a
user might type in the following
Email:
"; DROP TABLE *;
You'd basically lose your database (and any other databases if you're
using your root account!). So you should check all input from the user
so that all "s are escaped and all 's are escaped, etc. Also, limiting
permissions helps. For instance, if one user is used for SELECTs then a
hacker could not drop a database. Same goes with other things.
Just some things to think about. There are many many more things you
should be doing, but they're too extensive to list here.
-Dan
--- End Message ---
--- Begin Message ---
The user I created can only INSERT, SELECT, DELETE, UPDATE using the GRANT
option from the mysql cmd line. I'll have to start checking my data per
yours and Curt's responses.
Sounds like I should remove the DELETE option from that user and create a
second user with DELETE permission.
-Kirk
"Dan Anderson" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
> > up until now! Dumb now I realize, thanks for pointing that out. I've
> > created a new root pwd, and created a user with access only to the
"alumni"
>
> If you want to be super secure you should create several users. Once
> for SELECTing, one for INSERTing, etc. Juggling resource handles gets
> tricky though. But basically the idea is this:
>
> If a user or viewer of your site can figure out what you're using to
> select from / whatever in the database, they may try passing a query
> into the database. For instance, if you were using a form for email, a
> user might type in the following
>
> Email:
> "; DROP TABLE *;
>
> You'd basically lose your database (and any other databases if you're
> using your root account!). So you should check all input from the user
> so that all "s are escaped and all 's are escaped, etc. Also, limiting
> permissions helps. For instance, if one user is used for SELECTs then a
> hacker could not drop a database. Same goes with other things.
>
> Just some things to think about. There are many many more things you
> should be doing, but they're too extensive to list here.
>
> -Dan
--- End Message ---
--- Begin Message ---
* Thus wrote Dan Anderson ([EMAIL PROTECTED]):
> > Using ' is prefered IIRC, and also escaping all the data before sending
> > it to the database:
>
> Hmmm. Perhaps Emacs isn't converting from Unicode to ASCII properly?
> ::shrugs:: I just know sometimes my queries don't work if I use ' .
I just tested it, mysql_escape_string() escapes both ' and " so
either quotes used to enclose values are fine.
Curt
--
List Stats: http://zirzow.dyndns.org/html/mlists/php_general/
"I used to think I was indecisive, but now I'm not so sure."
--- End Message ---
--- Begin Message ---
Hi All,
I've been thinking of developing an Apache module to ease my job, but I
don't have a clue of C. I know that mod_perl and mod_tcl provides module
programming support for Apache, are there any implementations of PHP in
programming Apache modules?
Thanks
- Jeremy
--- End Message ---
