php-general Digest 1 May 2001 16:06:58 -0000 Issue 660

Topics (messages 50944 through 50952):

Trouble loading Extensions in PHP 4.0.5
        50944 by: John Monfort

Re: template solutions?
        50945 by: Christian Reiniger

Re: why isn't get_browser() not working?
        50946 by: Chris Adams

Post XML to PHP via XMLHTTP VB Object
        50947 by: PHP

Urgent: PHP4 security (ISP setup)
        50948 by: Sam Jordan

Upload from a Mac
        50949 by: JFL

Logout Problem auf .htaccess-Login
        50950 by: Jochen Kaechelin
        50952 by: Krznaric Michael

Re: String Type Unknown
        50951 by: Rudolf Visagie

Administrivia:

To subscribe to the digest, e-mail:
        [EMAIL PROTECTED]

To unsubscribe from the digest, e-mail:
        [EMAIL PROTECTED]

To post to the list, e-mail:
        [EMAIL PROTECTED]


----------------------------------------------------------------------



 Hello everyone,

 Is anyone else having this problem?  My PHP+ Apache system was working
 fine, before I upgraded to PHP 4.0.5. Since then, my server crashes,
 everytime I try to enable my extensions.

 I have the following configuratioin:

 1)
  extension_dir= "C:/PHP/extensions"
  [both C:/PHP/extensions and C:\PHP\extensions failed!]

  extension=php_db.dll
  extension=php_gd.dll
  ...

  The dll files are inside C:\PHP\exntesions, as listed.
  All system paths are correctly set.

  2)
  Also, before PHP 4.0.5, I had ZEND configured as

  zend_optimizer.optimization_level=15;
  zend_extension_ts="C:\PHP\zend\ZendOptimizer.dll";

  Tough this does not report an error, phpinfo()  DOES NOT report the Zend
  variables, and other setup information. PHP 4.0pl1 did.

  Am I missing something, or is this bug?

   Note: I installed 4.0.5 over 4.0.pl1, assuming it would overwrite the
   necessary files. Does this have anything to do with my issues? I don't
   think it should matter, but I could be wrong. I used the Win 32
   installer [from php.net] for my installtion.


  Please help!

  -John


__________John Monfort_________________
_+-----------------------------------+_
     P E P I E  D E S I G N S
       www.pepiedesigns.com
"The world is waiting, are you ready?"
-+___________________________________+-

On Tue, 1 May 2001, Michael Hall wrote:

>
> Use include();
>
> Mick
>
> On Mon, 30 Apr 2001, Andreas Pucko wrote:
>
> > Hello,
> >
> > I am a newi in PHP. Currently I am creating my first site.
> >
> > I would like to programm it modularly. I tryed it, but I came to the point,
> > that I have everything in one file with a huge amount of tables.
> >
> > What would be the best way to build a site with a navigation on the left and
> > content on the right.
> >
> > The question is.. what is the proper syntax to open the next content from
> > the menu. Open it in
> > the same file, or open a new one??
> >
> > Thanks
> >
> > Andy
> >
> >
> > --
> > PHP General Mailing List (http://www.php.net/)
> > To unsubscribe, e-mail: [EMAIL PROTECTED]
> > For additional commands, e-mail: [EMAIL PROTECTED]
> > To contact the list administrators, e-mail: [EMAIL PROTECTED]
> >
> >
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> To contact the list administrators, e-mail: [EMAIL PROTECTED]
>
>





On Monday 30 April 2001 21:02, Steven Haryanto wrote:
> At 5/1/2001 01:43 AM, Michael Kimsal wrote:
> >I understand completely what you're getting at already, but PHP is
> >designed to do what you're asking to do.
> >
> >I know there are valid reaons for stripped down implementations, but
> > can't think of too many.
>
> Clean separation of content and presentation? That is one strong
> point (for some people anyway).

Well, whether you write
<p>Hello <?= $User ?>, how are you?</p>
or
<p>Hello {{ USER }}, how are you?</p>

doesn't really matter I'd say.

> Ease of use? I want to let *other people* customize the web page to
> some extent, but surely do not want to require them to learn PHP.

Also in this regard.

-- 
Christian Reiniger
LGDC Webmaster (http://sunsite.dk/lgdc/)

CPU not found. retry, abort, ignore?




On 30 Apr 2001 00:51:13 -0700, elias <[EMAIL PROTECTED]> wrote:
> hello.
> i'm trying to detect what browser version is there...i'm using get_browser()
> as it was documented:
> 

Check to see if your browscap file is being picked up - try something like this:

        echo count(file(ini_get("browscap"));

If that works, you're probably the latest victim of the way get_browser() has
been fixed and rebroken in various versions and ports.




Hi,

I'm trying to the MSXML DOM 3 from Visual Basic  and send XML to a PHP page
that sits on my Apache web server on SCO Unix.

This is my VB Code:

Dim xmlstr As New XMLHTTP30
Dim sXML As String
sXML = "Content-Type: text/xml;"
sXML = sXML & "<?xml version=""1.0""?>"
sXML = sXML & "<command><commandtext>Initialize</commandtext>"
sXML = sXML & "<returnsdata>True</returnsdata>"
sXML = sXML & "</command>"

xmlstr.open "POST", "http://mywebserver/somepage.php";, False
xmlstr.send sXML
Set xmlstr = Nothing

Pretty basic stuff. This succeeds, and at the Apache server level, in the
logs I can see the POST request go through. In the file "somepage.php" - all
I'm doing is running phpinfo() to see what the server thinks it's receiving.

<?
    phpinfo();
?>

Back at the VB level, I can see xmlstr.responseText which is the output from
phpinfo();

I am not getting any HTTP_POST_VARS like I expected to receive.

Has anyone done anything like this before? Is this mainly an issue with
Apache rather than PHP?

Thanks,
Sam







Hi all

Sorry to bother you, but this problem is getting really urgent
for us (ISP). We are trying to setup PHP in a secure way but without
restricting the users too much, and up to now we didn't come to
an acceptable solution.

We are running PHP 4.0.3pl1 with Apache 1.3.12 on a Linux/Suse6.4
platform, apache and php were installed directly from RPM archives,
we didn't compile them ourselves.

PHP is running as an apache module, and safe mode is turned on.
Our main problem is, that no PHP script is able to write any file
in the default setup, because safe mode doesn't allow PHP scripts
to access any file which isn't owned by the same user the script
also belongs to.

Chowning the target directory to the apache user does not solve the
problem, the write operation works but the written file can't be
read anymore, because it has a different uid than all other PHP
scripts, which were uploaded by the FTP user.

Chowning everything to the webuser is no option, because we can't
afford to do this for every single user wanting to write files
additionally as soon as the FTP user updates his scripts the
permissions are set to the FTP user again.

Running PHP as a CGI binary also doesn't seem to be a good solution,
as far as I can see it isn't possible to pass URL parameters in
this setup, and this feature is already used.

Disabling safe mode seems to be a very insecure option, because
as far as I remember this would allow an FTP user to upload an
executable and run it through PHP and thus access any file on
the web server which is world-readable (please correct me if I'm
wrong).

What I really love to see would be a safe mode, which has the
restriction of not allowing the PHP scripts to run executables
(except in a specified directory) but without having the
restriction of not beeing able to access any file not belonging
to the FTP user (with the open_basedir variable, file access can
anyway be restricted to the FTP users home directory). Is there
any way to achieve this?

It would also be nice if apache was able to run the PHP scripts
with the userid of the FTP user, when PHP is configured as
apache module.

Can anyone tell me how to setup PHP in a secure way without
getting these restrictions concerning file writing? Thank you
very much for your feedback, and please CC your answer to
[EMAIL PROTECTED]!

Sam Jordan




Has anyone any idea why I can not upload a gif file from a Mac ?

I can upload the file, but it is not a gif when I receive it.






Hello List!

Is it possible to unset $PHP_AUTH_USER and $PHP_AUTH_PW after
a successfull '.htaccess-login'?

I wan't to give all users the possibility to 'logout'.
I will destroy all sessions and unset $PHP_AUTH_USER,
but Apache still knows that there was a successfull login
a few minutes before.

Thanx

-- 
phpArbeitsgruppe in Gruendung - Jochen Kaechelin
Stuttgarter Str.3, D-73033 Goeppingen
Tel. 07161-92 95 94, Fax 07161-92 95 98
http://www.php-arbeitsgruppe.de, mailto:[EMAIL PROTECTED]




Don't quote me on this, but I think if you send the user a header saying
he's unauthorized then apache will remove the PHP_AUTH_* information.

Mike


-----Original Message-----
From: Jochen Kaechelin [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, May 01, 2001 4:30 AM
To: PHP General
Subject: [PHP] Logout Problem auf .htaccess-Login


Hello List!

Is it possible to unset $PHP_AUTH_USER and $PHP_AUTH_PW after
a successfull '.htaccess-login'?

I wan't to give all users the possibility to 'logout'.
I will destroy all sessions and unset $PHP_AUTH_USER,
but Apache still knows that there was a successfull login
a few minutes before.

Thanx

-- 
phpArbeitsgruppe in Gruendung - Jochen Kaechelin
Stuttgarter Str.3, D-73033 Goeppingen
Tel. 07161-92 95 94, Fax 07161-92 95 98
http://www.php-arbeitsgruppe.de, mailto:[EMAIL PROTECTED]

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]




Hi Nathan,

It's a hex dump and it reads:

 sr java.util.Properties9c~ L defaultst
Ljava/util/Properties;xr java.util.HashtableREUR0 $`
Df7F$ -F?&W6?G??@     w      t imaget J<IMG
SRC="http://mediabank.edventures.com/edventures/labs/bricks_web.jpg";>t
texttIt is important to emphasize that a facilitator does not need to be
an expert in the various subject areas, but should become familiar with the
projects and materials that students will be doing, and be aware of how to
get help or look up terms and answers.  In particular, familiarity with the
LEGO<sup>&reg;</sup> elements is highly recommended.  PCS has developed a
separate course focusing on the use of the LEGO<sup>&reg;</sup> materials.
All facilitators should schedule time to take this additional course.xp

Rudolf Visagie
QEDI

-----Original Message-----
From: Nathan Cook [mailto:[EMAIL PROTECTED]]
Sent: 30 April 2001 10:31
To: Php List
Subject: [PHP] String Type Unknown


I have this string:

0ffffffac0ffffffed0005737200146a6176612e7574696c2e50726f7065727469657339120f
ffff
fd07a70363e0ffffff980200014c000864656661756c74737400164c6a6176612f7574696c2f
5072
6f706572746965733b787200136a6176612e7574696c2e486173687461626c65130ffffffbb0
f252
14a0ffffffe40ffffffb803000246000a6c6f6164466163746f724900097468726573686f6c6
4787
03f4000000000000877080000000300000002740005696d61676574004a3c494d47205352433
d226
87474703a2f2f6d6564696162616e6b2e656476656e74757265732e636f6d2f656476656e747
5726
5732f6c6162732f627269636b735f7765622e6a7067223e74000474657874740202497420697
3206
96d706f7274616e7420746f20656d70686173697a652074686174206120666163696c6974617
46f7
220646f6573206e6f74206e65656420746f20626520616e2065787065727420696e207468652
0766
172696f7573207375626a6563742061726561732c206275742073686f756c64206265636f6d6
5206
6616d696c6961722077697468207468652070726f6a6563747320616e64206d6174657269616
c732
0746861742073747564656e74732077696c6c20626520646f696e672c20616e6420626520617
7617
265206f6620686f7720746f206765742068656c70206f72206c6f6f6b207570207465726d732
0616
e6420616e73776572732e2020496e20706172746963756c61722c2066616d696c69617269747
9207
769746820746865204c45474f3c7375703e267265673b3c2f7375703e20656c656d656e74732
0697
320686967686c79207265636f6d6d656e6465642e20205043532068617320646576656c6f706
5642
06120736570617261746520636f7572736520666f637573696e67206f6e20746865207573652
06f6
620746865204c45474f3c7375703e267265673b3c2f7375703e206d6174657269616c732e202
0416
c6c20666163696c697461746f72732073686f756c64207363686564756c652074696d6520746
f207
4616b652074686973206164646974696f6e616c20636f757273652e7870

And I don't know what type it is.  It is it a binary string?  Can I convert
it
to text and if so, how?

Thank You,
Nathan Cook
[EMAIL PROTECTED]


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]


Reply via email to