php-windows Digest 2 Mar 2002 14:43:27 -0000 Issue 1025
Topics (messages 12394 through 12398):
R: [PHP-WIN] error query
12394 by: Darvin Andrioli
Re: any comment?
12395 by: Ross Fleming
12396 by: John Meyer
12397 by: Shrock, Court
Dumb Question
12398 by: Cary
Administrivia:
To subscribe to the digest, e-mail:
[EMAIL PROTECTED]
To unsubscribe from the digest, e-mail:
[EMAIL PROTECTED]
To post to the list, e-mail:
[EMAIL PROTECTED]
----------------------------------------------------------------------
--- Begin Message ---
Hi Mark,
what is the value of $MID? Have it the table name or any other unespected
value?
Cheers
Darvin
> -----Messaggio originale-----
> Da: Mark Sweeney [mailto:[EMAIL PROTECTED]]
> Inviato: sabato 2 marzo 2002 0.17
> A: [EMAIL PROTECTED]
> Oggetto: [PHP-WIN] error query
>
>
> Sorry to bother, but I am having a severe problem with this
> (probably stupidly) flawed code.
>
> It is part of a script to call descriptions for images along with
> their filenames from a mysql database. trouble is, it doesnt
> work, and it claims that I have a syntax error near "LIMIT 10"
>
> The code is below, and i would be very thankful if anyone could
> point out jsut hwat I am doing wrong
>
> $newpics = mysql_query("SELECT ID, alt FROM $MID LIMIT 10");
> if (!$newpics) {
> echo( "<p>Error performing query " . mysql_error() . "</p>" );
> exit();
> }
> while ( $row = mysql_fetch_array($newpics) ) {
> $id=$row[ID];
> $alt=$row[alt];
> $alt = htmlspecialchars($alt);
> $alt = eregi_replace("\[b]","<b>",$alt);
> $alt = eregi_replace("\[/b]","</b>",$alt);
> $alt = eregi_replace("\[i]","<i>",$alt);
> $alt = eregi_replace("\[/i]","</i>",$alt);
> echo("<a href=\"viewer.php?title=$title&id=$id\">$alt</a><br>");
> }
> ?>
>
--- End Message ---
--- Begin Message ---
php-windows. Doesn't concern us. Lap in it while we have it! It's not
often windows users escape server bugs.
Besides, php.net have been showing this for a while now, they've released a
new version to tackle it:
from php.net's main page:
Due to a security issue found in all versions of PHP (including 3.x and
4.x), a new version of PHP has been released. Details about the security
issue are available here. All users of PHP are strongly encouraged to either
upgrade to PHP 4.1.2, or install the patch (available for PHP 3.0.18, 4.0.6
and 4.1.0/4.1.1).
Ross
-----Original Message-----
From: Afan Pasalic [mailto:[EMAIL PROTECTED]]
Sent: 01 March 2002 15:22
To: [EMAIL PROTECTED]
Subject: [PHP-WIN] any comment?
"Flaws found in PHP scripting language"
http://zdnet.com.com/2100-1105-847252.html
Any comment?
Afan
--- End Message ---
--- Begin Message ---
Patch done, end of story.
----- Original Message -----
From: "Afan Pasalic" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Friday, March 01, 2002 8:21 AM
Subject: [PHP-WIN] any comment?
"Flaws found in PHP scripting language"
http://zdnet.com.com/2100-1105-847252.html
Any comment?
Afan
--- End Message ---
--- Begin Message ---
re: open source and php--I agree with John
re: the article--It is a rather obvious attempt to take pressure off of
Microsoft.
The paragraph:
"In the past, Microsoft's Internet Information Server has had a slew of
problems with flaws in its components that allowed hackers and worms to
break in. This time, the software appears to be less vulnerable to the PHP
flaw."
has only one purpose, try and make microsoft look a little better. Yes,
this is a particularly bad bug, but a link to the patch was posted WITH the
advisory. In the microsoft world, patches are not so forcoming to their
enormous amounts of security problems--what's the average wait for a patch
from redmond to fix IIS--and more importantly, how many times has a patch
been necessary?
Nothing more than standard microsft tactics--an example:
"PHP is still a changing language. There are minor differences among PHP
releases. For example, include_once is only available from PHP 4.0 patch
level 1." from
http://www.microsoft.com/technet/treeview/default.asp?url=/TechNet/prodtechn
ol/iis/deploy/depovg/miglamp.asp
Microsoft is the king of marketing new features with their product releases
that are spread far apart. They put a negative spin on one of the many
awesome side-effects of open source--code constantly gets better in every
release no matter how tiny; this may be a foreign concept to those used to
the endless stream of security/bug fix patches from redmond--they get to
wait years (XP SP1 took a year) for an increase in features and they still
lack the code stability that the wait was supposed to afford them.
-----Original Message-----
From: John Meyer
To: [EMAIL PROTECTED]
Sent: 3/1/02 7:55 PM
Subject: Re: [PHP-WIN] any comment?
Patch done, end of story.
----- Original Message -----
From: "Afan Pasalic" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Friday, March 01, 2002 8:21 AM
Subject: [PHP-WIN] any comment?
"Flaws found in PHP scripting language"
http://zdnet.com.com/2100-1105-847252.html
Any comment?
Afan
--- End Message ---
--- Begin Message ---
I hate to ask such a dumb question, but :-)
I downloaded the security patch for php4.1.1 but have no clue how to apply it.
Would one of you please clue me in ?
Thanks,
Cary
--- End Message ---
