php-windows Digest 23 Sep 2002 20:45:24 -0000 Issue 1353
Topics (messages 15952 through 15964):
Re: Cookies do not work
15952 by: brother - Martin Bagge
15953 by: Sjaak
15954 by: brother - Martin Bagge
15955 by: Sjaak
15956 by: Sjaak
Re: GET / POST
15957 by: Carl Caamano
15958 by: Matt Kynaston
15959 by: Carl Caamano
15960 by: Matt Kynaston
15961 by: Carl Caamano
15962 by: Dash McElroy
Re: Test
15963 by: +Alibi_
Problem uploading a file (bug in PHP 4.2.3 !?) worked with 4.2.2
15964 by: Jose
Administrivia:
To subscribe to the digest, e-mail:
[EMAIL PROTECTED]
To unsubscribe from the digest, e-mail:
[EMAIL PROTECTED]
To post to the list, e-mail:
[EMAIL PROTECTED]
----------------------------------------------------------------------
--- Begin Message ---
You cannot use the cookies in the same as you stated them.
http://www.php.net/manual/en/function.setcookie.php
see common pitfalls.
You have to do it like: set cookie > new page to check the cookies.
/brother
> -----Original Message-----
> From: Sjaak [mailto:[EMAIL PROTECTED]]
> Sent: den 23 september 2002 09:15
> To: [EMAIL PROTECTED]
> Subject: [PHP-WIN] Cookies do not work
>
>
> Dear all,
>
> I have a Windows2000 server with PHP & IIS5
>
> My customer has written the following script:
>
>
>
>
> <?php
> //Verbinding maken met de database
> include("db/beheer/dbconnect.php");
>
> setcookie('test','Dit komt uit een cookie!!',time(0)+3600,'/','',0);
>
>
> echo "<br><table align='center'><tr><td><font
> size='+1'><b>Openingstijden:</b></font></td></tr></table><br>";
>
> $query = mysql_query ("SELECT * from openingstijden");
>
> echo "<table align='center' border='1'>";
> echo
> "<tr><td><b>Nr.</b></td><td><b>Vestiging</b></td><td><b>Maanda
> g</b></td><td>
> </td></tr>";
>
> //$teller = 1;
> while ($row = mysql_fetch_array ($query))
> {
> echo "<tr><td>".$teller."</td>";
> echo "<td>";
> if ($row['vestigingid'] == 1)
> {
> echo "Trio woonplaza / Profijtmeubel";
> }
> if ($row['vestigingid'] == 2)
> {
> echo "Trendhopper Druten";
> }
> if ($row['vestigingid'] == 3)
> {
> echo "Trendhopper Arnhem";
> }
> echo "</td>";
>
> echo "<td>van ".$row['maandagopen']." tot
> ".$row['maandagsluiten']."</td>";
> $teller = $teller+1;
> echo "</tr>";
> }
> echo "</table>";
>
> if (empty($HTTP_COOKIE_VARS))
> {
> echo "<br><center><b>KAN GEEN COOKIE VINDEN :-(</b></center>";
> }
> else
> {
> $cookie = $HTTP_COOKIE_VARS["test"];
> echo "<br><center><b>COOKIE GEVONDEN!! inhoud =
> ".$cookie."</b></center>";
> }
>
> ?>
>
>
> But when displaying we cannot get the cookie been displayed.
> Also after
> refresh the browser.
>
> Does anyone has an idea? Setting in my PHP.INI?
>
> Please help me!
>
> Cheers,
> Jacco
>
>
>
> --
> PHP Windows Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
--- End Message ---
--- Begin Message ---
Yo bro,
When i launch the file info.php with the following URL:
http://localhost/info.php i see the cookie.
When i launch the same file from my webserver:
http://www.website.com/info.php i get the message no cookie find?
Please help me!
Thx in advance.
"Brother - Martin Bagge" <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> You cannot use the cookies in the same as you stated them.
>
> http://www.php.net/manual/en/function.setcookie.php
> see common pitfalls.
>
>
> You have to do it like: set cookie > new page to check the cookies.
>
> /brother
>
> > -----Original Message-----
> > From: Sjaak [mailto:[EMAIL PROTECTED]]
> > Sent: den 23 september 2002 09:15
> > To: [EMAIL PROTECTED]
> > Subject: [PHP-WIN] Cookies do not work
> >
> >
> > Dear all,
> >
> > I have a Windows2000 server with PHP & IIS5
> >
> > My customer has written the following script:
> >
> >
> >
> >
> > <?php
> > //Verbinding maken met de database
> > include("db/beheer/dbconnect.php");
> >
> > setcookie('test','Dit komt uit een cookie!!',time(0)+3600,'/','',0);
> >
> >
> > echo "<br><table align='center'><tr><td><font
> > size='+1'><b>Openingstijden:</b></font></td></tr></table><br>";
> >
> > $query = mysql_query ("SELECT * from openingstijden");
> >
> > echo "<table align='center' border='1'>";
> > echo
> > "<tr><td><b>Nr.</b></td><td><b>Vestiging</b></td><td><b>Maanda
> > g</b></td><td>
> > </td></tr>";
> >
> > //$teller = 1;
> > while ($row = mysql_fetch_array ($query))
> > {
> > echo "<tr><td>".$teller."</td>";
> > echo "<td>";
> > if ($row['vestigingid'] == 1)
> > {
> > echo "Trio woonplaza / Profijtmeubel";
> > }
> > if ($row['vestigingid'] == 2)
> > {
> > echo "Trendhopper Druten";
> > }
> > if ($row['vestigingid'] == 3)
> > {
> > echo "Trendhopper Arnhem";
> > }
> > echo "</td>";
> >
> > echo "<td>van ".$row['maandagopen']." tot
> > ".$row['maandagsluiten']."</td>";
> > $teller = $teller+1;
> > echo "</tr>";
> > }
> > echo "</table>";
> >
> > if (empty($HTTP_COOKIE_VARS))
> > {
> > echo "<br><center><b>KAN GEEN COOKIE VINDEN :-(</b></center>";
> > }
> > else
> > {
> > $cookie = $HTTP_COOKIE_VARS["test"];
> > echo "<br><center><b>COOKIE GEVONDEN!! inhoud =
> > ".$cookie."</b></center>";
> > }
> >
> > ?>
> >
> >
> > But when displaying we cannot get the cookie been displayed.
> > Also after
> > refresh the browser.
> >
> > Does anyone has an idea? Setting in my PHP.INI?
> >
> > Please help me!
> >
> > Cheers,
> > Jacco
> >
> >
> >
> > --
> > PHP Windows Mailing List (http://www.php.net/)
> > To unsubscribe, visit: http://www.php.net/unsub.php
> >
--- End Message ---
--- Begin Message ---
Do you have the same PHPversion in the servers?
Is register_globals set to off or on in php.ini? Same setting in both
servers?
$_COOKIES is the new super global array for cookies, don't forget that =)
I cann't see any other explaniation but I'm new to this cookiething.
/brother
> -----Original Message-----
> From: Sjaak [mailto:[EMAIL PROTECTED]]
>
> When i launch the file info.php with the following URL:
> http://localhost/info.php i see the cookie.
> When i launch the same file from my webserver:
> http://www.website.com/info.php i get the message no cookie find?
>
> Please help me!
--- End Message ---
--- Begin Message ---
Thx for know
"Brother - Martin Bagge" <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Do you have the same PHPversion in the servers?
> Is register_globals set to off or on in php.ini? Same setting in both
> servers?
>
> $_COOKIES is the new super global array for cookies, don't forget that =)
>
> I cann't see any other explaniation but I'm new to this cookiething.
>
> /brother
>
> > -----Original Message-----
> > From: Sjaak [mailto:[EMAIL PROTECTED]]
> >
> > When i launch the file info.php with the following URL:
> > http://localhost/info.php i see the cookie.
> > When i launch the same file from my webserver:
> > http://www.website.com/info.php i get the message no cookie find?
> >
> > Please help me!
--- End Message ---
--- Begin Message ---
Yes the same version on both servers :(
register_globals is set to off (also tried with on, same result)
"Sjaak" <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Thx for know
>
>
> "Brother - Martin Bagge" <[EMAIL PROTECTED]> wrote in message
> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > Do you have the same PHPversion in the servers?
> > Is register_globals set to off or on in php.ini? Same setting in both
> > servers?
> >
> > $_COOKIES is the new super global array for cookies, don't forget that
=)
> >
> > I cann't see any other explaniation but I'm new to this cookiething.
> >
> > /brother
> >
> > > -----Original Message-----
> > > From: Sjaak [mailto:[EMAIL PROTECTED]]
> > >
> > > When i launch the file info.php with the following URL:
> > > http://localhost/info.php i see the cookie.
> > > When i launch the same file from my webserver:
> > > http://www.website.com/info.php i get the message no cookie find?
> > >
> > > Please help me!
>
>
--- End Message ---
--- Begin Message ---
I am also a newbie to PHP. I have been writing and copying code from the
web. It seems to me without having the register_global set to on, 99% of
the code out there is useless. I have been using the POST method for my
form method. I've tried modifiy code from the web to work without the
register_global being set. I get parse errors saying something like
T_VARIBLE ',' or ';' expected most the time.
For example how would you change this line?
if ( $sender_email and $message)
or i was thinking maybe you have to "import" your varibles at the beginning
of the script by having a bunch of lines simular to this:
$message = $_POST['message']
(being that the varible in the HTML page is called message, a text box in
this case)
TIA
"Rich Gray" <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Comments below...
>
> -----Original Message-----
> From: XXXPixie [mailto:[EMAIL PROTECTED]]
> Sent: 08 September 2002 09:52
> To: [EMAIL PROTECTED]
> Subject: [PHP-WIN] GET / POST
>
>
> hi! I'm a total newbie to php4 or web design and i (of course) have a
> problem:
> i'm using apache 2.x and php4 as a module.
> so, when i use the GET method to pass data to my php script:
>
> script.php?x=5
>
>
> i can't access it as a normal global variable:
>
> <?php
> print $x;
> ?>
>
> the only way i can get to it is:
>
> <?php
> print _GET['x']
> ?>
>
> what's wrong?
>
> RG> PHP v4.2.x has register_globals set to Off by default which is why you
> have to access the _GET superglobal array - if security is not an issue
then
> either switch on register_globals again or do something like
extract($_GET)
> or extract($_REQUEST) at the top of your script...
>
>
> by the way, what's the difference between GET and POST methods anyway?
>
> RG> Very briefly .... http get method passes data via the query
string/url,
> http post method data is sent via the http headers - post method is more
> secure (can't be tampered with easily) and can handle large data
> transmissions with binary data, get is bookmarkable but is limited in size
> and can be easily modified by a user...
>
> HTH
> RIch
>
>
> --
> PHP Windows Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
--- End Message ---
--- Begin Message ---
Yeah, lots of lazy coders out there (me included :). You can try something
like this at the top of your script to mimic register_globals if you don't
have access to your php.ini - keep in mind security risks:
if (!ini_get('register_globals')) {
// mimic GPCS order
if ($_GET) extract($_GET);
if ($_POST) extract($_POST);
}
This doesn't 'register' cookie or session vars.
Matt
> -----Original Message-----
> From: Carl Caamano [mailto:[EMAIL PROTECTED]]
> Sent: 23 September 2002 15:07
> To: [EMAIL PROTECTED]
> Subject: Re: [PHP-WIN] GET / POST
>
>
> I am also a newbie to PHP. I have been writing and copying
> code from the
> web. It seems to me without having the register_global set
> to on, 99% of
> the code out there is useless. I have been using the POST
> method for my
> form method. I've tried modifiy code from the web to work without the
> register_global being set. I get parse errors saying something like
> T_VARIBLE ',' or ';' expected most the time.
>
> For example how would you change this line?
>
> if ( $sender_email and $message)
>
> or i was thinking maybe you have to "import" your varibles at
> the beginning
> of the script by having a bunch of lines simular to this:
> $message = $_POST['message']
> (being that the varible in the HTML page is called message, a
> text box in
> this case)
>
> TIA
>
> "Rich Gray" <[EMAIL PROTECTED]> wrote in message
> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > Comments below...
> >
> > -----Original Message-----
> > From: XXXPixie [mailto:[EMAIL PROTECTED]]
> > Sent: 08 September 2002 09:52
> > To: [EMAIL PROTECTED]
> > Subject: [PHP-WIN] GET / POST
> >
> >
> > hi! I'm a total newbie to php4 or web design and i (of
> course) have a
> > problem:
> > i'm using apache 2.x and php4 as a module.
> > so, when i use the GET method to pass data to my php script:
> >
> > script.php?x=5
> >
> >
> > i can't access it as a normal global variable:
> >
> > <?php
> > print $x;
> > ?>
> >
> > the only way i can get to it is:
> >
> > <?php
> > print _GET['x']
> > ?>
> >
> > what's wrong?
> >
> > RG> PHP v4.2.x has register_globals set to Off by default
> which is why you
> > have to access the _GET superglobal array - if security is
> not an issue
> then
> > either switch on register_globals again or do something like
> extract($_GET)
> > or extract($_REQUEST) at the top of your script...
> >
> >
> > by the way, what's the difference between GET and POST
> methods anyway?
> >
> > RG> Very briefly .... http get method passes data via the query
> string/url,
> > http post method data is sent via the http headers - post
> method is more
> > secure (can't be tampered with easily) and can handle large data
> > transmissions with binary data, get is bookmarkable but is
> limited in size
> > and can be easily modified by a user...
> >
> > HTH
> > RIch
> >
> >
> > --
> > PHP Windows Mailing List (http://www.php.net/)
> > To unsubscribe, visit: http://www.php.net/unsub.php
> >
>
>
>
> --
> PHP Windows Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
--- End Message ---
--- Begin Message ---
Thanks for the tip. I can get to my php.ini, but i was just wondering what
the "correct" way to code. I'm not sure what the security risks are, but I'm
going to check them out shortly at PHP.net. As for me, there is none,
because I am on an isolated (i.e. not public) network
I'm not sure if using $message instead of $_POST['message'] is lazy, but it
sure is a hell lot easier to type! Its more like what I am used to such as
in Perl or perhaps C. I've used those briefly, so don't quote me on that.
Java is my main programming background.
"Matt Kynaston" <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Yeah, lots of lazy coders out there (me included :). You can try something
> like this at the top of your script to mimic register_globals if you don't
> have access to your php.ini - keep in mind security risks:
>
> if (!ini_get('register_globals')) {
> // mimic GPCS order
> if ($_GET) extract($_GET);
> if ($_POST) extract($_POST);
> }
>
> This doesn't 'register' cookie or session vars.
>
> Matt
>
> > -----Original Message-----
> > From: Carl Caamano [mailto:[EMAIL PROTECTED]]
> > Sent: 23 September 2002 15:07
> > To: [EMAIL PROTECTED]
> > Subject: Re: [PHP-WIN] GET / POST
> >
> >
> > I am also a newbie to PHP. I have been writing and copying
> > code from the
> > web. It seems to me without having the register_global set
> > to on, 99% of
> > the code out there is useless. I have been using the POST
> > method for my
> > form method. I've tried modifiy code from the web to work without the
> > register_global being set. I get parse errors saying something like
> > T_VARIBLE ',' or ';' expected most the time.
> >
> > For example how would you change this line?
> >
> > if ( $sender_email and $message)
> >
> > or i was thinking maybe you have to "import" your varibles at
> > the beginning
> > of the script by having a bunch of lines simular to this:
> > $message = $_POST['message']
> > (being that the varible in the HTML page is called message, a
> > text box in
> > this case)
> >
> > TIA
> >
> > "Rich Gray" <[EMAIL PROTECTED]> wrote in message
> > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > > Comments below...
> > >
> > > -----Original Message-----
> > > From: XXXPixie [mailto:[EMAIL PROTECTED]]
> > > Sent: 08 September 2002 09:52
> > > To: [EMAIL PROTECTED]
> > > Subject: [PHP-WIN] GET / POST
> > >
> > >
> > > hi! I'm a total newbie to php4 or web design and i (of
> > course) have a
> > > problem:
> > > i'm using apache 2.x and php4 as a module.
> > > so, when i use the GET method to pass data to my php script:
> > >
> > > script.php?x=5
> > >
> > >
> > > i can't access it as a normal global variable:
> > >
> > > <?php
> > > print $x;
> > > ?>
> > >
> > > the only way i can get to it is:
> > >
> > > <?php
> > > print _GET['x']
> > > ?>
> > >
> > > what's wrong?
> > >
> > > RG> PHP v4.2.x has register_globals set to Off by default
> > which is why you
> > > have to access the _GET superglobal array - if security is
> > not an issue
> > then
> > > either switch on register_globals again or do something like
> > extract($_GET)
> > > or extract($_REQUEST) at the top of your script...
> > >
> > >
> > > by the way, what's the difference between GET and POST
> > methods anyway?
> > >
> > > RG> Very briefly .... http get method passes data via the query
> > string/url,
> > > http post method data is sent via the http headers - post
> > method is more
> > > secure (can't be tampered with easily) and can handle large data
> > > transmissions with binary data, get is bookmarkable but is
> > limited in size
> > > and can be easily modified by a user...
> > >
> > > HTH
> > > RIch
> > >
> > >
> > > --
> > > PHP Windows Mailing List (http://www.php.net/)
> > > To unsubscribe, visit: http://www.php.net/unsub.php
> > >
> >
> >
> >
> > --
> > PHP Windows Mailing List (http://www.php.net/)
> > To unsubscribe, visit: http://www.php.net/unsub.php
> >
> >
>
--- End Message ---
--- Begin Message ---
Like I said, I'm lazy too. I guess the security risks are down to giving any
user the chance to set any variable on your page to whatever they feel like
at the beginning of the script - by simply playing with the URL. An extreme
example of what could go wrong is something like:
if ($foo == $bar) {
$cmd = "/a/script/to/run";
}
// some code
if ($cmd) {
exec($cmd);
}
You think you're ok - if you haven't set $cmd, it doesn't run. But then some
donkey goes sets cmd=[something malicious] in the URL and you're in trouble.
'Course, there should be much more sanity checking before ever calling exec,
but that's the idea.
Using $_POST, $_GET and $_REQUEST is more portable, and you can get at them
from inside classes and functions too. What you do in the privacy of your
server is your own business, but I'd recommend them if you're going to be
sharing your code.
Matt
> -----Original Message-----
> From: Carl Caamano [mailto:[EMAIL PROTECTED]]
> Sent: 23 September 2002 16:08
> To: [EMAIL PROTECTED]
> Subject: Re: [PHP-WIN] GET / POST
>
>
> Thanks for the tip. I can get to my php.ini, but i was just
> wondering what
> the "correct" way to code. I'm not sure what the security
> risks are, but I'm
> going to check them out shortly at PHP.net. As for me, there is none,
> because I am on an isolated (i.e. not public) network
> I'm not sure if using $message instead of $_POST['message']
> is lazy, but it
> sure is a hell lot easier to type! Its more like what I am
> used to such as
> in Perl or perhaps C. I've used those briefly, so don't
> quote me on that.
> Java is my main programming background.
>
> "Matt Kynaston" <[EMAIL PROTECTED]> wrote in message
> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > Yeah, lots of lazy coders out there (me included :). You
> can try something
> > like this at the top of your script to mimic
> register_globals if you don't
> > have access to your php.ini - keep in mind security risks:
> >
> > if (!ini_get('register_globals')) {
> > // mimic GPCS order
> > if ($_GET) extract($_GET);
> > if ($_POST) extract($_POST);
> > }
> >
> > This doesn't 'register' cookie or session vars.
> >
> > Matt
> >
> > > -----Original Message-----
> > > From: Carl Caamano [mailto:[EMAIL PROTECTED]]
> > > Sent: 23 September 2002 15:07
> > > To: [EMAIL PROTECTED]
> > > Subject: Re: [PHP-WIN] GET / POST
> > >
> > >
> > > I am also a newbie to PHP. I have been writing and copying
> > > code from the
> > > web. It seems to me without having the register_global set
> > > to on, 99% of
> > > the code out there is useless. I have been using the POST
> > > method for my
> > > form method. I've tried modifiy code from the web to
> work without the
> > > register_global being set. I get parse errors saying
> something like
> > > T_VARIBLE ',' or ';' expected most the time.
> > >
> > > For example how would you change this line?
> > >
> > > if ( $sender_email and $message)
> > >
> > > or i was thinking maybe you have to "import" your varibles at
> > > the beginning
> > > of the script by having a bunch of lines simular to this:
> > > $message = $_POST['message']
> > > (being that the varible in the HTML page is called message, a
> > > text box in
> > > this case)
> > >
> > > TIA
> > >
> > > "Rich Gray" <[EMAIL PROTECTED]> wrote in message
> > > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > > > Comments below...
> > > >
> > > > -----Original Message-----
> > > > From: XXXPixie [mailto:[EMAIL PROTECTED]]
> > > > Sent: 08 September 2002 09:52
> > > > To: [EMAIL PROTECTED]
> > > > Subject: [PHP-WIN] GET / POST
> > > >
> > > >
> > > > hi! I'm a total newbie to php4 or web design and i (of
> > > course) have a
> > > > problem:
> > > > i'm using apache 2.x and php4 as a module.
> > > > so, when i use the GET method to pass data to my php script:
> > > >
> > > > script.php?x=5
> > > >
> > > >
> > > > i can't access it as a normal global variable:
> > > >
> > > > <?php
> > > > print $x;
> > > > ?>
> > > >
> > > > the only way i can get to it is:
> > > >
> > > > <?php
> > > > print _GET['x']
> > > > ?>
> > > >
> > > > what's wrong?
> > > >
> > > > RG> PHP v4.2.x has register_globals set to Off by default
> > > which is why you
> > > > have to access the _GET superglobal array - if security is
> > > not an issue
> > > then
> > > > either switch on register_globals again or do something like
> > > extract($_GET)
> > > > or extract($_REQUEST) at the top of your script...
> > > >
> > > >
> > > > by the way, what's the difference between GET and POST
> > > methods anyway?
> > > >
> > > > RG> Very briefly .... http get method passes data via the query
> > > string/url,
> > > > http post method data is sent via the http headers - post
> > > method is more
> > > > secure (can't be tampered with easily) and can handle large data
> > > > transmissions with binary data, get is bookmarkable but is
> > > limited in size
> > > > and can be easily modified by a user...
> > > >
> > > > HTH
> > > > RIch
> > > >
> > > >
> > > > --
> > > > PHP Windows Mailing List (http://www.php.net/)
> > > > To unsubscribe, visit: http://www.php.net/unsub.php
> > > >
> > >
> > >
> > >
> > > --
> > > PHP Windows Mailing List (http://www.php.net/)
> > > To unsubscribe, visit: http://www.php.net/unsub.php
> > >
> > >
> >
>
>
>
> --
> PHP Windows Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
--- End Message ---
--- Begin Message ---
What I really would like to know is how do I change this line to a PHP4
compatible line without having the register_global set to on.
The orginal code is
$msg = "Sender Name:\t $sender_name\n";
I've tried these:
$msg = "Sender Name:\t $_POST['sender_name']\n";
$msg = "Sender Name:\t" $_POST['sender_name'] "\n";
$msg = "Sender Name:\t"+ $_POST['sender_name']+ "\n";
The first two I get a parse error, the last I get the value 0. I can easily
do $msg = $_POST['sender_name']; , but some how I can't get it to work with
text added. I even figured out an echo statement by doing echo "blah
blah",$_POST['varible']."blah". However it doesn't work for assigning a
varible. perhaps $msg = "blah"; $msg .= $_POST['varible']; $msg .="blah
blah" would work? I haven't tried that yet. I am assuming .= is some sort
of appending or concatintating operator.
"Matt Kynaston" <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Like I said, I'm lazy too. I guess the security risks are down to giving
any
> user the chance to set any variable on your page to whatever they feel
like
> at the beginning of the script - by simply playing with the
<truncated>
--- End Message ---
--- Begin Message ---
Looks like you've got a syntax error trying to concatentate strings.
$msg = "Sender Name:\t" . $_POST['sender_name'] . "\n";
(notice the dots there inbetween the quotes... it's easier to see when you
have an editor that has syntax highlighting).
-Dash
If all the world's a stage, I want to operate the trap door.
-- Paul Beatty
On Mon, 23 Sep 2002, Carl Caamano wrote:
> What I really would like to know is how do I change this line to a PHP4
> compatible line without having the register_global set to on.
> The orginal code is
>
> $msg = "Sender Name:\t $sender_name\n";
>
> I've tried these:
>
> $msg = "Sender Name:\t $_POST['sender_name']\n";
> $msg = "Sender Name:\t" $_POST['sender_name'] "\n";
> $msg = "Sender Name:\t"+ $_POST['sender_name']+ "\n";
> The first two I get a parse error, the last I get the value 0. I can easily
> do $msg = $_POST['sender_name']; , but some how I can't get it to work with
> text added. I even figured out an echo statement by doing echo "blah
> blah",$_POST['varible']."blah". However it doesn't work for assigning a
> varible. perhaps $msg = "blah"; $msg .= $_POST['varible']; $msg .="blah
> blah" would work? I haven't tried that yet. I am assuming .= is some sort
> of appending or concatintating operator.
> "Matt Kynaston" <[EMAIL PROTECTED]> wrote in message
> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > Like I said, I'm lazy too. I guess the security risks are down to giving
> any
> > user the chance to set any variable on your page to whatever they feel
> like
> > at the beginning of the script - by simply playing with the
>
> <truncated>
>
>
>
> --
> PHP Windows Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
--- End Message ---
--- Begin Message ---
Bleh Test!!
--
Anthony Shapley
www.ants-resource.com
ICQ: 167013817
Yahoo: the_php_coder
Msn: [EMAIL PROTECTED]
Aim: AntsResource
"+Alibi_" <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Oh what the hell one more!
> ------------------------------------------------
> Anthony Shapley
> www.ants-resource.com
> ICQ: 167013817
> Yahoo: the_php_coder
> Msn: [EMAIL PROTECTED]
> Aim: AntsResource
> "+Alibi_" <[EMAIL PROTECTED]> wrote in message
> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > Testing..
> > __________________________________________________________________
anthony
> > Shapley ICQ#: 167013817 Current ICQ status: + More ways to contact me
> > __________________________________________________________________
> >
> >
>
>
--- End Message ---
--- Begin Message ---
Hi,
I was working on some code and couldn't get the following form to return
anything under Windows XP with Apache 1.3.26 and PHP 4.2.3.
I've just tried in a Solaris machine with same versions of Apache and
PHP and it works just fine. Same with a Linux machine running Red Hat
and same versions of Apache and PHP. Could someone else confirm this
under XP?
I have the magic_quotes set to Off, but tried with On with the same
result. In fact the settings in the Unix machines and Windows XP with
regards to Apache and PHP are as close to each other as they can be.
If it's a known bug, is there any way I can patch or update my PHP to
have it working again?
Also, I believe it was working with PHP 4.2.2, though can't promise.
The following code will dump the contents of $_REQUEST and $_FILES. When
a file is selected under Windows XP (and the Apache server and PHP are
running in Windows XP) the information gets lost, without a trace of an
error. Works fine when the server is Solaris
Jose
===============================================
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Test</title>
</head>
<body>
<h1>Test</h1>
<p>
<?
echo '$_REQUEST = '; var_dump($_REQUEST); echo "<br>";
echo '$_FILES = '; var_dump($_FILES); echo "<br>";
?>
</p>
<form enctype="multipart/form-data" method="post" action="<? echo
$_SERVER['PHP_SELF']; ?>">
<input type="hidden" name="MAX_FILE_SIZE" value="<? echo 1000*1024; ?>"
/>
<input type="file" name="test" size="40">
<input type="submit" name="submit" value="Upload Test">
</form>
</body>
</html>
===============================================
--- End Message ---
