Re: [PHP] Simple PDF manipulation

[tg-php]

Yeah, this is exactly what we do at my work.  We have a license for PDFLib and 
essentually we load blank forms and then say take this text and position it at 
this location.  Kind of like putting words on a clear piece of acetate and 
overlaying it on top of a piece of paper.

If I recall, we had issues trying to do this with fpdf and some other PHP PDF 
libraries, but PDFlib allowed us to do it and it's what we've used ever since.

Actually, tedd.. did you use PDFlib or another library or maybe something in 
PHP5 (that we don't use yet)?  We may be moving off of PDFlib at some point and 
I may be looking for alternatives.  This is the main function we need.   
Ignorant question, but I havn't even thought of researching it yet and figured 
I'd ask while the topic was at hand.

-TG

= = = Original message = = =

Interesting, that's a good idea. I was not aware that it was possible  
to load an existing PDF into memory and then add stuff to it.


On Dec 27, 2006, at 7:28 AM, tedd wrote:

> At 6:32 AM -0800 12/27/06, Brian Dunning wrote:
>> Let's say I have a complicated PDF document, like a Christmas  
>> card, that was made in Illustrator -- too complicated to easily  
>> create from scratch using PDFlib. Is there a way to use PHP make  
>> simple text changes - like changing "Dear XXX" to "Dear John"?  
>> I've opened the files with a text editor and cannot locate the  
>> simple text, it appears to be encoded somehow. The PDF has no  
>> security or encryption in it. Thanks
>
> Brian:
>
> I'm not saying that there is/isn't a way to do this, but I tried  
> and failed.
>
> In my investigation, I found that the insides of a PDF file are not  
> conducive to a simple search and replace mechanism. The text is  
> encoded in some fashion that is not easy to decode and reassemble.
>
> The solution I came up with was to combine the existing PDF file  
> with my coding and write over (on top of) the old to produce the  
> new PDF that I wanted. In your case, take your Christmas Card with  
> a big space where "xxx" appears and then write over that space with  
> "John" in your new code.
>
> I wish someone would show me a simpler way to do this.
>
> hth's
>
> tedd
> -- 
> ---
> http://sperling.com  http://ancientstones.com  http://earthstones.com
>
> -- 
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>


___
Sent by ePrompter, the premier email notification software.
Free download at http://www.ePrompter.com.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] newbie question regarding URL parameters

[tg-php]

You'll probably get 50 answers to this, but here's probably what happened.

There's a setting called "register globals" that will turn your  name=me and 
age=27 into $name = "me" and $age = "27".  It used to be turned ON by default.  
This was generally considered to be bad security, so it now defaults to OFF.

To get these variables, just use the $_GET system variable.

$name = $_GET['name'];
$age = $_GET['age'];

Easy!

Best of luck!

-TG



= = = Original message = = =

Hello,

I have a newbie question regarding URL parameters.  The PHP script I
wrote need to read parameters passed in from a URL, so as an example

http://my.domain/myscript.php?name=me&age=27

and my script would use $name to get the value for name and $age to
get the value for age.

Everything was working fine until the sysadmin did a upgrade of the
PHP server, and $name and $age both give me nothing.

I am just wondering if the latest version of PHP has changed the way
to access url parameters. If so, what would be the correct way of
doing it?  Please help. Thanks.

- Jim


___
Sent by ePrompter, the premier email notification software.
Free download at http://www.ePrompter.com.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] mssql_* overhead

[tg-php]

I thought the same thing as Jochem... that resources like database connections, 
couldn't be stored in $_SESSION. You say that's how you have (had?) it set up 
and it was working, but still sounds wrong to me.

As for connections.. definitely don't open a new connection every time you run 
a function, unless it's run so rarely that it makes it more efficient to open 
and close within the function.   If it's a function run many times, you're 
definitely going to see a performance hit.

Typical procedure (at least how I've seen it done and done it myself at a few 
different jobs) is to open the connection once and close it once.  Which sounds 
like what you're doing now.

So was your question answered?   Sounds like there's still some lingering 
questions or curiosities...

-TG

= = = Original message = = =

On Jan 10, 2007, at 10:09 AM, Jochem Maas wrote:

> Philip Thompson wrote:
>> Hi.
>>
>> Does anyone know if the mssql_connect/_init/_bind/etc require a  
>> lot of
>> overhead?
>>
>> I have a page that requires multiple function calls and each of those
>> opens a new connection to the database, performs the necessary  
>> actions
>> in stored procedure(s), and then closes the connection. However, I  
>> found
>> this to be slower than I was wanting. So I thought, just create one
>> connection and assign it to the SESSION (a global), and in each  
>> function
>> that requires a connection, call that SESSION variable. At the end of
>> the page, close the connection and nullify the variable.
>
> I wouldn't stick it in the SESSION superglobal (my tactic is  
> usually to create
> a little wrapper class to the relevant DB functions and store the  
> connection
> as a property of the class/object.
>
> basically opening & closing the connection once per request is the  
> way to
> go - if your going to using a global, better [than $_SESSION] to  
> stick it
> in $GLOBALS imho.

Would there be any speed decrease with multiple users (hundreds)  
sharing this $GLOBALS variable (if that makes sense)?


> $_SESSION is used for persisting data over multiple requests -  
> something that
> is not possible to do for 'resource identifiers' (which is what the  
> connection [id] is).

BTW, it does work b/c that's how it's currently setup. I am open to  
changing it though. I should say, I'm creating at the beginning of  
the script and closing it at the end. So, it doesn't actually stay  
open throughout the whole user session.


>> Does anyone see a problem with doing it this way? Security concerns?
>> Anything?
>>
>> Thanks in advance,
>> ~Philip


___
Sent by ePrompter, the premier email notification software.
Free download at http://www.ePrompter.com.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] running exec() on client

[tg-php]

First.. I apologize for power-reading your message and not really grasping 
everything you're trying to do.  From the responses, it sounds like my vote 
would be for PDF as well, being a very universal format and very easy to work 
with and makes small enough for your needs.   If a file is still too big, maybe 
look at Zip'ing it (you should be able to compress it with PHP.. forget if you 
need an additional library or not, but that's a viable option as well).


But if you really need client side scripting and can't install Apache (or even 
if you can, but you're on a Windows box and don't want to have to), might I 
recommend http://www.winbinder.comRubem has done a brilliant job making a 
native PHP environment for Windows using standard Windows API.

Very similar to GTK, but not as clunky and ugly.. although Winbinder is really 
designed just for Windows environments, so no cross platforum client side GUI.  
But fantastic for Windows.

Good luck, whatever you decide.  And watch out for those female colleagues.. 
they tend to talk and one of them is bound to hear about your comments here :)

-TG

= = = Original message = = =

Hi,

I am looking for a solution to a server problem. I am part of a 2-person
team - I look after document scanning, OCR (by outside agencies) as well as
all development.

My colleague is responsible for obtaining copyright permission from
publishers (for what I do). Part of her process is sending emails to
publishers with Word attachments. These are presently being generated by PHP
on our NT server,but recently the process has started to slow down the
server to the point of uselessness.

I'm looking for an alternative way to do this. My colleague has rejected
text file attachments as looking unprofessional. I would like to find a way
of generating these files without actually needing to use COM, or winword on
the server. We looked at RTF templates but found the filesize too great.

One option I am considering is installing PHP on her PC and doing the letter
generation locally, but don't know how I'm going to trigger it esp as our IT
person has said I can't install Apache.

Doe anyone have any suggestions?


Cheers

George, an Englishman abroad in sunny Edinburgh


___
Sent by ePrompter, the premier email notification software.
Free download at http://www.ePrompter.com.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] sms through teleflip and php?

[tg-php]

I'm guessing the SMS system is rejecting the email because it's lacking some 
headers that mail programs tend to use... and spammers sometimes forget.

You might send your email from Thunderbird.. CC yourself on it.  Verify that it 
went through as a text message, then open the CC'd copy and look at the 
headers.  You can start by taking all those headers and putting them into your 
PHP script then slowly commenting some out until you get just what you need and 
not a lot of extra garbage (to keep it simple and semi-elegant).

That's where I'd start at least.

-TG

= = = Original message = = =

Has anyone been able to successfully send a text message using php and the
mail function?

It works fine if I open up thunderbird and send a message to
[EMAIL PROTECTED] but if I use the mail function:

mail("[EMAIL PROTECTED]", "test", "test");

It doesn't work.  I've tried several different approaches so was curious if
others have used it successfully.

Thanks!


___
Sent by ePrompter, the premier email notification software.
Free download at http://www.ePrompter.com.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] sms through teleflip and php?

[tg-php]

Maybe phpMailer isn't sending the correct headers either.  Sometimes all it 
takes is one missing header that a system is looking for and it may filter it 
as spam or something.

Again, I encourage you to examine the headers from your Thunderbird "good" 
email and compare it to your PHP and/or phpMailer headers that are getting 
sent.  Possibly try to emulate the successful email as much as possible by 
copying the headers from a known successful message.

If that doesn't work, then you may contact teleflip or whatever service you're 
trying to send text messages to and ask them if they can provide any 
information as to why it may not be going through.  Never know, might find 
someone with half a brain who can help.

-TG

= = = Original message = = =

I tried using phpMailer and all and it nothing seems to work right.  I can
send it fine through thunderbird but it just seems to complain via php.  Not
sure why.

On 1/16/07, [EMAIL PROTECTED] <[EMAIL PROTECTED]>
wrote:
>
> I'm guessing the SMS system is rejecting the email because it's lacking
> some headers that mail programs tend to use... and spammers sometimes
> forget.
>
> You might send your email from Thunderbird.. CC yourself on it.  Verify
> that it went through as a text message, then open the CC'd copy and look at
> the headers.  You can start by taking all those headers and putting them
> into your PHP script then slowly commenting some out until you get just what
> you need and not a lot of extra garbage (to keep it simple and
> semi-elegant).
>
> That's where I'd start at least.
>
> -TG
>
> = = = Original message = = =
>
> Has anyone been able to successfully send a text message using php and the
> mail function?
>
> It works fine if I open up thunderbird and send a message to
> [EMAIL PROTECTED] but if I use the mail function:
>
> mail("[EMAIL PROTECTED]", "test", "test");
>
> It doesn't work.  I've tried several different approaches so was curious
> if
> others have used it successfully.
>
> Thanks!


___
Sent by ePrompter, the premier email notification software.
Free download at http://www.ePrompter.com.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] md5

[tg-php]

MD5 is a hasing algorithm.. one-way..  really only good for checking known 
values and keeping them 'private', like storing passwords in a database.  That 
way, if someone breaks into your database, they don't get the passwords, only 
the non-reversible MD5 hashes of the passwords.

To check a user's login credentials, you take the database value for password 
and you compare it to md5($password) that the user entered and see if they 
match.

So the fact that MD5 is a well known algorithm doesn't really make a difference 
as far as security goes.

Then again, RSA, Blowfish, etc are well known algorithms and are considered at 
least fairly secure too.. and are reversible.

-TG


= = = Original message = = =

Hi,

Does md5 really offer much in terms of protection?

The algorithm is really well known.

I would like to hear your thoughts and poosible alternatives (mcrypt?)

R. 

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


___
Sent by ePrompter, the premier email notification software.
Free download at http://www.ePrompter.com.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] md5

[tg-php]

Still.. that has nothing to do with how well known MD5 is (so I stand by my 
point).All these databases are is a giant list of pre-MD5'd strings.  Brute 
force stuff, no magic behind it that allows for reversing MD5. You could 
technically do that with just about any crypto or hashing system.  Just happens 
that MD5 is one that's been focused on and more complicated systems would 
require exponentially more variables in what you'd have to enter.   For 
instance, you could do this with PGP, but I'm guessing you'd have to have at 
least two pass phrases and how many things go into generating the public and 
private keys, plus the message/file that was encrypted.  So for one short text 
string, you could possibly have a database as large as all the MD5 projects put 
together... but you could potentially do the same thing.   At that point it's 
highly prohibitive though.

I got the idea that MD5 really wasn't what he was looking for anyway, so going 
into detail about the security of it didn't seem fruitful.  I talk too much as 
it is. hah

This is a good point though.  MD5 isn't great security, particuarly with the 
databases like the one you mentioned, but most of us aren't storing national 
security documents.   As with security since the dawn of time, it's all a 
matter of how valuable is what you're protecting versus the cost of 
implementing a protection scheme.   7-11 doesn't hire secret service to protect 
against midnight robberies.

-TG



= = = Original message = = =

[EMAIL PROTECTED] wrote:
> So the fact that MD5 is a well known algorithm doesn't really make a 
> difference 
> as far as security goes.
  
Except for the fact of the growing number of databases that will map the 
hashes back to the clear text (for example: http://md5.benramsey.com/)
Of course it is nice because it is a common implementation, and can be 
done on the server side, as well as the client side.




___
Sent by ePrompter, the premier email notification software.
Free download at http://www.ePrompter.com.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] most powerful php editor

[tg-php]

God I love this list.. great answers everyone! (serious and non-serious :)

In addition to the editors listed, here's a few more to consider:

Crimson Editor - my personal favorite when I don't need code completion. Code 
highlights for many different types of code (including my beloved LUA files used
in World of Warcraft scripting hah).  I use the macro record/playback a lot.
http://www.crimsoneditor.com/

Emerald Editor - crimson editor has been abandoned for years (and still kicks 
ass), these guys hope to revive it as a new project called Emerald.  It's not 
done yet.
http://www.emeraldeditor.com/

Notepad++ - looks spiffy, but wasn't enough of of a change to get me to switch 
from Crimson editor (although it came damn close)
http://notepad-plus.sourceforge.net/uk/site.htm

Zend Studio - Still my 'professional' choice, but since it's a java app, it's 
kind of heavy on the system.  And it's made by the people who created the core 
PHP engine, so they know a few things.
http://www.zend.com/products/zend_studio

Komodo - Similar to Zend Studio.. but much like Notepad++ and Crimson Editor.. 
not enough of an 'upgrade' to get me to switch, but a former coworker swore by 
it.
http://www.activestate.com/Products/Komodo/


Should be enough to get you started investigating.

-TG

= = = Original message = = =

At 08:21 AM 1/21/2007, Robert Cummings wrote:

>On Sat, 2007-01-20 at 22:54 -0200, Vinicius C Silva wrote:
> > hi everyone!
> >
> > i'd like to ask something maybe commonly asked here. what is the most
> > powerful php editor?


___
Sent by ePrompter, the premier email notification software.
Free download at http://www.ePrompter.com.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] OT - Leaving

[tg-php]

Best wishes John!  We'll hold the fort and keep fighting the good fight in your 
absence. :)

Good luck to ya!

-TG

= = = Original message = = =

Howdy ladies and gents:

   For the past 9 or so years, with one email account or another, I have 
been subscribed to the PHP General Mailing List.  Well, life an work 
have succeeded in taking up all of my time, and the only thing I've been 
able to do with this list over the past year or so is select all the 
unread messages in my php folder, and hit the delete key.  If I've 
posted 10 messages over the past year, I'd be surprised (probably why 
you n00bs are saying to yourself, "who the hell is this guy").  I'm just 
popping in now to let y'all know that I'm off to join people like John 
and Jason in the world of, "what ever happened to him".  For those of 
you who give a damn ;)  I can be reached at numerous email addresses, 
including:

john  nichel  net
jnichel  by-tor  com

As well as the other in this email (which have already been harvested by 
a billion spam bots).

Have fun, and I'll see ya on the other side.

-- 
John C. Nichel IV
Programmer/System Admin (~berGeek)
Dot Com Holdings of Buffalo
716.856.9675
[EMAIL PROTECTED]


___
Sent by ePrompter, the premier email notification software.
Free download at http://www.ePrompter.com.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] bit wise math? Is there a function to easily return the bits?

[tg-php]

If there isn't a function to do exactly what you want, you could use dec2bin() 
to at least get the binary and work from there:

http://us3.php.net/manual/en/function.decbin.php

-TG

= = = Original message = = =

Is there a php function I can call to pass in a number and get the values
returned?

For example, pass in 7 and get 1,2,4 ?

Thanks!


___
Sent by ePrompter, the premier email notification software.
Free download at http://www.ePrompter.com.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] SQL Readability.. (was Re: most powerful php editor)

[tg-php]

My contribution to the insanity..  INSERT statements made easy:

$genericQY  = "INSERT INTO MOD_LMGR_Leads (";  $genericQYvalues  = " VALUES (";
$genericQY .= " FirstName,";   $genericQYvalues .= " 'John',";
$genericQY .= " LastName"; $genericQYvalues .= " 'Smith'";
$genericQY .= " )";$genericQYvalues .= " );";
$genericQY .= $genericQYvalues;
$genericRS = mysql_query($genericQY);


I use this structure so if I decide that I don't need certain data I can 
comment out a single line to remove the column name and corresponding value.  
Also helpful for making updates to column/value pairs and not worry about the 
dreaded error involve # of columns not matching.

Only things you have to watch for:

1. Make sure you don't have a comma on the last item
2. Make sure you have spaces where appropriate so when it concatenates the 
strings, you don't get stuff crammed together (not really an issue with the 
INSERT statement, but I try to keep a consistant practice with all my queries 
so I don't slip up..   SELECT columnsFROM tableWHERE something = something is 
where it really gets ya if you forget spaces.. just as an example)
3. Make sure to remember to concatenate the "query" and "values" parts

I like to think this is a little "outside the box" thinking since common 
practice is "one command, one line" or "total chaos" hah.

Any comments on improving this or other unique stylistic ways people like to 
design their code?

-TG


= = = Original message = = =

On Wed, January 24, 2007 8:07 pm, Robert Cummings wrote:
> On Wed, 2007-01-24 at 18:23 -0600, Richard Lynch wrote:
>> On Wed, January 24, 2007 7:41 am, Roman Neuhauser wrote:
>> > # [EMAIL PROTECTED] / 2007-01-24 13:57:03 +0200:
>> >> and also in these days I'm looking for 19 inch (or more) wide LCD
>> >> sceerns to able to fit longer lines in my screen...
>> >
>> > Number of reading errors people make grows with line length,
>> > this has been known for as long as I remember.  You're increasing
>> the
>> > probability of bugs in the code, and get tired sooner because
>> > following
>> > long lines requires more energy.
>>
>> I believe those results are specific to what is being read.
>>
>> Surely it's easier to read:
>>
>> SELECT blah, blah, blah, blah, blah, blah, blah, blah, blah
>>
>> if it's all on one line, no matter how many fields there are, while
>> trying to read the code as a whole.
>>
>> Sure, it can be "hard" to find/read the individual field names, on
>> the
>> rare occasion that you need to do that...
>
> Dear Mr Lynch, normally I highly respect your commentary on the list,
> but today I think you've been-a-smoking the crackpipe a tad too much.
>
> There is no way in hell one long line of SQL is easier to read than
> formatted SQL that clearly delineates the clause structure.
>
> SELECT A.field1 AS afield1, A.field2 AS afield2, B.field1 AS bfield1,
> B.field2 AS bfield2, C.field1 AS cfield1, C.field2 AS cfield2,
> D.field1
> AS dfield1, D.field2 AS dfield2 FROM tableA as A LEFT JOIN tableB AS B
> ON B.fee = A.foo LEFT JOIN tableC AS C ON C.fii = B.fee LEFT JOIN
> tableD
> AS D ON D.fuu = C.fii WHERE A.foo = 'someValue' ORDER BY afield1 ASC,
> cfield2 ASC
>
> The above line "should" be on one line, but my email client might
> autowrap it. Either way, the following is formatted and is much
> clearer.
>
> SELECT
> A.field1 AS afield1,
> A.field2 AS afield2,
> B.field1 AS bfield1,
> B.field2 AS bfield2,
> C.field1 AS cfield1,
> C.field2 AS cfield2,
> D.field1 AS dfield1,
> D.field2 AS dfield2
> FROM
> tableA as A
> LEFT JOIN tableB AS B ON
> B.fee = A.foo
> LEFT JOIN tableC AS C ON
> C.fii = B.fee
> LEFT JOIN tableD AS D ON
> D.fuu = C.fii
> WHERE
> A.foo = 'someValue'
> ORDER BY
> afield1 ASC,
> cfield2 ASC
>
>
> While the above is contrived, most of us know such examples happen
> quite
> often in the wild. Not only is it easier to read, but the task of
> adding
> or removing selected fields is trivial.

I meant ONLY the SELECT part on a single line.

Only a moron would cram the FROM and all that into the same line.
:-)

$query = "SELECT blah1, blah2, blah3, ... blah147 ";
$query .= " FROM table1 ";
$query .= " LEFT OUTER JOIN table2 ";
$query .= "ON blah7 = blah42 ";
$query .= " WHERE blah16 ";
$query .= "   AND blah42 ";
$query .= " ORDER BY blah9, blah8 desc, blah6 ";

is what I go for.

The SELECT line is the only one that ever gets all that long, really...

-- 
Some people have a "gift" link here.
Know what I want?
I want you to buy a CD from some starving artist.
http://cdbaby.com/browse/from/lynch
Yeah, I get a buck. So?

___
Sent by ePrompter, the premier email notification software.
Free download at http://www.ePrompter.com.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.

Re: [PHP] SQL Readability.. (was Re: most powerful php editor)

[tg-php]

Strangely enough, Stut and Jochem, I DO find this more readable. Hah. I know, 
I'm insane.  I have done it the way you guys proposed, using an associative 
array and using the keys and values as the columns and insert values.  While 
that is what I'd call "tighter" code and when you understand what it's doing, 
is just as simple to maintain as how I do it, I do find my method more 
'readable'.

I tend to build queries in WinSQL first, then insert them into my PHP code.  
Some of which are fairly complicated and I find if I keep my PHP code similar 
to my SQL code, it makes it easier to go back and forth to tweak it.  They both 
have a similar look to me.

So instead of using:

$query  = "SELECT BunchOfJoinedColumns";
$query .= " FROM BunchOfJoinedTables";
$query .= " WHERE SomeConditions";
$query .= " AND MoreConditions";

for long complicated SELECT statements, then using the method you guys use for 
INSERT statements, I'm keeping my code consistant whether it's SELECT, INSERT, 
UPDATE, whatever.

To me, consistancy wins out in a choice between two (imo) equally easily 
maintained coding styles.

But hey.. I'm always willing to learn new stuff.  One reason I posted this was 
to see more of what other people did with their code, SQL queries in particular.

Cheers!

-TG



= = = Original message = = =

[EMAIL PROTECTED] wrote:
> My contribution to the insanity..  INSERT statements made easy:
> 
> $genericQY  = "INSERT INTO MOD_LMGR_Leads (";  $genericQYvalues  = " VALUES 
> (";
> $genericQY .= " FirstName,";   $genericQYvalues .= " 'John',";
> $genericQY .= " LastName"; $genericQYvalues .= " 'Smith'";
> $genericQY .= " )";$genericQYvalues .= " );";
> $genericQY .= $genericQYvalues;
> $genericRS = mysql_query($genericQY);

You call that readable??

$vals = array();
$vals['FirstName'] = 'John';
$vals['LastName'] = 'Smith';
$query = mysql_query(BuildInsert('MOD_LMGR_Leads', $vals));

function BuildInsert($table, $values)

 foreach (array_keys($values) as $key)
 $values[$key] = mysql_real_escape_string($values[$key]);

 $sql = 'insert into `'.$table.'` (`';
 $sql.= implode('`,`', array_keys($values));
 $sql.= '`) values ("';
 $sql.= implode('","', array_values($values));
 $sql.= '")';

 return $sql;


Note that this is a *very* cut down and untested version of BuildInsert.

-Stut


___
Sent by ePrompter, the premier email notification software.
Free download at http://www.ePrompter.com.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] OT - PHP Code Search

[tg-php]

Not too many ads on the pages after you find what you're searching for, and 
mostly just some "ads by google" type stuff.

Speaking of Google.. you can also go here for PHP code searching.. I do all my 
"cod" (sic) searching there!  Fresh!

http://www.google.com/codesearch?q=lang%3Aphp&hl=en&btnG=Search+Code

-TG

= = = Original message = = =

On Thu, 2007-02-01 at 22:51 +0200, WeberSites LTD wrote:
> www.php-cod-search.com/

[-TG edit: www.php-code-search.com/   Fixed!]

Why? Is this a new site you've set up with disgusting amounts of
advertising?

Cheers,
Rob.
-- 
..
| InterJinn Application Framework - http://www.interjinn.com |
::
| An application and templating framework for PHP. Boasting  |
| a powerful, scalable system for accessing system services  |
| such as forms, properties, sessions, and caches. InterJinn |
| also provides an extremely flexible architecture for   |
| creating re-usable components quickly and easily.  |
`'

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


___
Sent by ePrompter, the premier email notification software.
Free download at http://www.ePrompter.com.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] _GET('name') truncates

[tg-php]

I'll let everyone else do the "why the hell are you doing this?  security blah 
blah!  bad practice blah blah!" type stuff.. I'm sure there will be plenty.

One reason this may be happening is, depending on your browser, there's a limit 
to the number of characters you can have in a URL.

That seems to be cutting off around 900 characters.  That's a lot to put into a 
URL.

If you're really intent on setting up a PHP powered web page to test SQL 
statements, I might recommend using a web form either using input type=text or 
textarea form elements and a POST method instead of GET.

If you don't have control over the server but do everything remotely, you might 
consider seeing if there's a phpMyAdmin set up with your hosting service that 
you can use for database management/queries/etc.

If it's a localish database, you can still use phpMyAdmin, but might also have 
the option of setting up an ODBC connection and using a program like WinSQL or 
Navicat to connect and do queries and maintenance.

If you have more specific questions about any of this, feel free to ask.

-TG



= = = Original message = = =

Hi all,

I've written a php script, called test.php, consisting of the following 
statements:


Using the script with 'small' values for the parameter sql works fine. 
Although, using the script with the sql query as specified below

http://localhost/test.php?sql="SELECT orders_id, customers_id, 
customers_name, customers_company, customers_street_address, 
customers_suburb, customers_city, customers_postcode, customers_state, 
customers_country, customers_telephone, customers_email_address, 
customers_address_format_id, delivery_name, delivery_company, 
delivery_street_address, delivery_suburb, delivery_city, delivery_postcode, 
delivery_state, delivery_country, delivery_address_format_id, billing_name, 
billing_company, billing_street_address, billing_suburb, billing_city, 
billing_postcode, billing_state, billing_country, billing_address_format_id, 
payment_method, cc_type, cc_owner, cc_number, cc_expires, last_modified, 
date_purchased, orders_status, orders_date_finished, currency, 
currency_value FROM orders where ((date_purchased >= 18991230 and 
last_modified is null) or last_modified >= 18991230 ) and orders_status in 
(1,2,3) and ((date_purchased <= 20071201203454 and last_modified is null) or 
last_modified <= 20071201203454 )  and  orders_id = 2 order by 
date_purchased"

results in the following:

\"SELECT orders_id, customers_id, customers_name, customers_company, 
customers_street_address, customers_suburb, customers_city, 
customers_postcode, customers_state, customers_country, customers_telephone, 
customers_email_address, customers_address_format_id, delivery_name, 
delivery_company, delivery_street_address, delivery_suburb, delivery_city, 
delivery_postcode, delivery_state, delivery_country, 
delivery_address_format_id, billing_name, billing_company, 
billing_street_address, billing_suburb, billing_city, billing_postcode, 
billing_state, billing_country, billing_address_format_id, payment_method, 
cc_type, cc_owner, cc_number, cc_expires, last_modified, date_purchased, 
orders_status, orders_date_finished, currency, currency_value FROM orders 
where ((date_purchased >= 18991230 and last_modified is null) or 
last_modified >= 18991230 ) and orders_status in (1,2,3) and%2~n~

I do not understand why the value of the sql parameter is truncated. Any 
help is appreciated!!

Thanks in advance! 



___
Sent by ePrompter, the premier email notification software.
Free download at http://www.ePrompter.com.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] base64-encoding in cookies?

[tg-php]

Exactly what I was going to mention, Brad.  Here's some more info.

Quoted from PHP manual for urlencode():

"Returns a string in which all non-alphanumeric characters except -_. have been 
replaced with a percent (%) sign followed by two hex digits and spaces encoded 
as plus (+) signs. It is encoded the same way that the posted data from a WWW 
form is encoded, that is the same way as in application/x-www-form-urlencoded 
media type. This differs from the RFC1738 encoding (see rawurlencode()) in that 
for historical reasons, spaces are encoded as plus (+) signs."

Try this:

$space = " ";

echo "Urlencoded: " . urlencode($space) . "\n";
echo "Rawurlencoded: " . rawurlencode($space) . "\n";

And you get:

Urlencoded: +
Rawurlencoded: %20

If the only issue the OP is having is that the spaces are being transformed 
from + to  then maybe just do a urlencode($_COOKIE['AUTH']) and try 
doing the base64 decode off of that.  This assumes that urlencode() Doesn't 
mangle other data in the cookie data.

Or a string replace " " to "+".

Kind of a non-technical answer, so maybe there's a better way to do this.  
Maybe a setting in apache or PHP.  Don't really have time to research it right 
now, just wanted to point out the urlencode() and rawurlencode() info.

PHP manual pages here:

http://us3.php.net/manual/en/function.urlencode.php
http://us2.php.net/manual/en/function.rawurlencode.php

-TG

= = = Original message = = =

> -Original Message-
> From: Fletcher Mattox [mailto:[EMAIL PROTECTED]
> Sent: Wednesday, February 07, 2007 2:49 PM
> To: php-general@lists.php.net
> Subject: Re: [PHP] base64-encoding in cookies?
> 
> I wrote:
> 
> > A campus web server (not under my control) returns an authentication
> > string in a cookie named AUTH.  The cookie's value is an encrypted,
> > base64 encoded string.  Unfortunately, when I examine $_COOKIE['AUTH'],
> > it is clear that all of the '+' characters have been replaced with a ' '
> > character in the base64 string.  Why is this?  Obviously, this corrupts
> > the data and makes it impossible to base64-decode the string correctly.
> > I believe this is a php issue and not, say, an apache issue because a
> > perl program can correctly authenticate the same cookie based on perl's
> > $ENV'HTTP_COOKIE'.  i.e., the perl cookie contains the original '+'.
> > Does anyone know how to make php (v5.1.5) do the right thing with base64
> > encoded cookies?
> 
> This problem seems to be
> 
> ~http://bugs.php.net/bug.php?id=35523
> 
> where it was dismissed as "Bogus" without any explanation why.  It seems
> that '+' characters are intentionally converted to spaces in all cookies.
> This makes no sense to me.  Can someone explain it?
> 
> Thanks,
> Fletcher
> 
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
> 

Could it have something to do with url encoding?

For example:
http://example.com/page.php?foo=ABC+123

echo $_GET['foo']; // should produce: ABC 123

http://example.com/page.php?foo=ABC%2B123

echo $_GET['foo']; // should produce: ABC+123

HTH,

Brad

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


___
Sent by ePrompter, the premier email notification software.
Free download at http://www.ePrompter.com.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Sorting issue

[tg-php]

Well, kind of ugly but you can do something like this:

SELECT Position, CASE Position WHEN 'CEO' THEN 1 WHEN 'COO' THEN 2 WHEN 'CFO' 
THEN 3 WHEN 'HR' THEN 4 ELSE 99 END AS PositionSort
FROM SomeTable
ORDER BY PositionSort


That way you're not creating a whole new table to store the sorting values.

You can also just put the CASE sequence in your ORDER BY (I believe) so it 
doesn't get returned as a value.  Didn't test that, but it's a little thing 
either way.

-TG



= = = Original message = = =

I have been trying to figure out how to get this to work for a couple of
days.

 

I need to sort the results of a DB query based on the hierarchy of positions
within an organization. Since they are not necessarily alphabetical, the
best I can come up with is to assign a numerical value in a separate table
to each position, and reference that to sort it.

 

Is this the best way to do this? Or is there some other trick someone can
clue me in on?

 

My code now runs the query, and with a 

 

while ($row = mysql_fetch_assoc($result))



 *put results into an array*



 

statement I put each entry into an array

 

then I sort it like so.

 

array_multisort($array);

$count = 0;

while (isset ($array[$count]))



*display results in a table*

$count++;



 

 

 

Thanks,

 

Don


___
Sent by ePrompter, the premier email notification software.
Free download at http://www.ePrompter.com.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Text Editor for Windows?

[tg-php]

Lots of good recommendations have been made.. I just wanted to toss one more 
into the mix.  It hasn't been updated in years, but does a fantastic job, and 
so far I havn't been lured by Notepad++ or any of the others enough (even after 
trying them) to switch.  Check out Crimson Editor when you get a chance: 
http://www.crimsoneditor.com/

At some point, these guys hope to make a new version of Crimson called Emerald:

http://www.emeraldeditor.com/

-TG


= = = Original message = = =

I am finding that notepad is lacking when correcting syntax errors in my php 
code. No line numbers.

What can people recommend for use under Windows?

Thanks
Stephen


___
Sent by ePrompter, the premier email notification software.
Free download at http://www.ePrompter.com.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Sorting issue

[tg-php]

Paul's probably right..  putting the sorting values in a table would be eaiser 
to maintain.  I don't know what I was thinking with the whole "then you don't 
HAVE to create a table".  Both ways work..  but especially if you think the 
positions may change, then it'll be tons easier to update if they're in a table.

-TG

= = = Original message = = =

>= = = Original message = = =
>I need to sort the results of a DB query based on the hierarchy of positions
>within an organization. Since they are not necessarily alphabetical, the
>best I can come up with is to assign a numerical value in a separate table
>to each position, and reference that to sort it.


At 2/7/2007 01:10 PM, [EMAIL PROTECTED] wrote:
>Well, kind of ugly but you can do something like this:
>
>SELECT Position, CASE Position WHEN 'CEO' THEN 1 WHEN 'COO' THEN 2 
>WHEN 'CFO' THEN 3 WHEN 'HR' THEN 4 ELSE 99 END AS PositionSort
>FROM SomeTable
>ORDER BY PositionSort
>
>That way you're not creating a whole new table to store the sorting values.


If I might offer alternative advice, I *would* create a separate 
table of positions & sort sequence values, so that all the data can 
be edited in one mode (e.g., phpMyAdmin).  If some of your data is in 
MySQL and some of it's embedded in a query in a PHP script, it will 
be a little bit more of a hassle to maintain and a little more 
cryptic for the next developer who has to figure out what you've done 
after you abruptly run off to Tahiti.

SELECT Positions.Sort, Employees.Position, Employees.LastName, etc
FROM Employees, Positions
WHERE Employees.Position = Positions.Position
ORDER BY Positions.Sort, Employees.LastName

(Assuming more than one employee per position, I figure you'd want a 
secondary sort criterion.)

Regards,

Paul
__

Paul Novitski
Juniper Webcraft Ltd.
http://juniperwebcraft.com 


___
Sent by ePrompter, the premier email notification software.
Free download at http://www.ePrompter.com.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] round to nearest 500?

[tg-php]

$num = "749";
$rounded = round($num * 2, -3) / 2;
echo $rounded;

-TG

= = = Original message = = =

Is there an easy way in php to round to the nearest 500?

So if I have 600, I 500 and if I have 800 I want 1000?

Thanks!


___
Sent by ePrompter, the premier email notification software.
Free download at http://www.ePrompter.com.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] print() or echo

[tg-php]

As referenced in the manual ( http://us2.php.net/manual/en/function.echo.php ), 
check out this url:
http://www.faqts.com/knowledge_base/view.phtml/aid/1/fid/40

Short story, there is a difference, but the speed difference is negligable.

If anyone cares, I prefer echo too.  Not sure why.  Shorter to type, old habits 
(coming more from a scripting background than a "real programming" background 
even though I've done some of that too), who knows?  Part of it may be the 
desire to have my code do what it needs to do and nothing more.  Print returns 
a value, which I don't use, so why would I want it to do that?   That's a 
little anal retentive, but every little bit helps I suppose, even if it's a 
negligable difference.

-TG

= = = Original message = = =

On Tue, 2007-02-13 at 19:19 +0330, Danial Rahmanzadeh wrote:
> is it true that echo is a bit faster than print()? in general, when we don't
> need a return value, which one is better to choose?

Yes, echo is faster than print. I would suggest echo over print since it
is shorter and faster :)

Cheers,
Rob.
-- 
..
| InterJinn Application Framework - http://www.interjinn.com |
::
| An application and templating framework for PHP. Boasting  |
| a powerful, scalable system for accessing system services  |
| such as forms, properties, sessions, and caches. InterJinn |
| also provides an extremely flexible architecture for   |
| creating re-usable components quickly and easily.  |
`'



___
Sent by ePrompter, the premier email notification software.
Free download at http://www.ePrompter.com.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] print() or echo

[tg-php]

"negligible".. blarg spelling.  :)

= = = Original message = = =

As referenced in the manual ( http://us2.php.net/manual/en/function.echo.php ), 
check out this url:
http://www.faqts.com/knowledge_base/view.phtml/aid/1/fid/40

Short story, there is a difference, but the speed difference is negligable.

If anyone cares, I prefer echo too.  Not sure why.  Shorter to type, old habits 
(coming more from a scripting background than a "real programming" background 
even though I've done some of that too), who knows?  Part of it may be the 
desire to have my code do what it needs to do and nothing more.  Print returns 
a value, which I don't use, so why would I want it to do that?   That's a 
little anal retentive, but every little bit helps I suppose, even if it's a 
negligable difference.

-TG

= = = Original message = = =

On Tue, 2007-02-13 at 19:19 +0330, Danial Rahmanzadeh wrote:
> is it true that echo is a bit faster than print()? in general, when we don't
> need a return value, which one is better to choose?

Yes, echo is faster than print. I would suggest echo over print since it
is shorter and faster :)

Cheers,
Rob.
-- 
..
| InterJinn Application Framework - http://www.interjinn.com |
::
| An application and templating framework for PHP. Boasting  |
| a powerful, scalable system for accessing system services  |
| such as forms, properties, sessions, and caches. InterJinn |
| also provides an extremely flexible architecture for   |
| creating re-usable components quickly and easily.  |
`'



___
Sent by ePrompter, the premier email notification software.
Free download at http://www.ePrompter.com.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


___
Sent by ePrompter, the premier email notification software.
Free download at http://www.ePrompter.com.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] how do I just escape double quotes within a string?

[tg-php]

You could use addslashes():
http://us3.php.net/manual/en/function.addslashes.php

Or, the code you mentioned below, could be rewritten like:
str_replace("\"","\\"",$code);
or
str_replace('"','\"',$code);

And if you're doing it for a MySQL query call, then you want to use 
mysql-real-escape-string() instead of all that mess above:
http://www.php.net/manual/en/function.mysql-real-escape-string.php

What's happening with the example you gave is that you're having a conflict 
with using the same type of string encloser (what's the proper word for single 
and double quotes in this case? hah).

""" = "" with a dangling ".  Error.

"\"" = a string containing just a double quote.

Everything inside "" is interpreted.

Everything inside '' is taken literally.

'"' = a string containing a double quote

''' = '' with a dangling ' on the end
'\'' = a string containing '  (I think.. I think this is the only exception to 
no-interpretation-within-single-quotes)

Some more information on single and double quotes here:
http://us3.php.net/manual/en/language.types.string.php#language.types.string.syntax.single

-TG

= = = Original message = = =

If I use add slashes, it strips everything, I just want to replace all the
double quotes with slash double quote but this, of course, throws errors:

str_replace(""","\"",$code);


Thanks!


___
Sent by ePrompter, the premier email notification software.
Free download at http://www.ePrompter.com.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] round to nearest 500?

[tg-php]

For downward rounding, you'd always want to use floor() and use ceil() for 
rounding up.  round() rounds up on a 5, down on a 4 and below.

Example:
echo round(141.074, 2);  // 141.07
echo round(141.065, 2);  // 141.07


I thought round() (or maybe it was a rounding function in another language or 
something like Excel) did the supposed accounting trick of rounding up and down 
depending on the next "significant digit" or whatever you'd call it.

For example, 141.075 might round to 141.08 (because 7 is odd) and 141.065 might 
round to 141.06 (because 6 is even).  Or vice versa.  Supposedly this is an 
accounting trick that ultimatley works out in the end for proper rounding of 
money values.  Guess our PHP 4.3.4 here doesn't do that though.

-TG




= = = Original message = = =

At 7:57 PM +0100 2/12/07, Marc Weber wrote:
>On Mon, 12 Feb 2007 18:02:41 +0100, <[EMAIL PROTECTED]> wrote:
>
>>Is there an easy way in php to round to the nearest 500?
>Yeah
>$rouned = round($val/500) * 500;

I've always questioned the round() function.

I believe it has a downward bias, am I wrong?

tedd
-- 
---
http://sperling.com  http://ancientstones.com  http://earthstones.com


___
Sent by ePrompter, the premier email notification software.
Free download at http://www.ePrompter.com.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] round to nearest 500?

[tg-php]

hah yeah, always worth a little skepticism, but it seemed to make some kind of 
sense.   If you always round up or always round down, that's obviously not 
right and you end up losing potentially a lot of money or over-estimating the 
money involved.

Founding up for 5 through 9 and down for 0 through 4 seems like it makes some 
kind of sense, but apparently it doesn't work out that way.

I'm sure someone out there knows what I'm talking about (it might be the first 
time, but I know I'm not making this up hah), but rounding 0.75 up to 0.8 and 
0.65 down to 0.6 (or vice versa) is supposed to be more accurate or at least 
leads to fewer anomalies.

Someone feel like writing a quick script that generates random numbers and does 
the rounding based on these two ideas (doing it the 'hard way') and see how 
much variation there is after like 10,000 iterations?  If I have time later, 
I'll do it.  Now I'm even more curious.

-TG

= = = Original message = = =


>  Supposedly this is an accounting trick that 
> ultimatley works out in the end for proper rounding of money 
> values.  

Yeah works out for who? Bet it doesn't for the guy paying :P


___
Sent by ePrompter, the premier email notification software.
Free download at http://www.ePrompter.com.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] round to nearest 500?

[tg-php]

Ok, screw work.. it's snowing out anyway (not that that makes a real difference 
to doing PHP work inside), curiosity got the better of me.

btw.. the "banker" rounding code here was pulled from the round() manual page.  
It's not what I read before, but it's the same concept:

function bankers_round ($moneyfloat = null)
{
   $money_str = sprintf("%01.3f", round($moneyfloat, 3)); // convert to rounded 
(to the nearest thousandth) string
   $thous_pos = strlen($money_str)-1;// Thousandth string 
position
   $hundt_pos = strlen($money_str)-2;// Hundredth string 
position
   if ($money_str[$thous_pos] === "5") $money_str[$thous_pos] = 
((int)$money_str[$hundt_pos] & 1) ? "9" : "0"; // use a bitwise test, its 
faster than modulus
   // The above statement assists round() by setting the thousandth position to 
9 or zero if the hundredth is even or odd (respectively)
   return round($money_str, 2); // Return rounded value
}


for ($i = 0; $i < 1; $i++) {
  $rand = rand() / 1;
  $round += round($rand, 2);
  $banker += bankers_round($rand);
  $total += $rand;
}

echo "Total: $total\n";
echo "round() rounding: $round\n";
echo "Banker Rounding: $banker\n";


Results for one run:
Total: 1082648588.0678
round() rounding: 1082648588.52
Banker Rounding: 1082648588.21

Banker is closer in this case.  Total should round to around ..88.07

Next example...

Total: 1087871577.5462
round() rounding: 1087871578.04
Banker Rounding: 1087871577.83

Banker again closer..   should be around  ..77.55


Let's do 100,000 iterations now:

Total: 10769106454.867
round() rounding: 10769106456.21
Banker Rounding: 10769106456.15

Hmm....54.xx is a bit different than ..56.xx.   Technically the banker one 
is still closer, but you can see how after a while the numbers start to drift 
apart if you don't (can't?) maintain the precision to keep exact values.

I definitely don't want to be an accountant when I grow up.

-TG








= = = Original message = = =

hah yeah, always worth a little skepticism, but it seemed to make some kind of 
sense.   If you always round up or always round down, that's obviously not 
right and you end up losing potentially a lot of money or over-estimating the 
money involved.

Founding up for 5 through 9 and down for 0 through 4 seems like it makes some 
kind of sense, but apparently it doesn't work out that way.

I'm sure someone out there knows what I'm talking about (it might be the first 
time, but I know I'm not making this up hah), but rounding 0.75 up to 0.8 and 
0.65 down to 0.6 (or vice versa) is supposed to be more accurate or at least 
leads to fewer anomalies.

Someone feel like writing a quick script that generates random numbers and does 
the rounding based on these two ideas (doing it the 'hard way') and see how 
much variation there is after like 10,000 iterations?  If I have time later, 
I'll do it.  Now I'm even more curious.

-TG

= = = Original message = = =


>  Supposedly this is an accounting trick that 
> ultimatley works out in the end for proper rounding of money 
> values.  

Yeah works out for who? Bet it doesn't for the guy paying :P



___
Sent by ePrompter, the premier email notification software.
Free download at http://www.ePrompter.com.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] round to nearest 500?

[tg-php]

Ahh.. good call.

http://en.wikipedia.org/wiki/Rounding


Apprently it's called "banker's rounding" or "statistician's rounding" and is a 
little more complicated than just looking at the odd/even of the digit being 
arounded.

This is starting to get into some heavy math theory and scary stuff that I'll 
leave up to people much smarter than me as far as statistical analysis goes.

I'm still suprised nobody's mentioned Superman 3/Office Space in all this.

-TG

= = = Original message = = =

I think there's a fairly good article on it on wikipedia... but it's  
been a while since I read it and I don't have a link for you... sorry.



On Feb 13, 2007, at 12:32 PM, <[EMAIL PROTECTED]>  wrote:

> hah yeah, always worth a little skepticism, but it seemed to make  
> some kind of sense.   If you always round up or always round down,  
> that's obviously not right and you end up losing potentially a lot  
> of money or over-estimating the money involved.
>
> Founding up for 5 through 9 and down for 0 through 4 seems like it  
> makes some kind of sense, but apparently it doesn't work out that way.
>
> I'm sure someone out there knows what I'm talking about (it might  
> be the first time, but I know I'm not making this up hah), but  
> rounding 0.75 up to 0.8 and 0.65 down to 0.6 (or vice versa) is  
> supposed to be more accurate or at least leads to fewer anomalies.
>
> Someone feel like writing a quick script that generates random  
> numbers and does the rounding based on these two ideas (doing it  
> the 'hard way') and see how much variation there is after like  
> 10,000 iterations?  If I have time later, I'll do it.  Now I'm even  
> more curious.
>
> -TG
>
> = = = Original message = = =
>
> 
>>  Supposedly this is an accounting trick that
>> ultimatley works out in the end for proper rounding of money
>> values.
>
> Yeah works out for who? Bet it doesn't for the guy paying :P


___
Sent by ePrompter, the premier email notification software.
Free download at http://www.ePrompter.com.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] round to nearest 500?

[tg-php]

I don't buy "zero doesn't count".  But again, this is getting into serious 
math.  It should be good enough to say 0-4 = 0, 5-9 = 10, but if you don't keep 
strict high precision throughout the whole process and round at every step, 
things are going to be off no matter what.  It's just a matter of being off as 
little as possible (especially when it comes to money.. people are a little 
touchy about that).

Don't malign zero though..  :)

See also:
Zero: The Biography of a Dangerous Idea (Paperback) by Charles Seife

-TG

= = = Original message = = =

I wasn't aware of the accounting trick before today, but I believe I can 
explain it: If your numbers are statistically random, then the above 
solution will lead to an even distribution of rounding up and rounding down.

The reason is simple:
0: No rounding. It's already there. (8.0 doesn't need to be rounded to 8 
- it already *is* 8.)
1-4: You round down -> 4 of 9 times you round down.
5-9: You round up -> 5 of 9 times you round up.

So you round up 11.1% more often than you round down. As a result, if 
you round up when it's odd, and down when it's even, you eliminate the 
11.1% difference in when you'd round up then round down.

That said, if someone were aware of the above rounding trick, it 
wouldn't take someone very much effort to come up with things like "fee 
structures" or "pricing structures" that could take advantage of that 
scheme to force rounding errors to remain permanently in the person's favor.

I certainly hope that PHP continues to use the standard technique, and 
not the "accounting trick" above. :-)

jon


___
Sent by ePrompter, the premier email notification software.
Free download at http://www.ePrompter.com.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] WHERE problem

[tg-php]

Different strokes for different folks...

Might I toss a new recommendation into the mix?

SELECT text FROM fortunes ORDER BY RAND() LIMIT 1;



= = = Original message = = =

N~~meth Zolt~~n wrote:
> 2007. 02. 20, kedd keltez~~ssel 08.17-kor Jim Lucas ezt ~~rta:
>> Mike Shanley wrote:
>>> I'd like to think I understood code a little better than this, but I've 
>>> got a problem with my WHERE...
>>>
>>> I know it's the WHERE because I get a good result when I leave it out. 
>>> And the random function is also working... I honestly can't figure it 
>>> out. Thanks in advance for help with this laughable prob.
>>> ---
>>> // How many are there?
>>>
>>> $result = mysql_query("SELECT count(*) FROM fortunes");
>>> $max = mysql_result($result, 0);
>>>
>>> // Get randomized!... the moderated way...
>>>
>>> $randi = mt_rand(1, $max-1);
>>> $q = "SELECT text FROM fortunes WHERE index = '$randi'";
>>> $choose = mysql_query($q);
>>> $chosen1 = mysql_fetch_array($choose);
>> ARRAY???
> 
> what's wrong with that?
> http://hu.php.net/manual/en/function.mysql-fetch-array.php
> 
> and then you can of course refer to it with indexes, both numeric and
> associative
> I don't see anything problematic with that...
> 
> greets
> Zolt~~n N~~meth
> 
>>> // Ready to ship...
>>>
>> Referring to it via an index...  could be the problem
>>> $fortune = '"' . $chosen1[0] . 
>>> '"-Omniversalism.com';
>>>
>>> mysql_close();
>>>
>>
>> -- 
>> Enjoy,
>>
>> Jim Lucas
>>
>> Different eyes see different things. Different hearts beat on different 
>> strings. But there are times for you and me when all such things agree.
>>
>> - Rush
>>
> 
I would suggest using either assoc or row this way there is no 
confusion.  Plus it doesn't take as much resources. :)

-- 
Enjoy,

Jim Lucas

Different eyes see different things. Different hearts beat on different 
strings. But there are times for you and me when all such things agree.

- Rush



___
Sent by ePrompter, the premier email notification software.
Free download at http://www.ePrompter.com.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] WHERE problem

[tg-php]

Ah.. sorry Jay.  I had like 8,000 emails today and must have missed some of the 
original responses.

Or maybe I'm just trying to look smart by riding on your coat-tails.  Either 
way, apologies for the repeated information.

-TG

= = = Original message = = =

[snip]
Different strokes for different folks...

Might I toss a new recommendation into the mix?

SELECT text FROM fortunes ORDER BY RAND() LIMIT 1;
[/snip]

I suggested that yesterday. :)


___
Sent by ePrompter, the premier email notification software.
Free download at http://www.ePrompter.com.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] Getting Similar rows from db

[tg-php]

I don't think there's a way to do it with SQL in MySQL.  Jay's talking about a 
substring search within a field and what you really want is to know if two 
whole rows (multiple columns) within a database are similar or not.

You could pull in all the data and use PHP to figure out what's similar (bulky, 
brute force and potentially system resource hoggish)

You could try using a little logic to whittle it down to a few columns that you 
suspect may be similar.  Like if you're looking for duplicate contacts, you 
might check for duplicate phone numbers:

select Phone, count(*) from contacts group by Phone having count(*) > 1
(something like that.. syntax may be off a little)

Or may check addresses:

select Address, SUBSTRING(Address, 1, 5), count(*) from contacts group by 
SUBSTRING(Address, 1, 5) having count(*) > 1

You could get really crazy and use SOUNDEX(CONCAT(col1, col2, col3, col4)) and 
see if you get any duplicate entries.  No idea how well that'd work, but 
SOUNDEX is made for doing a basic comparison of two things to see if they're 
similar.  Maybe not as good as some other similar string comparisons in PHP, 
but not all of them are available in MySQL.

In PHP, see soundex(), metaphone(), similar_text() and levenshtein() for more 
information about similar string testing.

-TG

= = = Original message = = =

[snip]
I need a script that selects all similar rows from a database. Like
only the id would differ, but other fields would be the same as other
rows's fields.

I don't know if there is such a mysql statement like SELECT SIMILAR ...

Please assist me with using the right mysql statement or using php to
get similar rows from the db.
[/snip]

See http://www.mysql.com/like


___
Sent by ePrompter, the premier email notification software.
Free download at http://www.ePrompter.com.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] PHP 5.2.1: Some scripts are being parsed, but most aren't

[tg-php]

I've seen an issue similar to this a few times recently.  It involved a phpBB 
board I log onto periodically.   It seems that the server is really slow and 
after what seems to be a timeout period, sometimes I'll get a download request 
in Firefox.  If I let it download, I get an empty file.  I was worried that it 
was flaking and was actually sending PHP source code, but it didn't.

This seems to only happen if the server times out.  Like maybe the server is 
sending the PHP script to the PHP engine and not getting a response back as 
fast as it would like so it's assuming the engine failed.

I've seen it happen once on another server, but this other server (again with 
phpBB) seems to be a bit quicker so only saw the issue once.  But it appeared 
to be similar circumstances.. some kind of timeout interpretting the PHP script.

Not sure if it's a web server issue.  If maybe there's a setting in Apache to 
say "wait another 5 seconds for script interpretting to be done" and it 
wouldn't happen anymore.  Don't know and don't have time to research.  Just 
wanted to share a similar experience in case it gives any clues as to why yours 
is doing what it's doing.

-TG

= = = Original message = = =

Zolt~~n N~~meth wrote:
> 2007. 03. 28, szerda keltez~~ssel 14.42-kor Mario Guenterberg ezt ~~rta:
>   
>> On Wed, Mar 28, 2007 at 07:20:37AM -0500, Myron Turner wrote:
>> 
>>> It's hard to see how this could be a browser issue.  Firefox does not 
>>> parse the scripts.  The scripts are parsed on the server, under Apache.  
>>> The server outputs the result of the parsing and the browser displays 
>>> the result. 
>>>   
>> I know that the browser does not parse the scripts. But what the
>> hell is the problem? I have changed the apache log settings to debug 
>> and nothing to see in the log files. The amusing of this is the
>> old mozilla works fine with the same script. Firefox pop up a download
>> window. The script is well formed,  tags are included. I
>> would not be surprised when I see the source of the script in
>> firefox. But a download window???
>> 
>
> the download window is maybe because of incorrect content-type headers.
> it is possible that the older browser does not take care about that
> header, so the content is displayed ok, but the newer browser reads the
> header, cannot interpret it and so offers the download window
>
> check out what headers are the script is sending out
>
> greets
> Zolt~~n N~~meth
>
>   
>> The problem is very irregularly. Sometimes the effect steps on new
>> scripts, sometimes on old scripts that worked before. 
>>
>> Greetings
>> Mario
>>
>> 
>
>   

I think you have to keep in mind that the headers would not affect the 
actual content being sent to the browser from the server.  If the script 
is parsed as php on the server, it will be sent as text/html to the 
browser and displayed as parsed.  But if the server does not parse the 
script then the browser will receive a copy of the script itself and 
depending then on whether the browser recognizes the content-type as 
displayable, it will either display it or ask if you want to download it.

-- 

_
Myron Turner
http://www.room535.org
http://www.bstatzero.org
http://www.mturner.org/XML_PullParser/

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php



___
Sent by ePrompter, the premier email notification software.
Free download at http://www.ePrompter.com.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Form Handler Script Security Discussion

[tg-php]

Good topic.  It's touched on here and there in other questions, but always good 
to hit it head-on from time to time too.

First, mysql_real_escape_string() for inserting into MySQL and whatever equiv 
you can find for whatever other database you may be using.  addslashes() isn't 
so hot for database stuff.

Second, I'm not sure you can rely on HTTP Referrer.  Correct me if I'm wrong, 
but I believe it can be forged.  You can't rely on anything being received from 
the client for any kind of security checking.



If you have your users logging into a system, one method would be to start a 
session when they log in and store that session ID in your database.  Whenever 
the user accesses a page, their session ID can be checked against what's stored 
as their last used session.  If they don't match, log them out and request 
re-authentication.   Couple this with a check to see when their last access was 
so you can time them out and it's not a half bad method of making sure only the 
proper user is accessing the system.

I know, I said you can't rely on what the client sends and I guess session ID 
could be part of that.  But session IDs are a little less static than "server 
name".  If someone was monitoring your network traffic, they'd see all your 
clients sending the same referrer and could use that whenever they felt like 
it.  The session ID is a little more transient.  You could even destroy and 
create new sessions to help prevent someone from snagging a valid session ID 
that may be active all day and using it.

I'm sure there's at least a dozen decent methods of making sure your pages and 
forms are accessed by the people who you want to access them.  With varying 
degrees of security balanced with useability.  Just thought I'd toss out some 
stuff to chew on.

-TG


= = = Original message = = =

Just wondering how many of you actually use any type of secure coding
when doing form processing.  I'm guilty of not doing it all the time myself,
but I'm trying to get into the habit of doing so.  For example, I don't want
someone else modifying a form to auto-post values to my handler, so I would
use:



That's one method any other thoughts on that part?

Then, once the data is there, I try to remember to use addslashes(),
htmlspecialchars(), and other functions (as well as some I've written myself
over the years) to handle the data properly and securely when inserting it
into a database or processing it on anything more than a bare, basic level.



-- 
Daniel P. Brown
[office] (570-) 587-7080 Ext. 272
[mobile] (570-) 766-8107


___
Sent by ePrompter, the premier email notification software.
Free download at http://www.ePrompter.com.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Form Handler Script Security Discussion

[tg-php]

You can pass session ID data via the URL.  Ugly as it is, that's a viable 
option (that I see used a lot actually.. kinda drives me nuts but I understand 
it) for when you don't have people logging in and/or can't guarentee that 
cookies will be available.

As was mentioned a few times, CAPTCHA methods can help prevent bots and such 
from abusing your forms.  There's more types than just the 
characters-as-an-image style.  I don't know if they call fall under the name 
CAPTCHA, but there's audible tests, logic tests, math tests, etc.   Some are 
obscure enough to prevent blind bots from using them, but aren't good enough if 
someone bothers to look at them.

Say you had something that says "Please enter the answer:  5 + 3 = [input box]" 
or even something like "Type the word [somerandomword]: [inputbox]".  That 
would probably keep out a lot of the bots people just let run wild online, but 
if any of the bot programmers bothered to look at your page, it'd be simple to 
re-write the bot to answer the question.

I've seen "password" systems that didn't have you enter a password, but rather 
click on a sequence of images.  Your "password" may be star-wavy lines-dog.  
You could do something similar when a user filled out a form.

And yeah, never too late to start using mysql_real_escape_string() hah.  Well, 
guess it COULD be too late in some cases, but it's definitely good practice to 
get into.   It'll escape more than just the stuff addslashes() does.  Things 
that are specific to MySQL and secure inserting/updating.

I wrote a wrapper function that does mysql_real_escape_string() but also takes 
a parameter for the type of data going into the database and returns a 
'cleaned' version of the string for inserting/updating.  We store phone numbers 
and SSNs as all numbers, so one thing it does is check length and remove 
anything that's not a number.  Keeps the data consistant and clean too.

But that's another (related) topic.

-TG

= = = Original message = = =

TG,

Great point on the mysql_real_escape_string().  I think I should
actually start using that (better late than never, I guess).

Again, though session variables are great, but what about the
overall case?  If you're doing a login form and permissions-based area of a
website, sessions are fine, because the user will just have to deal with the
fact that cookies are required but what about something simpler?  If
we're just posting, say, a contact form, we should require the user to alter
their browser security settings just to send us an email.

-- 
Daniel P. Brown
[office] (570-) 587-7080 Ext. 272
[mobile] (570-) 766-8107


___
Sent by ePrompter, the premier email notification software.
Free download at http://www.ePrompter.com.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Audio CAPTCHA review request

[tg-php]

It played the same sequence for me when I re-clicked the Play button.. until I 
went away for a min or two and my session probably timed out.  Did it not play 
the same sequence for you?

-TG

= = = Original message = = =

Just a really quick check right now is all I have time for, but it  
looks good. The one thing you could do (And this is personal  
preference) Mark on it that they can replay the code if they didn't  
hear it the first time. I am in a loud environment at times and can't  
always hear things the first time.

But like i said, personal preference :)



On Mar 29, 2007, at 12:41 PM, tedd wrote:

> Hi gang:
>
> If you people would be so kind as to review this:
>
> http://sperling.com/examples/captcha/
>
> and tell me what you think (ease of use, if it works, security,  
> etc.), I would appreciate it.
>
> The point is to be able to get to the "Congratulations" page by  
> hearing and entering the key. If you can get there some other way  
> or defeat the process, I sure would like to know about it.
>
> I've tested this with a couple of dozen blind users and they find  
> no problems with it. Now, I'll like to test it for the sighted.
>
> It's mixture of a several languages, but there is php in it, so I  
> guess it's on topic.
>
> Cheers,
>
> tedd
>
> -- 
> ---
> http://sperling.com  http://ancientstones.com  http://earthstones.com
>
> -- 
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>

-- 

Jason Pruim
[EMAIL PROTECTED]
Production & Technology Manager
MQC Specialist (2005 certified)
3251 132nd Ave
Holland MI 49424
616.399.2355
www.raoset.com


"We hold these truths to be self-evident. That all men are created  
equal, that they are endowed by their creator with certain  
unalienable rights, (and) that among these are Life, Liberty, and the  
pursuit of Happiness."


___
Sent by ePrompter, the premier email notification software.
Free download at http://www.ePrompter.com.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Audio CAPTCHA review request

[tg-php]

Not bad. Seems to work nicely.  No "OMGWTF!" obvious slips like naming the MP3 
with the digits the user needs to enter.

Worked fine in Firefox 1.5 too. Sometimes when audio is embedded in a page, it 
tries to load Windows Media Player or something which doesn't always work well 
in Firefox without some tweaking.  But your implementation worked fine without 
any weirdness.

Now.. on to the criticism.  Keeping in mind, you're welcome to use whatever you 
want to use and exercises like this are always good for the practice and 
experience if anything else.  Also, some of this is my opinion which you're 
welcome to ignore.

1. My biggest fear when relying on an audio CAPTCHA system is if the users 
doesn't have sound.  No speakers, or can't play stuff at the office or 
something like that.  I keep my system muted at work unless I'm playing music 
because some websites have dumb little flash things that make sounds and I 
don't feel like explaining what I'm surfing to my coworkers constantly.  And 
just out of a general courtesy to them not to create undue distractions in the 
office.

2. What you've created is a relatively simplistic audio captcha that HAS to be 
really succeptible to speech recognition.  Spammers have gotten used to visual 
CAPTHCA so maybe they're not going to focus too much on detecting and breaking 
audio CAPTCHA, but that still comes down to "security through obscurity" which 
isn't a good practice.

Here's some open source Linux-based speech recognition software that could be 
used to turn your audio into the proper digits:

http://freespeech.sourceforge.net/
http://cmusphinx.sourceforge.net/html/cmusphinx.php

Once they had the software set up. Then they just have to fake the "Speak Key" 
submit and grab the "tmp/access.mp3?##" out of phone.php (submitting 
proper cookie/session data) and that's it.

In the couple minutes I took to search for some examples, I found some 
interesting links:

PWNtcha - http://sam.zoy.org/pwntcha/ - CAPTCHA defeating project.  Focused on 
image captcha, but they give examples of different systems and which ones are 
hard and which ones are easy to break. WARNING: One of the images used is NSFW, 
but it's kind of subtle. I didn't notice it at first.  So make sure nobody's 
looking over your shoulder first lookover.  It's more than 1/2way down the page 
and I think the rest of the data on the page is worth the risk.

W3C's recommendations for alternatives to visual CAPTCHA/turing tests:
http://www.w3.org/TR/turingtest/

And because you can't do anything on the internet without bumping into adult 
material. Don't worry, this is safe... no pics or bad words, just an article 
about using porn sites to break visual CAPTCHA.  The spambots would take your 
visual CAPTCHA images and post it to their site which offers users free porn if 
they pass the CAPTCHA. And there's no lack of people wanting free porn so 
sounds like it was fairly effective:
http://www.boingboing.net/2004/01/27/solving_and_creating.html

It's definitely an interesting field.   I think using the common sense 
techniques you (tedd) have used combined with a better CAPTCHA method, you 
could actually create something fairly user friendly and secure.

My vote is still for asking a person to identify images.  A bot is going to 
have a hard time identifying a pig that's photo'd from an odd angle and maybe 
colored blue instead of a standard pig-color.

Oh wait.. someone's working on breaking that kind of CAPTCHA too.  Again using 
regular humans.  Apparently The ESP Game is based on the concept of breaking 
this kind of CAPTCHA.  Post the images and have people fill in key words that 
help classify the image.   So that blue pig might end up in a database labeled 
as "blue" and "pig" and "farm" or something anyway.

http://www.espgame.org/

There's no winning. hah

-TG

= = = Original message = = =

Hi gang:

If you people would be so kind as to review this:

http://sperling.com/examples/captcha/

and tell me what you think (ease of use, if it works, security, 
etc.), I would appreciate it.

The point is to be able to get to the "Congratulations" page by 
hearing and entering the key. If you can get there some other way or 
defeat the process, I sure would like to know about it.

I've tested this with a couple of dozen blind users and they find no 
problems with it. Now, I'll like to test it for the sighted.

It's mixture of a several languages, but there is php in it, so I 
guess it's on topic.

Cheers,

tedd

-- 
---
http://sperling.com  http://ancientstones.com  http://earthstones.com

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php



___
Sent by ePrompter, the premier email notification software.
Free download at http://www.ePrompter.com.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Alternative/Addition to using a CAPTCHA

[tg-php]

I agree with Tijnema on the fact that visual positioning doesn't really matter 
to the bots.  They don't really "see" the page the way we see it.  Most tricks 
you're going to try using HTML and JS are going to be readable by a bot.

You could take your example and replace the alert() with a window.location 
(think that's the JS command for redirecting to another page), but a bot could 
just look for an onclick or form submit stuff.

Since there's always some kind of variation in CAPTCHA systems (layout of the 
HTML, form names, etc), I'm guessing that most spam bots are pre-programmed to 
handle specific well known CAPTCHA systems, that there's not much intelligence 
built into them.  So really, all this isn't so much about "can a bot figure it 
out" is "can a human figure it out enough to program a bot to handle it easily".

I'm guessing the majority of the spam bots out there work like this:

1. Crawl the internet, maybe using search engines to identify potential targets 
(ie. Searching for forums running phpBB or something)

2. Create an account on the system (or if accounts aren't required, head 
straight to where you post public messages) and use pre-programmed methods for 
performing the proper CAPTCHA response.


If a bot programmer really wants to get into your site, they may create a new 
bot (or modify an old one) to work against your site.  If it's better to handle 
the multi-thousand sites running a standard install of a known exploitable 
CAPTCHA system rather than a single site running a non-standard one, then my 
guess is they'll go for the most and easiest to exploit.

That doesn't let us, as programmers, off the hook for running a single site 
using a non-standard CAPTCHA system.  We still have an obligation to try to 
make it as secure as possible (again, balancing ease of use as well, for our 
users).

-TG

= = = Original message = = =

On 3/30/07, John Comerford <[EMAIL PROTECTED]> wrote:
> I was reading the current tread on CAPTCHA and possible cracks and I
> thought maybe I'd throw this out to the group to see what you think.
> Recently I saw a forum where in order to post you first had to click on
> a div that was placed at a random location on the page, it read
> something like, "Click here if you are human".  I was thinking that
> maybe you could put together a system that looks something like this:
>
> http://people.aapt.net.au/JComerford/ClickMe.htm
>
> I was thinking you could use it in a couple of ways:
>
> 1) As a replacement to a CAPTCHA image
> 2) When you click the image a CAPTCHA image is loaded into the 'Click
> Me' container
>
> The main problem is how to tell the server that the div has been
> clicked, in a way that can't be simulated.  I am not an expect with
> either JS or PHP, but maybe some of the bigger brains out there could
> throw in their 2 cents..
>
> JC

This looks maybe hard to crack, but actually it isn't very hard. All
the clicking does is calling a javascript function. You still could
submit the page without clicking the box.

Tijnema



___
Sent by ePrompter, the premier email notification software.
Free download at http://www.ePrompter.com.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: Alternative/Addition to using a CAPTCHA

[tg-php]

Maybe I'm missing something..  if the intent is to have 'hidden' fields that a 
user would end up submitting but a bot wouldn't.. that wouldn't work very well. 
 A bot could easily see the hidden fields and submit them along with whatever 
other data they were sending.

If the intention is to trick a bot into sending data a user wouldn't, then 
again.. doesn't work because a user is going to send the hidden fields as well.

It doesn't really matter if a user can 'see' or edit a form field, a bot can be 
programmed to send whatever data it finds in that form, hidden or not, because 
it's only hidden from humans from seeing and editing because that's how the web 
browsers interpret and render that HTML.  Bots don't render HTML, just read it 
as a text file and parse through it looking for form data and whatever else 
they're programmed to look for.

Now, if you did an onsubmit on your form that executed a function to modify the 
HTML pre-submit using JS's innerHTML command, you MIGHT be able to trick it a 
little.  But again, the bots are probably programmed not to be too smart.. but 
to emulate specific CAPTCHA systems.  So a smart bot programmer would notice 
this and find a way to figure out what form elements were included via 
innerHTML alteration.

-TG


= = = Original message = = =

I read something (I think on Slashdot) a while back about another method 
that could be used to avoid CAPTCHAs.

Basically on top of your standard form field, you place some input fields in 
a javascript hidden div around your page conveniently named things like 
"email", "address", or "phone." Because they're hidden, when the form 
submits they should exist as post variables but have a value untouched by 
the user.

Something simple like




Then 

A spam bot will generally send a value with every field they come across, 
especially ones that have really common form field names. They find these 
fields by parsing through your source for anything that looks like it's 
submitted. If you hid some "trick" fields around your page and then checked 
on submit whether or not they had a value, you could probably get a pretty 
decent turing test without the user suspecting anything.

My old thrown together blog from a few years back had an unchecked comment 
script that caught quite a bit of spam once I stopped caring about it. I've 
been considering putting that back together and using this method just to 
see if the spam is cut back at all.

Anyone have any experiences (good or bad) with this method?



___
Sent by ePrompter, the premier email notification software.
Free download at http://www.ePrompter.com.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Alternative/Addition to using a CAPTCHA

[tg-php]

hah.. I was going to let this discussion die a bit because a lot of it is 
fairly off-topic.  But here and there we've hit on some PHP specific topics.

I just had to say Kudos to tedd for providing a fairly interesting and possibly 
very functional CAPTCHA solution.  True, a simple blue dot could be extracted 
like text could be in the standard visual CAPTCHA systems, but if it was 
something a little more obscure and mixed in with other images, it might make 
it a bit harder.

The one example before was "show a picture of a pig and the user is asked what 
animal is shown".  But it's a step more complicated to say "WHERE is the pig on 
this image" or even "Find the pig THEN tell me where it is".

For those of you not following, what tedd's done with is blue dot is created a 
larger image that contains a blue dot somewhere.  You can click in a fairly 
wide area, but only clicking on the blue dot yields a success.

These coordinates are sent to the server because what he's done is created an 
image "Submit" button. When you click on an input type=image, it acts as a 
submit and sends the X, Y coords of the click relative to the image.

So there's nothing in the source code for a bot to read to determine what X, Y 
coords to send.  It's generated on the server and is wholly stored on the 
server.  Nothing is, or can be, checked on the client side.

The best someone could hope to do is get lucky and send coords that are inside 
whatever area of the image needed to be clicked on.  Think "Battleship" hah.  
But a larger image and smaller (and more obscure-to-visual-parsing) target make 
this highly unlikely.  And if you lock out their IP for a short time after a 
handful of failed attempts, then it makes it hardly worth even trying to brute 
force.

Very interesting tedd.  Hadn't thought of this one.  Thanks for the example!

-TG

= = = Original message = = =

At 3:37 PM +0200 3/30/07, Tijnema ! wrote:
>On 3/30/07, John Comerford <[EMAIL PROTECTED]> wrote:
>>I was reading the current tread on CAPTCHA and possible cracks and I
>>thought maybe I'd throw this out to the group to see what you think.
>>Recently I saw a forum where in order to post you first had to click on
>>a div that was placed at a random location on the page, it read
>>something like, "Click here if you are human".  I was thinking that
>>maybe you could put together a system that looks something like this:
>>
>>http://people.aapt.net.au/JComerford/ClickMe.htm
>>
>>I was thinking you could use it in a couple of ways:
>>
>>1) As a replacement to a CAPTCHA image
>>2) When you click the image a CAPTCHA image is loaded into the 'Click
>>Me' container
>>
>>The main problem is how to tell the server that the div has been
>>clicked, in a way that can't be simulated.  I am not an expect with
>>either JS or PHP, but maybe some of the bigger brains out there could
>>throw in their 2 cents..
>>
>>JC
>
>This looks maybe hard to crack, but actually it isn't very hard. All
>the clicking does is calling a javascript function. You still could
>submit the page without clicking the box.
>
>Tijnema

Tijnema & John:

The above link I've already done a long time ago. But check out my 
dot CAPTCHA here:

http://sperling.com/examples/p-captcha

This does not use javascript, but does use sessions.

As you can see, the blue dot can be placed anywhere on the entrance 
page. Granted this presents problem for the visually impaired, so I'm 
not recommending it. But, it's just a proof of concept at this point. 
Plus, I have not checked this on all browsers. I suspect that some 
browsers may have problems with alpha channel images -- so your 
mileage may differ.

In any event, I think this may be a bit more difficult to crack than 
something that replies upon javascript -- what do you think?

Cheers,

tedd




___
Sent by ePrompter, the premier email notification software.
Free download at http://www.ePrompter.com.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: Alternative/Addition to using a CAPTCHA

[tg-php]

Ah ok.. that makes a bit more sense.  Even still.. anyone who's going out of 
their way to program a bot to defeat your specific CAPTCHA mechanism will 
probably notice the failure in testing.

Unless you made a failure behave similar to a success but put them in a 
situation where ultimately they still can't post messages or access anything 
useful.

I remember reading about either 3D Studio or Maya (one of the 3D modeling 
programs) and their copy protection method.  They, at one point, made I guess 
an obvious segment of code for the software pirates to 'crack' that appeared to 
have totally deprotected the program.   It turns out that it only sort of 
de-protected it.   They put in multiple mechanisms that were more subtle.  The 
one I'm thinking of apparently made it so that after 250 right mouse clicks, it 
would render everything in lower and lower qualities of rendering.  Or not 
render at all.  OR menus stopped working or something.   But it was something 
that wasn't obvious at all until people really started using the pirated copy 
for a while.

Tricky bastards.  I love it. hah

-TG

= = = Original message = = =

The point was to have the hidden fields that the bot would populate and the 
user wouldn't. So for instance, let's use my example from before.

(hideSpamCatcher is a reference to a javascript function that hides the 
spamcatcher div.









Name: 
Password: 



Now, the user comes along and doesn't see the field name. They fill in their 
username and password and hit submit. The information passed looks like:

$_POST['name'] = 'steve';
$_POST['password'] = 'mypassword';
$_POST['lastname'] = '';

All of the fields are submitted and only username and password actually have 
values.

Now the bot comes through, sees the form and submits it by parsing through 
the code, finding every single field that is an input field and submitting 
that. They see a field named "lastname" and it thinks it's important enough 
to populate. Its logics says "I need to provide a last name for this form to 
submit properly." So it goes and submits every field on the page. The post 
data looks like:

$_POST['name'] = 'john';
$_POST['password'] = 'mybotpassword';
$_POST['lastname'] = 'doe';

It fills in every field. In essence, it was tricked into doing so because 
the field had a provacative name and the bot didn't know any better.

So how does this help?

You can do a check to make saure that $_POST['lastname'] is still blank 
before processing any data. It may not work all the time, it won't trick the 
more intelligent bots, and it will be easy to code a way to get around 
that - but basically it will stop your general run-of-the-mill spam bots 
from traversing through your site, and randomly submitting advertisements to 
your comment forms, and what not.


<[EMAIL PROTECTED]> wrote in message 
news:[EMAIL PROTECTED]
> Maybe I'm missing something..  if the intent is to have 'hidden' fields 
> that a user would end up submitting but a bot wouldn't.. that wouldn't 
> work very well.  A bot could easily see the hidden fields and submit them 
> along with whatever other data they were sending.
>
> If the intention is to trick a bot into sending data a user wouldn't, then 
> again.. doesn't work because a user is going to send the hidden fields as 
> well.
>
> It doesn't really matter if a user can 'see' or edit a form field, a bot 
> can be programmed to send whatever data it finds in that form, hidden or 
> not, because it's only hidden from humans from seeing and editing because 
> that's how the web browsers interpret and render that HTML.  Bots don't 
> render HTML, just read it as a text file and parse through it looking for 
> form data and whatever else they're programmed to look for.
>
> Now, if you did an onsubmit on your form that executed a function to 
> modify the HTML pre-submit using JS's innerHTML command, you MIGHT be able 
> to trick it a little.  But again, the bots are probably programmed not to 
> be too smart.. but to emulate specific CAPTCHA systems.  So a smart bot 
> programmer would notice this and find a way to figure out what form 
> elements were included via innerHTML alteration.
>
> -TG
>
>
> = = = Original message = = =
>
> I read something (I think on Slashdot) a while back about another method
> that could be used to avoid CAPTCHAs.
>
> Basically on top of your standard form field, you place some input fields 
> in
> a javascript hidden div around your page conveniently named things like
> "email", "address", or "phone." Because they're hidden, when the form
> submits they should exist as post variables but have a value untouched by
> the user.
>
> Something simple like
> 
> 
> 
>
> Then 
>
> A spam bot will generally send a value with every field they come across,
> especially ones that have really common form field names. They find these
> fields by parsing through your source for anything that looks like it's
> submitted. If you hid some "trick" fields around your page and the

Re: [PHP] mixture of GET and POST

[tg-php]

As mentioned, this isn't a PHP issue really, except a little bit on the 
receiving end.

Why not use multiple 'submit' buttons instead of using HREF links?





In PHP, you'd just check the value of $_POST['action']

You can also do it with image submit buttons, just have to change the name of 
each one:





In PHP, you'd check for the existance of $_POST['action_add.x'] or 
$_POST['action_add.y'] or the corresponding X and Y for edit and remove.   It 
sends the coordinates of where on the image the user clicked but works just 
like a submit button, so you'll get your radio data too.


If you're dead set on using HREF links, then you're going to have to use some 
Javascript to probably set some values (possibly in a hidden form element) and 
submit the form.

-TG

= = = Original message = = =

I have 3 'action' buttons and I am trying to send the $id from the radio 
button and the action to the same page so I can either, Add Edit or Remove 
the property from the database.

Any ideas how I can get this to work? I can either POST the id's or GET the 
action but I can't seem to return both to the browser.

Ta,


R.

--





Add Property

Remove Property

Edit Property













 







~500

Live










-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php



___
Sent by ePrompter, the premier email notification software.
Free download at http://www.ePrompter.com.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Idea/Suggestion for PHP App

[tg-php]

I think you're probably doing what almost all of us have done.  Get an idea, 
see PHP as a potential solution and decided to just dive right in.  I don't 
think many people start out in a classroom style "Hello World" situation and 
build slowly onto that.

I'm sure other people have better starter sites to point you to than I do, so 
I'll leave that to someon else.  Just know that php.net and the examples in the 
online manual are your friend.  Same with MySQL, but databases are a little 
trickier than PHP concept-wise (I believe at least).

First thing.. dive right in.  You're going to do some really goofy stuff in the 
beginning and you're going to learn how to do things better the longer you work 
with it all.

Second.. if you get the inclination to write a function to perform some task in 
PHP, dredge through the online manual for a bit.  I can't tell you how many 
times I did something "the hard way" only to find that PHP already had a 
function to do what I was trying to do.

Third.. when designing your site and database, try to keep things modular.  Try 
not to create the same set of data or same page functionality over and over 
again so it'll have to be updated in 10 different places if you decide to 
change it.

Example(s):

Menus that appear on many (all?) pages can be put into a file and either 
include() or require() (also see the "once" versions of those) as appropriate.

In your database, say you had a human resources table that had employee data.  
You'd want a column for each piece of data that all employees are going to 
have.  If there are data items that are only going to pertain to one or two 
employees, or maybe there's an unknown quantity of extra items, then you might 
consider putting that information in another table and linking it to your user 
table using the unique ID from the user table.

The company I work for deals with mortgage data and part of that is credit 
information.  On credit reports, you have a list of liabilities that are 
factored in.  Maybe you only have one, maybe you have 20.  In our current 
database, there's a table with stuff like "Liability1", "Liability2", 
"Liability3"..etc..  as columns.  This is amazingly poor database design.  It 
limits the number of liabilities we can store and also bloats our database with 
extra information for people who only have a couple liabilities listed.  It 
would have been better designed if Liabilities were in their own table as rows, 
not separate columns in the main loan information table.

Once you get waist deep in the project, make a few silly mistakes and learn how 
to structure your code and data, you'll get it all working the way you want.  
Just don't be afraid to dive in and make a mess..hah.  Planning is great if you 
know what you're doing, but when you're still learning then expect to do some 
silly stuff for a bit.

And, as always, feel free to ask questions on the list here..  after consulting 
the manual and Google/Yahoo/MarthaStewart of course :)

Welcome and good luck!

-TG

= = = Original message = = =

Hey... I am new to the list so please forgive me if I say anything that might 
have already been discussed.  So here we go...

OK I am attempting to start a new application using PHP.  I have started and 
stoped this application now 2 times cause I get moving then I stop realizing I 
should have done this work before hand and in a differant way.  I was wondering 
does anyone have any places I can read on how develope a PHP Web application 
like what area should I start with first, what are somethings I need to think 
about before hand.  The application I am working on is Database driven app.  It 
will have data inserted into the DB from various data sources that are manually 
entered.

However I need to develope the app as dynamic as possible for future add-ons... 
I know I am probably biting off more then I can chew at this time... So any 
pointers or exampled (which would be great) on how to start an app from scratch 
and also how to use OOP (Which I have a feeling is what I need to learn) would 
be wonderful.  Thank you all for any help you can provide.

Thanks,

Billy S.

-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


___
Sent by ePrompter, the premier email notification software.
Free download at http://www.ePrompter.com.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] "Sense" last record

[tg-php]

Sorry, I only saw the one response to this question so not sure if what I'm 
going to propose was already mentioned and wouldn't work.

Two things come to mind..  first, it looks like "blocoTextoLast" just has 
different margin settings, I assume because it's located on the right side of 
the page content.  Would you care if, for example, you only had two news items 
and the second one (being the last) had margins set to what the first or second 
news items would have and not the "last" item?  That is, does news item #1 or 
#2 need the special formatting that #3 does?

Second, why not just get a count of the number of news items returned by the 
SQL query.  If it's only one, then apply blockoTextoLast to item #1.  If it's 
two, apply it to #2.  If it's three or more, apply it to the third new item?

I guess one more thing could be done.   Create three  containers, like 
you're doing now.  Use "blockoTexto" for the first two, and "blockoTextoLast" 
to the third.  It doesn't really matter if they have any content, the class 
stays the same.  Then you don't have to worry if you have 1, 2 or 3 news items.

-TG



= = = Original message = = =
- Original Message - 
From: "M~rio Gamito" <[EMAIL PROTECTED]>
To: 
Sent: Monday, April 09, 2007 3:31 PM
Subject: [PHP] "Sense" last record


> Hi,
>
> I'm doing this site that has three news in the homepage.
> You can see the static version here:
> http://www.telbit.pt
> As you can see, the two first news have "blocoTexto" class and the third, 
> "blocoTextoLast"
>
> Now, i'm developing a dinamyc structure where the news are stored in a 
> MySQL database and retrieved from there.
>
> My problem is with the third news and it's different class.
> I'm using AdoDB recordSet to get the news from the database.
> You can see it here:
> http://www.telbit.pt/2/
>
> How can i "sense" that i've reached the last row and apply the 
> "blocoTextoLast" class to it ?
>
> My code follows my signature.
>
> Any help would be appreciated.
>
> Warm Regards
> -- 
> :wq! M~rio Gamito
> --
> 
> include('config.php');
>   include('adodb/adodb.inc.php');
>
>   // connect to MySQL
>   $conn->debug=1;
>   $conn = &ADONewConnection('mysql');
>
> $conn->PConnect($host,$user,$password,$database);
>
>   // get news data
>   $recordSet = &$conn->Execute("SELECT date, now, title, lead, body FROM 
> news ORDER BY date DESC LIMIT 3");
>
>  if (!$recordSet)
>   print $conn->ErrorMsg();
>  else
>   while (!$recordSet->EOF) 
>print '' . ' ' . $recordSet->fields[2] . 
> '' . '' . $recordSet->fields[0] . '' .
> '' . $recordSet->fields[3] . '' . '';
>
>  $recordSet->MoveNext();
> 
>  echo "";
>  $recordSet->Close();
>  $conn->Close();
> ?>   
>
> -- 
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
>
> -- 
> No virus found in this incoming message.
> Checked by AVG Free Edition.
> Version: 7.5.446 / Virus Database: 269.0.0/752 - Release Date: 08/04/2007 
> 20:34
>
> 

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


___
Sent by ePrompter, the premier email notification software.
Free download at http://www.ePrompter.com.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Array remove function?

[tg-php]

Unset works, but if he's trying to do a search and remove in one function, 
unset is a step removed from that criteria (missing the 'search' part).

Looking at the array functions, I see some potential.

# array_remove(array(1=>2,2=>3),2,true); // array (2=>3)
// Keep all but where values = 2
$new_array = array_diff(array(1=>2, 2=>3, 3=>4), array(2));
print_r($new_array);

# array_remove(array(1=>2,2=>3),2,false); // array (1=>2)
// Keeps only where values = 2
$new_array = array_intersect(array(1=>2, 2=>3, 3=>4), array(2));
print_r($new_array);


So keeping the same syntax you had:

function array_remove($array, $remove, $remove_value = true) {

  $remove = array($remove);

  if ($remove_value) {
return array_diff($array, $remove);
  } else {
return array_intersect($array, $remove);
  }

}

Not a single function but a simpler version of your function.

-TG

= = = Original message = = =

http://php.net/unset


On Tue, April 10, 2007 2:49 pm, Tijnema ! wrote:
> Hi,
>
> Is there currently a function that removes a key/value from an array?
> I use this code right now:
> function array_remove($array,$remove,$remove_value = true)
> 
> ~foreach($array as $key => $value) 
> ~~if($remove_value && $value != $remove) 
> ~~~$new_array[$key] = $value;
> ~~ elseif (!$remove_value && $key != $remove) 
> ~~~$new_array[$key] = $value;
> ~~
> ~
> ~return $new_array;
> 
>
> array_remove(array(1=>2,2=>3),2,true); // array (2=>3)
> array_remove(array(1=>2,2=>3),2,false); // array (1=>2)
>
> Anyone knows if there already exists such function?
>
> Else should i create future request?
>
> Tijnema
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>


-- 
Some people have a "gift" link here.
Know what I want?
I want you to buy a CD from some indie artist.
http://cdbaby.com/browse/from/lynch
Yeah, I get a buck. So?

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php



___
Sent by ePrompter, the premier email notification software.
Free download at http://www.ePrompter.com.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Novice PHP Question - Listing Folder Contents

[tg-php]

In addition to the suggestions made, check out opendir() too.  It may be a 
little simpler for what you're doing.  Not sure.

Remember, the beauty of PHP is that there's almost always a fuction or two 
already made that do what you want.  Even some semi-obscure stuff.  So always 
scan through the function list before assuming you gotta do things the hard way.

http://us.php.net/opendir

-TG

= = = Original message = = =

I apologize in advance, however I know almost nothing about PHP - ( but I am
trying to learn now)...

 I am wondering if it is possible to create a PHP page that can:

1 - Get the contents of everything in its own folder at the same level (
just list sub folders filenames - not their contents)

2 - List/ display the contents on the same Web-page

Q:  I'm sure this is most likely doable - but I sure could use some help -
any ideas how to do this?


Example list:


file1.php
file2.php
file22.txt
file1.pdf


- that sort of thing


--
Thanks - RevDave
[EMAIL PROTECTED]
[db-lists]

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


___
Sent by ePrompter, the premier email notification software.
Free download at http://www.ePrompter.com.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] OT Apologies.. Re: [PHP] Firefox and Crafting Tables

[tg-php]

Just glad this wasn't my grociey list or something worse. hah..  sent to the 
wrong address, my apologies.

But for anyone looking for some good tradeskill craft recipe lists for World of 
Warcraft or for ways to help their Firefox be a little nicer on memory usage, 
there ya go.

*shame*

-TG

= = = Original message = = =

http://wow.crafterstome.com/recipes/enchanting.html

http://wow.crafterstome.com/special/burning-crusade-faction-recipes.html


Firefox: 

Firefox changes to help memory allocation (all these take place in 
"about:config".. enter that on your address bar):

right-click and create a boolean entry called "config.trim_on_minimize" and set 
it to TRUE, this frees memory when you minimize Firefox

right-click and create integer entry called "browser.cache.memory.capacity" and 
set it to the number of bytes to use. (8000 for 8 megs I believe) otherwise 
Firefox will dynamically use a certain percentive of memory.

browser.sessionhistory.max_total_viewers is the number of pages forward/back to 
cache for each tab. -1 means it changes depending on the amount of memory you 
have (1gig = 6 pages), 0 means non, positive numbers are the static # of pages

Also, if you don't need IE Tab and TabMix, remove them.  I kept TabMix but can 
live without IE Tab.

___
Sent by ePrompter, the premier email notification software.
Free download at http://www.ePrompter.com.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


___
Sent by ePrompter, the premier email notification software.
Free download at http://www.ePrompter.com.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] mysql if empty

[tg-php]

Turn on MAGIC QUOTES and REGISTER GLOBALS

Once you've done that, install Postgres.  Run your MySQL command again, 
Postgres has much better error reporting and will assist in debugging the 
situation.

You might consider replacing your javascript functions with PHP ones since JS 
can sometimes interfere with MySQL result sets and PHP provide superior client 
side scripting anyway.  

Re: [PHP] mysql if empty

[tg-php]

Top-posting is sublime.  Embrace it.  Why scroll through 10 pages of emails 
you've already read when you can get to the meat of it all in the first few 
lines of an email?  :)

Plus trying to quickly separate all the previous replies from the latest one 
when some emailers indent, indent with leading character (ie. "> "), use 
horizontal dividers, etc.  No standardization there.  Top posting lets you read 
until you find the first divider, not the last.. hah

The problem is the lack of agreement on this perfectly logical assessment.  
Mixing top and bottom posting gets ugly, I agree on that.  But since I don't 
need to re-read what's already been said in a conversation that's fresh in my 
mind, I don't have to see all the mix of top/bottom and non-standardized reply 
dividers.

Top-posting is the only logical choice.


(why do I always have to rattle the hornet's nest?  god.. this used to be a 
nice list before I started messing it all up with OT subjects)

-TG


= = = Original message = = =

No.

Despite the fact that I replied to your message as it was the "last"
one, and that caused threaded mail readers to place my post directly
under yours as a "reply", my comment was not specifically directed at
your post.

I had deleted the "way wrong" posts by the time I realized I wanted to
say something about them...

Apologies that my email/reading/posting habits are only somewhat
conformant with threaded readers...

Damn!  And I just top-posted too! :-v

On Tue, April 10, 2007 7:53 pm, Jim Lucas wrote:
> Richard Lynch wrote:
>> I am amazed by the sheer number of just plain WRONG answers to this
>> one...
>>
>> Were they all from April 1 or something?...
>>
> so, are you saying that my answer was wrong, or just making a
> statement.
>
> If my answer was wrong, it was because it was too simple, which is
> what I was trying to get at, so
> as not to confuse the OP.
>
> Anyways, here is the expanded version hopefully to your liking.
>
>
> 
> // do that db connection thing...
> // select you database
>
> $sql = "SELECT
> ~~Client
> ~FROM
> ~~booked
> ~WHERE
> ~~Name = 'larry'
> ";
>
> if ( ( $result = mysql_query($sql) ) === false ) 
> ~# Your request failed.  Make up your own custom way of displaying the
> error.
>  else 
> ~if ( mysql_num_rows($results) > 0 ) 
> ~~while ( $row = mysql_fetch_assoc($result) ) 
> ~~~if ( isset($row['client']) && !empty($row['client']) ) 
> echo $row['client'] . '';
> ~~~
> ~~
> ~ else 
> ~~echo 'No results found!';
> ~
> 
> ?>
>
> Does this satisfy you?
>
>
>


-- 
Some people have a "gift" link here.
Know what I want?
I want you to buy a CD from some indie artist.
http://cdbaby.com/browse/from/lynch
Yeah, I get a buck. So?

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


___
Sent by ePrompter, the premier email notification software.
Free download at http://www.ePrompter.com.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] free allocated memory: HOW ?

[tg-php]

Couple of questions come to mind...

1. How big is this template that you're loading? Not sure why almost any HTML 
file would take up 300+ meg of memory when loaded into a variable.  Are you 
loading images and other content in as well or just the HTML file?

2. Replacing the placeholders with actual data increases memory that much?  
Damn.. maybe I'm just ignorant of how PHP maintains things in memory, but that 
seems kind of nuts too

3. Do you have to store each newsletter in memory at each loop or can you send 
them out then move to the next one without storing them in an array or whatever 
you're doing?

4. Please tell us these 'newsletters' don't contain information on "male 
enhancement products" or "govt seized puppies"..hah

-TG

= = = Original message = = =

I am using PHP version 5.1.2. on my dev machine. The same problem with
PHP 5.2.1 on webserver.

I am generating mails based on a HTML Template. After reading the 
template with fread() memory_get_usage() says ~386 MB in use...

Then the placeholders in the read template are replaced by customized
values within a loop. The size of the used memory grows permanently in
each loop by approx 30 MB (100 newsletters are generated per loop).

any ideas what i am doing wrong and where i [ab]use php? ^^


Jochem Maas schrieb:
> Arthur Erd~s wrote:
>> Hello all,
>>
>> is there a way to free memory allocated by variables in PHP?? This is a
>> very important issue concerning long running scripts...
> 
> this is a recurrent problem - not much can be done about it AFAIK ... I'd
> be very glad to be proved wrong.
> 
>> I have a script that generates > 5000 Newsletters and when the script
>> finishes it uses 1.8 GB (!!) of RAM. Although I am using unset() to
>> clean up variables (tried with $var = null too).
> 
> okay this does suggest your doing something else very wrong - I personally
> have code that regularly generates upto 20,000 individualised newsletters 
> without
> going anywhere near this ammount of memory - granted I've hit my memory limit
> a couple of times and had to jack it up to 128Megs (in practice the script 
> grab just over
> 64Megs when it's doing it's worst).
> 
> what version of php are you [ab]using?
> 
>> I've read sth about php not giving the allocated memory back to the OS
>> until a script finishes, is that right?? Is it possible to free the
>> memory "by hand"?
>>
>> Any suggestion is appreciated!
>>
>> thx in advance
>>

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


___
Sent by ePrompter, the premier email notification software.
Free download at http://www.ePrompter.com.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Download multiple sound files?

[tg-php]

Stut beat me to it...  downloading multiple files at once is probably best done 
with compressing them and just downloading the one file.

You could possibly rig a situation where the user downloaded one file, then a 
certain number of seconds later, the page redirects to the next file to 
download... but that would be slow and not terribly efficient.

Another option is to use a non-PHP solution.  List all the links to the files 
they want to download and use a download manager like Download Accelerator Plus 
(DAP), GetRight, umm.. some "*zilla" program I believe did it, or something 
like the "DownloadThemAll!" Firefox extension.

-TG

= = = Original message = = =

Hey all,

I have a need to allow a user to download multiple 
sound files (mp3s, typically) from a single link. 
I've been looking at various solutions via Google, 
but have not seen one yet to do this.

Can anyone point me in the right direction or give 
me a lead on how this can be done?

Thanks!
Skip

-- 
Skip Evans
Big Sky Penguin, LLC
61 W Broadway
Butte, Montana 59701
406-782-2240
http://bigskypenguin.com
=-=-=-=-=-=-=-=-=-=

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


___
Sent by ePrompter, the premier email notification software.
Free download at http://www.ePrompter.com.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Download multiple sound files?

[tg-php]

Does this mean we need to start lobbying against connectionless protocols like 
HTTP so we can better download multiple files? hah

And POP3 probably existed long before the old BBS', so it's not that things got 
LESS efficient, it's just that we didn't NEED to bundle bunches of emails 
together into a single file because of crappy dialup connections and crappy 
modems and the necessity of keeping transfers to quick bursts with some basic 
CRC checking to ensure file integrity. Now we're able to transfer things 
uncompressed fairly quickly and with some fairly decent assurance that it'll 
arrive un-borked.  I assume hardware takes care of most of the error checking 
these days.  Praise Cisco (among others).

At any rate, the programs I mentioned before will allow you to download 
multiple files off of a website or queue up multiple links for downloading en 
masse (assuming the links go directly to the files and not a download page of 
some kind... or a download link that uses sessions or tokens or something that 
expire).  So there are plenty of options for downloading multiple files via 
HTTP... just need a means to queue them.  So all is not lost.

Again, if you missed them:

Download Acclerator Plus:
http://www.speedbit.com/
http://www.download.com/3000-2071_4-10037157.html

GetRight:
http://www.getrite.com/

Go!Zilla:
http://www.gozilla.com/

Firefox Extension: DownloadThemAll:
http://www.downthemall.net/
https://addons.mozilla.org/en-US/firefox/addon/201

Firefox Extension: FlashGot (this looks like it does something similar):
https://addons.mozilla.org/en-US/firefox/addon/220


Some of these are commercial products and some were good years ago but who 
knows how they are now, might be full of spyware for all I know (this is my 
disclaimer against potential suckage.. I havn't used any of these except 
DownloadThemAll recently so can't really vouch for what they are now).


Anyway, stop lamenting the good old days.. there are solutions now to do what 
you want to do.   I wouldn't be suprised if there was an email message 
'bundler' so you didn't have to download emails one at a time via archaic POP3 
too..hah

Back to the OT and OP... doing this with PHP would take a little cleverness and 
probably isn't worth it.   But might be a fun challenge and is certainly 
possible with enough elbow grease put into it.

-TG
Sysop: Hangar 18 BBS (410), 1992-1994 (give or take)
http://www.bbsmates.com/viewbbs.aspx?id=80682




= = = Original message = = =

Jim Moseby wrote:

> I remember, way back when, transferring multiple files was simple.  The good
> ole days of ZModem.  Maybe todays technology will catch up eventually.  ;^)

I doubt it :) Things were so much more optimised back then! I remember 
packaging all my mail up into QWK bundles, downloading it all in one go 
for offline reading, then packaging my responses up in the same way. So 
much more efficient than POP3 it's untrue.

Ahh.. the good old BBS days.

Cheers,

Rich
-- 
Zend Certified Engineer
http://www.corephp.co.uk

"Never trust a computer you can't throw out of a window"

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


___
Sent by ePrompter, the premier email notification software.
Free download at http://www.ePrompter.com.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] CSS vs. Tables OT OT OT OT OT OT OT OT OT OT

[tg-php]

Mom!  Dad!  Please don't fight!




= = = Original message = = =

On Tue, 2007-04-17 at 22:04 -0500, Larry Garfield wrote:
> On Tuesday 17 April 2007 9:54 pm, Robert Cummings wrote:
> >
> > You say "Using tables for layout *is* a hack". Unfortunately for you
> > tables were intended for laying out tabular data. Thank you, thank you
> > very much.
> 
> Tabular data != 4 column page layout.
> 
> Tabular data = records and fields.  Come on, you've used SQL.  That's a 
> table.  
> Sidebars are not tables.

*hehe* I didn't see any reference to a 4 column layout (or 3 as is more
common). I thought you were generalizing ;)

The last I'll say on this is if the chisel has a chipped blade and you
can't buy another chisel, sometimes you need to make do with what's
available. CSS while very useful, very powerful, and something I do
advocate, has chips in it due to ambiguity not originally addressed by
the standards group, bugs in the browser implementations, and I daresay
active opposition to implementation of the standards by one very large
software vendor. It's time will come, but IMHO it's not a perfect
solution yet, and in some cases tables just get the job done quicker and
cleaner.

Obviously this is a religious type question, so the argument process is
likely to go around and around in circles. Some argue the use of CSS
hacks, some argue the use of traditional tables. Yet others propose
using the well supported CSS rules. Unfortunately the first two options
are by personal choice/preference, and the last isn't always on the
table.

Cheers,
Rob.
-- 
..
| InterJinn Application Framework - http://www.interjinn.com |
::
| An application and templating framework for PHP. Boasting  |
| a powerful, scalable system for accessing system services  |
| such as forms, properties, sessions, and caches. InterJinn |
| also provides an extremely flexible architecture for   |
| creating re-usable components quickly and easily.  |
`'

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


___
Sent by ePrompter, the premier email notification software.
Free download at http://www.ePrompter.com.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] PHP excel capability

[tg-php]

Or, even better and more useful:

http://pear.php.net/package/Spreadsheet_Excel_Writer

It's not perfect, but it does the basic job.

Also, if you output an HTML table and set the content type in your header to an 
Excel content type, it should ask the client PC to open the page in Excel 
(assuming they have it installed).  This works for a real quick and dirty 
export-to-excel type thing.   Then PHP isn't really creating an Excel file, but 
presenting the data in a format that Excel on the client PC can read.

Or you can use COM as Jay recommended, but that requires Excel to be installed 
on the PC that's running PHP and can get a little ugly.

-TG

= = = Original message = = =

[snip]
Can PHP be used to generate an excel file
[/snip]

http://www.php.net/com



___
Sent by ePrompter, the premier email notification software.
Free download at http://www.ePrompter.com.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] ENOUGH!! RE: AW: [PHP] Student Suspended Over PHP use.

[tg-php]

This thread, as relates to PHP, is pointless.  If people have issues with what 
someone else said, please take it up with them privately and/or notify the list 
admins if you think it was inappropriate enough to warrant administrative 
action.

The joke was cute but all in all, not that funny.  It didn't really require 
this much extra attention and the flaming definitely wasn't appropriate for the 
list.  There's no reason that "STFU" should ever be used on this mailing list.

Let's return to some civil discourse...  now..  can anyone tell me what a good 
PHP IDE would be?   hah..  sorry, had to break the seriousness a little.  
Everyone knows  rulez!!!

Before you post to the list, ask yourself two questions:  What do I hope to 
accomplish with this post and is this the appropriate way to go about it?

-TG

___
Sent by ePrompter, the premier email notification software.
Free download at http://www.ePrompter.com.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Uploading products in database using zip file?

[tg-php]

That should be true in general except I believe that WinZip 8(?) introduced a 
new compression scheme that unzip or infozip or whatever on un*x systems might 
not handle yet.  It's not backward compatible with older Zip algorithms so even 
if you're running and older copy of WinZip it won't decompress it.

Just make sure that if you're using WinZip it's a file that's going to be used 
on a un*x system or possibly on machines that don't have the latest WinZip, 
that you use the second best compression algorithm.

-TG

= = = Original message = = =

[EMAIL PROTECTED] wrote:
> One more thing" marketing person use Windows and he will probably use
> Winzip.
> Is this still ok, or it's better to use some other application?

Winzip is fine -- At least I've never hit a valid Winzip-ed file I
couldn't un-zip in Linux.

You'll need 'unzip' on the server to un-zip it.

"man unzip" should find it for you.

-- 
Like Music?
http://l-i-e.com/artists.htm


___
Sent by ePrompter, the premier email notification software.
Free download at http://www.ePrompter.com.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Windows COM programming.

[tg-php]

I might be able to provide a little insight, but all my code that I've done COM 
work with is at home so I can't send you any samples right this second.

I've used PHP and COM to interface with Excel, Outlook and MapPoint.  I'm not 
terribly familiar with using Objects with PHP, but have done a ton of VBA 
coding so I was able to figure most of it out.

If you happen to have Excel or Word or most any other MS Office product 
installed (which I'm sure you do, since you're doing COM stuff.. although not 
necessarily) then you have access to the VBA editor that most of them have.  
This can be very helpful in telling you what properties, methods and objects 
are available.

Microsoft sometimes has good (sometimes not so good) data models in their 
knowledge base that illustrate everything you can do via COM or VBA.  
MapPoint's data model is excellent.  I think Excel's was ok too (mostly I used 
Excel's VBA Help file though) but some are just super poorly documented on MS's 
site.

Do you have a specific program you're trying to interface with?  Any specific 
problems?

If you search Yahoo or Google for "php com excel" or "php com word", that might 
narrow it down a bit.

Just remember:

Properties are things you can read a value from and most of the time set as 
well (ie font color.. with no parameters it'll usually return the current 
color, setting a parameter changes the color)

Methods are actions, like to select a cell in Excel, calculate directions in 
MapPoint, etc.  Typically these don't take parameters(?) but I think they can 
sometimes.  I think that's what I never got the hang of before.. passing 
parameters to methods, but I think you can do it.

Objects are things that have properties or can use methods.  A MailItem in 
Outlook for example.  It has a read/unread flag (property), or an Excel 
Application object might have a Calculate method as well as a Saved (is it 
saved or not) property.

Collections are groups of objects. Usually you'd cycle through them like when 
you do a 'foreach' in PHP, although I don't think you can typically use 
'foreach' with PHP and COM, I think you need to get a Count of items (.Count 
property) then cycle using a for loop and using the 'for' value as your index 
number for the collection (eg item($i), or item(2), etc).

Drop me a line later to remind me, and maybe I can dig up some of my sample 
code for MapPoint and Outlook and such.  I know I posted some Outlook calendar 
code to either PHP General or PHP Windows recently.

Good luck Dave!

-TG

= = = Original message = = =

Hi,
Anyone got any good pointers to COM programming in PHP under windows?
Searching for com in google has been no help to me :-)
http://www.zend.com/tips/tips.php?id=262&single=1 and
http://www.php.net/manual/en/ref.com.php have been quite helpful, but
I'm sure there is much more to see.

Dave.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


___
Sent by ePrompter, the premier email notification software.
Free download at http://www.ePrompter.com.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] On Topic - Theoretical Concents of Anti-password trading/sharing solutions

[tg-php]

I agree with Mikey on the "live and let live" side of things.  This forum is 
about sharing technical knowlege and helping other users overcome technical 
challenges relating to PHP.

Yeah, a site that's "adult oriented" is most likely a pay site.  Doesn't mean 
they make money, but assuming they made boat loads of it, then yeah, they 
should look into paying for a solution instead of finding or conning someone 
into making a freebie solution.  Ultimately, if they're making the kind of 
money that would make us have no sympathy for them, then they're making the 
kind of money that $350 isn't going to matter one way or another.  It's not 
like "Muuahahahah.. we saved $350 by using free software, we're even richer 
now!"  it's more like "Well, that's 50% off this month's hosting fees.. big 
deal".

But all of that deals with moral and personal issues.  The meat of this 
discussion is "How do I make sure that someone isn't sharing their login with 
the world".

Here are some thoughts:

Many BitTorrent sites that monitor U/D ratios seem to use a fairly universal 
system that seems to involve logging into the site, your IP address is recorded 
in the database as belong to that account.  If you log in from a different 
computer (which users should be able to do to some degree), it'll record THAT 
IP address in the database too.  I don't know their criteria (probably fairly 
loose compared to what a pay site would want) but the issue here is more about 
how many CONCURRENT connections under that account are occurring.

So let's say the criteria would be "A user logs in and their IP address is 
recorded.  They can have as many IP addresses attached to that account as they 
want BUT they can't have XX number of IP addresses connect within YY minutes or 
we consider it a pattern of login sharing."

So if you have someone who gets an account and shares it with a single friend, 
it probably won't trip the alarms.  But really, is that such a big deal 
compared to someone posting their login info on a message board and 1000 people 
trying to use it at once?

A single person, or a person and a friend or two, aren't going to be logging in 
from 150 IP addresses within 5 minutes.  And that's really what you're trying 
to prevent.  The wholesale sharing of a login, not little petty sharing.  So it 
doesn't have to be a perfect system.  No need for retinal scans or anything.  
Just preventing large scale abuse.  Which seems pretty simple to me espcially 
in the case of "adult oriented" sites since their logins will either be used 
properly (or at least reasonably) or they'll be abused to hell.

Now if you take a site like Consumer Reports or the Encyclopedia Britanica, 
that's a little more difficult.   1000 people aren't going to be logging in 
rapid-fire if it's shared.  But you might get 5 or 6 a time if it's shared 
improperly.  So you just set the threshhold a little lower.   Maybe do 
something like block the person and make it say something like "This account is 
being used by too many sources at once.  If this happens too many times, the 
password will be reset and the new password will be emailed to the legitmate 
owner of the account.  If you received this message in error, please try back 
in 5 minutes.  If you continue to receive this message, please contact our 
technical support team at [EMAIL PROTECTED]"

That'll discourage people from sharing since they'll get locked out of their 
own account.  It provides incentive not to share without being too harsh about 
it and provides the legitmate owner a way to get in even if someone else stole 
and/or is abusing their account.   People who are abusing or using a stolen 
account probably won't have access to the original account holder's email 
account and if the owner is sharing with some friends, they can still share but 
have incentive not to share TOO much.

See?  None of this is impossible or even implausible and I don't see it as off 
topic at all.  It's a good discussion with legitmate purpose, even if it is for 
an 'adult oriented' site.


-TG

= = = Original message = = =

[snip everything irrelevant]

On a tehnical note, I don't really see how you can prevent this sharing of
logins.  This is something I was actually looking into for a site that had
nothing to do with pr0n (would love to know where that came from, it seems
so universal now).

If you read up on the general issues surrounding client identification
(http://phpsec.org) it is pretty much impossible to come up with a solution
of uniquely identifying a specific browser session that will work in all
instances.  And really, this is what you are trying to get at isn't it?
Uniquely identifying your clients.

The only non-technical solution I can offer you is that you change the
passwords for each person as they login.  This would make people much more
reluctant to shre their account as they would not be able to access their
own account as soon as someone else logs in with it.

Of course, people aren't 

Re: [PHP] line feed

[tg-php]

echo '' . chr(10);

chr(10) should be line feed and chr(13) is a carriage return (aka "\r").  
Unless I got those mixed up.  But yes, you can do that.

Or you could even cheat and do:

echo '' . "\n";

-TG

= = = Original message = = =

Double quotes:
echo "\n";

single quotes:
echo '';


cheers

Bruno Santos


___
Sent by ePrompter, the premier email notification software.
Free download at http://www.ePrompter.com.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Database engine in PHP

[tg-php]

Did anyone recommend SQLite yet?  It comes with PHP5 but I believe you can get 
an extension for PHP4 to do it as well.  It's basically a super light-weight 
SQL based database system.  Loads all the tables into memory if I remember 
right, but great for exactly what you're talking about (if I understand SQLite 
and your requiremrents properly).

-TG

= = = Original message = = =

Hi,

I have already asked this question, but I think I wasn't clear enough of my
intentions (thanks for all your responses anyway)

I was wondering if there is any DBMS, like MySQL, which is (fully) 
implemented
in php. That is a database engine written in PHP.
I know this is not the most effecient way, but I'm not planning to use it
for heavy weight database-driven-application.

I just want a way to store simple data and I thought that SQL would be a
nice interface. Since it could be easelly ported to mysql (for which I have 
to pay my host).
Full SQL support is'n needed either. Just some basis queries.

Maybe it very ineffecient, but I think basic SQL will be fast enough (with 
not to many records (say 50)).
Who knows maybe I am crazy :-P

greetings 

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


___
Sent by ePrompter, the premier email notification software.
Free download at http://www.ePrompter.com.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] ezmlm "bounced email" warnings - [was RE: [PHP] suspicious - maybe spam]

[tg-php]

Yeah, same here.  I thought it was my hosting service, but if other people are 
having the same issue then what's the deal?   Usually it's only a message or 
two, but sometimes it says there are like 8 or 9 messages that bounced.   Has 
anyone looked into this or have any information regarding this?

I was wondering of other emails were bouncing trying to get to me and just 
hadn't taken the time to follow up with my hosting company about it.

-TG

= = = Original message = = =

Same here 


Christo van Rooyen 


-Original Message-
From: Chris W. Parker [mailto:[EMAIL PROTECTED] 
Sent: 08 March 2005 19:58
To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Cc: Kevin; PHP General Mail List
Subject: RE: [PHP] suspicious - maybe spam

Richard Lynch 
on Tuesday, March 08, 2005 9:54 AM said:

> Don't feel too bad.
> 
> Every few weeks, I get an automated email from ezmlm warning me that 
> php-general messages have bounced, and I might be removed from the 
> list if it keeps up.

Same here.


___
Sent by ePrompter, the premier email notification software.
Free download at http://www.ePrompter.com.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Avoiding SQL injections: htmlentities() ?

[tg-php]

Actually I was just about to look into this again myself since I'm working on a 
project that I'd like to protect from SQL injections.

htmlentities() is a start, but that's not going to protect you from someone 
using apostrophes (single quotes) and breaking your SQL in other ways.

While some of the things you need to guard against aren't really security 
issues, there's still a handful of things you want to do to your data before 
you put that data into a SQL string.

So if I could broaden the question and ask, in general, what people recommend 
for pre-processing data before it goes into a SQL statement.. for security and 
for things like making sure singlequotes and other special characters are 
escaped properly?


htmlentities()
addslashes() (if magic quotes isn't turned on right?)

What else?

-TG

= = = Original message = = =

Hi,
Just a quick question, I have been reading a lot about SQL injection doing a
s**tload of damage  to many sites, I myself use a pagentation class which
sends the page number from page to page in a $_GET['page'] request which
gets used in a LIMIT parameter.

>From what i have been reading, wrapping all my GET and POST requests in a
htmlentities() function should keep me saferight? or what else should
i/can i do?

eg:
$page=  htmlentities($_GET[page]);

Thanks,
Ryan



-- 
No virus found in this outgoing message.
Checked by AVG Anti-Virus.
Version: 7.0.308 / Virus Database: 266.8.3 - Release Date: 3/25/2005

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


___
Sent by ePrompter, the premier email notification software.
Free download at http://www.ePrompter.com.



-- 
No virus found in this outgoing message.
Checked by AVG Anti-Virus.
Version: 7.0.308 / Virus Database: 266.8.3 - Release Date: 3/25/2005

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Avoiding SQL injections: htmlentities() ?

[tg-php]

Thanks a ton, Chris & Chris!  Clear, concise and informative answers are always 
the best :)  I knew the basic theory but never looked into the specifics on 
what, exactly, could be harmful in cases like this.   In cases of security 
'common sense' isn't always helpful because it's the uncommon sense that'll 
bite you in the behind.

Thanks again!

-TG

= = = Original message = = =

Chris Ramsay wrote:
> This is excellent:
> 
> http://www.shiflett.org/

I'm glad you think so. :-)

There's a free article there on SQL injection:

http://shiflett.org/articles/security-corner-apr2004

I'm always refining the methods in which I explain things like SQL 
injection, so my replies on this thread might be as good or better than 
that article. The article also has user comments at the bottom, so you 
might find something useful there also.

Hope that helps.

Chris

-- 
Chris Shiflett
Brain Bulb, The PHP Consultancy
http://brainbulb.com/


___
Sent by ePrompter, the premier email notification software.
Free download at http://www.ePrompter.com.



-- 
No virus found in this outgoing message.
Checked by AVG Anti-Virus.
Version: 7.0.308 / Virus Database: 266.8.3 - Release Date: 3/25/2005

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] phpDocumentor usage (specifically changelog capability?)

[tg-php]

I didn't see a specific mailing list for phpDocumentor and wanted to get a 
general feel for people's experiances with it.  I see that Zend Studio 4 
supports it internally and I'd really like to get our group over to a 
standardized documentation scheme (and in the process, make use of what looks 
like a great auto-documentor).

Our documentation needs aren't extensive, so I think I got enough of a feel for 
phpDocumentor to do what we want to do, but one thing I don't see that would be 
really nice is the ability to do some kind of changelog type thing on at least 
pages if not individual functions and such.

Our current documentation is structured like this:

  /
  ** File Name:   FileName.php
  ** Description: Some Desc
  **
  ** Written By:  Trevor Gryffyn
  **
  ** Modification Log:
  ** --
  ** Created: Trevor Gryffyn - 11/06/2004
  ** Modified:Trevor Gryffyn - 11/07/2004 - Added new function
  /


Under phpDocutmentor, that might become something like:

/**
* Some short description
*
* Some longer description that spans
* a couple of lines   
*
* @author Trevor Gryffyn <[EMAIL PROTECTED]>
*
* @category Miscellaneous Functions
*
* @example SomeFunction($somevar)
*
* Modification Log:
* --
* Created: Trevor Gryffyn - 11/06/2004
* Modified:Trevor Gryffyn - 11/07/2004 - Added new function
*
*/


In this case, I'm not sure what phpDocumentor would do with the Modification 
Log or if there's a way to do something like this with phpDocumentor.

Any thoughts on how I can do this the 'right' way and possibly do some kind of 
changelog for pages and/or individual functions would be greatly appreciated.

Thanks in advance!

-TG

___
Sent by ePrompter, the premier email notification software.
Free download at http://www.ePrompter.com.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] Best Server OS

[tg-php]

I will!

Ok, not completely.

I'm an avid windows user, but not a blind Gates disciple.. please don't accuse 
me of that.

I will never say that a Windows server is the 'best' platform for doing PHP 
script serving because I don't believe that's the case.  It DOES work, but it's 
far from the 'best'.  If it was one of the 'best' then Zend would never have 
created Zend WinEnabler to "...bring PHP on Windows up to par with PHP on 
Linux..."  (http://www.zend.com/store/products/zend-win-enabler.php if you're 
curious)  And for $500, I'd say that Linux of any flavor is definitely a winner 
over Windows just for that reason.

BUT...  when it comes to picking an OS for your server, it's VERY important to 
ask yourself a few key things.

Probably the biggest in my book would be who is going to be maintaining this 
server and how easy would it be to find another person if you had to.  PHP 
hosted on BeOS might be the absolute best in performance, but if you're hard 
pressed to find another BeOS admin if your chosen admin dies, quits, gets 
fired, etc then it's not worth going that route.

This choice affects pretty much everything else.  Downtime, deployment time, 
security, etc.  If you have a bunch of Windows admins and you insist that they 
install Linux and put up an Apahce/PHP setup, there's probably going to be some 
learning time, potential problems, misconfigurations, frustrations, random 
downtimes when problems come up and solutions have to be researched from 
scratch, etc.

If you already have an established Windows server based network, don't be 
afraid to set up PHP.  It may not be the best, but you'll have fewer long-term 
problems I believe.

If you're starting from scratch all around.. either admin'ing it yourself or 
havn't hired the admin.. or your admin knows nothing about computers to start 
with and will be learning everything from step 1 anyway, then definitely go 
linux.  Red hat is very popular, as well as many of the BSDs.

As much as I like Windows AND Linux, all practicality says go with whatever you 
have established and keep your network simple.   Even if you have a Windows 
network and a Windows admin who's also proficient in Linux, think of what you'd 
have to do to replace that person someday.  You'd end up having to find another 
Windows+Linux admin or get a Linux admin and possibly a separate Windows person.

Personally I like dealing with MS SQL Server better than MySQL by a LONG shot, 
but PHP best ASP/ASP.Net handsdown.  So my last job where I worked with PHP 
under Windows Server 2003 interfacing (via ADODB) with SQL Server and Oracle 
was great.  I didn't have any problems with PHP running under Windows.  But it 
also wasn't a "mission critical" or high volume setup.  Results may vary.

-TG



= = = Original message = = =

I personally like OpenBSD - though many of the BSDs are similar at many
tasks and only have notable differences in a few areas (and it's those areas
you should look to find which works best for you).

I wonder who will get bored and stir up the ants nest and say Windows? ;)


___
Sent by ePrompter, the premier email notification software.
Free download at http://www.ePrompter.com.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] rawurldecode

[tg-php]

Could you use parse_url() and just take the [query] section of it, then maybe 
do an explode on "&" to get the different parts of it?

-TG

= = = Original message = = =

I am trying to use the rawurldecode() function to decode a variable that is 
begin passed from a different page through the url.  The PHP manual doesnt 
say much for this function, but it does have quite a bit on the urldecode() 
function which says using urldecode on a $_GET variable wont produce the 
desired results.  Is there another way to decode a url variable?  Or maybe a 
better way to get a variable from one page to another so I can use it.  The 
variable may contain all types of characters, but mainly a space(%20) is the 
biggest problem.

If anyone has some kind of workaround for this please let me know.

Thanks 

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


___
Sent by ePrompter, the premier email notification software.
Free download at http://www.ePrompter.com.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Any personal experience with MySQL/Calendar application

[tg-php]

Made one myself that I thought was pretty good at the time (one of my first PHP 
projects) but as I learned more about PHP, I see that I did things the hard 
way, so it's in bad need of updating.

If you wanted the source to play with as a starting point, I could probably 
through that together for ya.

A badly broken (the MySQL database isn't set up) copy is found here:
http://www.gryffyndevelopment.com/furry/calendar/

When there are events, it shows an icon on that day that you can click on 
that'll bring up a popup window with details for the event.

Again, it was one of my first PHP projects and is BADLY in need of updating, 
but it does basicly what you were looking for I think.

-TG


= = = Original message = = =

I am looking for an open source calendar program that uses MySQL to 
store the data and has an online Admin feature.  Rather than trying the 
many that are listed, I am hoping that someone may have some personal 
experience with a application of this type and make a recommendation.

Todd


___
Sent by ePrompter, the premier email notification software.
Free download at http://www.ePrompter.com.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] How to format every secound row in a database result

[tg-php]

I've used the mod (%) function to do this, which also gives you the flexibility 
of defining how many lines to alternate the colors or do whatever you need to 
do every "X" lines.

Another method (and forgive me if this was mentioned, I didn't see it yet) is 
to use a bitwise NOT to flip-flop a value.  I think I did something like this 
before:

$bgcolors[0] = "#FF";
$bgcolors[1] = "#00";

$a = 0;

echo '\n';
for ($i = 0; $i <= 100; $i++) {
  $a = ~$a
  echo 'Some text\n';
}
echo '\n';

Maybe it was 0 and -1 instead of 0 and 1.. I forget.  But you get the idea.  
The $a = ~$a flips the value of $a back and forth.  You only have two options 
but that maybe all you need.

And hey.. I've been known to do some goofy things so if there's some major 
drawback to this in processing time or if I'm just stupid in some way, that's 
cool.. feel free to speak up.  But it does present another way to do what was 
requested and the theory might help someone at least :)

-TG

= = = Original message = = =

On Mar 30, 2005, at 12:08 PM, Richard Davey wrote:

> Hello Leif,
>
> Wednesday, March 30, 2005, 6:54:15 PM, you wrote:
>
> LG> http://www.devtek.org/tutorials/alternate_row_colors.php
>
> There is no need to involve a math heavy modulus function just to
> alternate row colours! The following single line will do it just as
> well, swap the colours for whatever you need and echo them where
> required:
>
> $bgcolor = ($bgcolor === '#daf2ff' ? '#c9e1ef' : '#daf2ff');
>
> Best regards,
>
> Richard Davey


It does not involve heavy math to color every other line. I use this 
line when looping and determining if the background should be colored 
or not:



Obviously, the first part is the important part. Good luck!

~Philip


___
Sent by ePrompter, the premier email notification software.
Free download at http://www.ePrompter.com.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Post shorter code

[tg-php]

All of them. :)

-TG

= = = Original message = = =

> You're far more likely to get someone to look at your problem code if
> you can narrow it down to a block of code.  Hell, you didn't
> even state a problem!!!
>
> Sorry, but if you come back with a well defined problem then maybe
> someone can help you.

It also helps if you quote a bit from the original post so new people to the
thread
will know what you are talking about...
for example: I have no idea about which thread Jason(above) is talking about

:-)

Cheers,
Ryan

___
Sent by ePrompter, the premier email notification software.
Free download at http://www.ePrompter.com.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] PEAR Packages

[tg-php]

I was a little confused at first, but it's actually REALLY simple.  I was doing 
manual installations until I discovered that PEAR has made everything way too 
easy for us.

>From the PEAR manual:

##
To update your PEAR installation from go-pear.org, request http://go-pear.org/ 
in your browser and save the output to a local file go-pear.php. You can then 
run

php go-pear.php
##
(http://pear.php.net/manual/en/installation.getting.php)

(Go to that address, copy the text you get into a file called "go-pear.php" 
then run "php go-pear.php" from the command line)
##

Next page of the manual talks about how to install packages.  Says you need the 
latest PEAR package manager (I don't remember installing this.. maybe my PEAR 
came with it already) then from the command line you can do:

pear remote-list

This gives you a list of packages.

pear install 

This automatically downloads and installs the package you want.

Just keep in mind that you need to be specific about the name.  We were 
installing the Spreadsheet_Excel_Writer package.  You can't just say:

pear install Spreadsheet_Excel_Writer

You have to get the actual filename correct.

In this case, if you look at Excel Writer's page 
(http://pear.php.net/package/Spreadsheet_Excel_Writer) you'll see it has a 
version 0.8.  Hover over the 0.8 and you'll see the download filename is 
"Spreadsheet_Excel_Writer-0.8.tgz", so we used something like:

pear install Spreadsheet_Excel_Writer-0.8

(I don't think we needed to use the .tgz)

Anyway, been a while since I've messed with it, so I might not be 100% on the 
syntax, but hopefully this'll clarify the process a little more.  We had to 
stumble through it a little, but once we figured it out, it was WAY too easy.. 
hah..

Good luck!

-TG
  

= = = Original message = = =

Hi,
 
I have just started to explore PEAR.  I am using PHP 4.3.11 and so PEAR
automatically comes with PHP.  I would like to install PEAR's DB classes.
However, I cam right now browsing the PEAR web site and cannot find
information on how to install a package.  I have also downloaded and opened
the DB tgz file but there is no install document.
 
Can someone point me to the proper URL that explains how to install a PEAR
package?
 
Thanks,
Don


___
Sent by ePrompter, the premier email notification software.
Free download at http://www.ePrompter.com.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] PEAR Packages

[tg-php]

For us, the unix instructions worked 100% on Windows as well.  Guess since it's 
all PHP based it didn't make a difference.  Probably some minor internal tweaks 
and checks due to filesystem differences, but the PEAR guys did a great job in 
making it all very easy.

Now for us lazy Windows guys, someone needs to write a Winbinder based GUI PEAR 
package installer.  Hmm...   another project to add to my list of projects that 
I'll never finish. haha

-TG

= = = Original message = = =

El Jue 21 Abr 2005 11:36, Don escribi~:
> Hi,
>  
> I have just started to explore PEAR.  I am using PHP 4.3.11 and so PEAR
> automatically comes with PHP.  I would like to install PEAR's DB classes.
> However, I cam right now browsing the PEAR web site and cannot find
> information on how to install a package.  I have also downloaded and opened
> the DB tgz file but there is no install document.

Asumming your are in a UNIX environment, I would do:

# pear install DB

for more information:

# pear --help

It should be similar on Windows system?


___
Sent by ePrompter, the premier email notification software.
Free download at http://www.ePrompter.com.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: reverse MD5 ???

[tg-php]

Nope.. nothing that'll easily decrypt MD5 back to it's original value.  As the 
line below says and the rest of the thread explained, MD5 is a one-way 
function.  In ordre to take an MD5 hash and get back to the original value, 
you'd basically have to take every possible combination of letters/numbers/etc 
and create an MD5 hash out of them and compare that with the one you're trying 
to "Decrypt".   So you're not really decrypting, just methodically guessing and 
then automatically trying the next guess.

This is a VERY long and time consuming process and essentially isn't worth it.


The short answer?   No, there are no tools to decrypt MD5.  It's a hash (like a 
checksum) not an encrypted string.   You could write your own brute force 
program like above in about 2 minutes, but it wouldn't do you any practical 
good.


-TG

= = = Original message = = =

Interesting reading, even though most of it went over my head :-)
There ar'nt any tools freely available to the average joe to decypher a md5
hash though...right?

Cheers,
-Ryan

> Just a matter of time/cpu power.


___
Sent by ePrompter, the premier email notification software.
Free download at http://www.ePrompter.com.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] MSSqlServer table/field information

[tg-php]

http://www.sqlzoo.net/howto/source/z.dir/i12meta.xml

Check out the META DATA section of this page (link above).  I used it to create 
a database 'walker' app that lets you search for table names, column names, 
etc.  I was working on a HUGE database that wasn't documented well and nobody 
could give me good answers on how things joined..haha.  so this meta data was 
very helpful.

It's basically stored in a table in SQL Server, all the table/column 
information.  So it's super simple to get the information you want.

Check out this query:

SELECT * FROM sysobjects

good luck!

-TG

= = = Original message = = =

Is there a way to programatically get information about a 
specific table and/or field?  And also any constraints that 
a field has?

thnx,
Chris

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


___
Sent by ePrompter, the premier email notification software.
Free download at http://www.ePrompter.com.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Editing PDF

[tg-php]

Also keep in mind that any graphics in the PDF, even an uncompressed one, will 
show up encoded... Base64 or UTF or whatever PDFs use.

I also remember reading once that there's data at the end of the PDF that gives 
a pointer to where in the PDF certain data is.  That if you add/remove stuff 
from the PDF itself that you need to update those pointers.  I believe that 
only pertained to encoded and embedded graphics data, not text and whatnot.

We use PDFLib at work.  Basically you start with a blank form (all 
pre-constructed and layed out) and just overlay text and graphics with it.  
You're not really altering what's there as much as generating a new PDF with 
some additional stuff slapped over what was there in a layer or something.

Sorry to be so vague.. but wanted to pass on that info in case it helped avoid 
a pitfall somewhere.

Good luck!

-TG

= = = Original message = = =

Sam Smith wrote:
> I have an existing PDF file that I want to add text to or make changes to
> text with data from an HTML form via PHP.
> 
> The PDF looks like this:
> 20 0 obj<>stream
> 8;X-DgMYb:(An746bc%oU,Mo*S -$2%Ipq]A
> aoW>]"SN?epNo...
> 
> That is, not in plain text.
> 
> If I wanted to add text to the PDF, e.g., Mr. Jones, where the heck would it
> go and what would it look like?
> 
> Thanks
> 

it's a compressed pdf. make uncompressed pdf and you should see the raw text


___
Sent by ePrompter, the premier email notification software.
Free download at http://www.ePrompter.com.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] MySql injections....

[tg-php]

Don't forget your native database escaping function.  PHP has this one for 
MySQL, for example:

mysql_real_escape_string()

That should properly escape everything that could be used against MySQL to 
perform an injection.

There should be some equivalent commend in the various database connection 
routines and abstraction layers.   Takes some of the work out of trying to 
properly escape everything manually.

-TG

= = = Original message = = =

it depends

by having register_globals set to on (server config) it is usually easier to 
create 
sql-injection exploit, but it is not required. What is true is that well 
written script 
will defend/sustain such attacks regardles how server is configured 
(unless configuration is really f*cked up).

Prevention is simply trying to follow few simple rules:

1. SQL statemens that have no PHP variables are NOT vulnerable:
$sql = 'SELECT value FROM values WHERE key = 123';
$db->query($sql);
(nothing vulnerable here)



2. If you do not check what you are putting into SQL statements via 
~PHP variables - add slashes and put it in quotes:
($key = 123;) - you get this from some kind of form or URI

$key_as = addslashes($key); // you should check if slashes were already added 
by php (magic_quotes)
$sql = "SELECT value FROM values WHERE key = '$key'";
$db->query($sql);



3. If you do not put your variable into quotes - check it!
if (!preg_match('/^[0-9]+/', $key)) 
~echo "Hack attempt!"; exit;

$sql = "SELECT value FROM values WHERE key = $key";
$db->query($sql);

(if you will not check it anything can get into your sql statement)


4. All the above assumes you have already assessed potential remote file 
inclusion vulnerabilities.


Regards,
Bostjan



On Wednesday 11 May 2005 14:15, [EMAIL PROTECTED] wrote:
> I have a site and the other days i received a message from a guy that told
> me my site is vulnerable to mysql injections. I do not know how can i
> prevent this. The server is not configured or it's all about the script?
>
>
> - Original Message -
> From: "Bostjan Skufca @ domenca.com" <[EMAIL PROTECTED]>
> To: 
> Sent: Wednesday, May 11, 2005 1:50 PM
> Subject: Re: [PHP] MySql injections
>
> > Probably you mean about "prevening mysql injections" - or not? :)
> >
> > Bostjan
> >
> > On Wednesday 11 May 2005 11:38, [EMAIL PROTECTED] wrote:
> >> Hi,
> >> This is not the proper list to put this question but i hope you can help
> >> me. Does anyone know a good tutorial about mysql injections?
> >>
> >> Thanks a lot for your help
> >
> > --
> > PHP General Mailing List (http://www.php.net/)
> > To unsubscribe, visit: http://www.php.net/unsub.php

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


___
Sent by ePrompter, the premier email notification software.
Free download at http://www.ePrompter.com.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] str_replace on words?

[tg-php]

As mentioned in the "making words bold" thread, works aren't always separated 
by spaces.  Sometimes they end a sentence so are followed by a period or other 
punctuation.  Sometimes you have strings like "and/or" where they're separated 
by the forward slash, etc.

You really have to do some kind of regex expression to get this right when 
substituting whole words and not just "any substring".

A thought in the exact right direction, just need to follow through with the 
rest of the thought.

-TG

= = = Original message = = =

I think that's a bad example you read. It doesn't describe how to  
search on a "word" it describes how to search on a string, which is  
what you ended up doing.
For things like this I use arrays. Assuming your "words" are separated  
by spaces, you can get an array of all the words by doing:
$word_list = explode(' ', $text);

Then you can cycle through each element of the array (there are a  
number of ways to do this), testing if it equals your word and replace  
it if it does.
Then put it all back together with:
$text = implode(' ', $word_list);

On May 11, 2005, at 12:13 PM, Merlin wrote:

> Hi there,
>
> I am trying to strip some words from a sentence. I tried it with  
> str_replace like described here:
> http://www.totallyphp.co.uk/code/ 
> find_and_replace_words_in_a_text_string_using_str_replace.htm
>
> Unfortunatelly it does not work the way I want, because if I want to  
> replace the word "in" all passages containing the characters "in" are  
> replaced. For example Singapore.
>
> Does anybody know how to do this on just words?
>
> Thank you for any hint,
>
> Merlin
>
> -- 
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
-- 
Brent Baisley
Systems Architect
Landover Associates, Inc.
Search & Advisory Services for Advanced Technology Environments
p: 212.759.6400/800.759.0577

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


___
Sent by ePrompter, the premier email notification software.
Free download at http://www.ePrompter.com.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] marking words bold

[tg-php]

That's a good first step, but I think you're going to have to go with the regex 
for this one.   What happens if one of the words he wants to highlight is near 
punctuation?

> $t = str_replace(" $word ", " $word ", $text);

This wouldn't work if you had:

$text = "I'm going to the store.";
$word = "store";

Padding with spaces is good thinking.. just need to take it that extra step 
further.

-TG



= = = Original message = = =

Include a space in your str_replace statement.

For instance 

$t = str_replace(" $word ", " $word ", $text);

That should prevent the problem your having and ensure only individual words
are bolded. 


http://www.thelonecoder.com
[EMAIL PROTECTED]

562.924.4454 (office)
562.924.4075 (fax) 

continuing the struggle against bad code

*/ 
?>


> From: Merlin <[EMAIL PROTECTED]>
> Date: Wed, 11 May 2005 17:34:56 +0200
> To: 
> Subject: [PHP] marking words bold
> 
> Hi there,
> 
> I am trying to mark words inside a sentence bold. Problem is, if there is an
> overlap it does not work anymore.
> I am using this code:  $t = str_replace($word, "$word", $text);
> 
> For eample:
> Mark those words bold: adventure in singapore
> Text: My adventure flying to singapore
> 
> The problem lays in the word "in". The code I use does produce following:
> singapore
> which of course does not work properly.
> 
> Does anybody have a good sugestion on how to improve this?`
> 
> Thank you for any help,
> 
> merlin
> 
> -- 
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
> 

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


___
Sent by ePrompter, the premier email notification software.
Free download at http://www.ePrompter.com.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: SQL Date guru in the house?

[tg-php]

Sorry, don't have time to look up the specifics.. and I've worked with a number 
of different flavors of SQL, so not sure the syntax or capabilities of the 
system you're using, but maybe try something like this:

SELECT * FROM blah WHERE DATE(mm, dd, yyy) BETWEEN $date1 AND $date2

Basically convert the output of the columns to a date format and do the 
comparison that way.

Some DATE commands are in the format DATE(MM, DD, ), some have commands to 
convert a string to a date:  STR_TO_DATE(MM + "/" + DD + "/" + ), etc.

That way you get a serial datestamp to work with which should make finding 
things within that range a ton easier.

Good luck!

-TG


= = = Original message = = =

Hello,

on 05/11/2005 03:17 AM [EMAIL PROTECTED] said the following:
> I have a small problem.   
> 
> I have a project in which someone has got three integer fields for
> holding the date.   DD, MM,  in an sql database.I now have to
> have a page that inputs two dates and select records between those two
> dates. 
> 
> If I had a date field in the table it would be fairly simple, but I'm
> hoping to do this search/comparison without having to rewrite the
> pages/database that has already been designed.
> 
> 
> Start Date:~11/05/2005
> End Date:~11/04/2005
> SELECT * FROM blah WHERE mm BETWEEN 04 AND 05 AND dd BETWEEN 11 AND 11
> AND  BETWEEN 2005 AND 2005
> 
> Doesn't work for obvious reasons.  Is there any way that I can do
> this date comparison I the SQL statement without having a decent date
> field?
> My apologies as this is australian date format and this list is in the
> US I think?

The format is only relevant for outputing dates. For querying you can 
use the date values directly to delimit the range that you want

SELECT * FROM blah WHERE mm BETWEEN '11/04/2005' AND '11/05/2005'


-- 

Regards,
Manuel Lemos

PHP Classes - Free ready to use OOP components written in PHP
http://www.phpclasses.org/

PHP Reviews - Reviews of PHP books and other products
http://www.phpclasses.org/reviews/

Metastorage - Data object relational mapping layer generator
http://www.meta-language.net/metastorage.html

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


___
Sent by ePrompter, the premier email notification software.
Free download at http://www.ePrompter.com.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] expand array into function arguments?

[tg-php]

There's probably some clever answer to this like "Just do myFunc($myList) and 
it'll automatically parse out the arguments".. because PHP does clever things 
like that sometimes.

But if anything, you can do something like this:

$myList = array(1, "arg", 5);

myFunc($myList);

function myFunc($argarr) {
  list($arg1, $arg2, $arg3) = $argarr;
  #do something
}


You might try this and see if it works (again, PHP is clever like this 
sometimes):

$myList = array(1, "arg", 5);

myFunc($myList);

function myFunc($arg1, $arg2, $arg3) {
  list($arg1, $arg2, $arg3) = $argarr;
  #do something
}

Maybe it automatically splits the array for you.

-TG

= = = Original message = = =

You can do this in Python:


def myFunc(arg1, arg2, arg):
  #do something

myList = [1, "arg", 5]
myFunc(*myList) # calls myFunc(1, "arg", 2)


Can that be done in PHP, and if so, how?

Thanks for the help.


___
Sent by ePrompter, the premier email notification software.
Free download at http://www.ePrompter.com.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] WINBINDER! WOOT! Re: PHP-GTK, or something else, for desktop app development?

[tg-php]

I missed the original post, but if you're looking at doing Windows desktop 
development and want a GREAT alternative to GTK, definitely check out 
Winbinder!  Rubem and crew have done an awesome job (even though he modestly 
calls it an "alpha" release.. it's very function).

It's a native Windows API wrapper for PHP.. so you have access to all the 
familiar Windows.

http://www.hypervisual.com/winbinder/index.php

= = = Original message = = =

[pardon me for my poor english]
What you want to do?
If you just want to be a desktop applications programmer, i dont think 
learning PHP-GTK be a good way to produce them (learning a language like 
PHP that is specialized in web environment for desktop programming colud 
not be a good idea) but if you want to be a web programmer too, it's 
here you could use PHP-GTK with the most TRUST!

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


___
Sent by ePrompter, the premier email notification software.
Free download at http://www.ePrompter.com.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Basic PHP/HTML code question

[tg-php]

Since PHP is server-side, it's probably not the best option for doing what 
you're describing.  It IS possible to use a javascript "onchange" event and use 
that to trigger a new page load which would change your second select box, but 
that's kind of slow and sloppy and should probably only be used when your 
select boxes have a LOT of data or can change a lot necessitating a database 
lookup on whatever you selected in the first box.

It sounds like what you want to do would best be done in javascript totally.   
Use PHP to build the javascript code that has all the options and then use code 
like the stuff found in Example 1 on:

http://www.mattkruse.com/javascript/dynamicoptionlist/


Technically this message is "off topic" and I'm sure someone will say something 
about it, but I hope people remember when they were starting out in PHP and 
weren't sure what it could and couldn't do and remember that asking questions 
like this is part of the learning process.

Best of luck Carlos!

-TG




= = = Original message = = =

Hi,

I have been trying to write or find a pre-written script of a combo-box which 
would 
allow one to select a category from one drop-down list, then be given related 
options 
within a secondary list before clicking a submit button.  Is there anyone who 
knows 
where I can find this or an easy way to accomplish this in PHP?
Sorry if this is a basic question but I have only begun learning coding PHP so 
some 
items are foreign at this point.  Thanks for your understanding and any 
assistance.

C.


___
Sent by ePrompter, the premier email notification software.
Free download at http://www.ePrompter.com.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] PHP excel capability

[tg-php]

I had some issue when I tried CSV in the past.  I don't know if there was some 
issue with use of commas in the data and not getting Excel to properly use 
"some data, with commas", "some more data" so that it'd omit the quotes as well 
or what.  In the end, for the quick and dirty throwaway project I was working 
on, HTML tables worked the best.  Or at least quicker than figuring out what 
our problem with CSV was.

Not the best solution, but was the best for what we needed and it's definitely 
worth noting that CSV (making sure your data doesn't have commas or you 
properly compensate for that) and HTML are both good quick and dirty 
download-to-Excel options.

And as Richard mentioned, COM requires Windows, but if you want to do anything 
with it, you need to have something for PHP to talk to via COM.  In this 
instance, we're talking about PHP + Excel.

There's little things you have to be careful with when using COM too, 
especially on your server.  Making sure you close the app that you're 
interacting with properly is one of the biggest.  You might issue a 'close' 
command and find out it only closes the document, not the app as you might 
think.  Suddely you have 50 instances of Excel running (non-visible) on your 
server and you're up a creek.

COM is great to have as an option, but really isn't usually the best solution 
unless you have no other choice.

-TG

= = = Original message = = =

On Wed, April 18, 2007 11:25 am, [EMAIL PROTECTED] wrote:
> Also, if you output an HTML table and set the content type in your
> header to an Excel content type, it should ask the client PC to open
> the page in Excel (assuming they have it installed).  This works for a
> real quick and dirty export-to-excel type thing.   Then PHP isn't
> really creating an Excel file, but presenting the data in a format
> that Excel on the client PC can read.

If you output CSV format and send Excel content-type, that also works,
and may be a more natural coding than HTML tables.

Or not, depending on what you are doing. :-)

-- 
Some people have a "gift" link here.
Know what I want?
I want you to buy a CD from some indie artist.
http://cdbaby.com/browse/from/lynch
Yeah, I get a buck. So?



___
Sent by ePrompter, the premier email notification software.
Free download at http://www.ePrompter.com.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] move "if" logic from php into query

[tg-php]

In my data scrubbing function, I pass it a content type (phone, city, SSN, 
etc), do whatever scrubbing/filtering I'm going to do on that type of content, 
then after everything's done, then I do the mysql_real_escape_string() on it 
and return that to where the function was called.

That way, everything going into the database has at least 
mysql_real_escape_string() run on it.  The other checks on the content are just 
to verify that the data is similar in format and composition to what that type 
of data should be like.

For instance, Phone #'s and SSNs have everything but numbers removed, but are 
not treated as numbers (since a leading zero is still important).

-TG


= = = Original message = = =

On Thu, April 26, 2007 4:02 am, Sebe wrote:
> i always use intval() on something i'm inserting into database that
> *should* be a integer. i don't know if there is a difference or a good
> reason to pick one or the other.. i'm not Richard so maybe he can
> create
> an interesting story for us on the *proper* way ;-)

Well...

(int) $foo;
intval($foo);

are pretty interchangable, really.

Just depends if you're an old C hacker or you prefer making function
calls.

I can't imagine doing enough of either in any real script for
performance to be an issue, so let's skip the whole benchmark thread,
please???

That said, I've recently decided that even after doing (int) [or
intval()] that I'd like to be 100% kosher and still do
mysql_real_escape_string.

Mainly because somebody pointed out that doing the same thing for
(float) could yield things that may not be "good" in SQL like
underflow, overflow, exponential notation, and also that the - sign in
front *could* end up being part of a subtraction and you *could*
manage to leave out the space, and then you've got an SQL comment
instead of subtraction.

$a = (int) $_REQUEST['a'];
$b = (int) $_REQUEST['b'];
$query = "select $a-$b ";

http://example.com/a=5&b=-3

So the (int) or intval() is "not enough" imho.

YMMV

-- 
Some people have a "gift" link here.
Know what I want?
I want you to buy a CD from some indie artist.
http://cdbaby.com/browse/from/lynch
Yeah, I get a buck. So?

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


___
Sent by ePrompter, the premier email notification software.
Free download at http://www.ePrompter.com.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] PHP sorting csv array output

[tg-php]

When you load your data into your array, you can use the timezone (or whatever 
field you're using to sort) as the array key, then use ksort().

Check the "see also" for a bunch of other types of sorting you can do.

When it comes to the multisorts and user defined sorts, I'm at a bit of a 
loss..hah.. just never had to use them so they're still a bit mystical to me.

-TG

http://us2.php.net/manual/en/function.ksort.php

= = = Original message = = =

On 5/10/07, Daniel Brown <[EMAIL PROTECTED]> wrote:
>
> One place to start reading, Anna, would be the PHP manual for the
> fgetcsv() function, which is specifically for CSV parsing.
>
> http://www.php.net/fgetcsv
>
Thanks for your quick reply Daniel. Yes I've seen that function before
and i am using it to parse the file, which displays fine. I just need
to be able to sort that data (by Time Zone) prior to displaying. Sorry
If I wasn't clear.

Thanks.


-- 
Anna Vester
Web Designer
http://www.veanndesign.com

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php



___
Sent by ePrompter, the premier email notification software.
Free download at http://www.ePrompter.com.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] PHP debugger

[tg-php]

Don't know if it'll do what you want it to do...and if you're using Joomla, it 
might be tricky (or not... havn't messed with Joomla enough to know) to insert 
it into the system in a meaningful way.. but check out this:

FirePHP:
http://www.firephp.org/

Works with Firebug Firefox extension to give some PHP debugging and profiling 
data.

I'm sure there are a dozen other solutions that people will offer up, just 
wanted to get that one in there :)

-TG

= = = Original message = = =

I am trying to load a PHP debugger in our most recent build of PHP 5.2.1.

The debugger which I am trying to set up is the free, pre-compiled
Linux version of dbg ( DBG 2.15.5 dbg modules), from
http://dd.cron.ru/dbg/, and all of the instructions have been followed
as posted on the NuSphere site.

Yes, Apache has been stopped and restarted!!

There is no difference in the output from phpinfo(). The line
"with DBG v2.11.30, (C) 2000,2004 by Dmitri Dmitrienko, http://dd.cron.ru";
does not appear.

PHP is compiled without debugging, but I did consider that was for the
purpose of debugging PHP itself, not scripts.

Suggestions will be most welcome. Also, I'm not married to this, so if
anyone thinks there is a better debugger, please jump in.

Regards - Miles Thompson

PS Why are we doing this? Because we are getting tired of debugging
with Javascript alert()  boxes. /mt

PPS And we are using those because of Joomla!  Some things are buried
so deeply we cannot use print() or echo(). /mt

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


___
Sent by ePrompter, the premier email notification software.
Free download at http://www.ePrompter.com.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] convert numerical day of week

[tg-php]

Mom!  Dad!  Stop fighting!

= = = Original message = = =

On 5/22/07, Robert Cummings <[EMAIL PROTECTED]> wrote:
> Yours is the least maintainable.

Hehe..  with 4 times as many lines of code and 160% more bytes of code overall?

> cat locale.php|grep -v ^$|wc -l
  16

> cat simple.php|grep -v ^$|wc -l
   4


> ls -lavh
-rw-r--r--1 destiney  destiney  347B May 22 17:35 locale.php
-rw-r--r--1 destiney  destiney  133B May 22 17:35 simple.php


Watch me switch this from English to Spanish:

#$days = array( 'Sunday', 'Monday', 'Tuesday', 'Wednesday',
'Thursday', 'Friday', 'Saturday' );
$days = array( 'Domingo', 'Lunes', 'Martes', 'Mi~rcoles', 'Jueves',
'Viernes', 'S~bado' );

Tada!  That was the easiest maintenance programming ever.


> I have nothing to learn from you that I
> didn't learn in kindergarten.

They didn't teach PHP where I attended kindergarten.  Is that a Canadian thing?



-- 
Greg Donald
http://destiney.com/

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


___
Sent by ePrompter, the premier email notification software.
Free download at http://www.ePrompter.com.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] IF with multiple values for a variable

[tg-php]

Could try something like this:

$types = array('T', 'D', 'L');

if (in_array($type, $types)) {
  // do something
}

But that's going to just check to see if $type is one of the valid types you're 
looking for.

You might try something like switch.

switch ($type) {
  case 'T':
// Output 'T' record type
break;
  case 'D':
// Output 'D' record type
break;
  case 'L':
// Output 'L' record type
break;
  default:
break;
}


"switch" works really well when you have multiple "if" scenarios and don't want 
to keep doing a ton of if.. elseif... elseif...elseif...  for simple 
comparisons.


You can even use it for more complicated comparisons:


switch (true) {
  case $type == 'T':
break;
  case $type == 'D' and $flavor <> 'grape':
break;
  default;
break;
}

the "default" section is what's processed if no critera are met.

Also, if you want to use the same criteria for multiple conditions, or slight 
variations, you can do that by removing 'break' codes:


switch ($type) {
  case 'T':
  case 'D':
// Do something if $type is either T or D
break;
  case 'L':
// Do something L specific
  case 'R':
// Do something if $type is L or R (passes through from L condition because 
break was removed)
break;
  default:
break;
}


More reading here:

http://us.php.net/switch

Hope that helps.

-TG

= = = Original message = = =

Okay, I know this has got to be easy but it's not working any way I try it.

When a record is selected it opens up a new page.  My query will display the
specific results based on the type of record selected.  There can be
multiple values in each if.  However I am having a brain fart in my if
statement assigning the multiple values.

Here is my if statement:

 if ($type == 'T','D','L' 
$get_id.=" payment_request WHERE id = '$payment_id'";


However this does not return ant results.
I've tried  if ($type = array('T','D','L'), if ($type == array('T','D','L'),
if ($type == 'T,D,L'), if ($type == 'T' or 'D' or 'L'

I also looked in the PHP manual for examples of if's and didn't find any
help.

I can get it to work if I create a seperate if statement for each type
condition but i would prefer to not duplicate my code just to add a seperate
$type


___
Sent by ePrompter, the premier email notification software.
Free download at http://www.ePrompter.com.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] IF with multiple values for a variable

[tg-php]

double pipes constitutes an "OR" operation.   You can use the keyword OR as 
well.   Also, && and AND are the same as well.

http://us.php.net/manual/en/language.operators.logical.php

-TG

= = = Original message = = =

Excellent!  Double pipes to seperate possible multiple variable values.


Thanks Daniel!


On 6/13/07, Daniel Brown <[EMAIL PROTECTED]> wrote:
>
> On 6/13/07, Dan Shirah <[EMAIL PROTECTED]> wrote:
> > Okay, I know this has got to be easy but it's not working any way I try
> it.
> >
> > When a record is selected it opens up a new page.  My query will display
> the
> > specific results based on the type of record selected.  There can be
> > multiple values in each if.  However I am having a brain fart in my if
> > statement assigning the multiple values.
> >
> > Here is my if statement:
> >
> >  if ($type == 'T','D','L' 
> > $get_id.=" payment_request WHERE id = '$payment_id'";
> > 
> >
> > However this does not return ant results.
> > I've tried  if ($type = array('T','D','L'), if ($type ==
> array('T','D','L'),
> > if ($type == 'T,D,L'), if ($type == 'T' or 'D' or 'L'
> >
> > I also looked in the PHP manual for examples of if's and didn't find any
> > help.
> >
> > I can get it to work if I create a seperate if statement for each type
> > condition but i would prefer to not duplicate my code just to add a
> seperate
> > $type
> >
>
>Dan,
>
>Are you trying to do this?
>
> if ($type == 'T' || $type == 'D' || $type == 'L') 
>$get_id.=" payment_request WHERE id = '$payment_id'";
>
> ?>
>
> --
> Daniel P. Brown
> [office] (570-) 587-7080 Ext. 272
> [mobile] (570-) 766-8107
>


___
Sent by ePrompter, the premier email notification software.
Free download at http://www.ePrompter.com.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] Date

[tg-php]

Don't forget that in cases like the one below, you can use the list() function 
to tighten things up a bit:

$start_date='2007-06-20';
list($start_year, $start_month, $start_day) = explode('-',$start_date);



I prefer using the date functions that some of the other people mentioned and 
only use the string functions to get date info when I have to.

If you use strtotime() or have the date in a serial format already, you can get 
a lot more than just month, day, year out of it using date().  But if all you 
really need is month, day, year then whichever method is easiest to work with.

-TG



= = = Original message = = =

$start_date='2007-06-20';
$parts=explode('-',$start_date);
$start_year = $parts[0];
$start_month = $parts[1];
$start_day = $parts[2];


___
Sent by ePrompter, the premier email notification software.
Free download at http://www.ePrompter.com.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Small LAMP install/distro

[tg-php]

Ok, done all my googling and experimenting, now I'm tossing it to you guys.

Can anyone recommend a small, no frills, LAMP-centric linux package/distro?

What I'm doing is setting up a test/development environment in a VMWare virtual 
machine to keep things all nice and comparmentalized.  It's going to emulate 
(at least in PHP and MySQL version and configuration) my web host.   Ideally 
I'd like to keep using my traditional Windows apps to do development, but save 
my work to a Samba share on the virtual machine (so guess toss Samba into that 
too).

Maybe there's better ways to do what I want, but now I'm discovered a challenge 
that I'd like to overcome.

I have something called "Grandma's LAMP", which is actually pretty cool.  It 
runs Xubuntu, which I dig, but still takes up 1.5gig (and is config'd for a max 
of 10gb 
HD space).   It has the full GUI and everything installed.

GUI is nice, but not 100% necessary.  AMP + Samba is good.  And I'm 
transporting this all around on a 2GB thunbdrive (oh yeah, did I not mention 
that?).

If it was sans-GUI, I don't see why the whole thing couldn't be under 500MB.

Thought maybe someone out there had seen a distro pack specifically geared for 
quick and dirty LAMP + Samba setup.

-TG

___
Sent by ePrompter, the premier email notification software.
Free download at http://www.ePrompter.com.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Small LAMP install/distro

[tg-php]

Yeah, I took a quick look at Damn Small Linux.   And have been playing around 
with Puppy Linux (which is pretty cool too).

I may end up using one of those.  Wanted to see if there was a distro with 
everything built into it already (Damn Small seems to have a lot of average 
user apps and not really developer/small server type stuff)

Thanks for the suggestion though, Daniel.

(And yes, I top-post. Get the pitchforks!)

-TG

= = = Original message = = =

On 6/21/07, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
> Ok, done all my googling and experimenting, now I'm tossing it to you guys.
>
> Can anyone recommend a small, no frills, LAMP-centric linux package/distro?
>
> What I'm doing is setting up a test/development environment in a VMWare 
> virtual machine to keep things all nice and comparmentalized.  It's going to 
> emulate (at least in PHP and MySQL version and configuration) my web host.   
> Ideally I'd like to keep using my traditional Windows apps to do development, 
> but save my work to a Samba share on the virtual machine (so guess toss Samba 
> into that too).
>
> Maybe there's better ways to do what I want, but now I'm discovered a 
> challenge that I'd like to overcome.
>
> I have something called "Grandma's LAMP", which is actually pretty cool.  It 
> runs Xubuntu, which I dig, but still takes up 1.5gig (and is config'd for a 
> max of 10gb
> HD space).   It has the full GUI and everything installed.
>
> GUI is nice, but not 100% necessary.  AMP + Samba is good.  And I'm 
> transporting this all around on a 2GB thunbdrive (oh yeah, did I not mention 
> that?).
>
> If it was sans-GUI, I don't see why the whole thing couldn't be under 500MB.
>
> Thought maybe someone out there had seen a distro pack specifically geared 
> for quick and dirty LAMP + Samba setup.
>
> -TG
>

Google for "DSL" (Damn Small Linux).

I've used that a few times myself.  Pretty cool.

-- 
Daniel P. Brown
[office] (570-) 587-7080 Ext. 272
[mobile] (570-) 766-8107


___
Sent by ePrompter, the premier email notification software.
Free download at http://www.ePrompter.com.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] Small LAMP install/distro

[tg-php]

Yeah.. I'm aware.  As I stated in my original email:

"Ideally I'd like to keep using my traditional Windows apps to do 
development..."

I'm comfortable moving around in linux, but the tools and OS I choose to use 
are all Windows-centric.   But instead of installing Apache and PHP and MySQL 
on my Windows machine at work and at home, as I have in the past, then lose 
interest in the project I'm working on and have a bunch of servers installed 
that I'm not using, I'd like to set up a virtual machine to keep all the 
server/test environment contained out of the way.

And while I'm 'comfortable' getting around in linux and know a few tricks, I 
don't feel that I know it well enough to try to start trimming out a gig or two 
of stuff and fiddling with swap space settings and all to make my own 
streamline distro with the apps I want.  Especially if one already exists.

I'd rather waste my time developing PHP apps that nobody but me will ever use, 
than fiddling with OS streamlining and configuration.

-TG

= = = Original message = = =

Did you know that VM-ware actually runs under RH linux?

Warren

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] 
Sent: Thursday, June 21, 2007 1:16 PM
To: php-general@lists.php.net
Cc: [EMAIL PROTECTED]
Subject: Re: [PHP] Small LAMP install/distro

Yeah, I took a quick look at Damn Small Linux.   And have been playing
around with Puppy Linux (which is pretty cool too).

I may end up using one of those.  Wanted to see if there was a distro with
everything built into it already (Damn Small seems to have a lot of average
user apps and not really developer/small server type stuff)

Thanks for the suggestion though, Daniel.

(And yes, I top-post. Get the pitchforks!)

-TG

= = = Original message = = =

On 6/21/07, [EMAIL PROTECTED] <[EMAIL PROTECTED]>
wrote:
> Ok, done all my googling and experimenting, now I'm tossing it to you
guys.
>
> Can anyone recommend a small, no frills, LAMP-centric linux
package/distro?
>
> What I'm doing is setting up a test/development environment in a VMWare
virtual machine to keep things all nice and comparmentalized.  It's going to
emulate (at least in PHP and MySQL version and configuration) my web host.
Ideally I'd like to keep using my traditional Windows apps to do
development, but save my work to a Samba share on the virtual machine (so
guess toss Samba into that too).
>
> Maybe there's better ways to do what I want, but now I'm discovered a
challenge that I'd like to overcome.
>
> I have something called "Grandma's LAMP", which is actually pretty cool.
It runs Xubuntu, which I dig, but still takes up 1.5gig (and is config'd for
a max of 10gb
> HD space).   It has the full GUI and everything installed.
>
> GUI is nice, but not 100% necessary.  AMP + Samba is good.  And I'm
transporting this all around on a 2GB thunbdrive (oh yeah, did I not mention
that?).
>
> If it was sans-GUI, I don't see why the whole thing couldn't be under
500MB.
>
> Thought maybe someone out there had seen a distro pack specifically geared
for quick and dirty LAMP + Samba setup.
>
> -TG
>

Google for "DSL" (Damn Small Linux).

I've used that a few times myself.  Pretty cool.

-- 
Daniel P. Brown
[office] (570-) 587-7080 Ext. 272
[mobile] (570-) 766-8107


___
Sent by ePrompter, the premier email notification software.
Free download at http://www.ePrompter.com.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


___
Sent by ePrompter, the premier email notification software.
Free download at http://www.ePrompter.com.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Small LAMP install/distro

[tg-php]

First, funny that you say that from a Gmail account, where top-posting is 
encouraged by the mail system.

Second, and not to get into a big discussion about top vs bottom posting, but I 
top-post because typically if I'm involved in a conversation, I know what's 
been said already and don't want to scroll past a ton of it to get to the meat. 
 To me, an original message is included in a reply as a quick reference as to 
what's being replied to and a reminder of what's been said.

The people top-posting probably screws the most are the daily digest readers.   
But even then, if a reply is properly trimmed, then it shouldn't matter if it's 
top or bottom posted.

Doesn't help that ePrompter (little app I use to check many pop3 and web based 
emails) has primative original email handling where it won't indent with ">" or 
anything, pretty much forcing you to top-post if you use it to reply.

I prefer top posting and don't know why there's so much animosity against it.  
When I open an email, the first thing I want to see is what someone said in 
that email.  If I need a reminder of what was already said, or clarification on 
what they're replying to exactly, then I can scroll down.

-TG

= = = Original message = = =

ps. Please don't top post!

Tijnema

___
Sent by ePrompter, the premier email notification software.
Free download at http://www.ePrompter.com.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Small LAMP install/distro

[tg-php]

Excellent information Jim!  Thanks a ton!   I really wish I knew linux more 
intimately so I knew what was a vital organ and what was an appendix :)

Your suggestions sound like exactly what I'm looking for.  Greatly appreciated!

Actually.. one question.  Won't it try to set up a swap partition?  Or will 
what you recommend keep that to a minimum too?

Thanks again..  finally some useful information to a simple question. hah

(not that I don't appreciate the advice that's been given so far.. it's just 
not what I was looking for)

-TG


= = = Original message = = =

I would install Fedora Core 6.

When asked which packages to install, uncheck everything.

Then, once you have the install complete, using yum install
~httpd
~php
~mysql
~samba

Here is my current running packages for the above programs

httpd-2.2.4-2.fc6
libdbi-dbd-mysql-0.8.1a-1.2.2
mysql-5.0.27-1.fc6
mysql-connector-odbc-3.51.12-2.2
mysql-server-5.0.27-1.fc6
php-5.1.6-3.6.fc6
php-cli-5.1.6-3.6.fc6
php-common-5.1.6-3.6.fc6
php-mbstring-5.1.6-3.6.fc6
php-mysql-5.1.6-3.6.fc6
php-pdo-5.1.6-3.6.fc6
php-pear-1.4.9-4
php-pgsql-5.1.6-3.6.fc6
samba-3.0.24-7.fc6
samba-client-3.0.24-7.fc6
samba-common-3.0.24-7.fc6
system-config-samba-1.2.35-1.1


don't install the devel packages of anything

all of this installed on top of the base install should be well under 1g

make sure and run 'yum update'

seems like there are updates every couple hours.

-- 
Jim Lucas

"Some men are born to greatness, some achieve greatness,
and some have greatness thrust upon them."

Twelfth Night, Act II, Scene V
 by William Shakespeare


___
Sent by ePrompter, the premier email notification software.
Free download at http://www.ePrompter.com.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] Small LAMP install/distro

[tg-php]

Thanks for the suggestions.. but again, the question wasn't "what distro of 
linux" to use.  And I don't mind upgrading things.  The question is what would 
someone recommend for a really small distro of linux preferably with the bare 
essentials + apache, mysql, php and samba.

Failing that, I'll just grab one of the small linux distros out there and 
install the stuff I need manually.  I just don't know if some of those small 
distros are missing anything that would make installing AMP+Samba tricky.

Anyway, I'll figure it out.  It's not a huge priority, but something that'd 
make my  hobby development a lot easier.

-TG

= = = Original message = = =

I can recommend Fedora Core 6, it has more uptodate Apache, PHP and MySQL,
than does Red Hat Enterprise 4, which is what the company I consult for
installed on their VM-ware environment.  We spent a lot of time upgrading
everything on the VM Host because the RH Enterprise was so far behind.  I
run the Fedora 6 on a spare machine at home, and everything that version is
far superior, don't even try to convince the corporate types though, they
want a corporate name behind things, like there might be someone to blame,
other than themselves, if something goes wrong.

I've also used Free BSD, Redhat 9, and older versions of Suse, but prefer
the Fedora.  The MySQL on Fedora 6 has master/slave replication, if you know
what that is.

Warren 


___
Sent by ePrompter, the premier email notification software.
Free download at http://www.ePrompter.com.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Small LAMP install/distro

[tg-php]

Thanks again for the info, Jim.  will look into the 'install to flash drive' 
information.   Technically that's not what I'm doing, just want to store the 
virtual machine on the flash drive, but the installation instructions should be 
tight enough to be pertinent still.

I think you got close enough understanding to what I'm trying to do. :)


= = = Original message = = =

I have never tried setting up an install without one.  I'm sure that it can be 
used without one though, you might just be limited on what you can do with it.

But what it sounds like you are wanting to do with it, it won't matter.  If you 
are running this through VM Ware, you will allot it a given amount of hard 
drive space.  To the installer, that will look like one large hard drive, that 
you can partition and allocate to your hearts desire.  Meaning, that you should 
be able to have a swap file or not.  Just a matter of creating the partition 
for it or not.

Maybe I'm misunderstanding what your intentions are???  If so, please explain 
further.

-- 
Jim Lucas

"Some men are born to greatness, some achieve greatness,
and some have greatness thrust upon them."

Twelfth Night, Act II, Scene V
 by William Shakespeare



___
Sent by ePrompter, the premier email notification software.
Free download at http://www.ePrompter.com.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Small LAMP install/distro

[tg-php]

"logic" is subjective.

When I read "Because it breaks the logical sequence of discussion.", I already 
knew what you were talking about without having to read the question.. because 
I knew what was being discussed in this thread.  If it wasn't an answer to my 
original question, then it was about top-posting vs bottom-posting.

To me, A: then Q:, in this context, makes perfect sense and is therefore 
'logical'.  If people have a problem with determining context and having short 
term memory loss, then I don't know what to say.  Hmm..  maybe that's a good 
question to put on our job interview list for prospective new programmers.  "Do 
you have an opinion on top posting vs bottom posting?"  just to see how they 
answer.

Bottom posting makes sense if you're using papyrus scrolls.  Or are forced into 
a linear discussion format for some reason.  Email is a little more flexible 
than that.

Does it confuse you reading my messages like this?  Do you find yourself 
drifting to the bottom before the top makes any sense at all?   I'm guessing 
not.  Answer this, did you even look at or read your 'original message' below 
before comprehending my message up here?   Probably not, because you already 
know what was said and what I'm responding to.  Tell me I'm wrong.

It's an exceedingly silly conversation and is probably on a list of 'holy wars' 
somewhere.   I just don't get why 'top posting' is so bad.  If it's all for the 
sake of 'logic' then how come it seems perfectly logical to me but is still 
somehow 'illogical' or 'breaks logical flow'?

Anyway..  I'm sure there'll be more silly debate later.

-TG

PS. Don't read below.  It break's logical flow.  You might sprain something.

= = = Original message = = =

A: Because it breaks the logical sequence of discussion.
Q: Why is top posting bad?

This explains everything ^^^


___
Sent by ePrompter, the premier email notification software.
Free download at http://www.ePrompter.com.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: what trick is this? How to do it?

[tg-php]

View the source and trace through the javascript.

Looks like it has to do with:

function openLogin()

Which calls:

dojo.require("dojo.widget.Dialog");

and..

floatingWindow = dojo.widget.createWidget("Dialog", properties, node);

and..

floatingWindow.setContent("");


Don't have time right now, but I'd dig deeper into dojo.widget.Dialog (in this 
specific case.. don't know about Linux.com).

-TG

= = = Original message = = =

> http://xsojix.imeem.com/music/1zyLl7y9/lost_my_music/
> How did he/she do it? I meant the modal login window...

I just found that linux.com is using the same trick. :)

-- 
  @~@   Might, Courage, Vision, SINCERITY.
 / v \  Simplicity is Beauty! May the Force and Farce be with you!
/( _ )\ (Xubuntu 7.04)  Linux 2.6.22.1
  ^ ^   20:03:01 up 1 day 22:07 0 users load average: 0.00 0.01 0.00
news://news.3home.net news://news.hkpcug.org news://news.newsgroup.com.hk

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


___
Sent by ePrompter, the premier email notification software.
Free download at http://www.ePrompter.com.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Reading registry values

[tg-php]

I'm not sure that there's actually anything you'd need to access in the server 
registry (and certainly no registry in Linux if you're also transitioning from 
Windows to Linux).   And depending on what the ActiveX control your ASP pages 
accessed actually does, it may be better to recreate it in PHP instead of 
trying to access ActiveX via PHP.

What, exactly, is being pulled from the registry and if the ActiveX control 
does more than just facilitate registry access, what else does it do that you'd 
need to emulate?

I have a feeeling that you don't need to worry about these things after you 
transition to PHP and Apache.

More info please? :)

-TG


= = = Original message = = =

I want to convert some ASP pages to PHP to go along with a transition from IIS
to Apache. One of the ASP script functions involves reading data from the
Windows registry. How does one read from the registry with PHP?

Also, is it possible to use ActiveX objects with PHP? The above mentioned script
uses a third party control to facilitate the registry operations. The VBScript
code looks like this:

Set objRegistry = CreateObject("RegObj.Registry")

Is there a PHP equivalent?

This newbie thanks you.
-- 
Crash


___
Sent by ePrompter, the premier email notification software.
Free download at http://www.ePrompter.com.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: Re[2]: [PHP] Reading registry values

[tg-php]

Yeah, that could be one thing that the ASP/ActiveX combo need to access the 
registry for..  but if he's replacing ASP with PHP and if the ActiveX control 
doesn't do anything he can't re-create in PHP, then there's no need to verify 
that anything relating to ASP or ActiveX is registered and genuine because it 
would have been replaced with a PHP alternative.

I can't think of anything that a PHP app is going to need access to the 
registry for, so I'm trying to verify that there actually is a need for him to 
access the registry and/or use ActiveX via PHP.  I'm guessing that he doesn't 
need to at all.

-TG

= = = Original message = = =

Hi,

Monday, July 30, 2007, 7:40:52 PM, you wrote:

> I'm not sure that there's actually anything you'd need to access in
> the server registry (and certainly no registry in Linux if you're
> also transitioning from Windows to Linux). And depending on what the
> ActiveX control your ASP pages accessed actually does, it may be
> better to recreate it in PHP instead of trying to access ActiveX via
> PHP.

I've seen ASP components that required access to the registry in order
to validate they were legal. I.e. the installer of the component wrote
some serial number or something to the registry, which the ASP scripts
checked.

Nasty, but true. Just saying that he may well have a genuine need for
it.

Cheers,

Rich
-- 
Zend Certified Engineer
http://www.corephp.co.uk

"Never trust a computer you can't throw out of a window"

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


___
Sent by ePrompter, the premier email notification software.
Free download at http://www.ePrompter.com.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Loss of precision in intval()

[tg-php]

Very weird and counter intuitive.  Looking at the php manual, I see this:

Converting to integer from floating point:

"When converting from float to integer, the number will be rounded towards 
zero."

But you'd think the multiplication would happen before the rounding.

if you do:
$a = ceil(75.82 * 100);

you should get the proper answer.

This is what I used for testing:

\n";
echo "y is " . gettype($y) . "\n";

$a = ceil($x * $y);

echo "a is " . gettype($a) . "\n";

echo "intval(a) is " . gettype(intval($a)) . "\n";

echo $a . " *** " . intval($a);
?>

Not sure that really helps, but seems to be some kind of order of precedence 
issue.

-TG

= = = Original message = = =

This sort of thing really isn't helpful...




___
Sent by ePrompter, the premier email notification software.
Free download at http://www.ePrompter.com.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php