[PHP] Re: Example of good PHP coding

Terence, do a search for "php coding standard" in Google and you'll find documents describing coding guidlines suitable for projects. --- Geir Pedersen http://www.activio.com/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Example of good PHP coding

On Mar 24, 2004, at 6:43 AM, Terence wrote: Hi All, Apologies if this has been asked before, but can someone out there point out an example of good PHP coding in an open source application? I am currently looking at: PHPNuke Mambo (the most recent versions). Can these two pieces of software be

[PHP] Session variables as array

Hello... Is there any example that I can look at that does a session variable as an array? thanks -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Example of good PHP coding

Hi All, Apologies if this has been asked before, but can someone out there point out an example of good PHP coding in an open source application? I am currently looking at: PHPNuke Mambo (the most recent versions). Can these two pieces of software be considered good PHP coding practice and serve

Re: [PHP] session.bug_compat_42

Thanks to all who helped, I think I got it figured out now. James Hicks On Tuesday 23 March 2004 12:11 pm, Rasmus Lerdorf wrote: > This has nothing to do with the browser. Instead of using > session_register("last_time") and setting $last_time, do this: > > $_SESSION['last_time'] = time();

Re: [PHP] login scripts not secure?? help!

I am using PHP with register_globals ON... since I don't have access to the host environment. The way I use sessions is: session_start(); do some database connection and checking here. if (condition is met) { $_SESSION['valid_user'] = $_POST['login']; } Is t

RE: [PHP] $_POST not working with str_replace

> -Original Message- > From: John W. Holmes [mailto:[EMAIL PROTECTED] > Sent: Tuesday, March 23, 2004 7:59 PM > > Like someone else said, you need to whittle your code down to a minimum > and do a lot of variable checking along the way. Slowly add code back > until you find what's causing

Re: [PHP] RE:[PHP] session_register vs. $_SESSION superglobal

I am using PHP with register_globals ON... since I don't have access to the host environment. The way I use sessions is: session_start(); do some database connection and checking here. if (condition is met) { $_SESSION['valid_user'] = $_POST['login']; } Is th

[PHP] Local sysadmin DFW needed

Hi folks, Sorry for the inturruption. I'm looking for a part time sysadmin in the DFW area. If anyone wants to pick up some hours drop me your resume. Here is what I need, someone who can do: Redhat, PHP, Mysql, Perl, sendmail, creating and maintaining users and permissions, virtual hosts, sam

Re: [PHP] $_POST not working with str_replace

PHP Email List wrote: Ok I tried the print_r($_POST) and received... Array ( [FNAME] => test [LNAME] => t [ADDRESS] => t [CITY] => t [STATE] => t [ZIP] => t [DATE] => t [PARAGRAPH1]=> t [PARAGRAPH2] => t [FROM] => t [SUBMIT] => TEST ME ) So they array isn't empty for my post. Obviously the values

RE: [PHP] something like __URL__ (analogous to __FILE__)

> -Original Message- > From: Chris W. Parker [mailto:[EMAIL PROTECTED] > Sent: Tuesday, March 23, 2004 5:03 PM > To: Evan Nemerson; motorpsychkill; Php General List > Subject: RE: [PHP] something like __URL__ (analogous to __FILE__) > > > Evan Nemerson > o

RE: [PHP] something like __URL__ (analogous to __FILE__)

Evan Nemerson on Tuesday, March 23, 2004 5:00 PM said: > Take a look at $_SERVER['REQUEST_URI'] the problem with that is that the value REQUEST_URI will contain is that of the page in the address bar (i think) and not the location of an included file (which is what

RE: [PHP] something like __URL__ (analogous to __FILE__)

motorpsychkill on Tuesday, March 23, 2004 4:51 PM said: > So no matter what file I use (like rabbits.php) and I include > config.php, CONFIG_FILE_URL will always return the url for the config > file and NOT the file doing the calling (rabbits.php). hmm... the only t

Re: [PHP] something like __URL__ (analogous to __FILE__)

Take a look at $_SERVER['REQUEST_URI'] On Tuesday 23 March 2004 04:50 pm, motorpsychkill wrote: > This is tricky to explain, so bear with me please. I have a file like: > > c:\htdocs\project_bunny\includes\config.php > > In my browser address bar, this would look like: > > http://localhost/proje

Re: [PHP] Re: Domain & Sub-domain Handling with PHP

Yeah, I'm aware PHP doesn't do DNS stuff, at least not directly. But I am curious as to how people handle subdomains. The 404 error seems like an interesting option, how does anyone else handle this? -Galen On Mar 23, 2004, at 10:58 AM, Justin Patrin wrote: Galen wrote: Hi, I've done loads an

[PHP] something like __URL__ (analogous to __FILE__)

This is tricky to explain, so bear with me please. I have a file like: c:\htdocs\project_bunny\includes\config.php In my browser address bar, this would look like: http://localhost/project_bunny/includes/config.php If within this document (i.e. config.php), I had: Now, if I have another

[PHP] another "everyone getting this?" post!

ok hi. just today i started getting a message from: [IM_T-EXCH] Panda Antivirus for Exchange Server [EMAIL PROTECTED] ...stating that my messages have been deleted. is this happening to everyone or am i sending out a virus all of a sudden? thanks! chris. p.s. no facts please! just theories!

RE: [PHP] $_POST not working with str_replace

PHP Email List on Tuesday, March 23, 2004 4:13 PM said: > I tried that, but I know I can get the values from the $_POST array > as per John's email about using print_r($_POST) to see what was > showing. And yes I get the value I wanted in between the :: ::. hhhm

RE: [PHP] $_POST not working with str_replace

what happens if you do the following? >", $name, $output); ?> ?? I tried that, but I know I can get the values from the $_POST array as per John's email about using print_r($_POST) to see what was showing. And yes I get the value I wanted in between the :: ::. Thanks for trying though, Anyone

Re: [PHP] Clearing Post Data with IE

I tried using the Header('location: ') but it seems the posted data follows the redirection Im going from my main page to a processing page then back to my main page. i printed $_POST on the main page and it still has the values that were originally posted to the processing page. Also after th

RE: [PHP] string concatination

Matthew Oatham on Tuesday, March 23, 2004 3:59 PM said: > Hi, hi. > What is the correct way, using php to join to strings, vars or other > wise. [snip] > i.e. how do I join > > $string1 = "hello"; > $string2 = "world"; > > do i do > > $string1 . $string2; [s

[PHP] string concatination

Hi, What is the correct way, using php to join to strings, vars or other wise. i.e. how do I join $string1 = "hello"; $string2 = "world"; do i do $string1 . $string2; and what about .. $string2 = $string1 . "world"; Is that correct?

Re: [PHP] Re: Null Variables after session_register() ( Radio Inputs Problem )

Thanks. Below is what I changed to session.php. Are there any possible problems with my changes? On Mar 23, 2004, at 4:28 PM, Justin Patrin wrote: -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] $_POST not working with str_replace

PHP Email List on Tuesday, March 23, 2004 3:08 PM said: > This is becoming very odd! > Possible bug? I hate throwing that out there but it doesn't make > sense why one would work and the other wouldn't since all any of them > are doing is holding "strings". Any othe

[PHP] REGISTER_GLOBALS set to off and other issues

I have REGISTER_GLOBALS set to off. I have read and read, but cannot figure out what I need to do code wise to keep from getting the following message: Warning: Unknown(): Your script possibly relies on a session side-effect which existed until PHP 4.2.3. Please be advised that the session exten

RE: [PHP] $_POST not working with str_replace

PHP Email List wrote: > Ok here's my problem, I'm in the midst of creating a string replace to work > on a rtf file that is on the server, this fuctionallity works perfect with > "GET" but not "POST", I guess I don't understand why. [snip] > $name = $_POST['FNAME']; [snip] > $output = str_replace(

Re: [PHP] Storing encrypted data in a database with

What version of mysql are you using? IIRC, there is support for AES in newer (4+?) versions. If I were you, I'd handle are the encryption and decryption in the database, if possible. Yep, http://www.mysql.com/doc/en/Encryption_functions.html On Tuesday 23 March 2004 02:04 pm, Jay Blanchard wro

Re: [PHP] $_POST not working with str_replace

PHP Email List wrote: Ok here's my problem, I'm in the midst of creating a string replace to work on a rtf file that is on the server, this fuctionallity works perfect with "GET" but not "POST", I guess I don't understand why. [snip] $name = $_POST['FNAME']; [snip] $output = str_replace("<>",$na

Re: [PHP] Re: RE:[PHP] login scripts not secure?? help!

Scott Fletcher wrote: Also remember to keep in mind, some user's browser had the cookie disabled. Once that happen then it wouldn't work. Very true. If that was the case, you'd have to maintain the session ID in every URL/form for the "private" area and also provide it in any URLs that go from t

Re: [PHP] Storing encrypted data in a database with

Jay Blanchard wrote: You have an error in your SQL syntax near 'HXâÃÃÃppT ÃÃÃ7 GHÂÅÅÃÃÃ' ) ' at line 1 Now, if you look closely you can see and additional single quote in ÃR'âHXâ. I cannot use addslashes() here can I? Or should I base64_encode each item and then decode on the way back out. An

Re: [PHP] Can i get all content for list box in $_POST

My Mistake. I over looked :( "Pablo Gosse" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] Sheeraz fazal wrote: > Hi All, > > I have a list box in a page (html tag with multiple > selection option). Items are added dynamically in list box, using > javascript. Can i get all elements of

Re: [PHP] Can i get all content for list box in $_POST

Thanks. As same element is used in PHP and JavaScript. Naming a tag ending in sqare brackets [] is JavaScript error. Till now either PHP will not produce desired results or JavaScript will give me error :( "Pablo Gosse" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] Sheeraz fazal wro

[PHP] PHP 4.3.4 EAPI

Hello all.. For some odd reason, I am having a very very difficult time compiling PHP with EAPI support.. Here is my configure line: CFLAGS=" -DEAPI" \ ./configure \ --with-apxs \ --with-config-file-path=/etc \ --disable-short-tags \ --with-zlib \ --with-bz2 \ --with-curl \ --with-mcrypt \ --wit

[PHP] $_POST not working with str_replace

Hey gang, Ok here's my problem, I'm in the midst of creating a string replace to work on a rtf file that is on the server, this fuctionallity works perfect with "GET" but not "POST", I guess I don't understand why. The reason I don't want to use GET over POST is due to the character restrictions.

[PHP] Storing encrypted data in a database with

Good afternoon! I am storing some encrypted data using PHP to do the encryption and a MySQL database. I have encountered a couple of times where I get back a query sytax error. INSERT INTO `test`.`tblEncTest` (`encAlg`, `encMode`, `encIV`, `reqName`, `reqSSN`, `reqEMail`) VALUES ( 'blowfish', '

Re: [PHP] Image Storage

Matt -- ...and then Matt Palermo said... % % I am creating a system to allow users to upload images to the site. Would % it be better to store the images in a MySQL table, or having it save the % images to a directory on the server? Anyone have any suggestions on this? % Pros? Cons? This has b

RE: [PHP] Can i get all content for list box in $_POST

Sheeraz fazal wrote: > Hi All, > > I have a list box in a page (html tag with multiple > selection option). Items are added dynamically in list box, using > javascript. Can i get all elements of listbox in my php code. > > If i do $_POST['select_tag_name']. I get a variable not an array. > Thu

Re: [PHP] Re: replacing chars in input

Justin, et al -- ...and then Justin Patrin said... % % David T-G wrote: % % >I would like to make things easier for my users and replace all of the % >garbage characters % > % > `'";:[EMAIL PROTECTED]&*()[]{}<>/?\|+= % > % >plus white space (\s) with underscores in the input. I am, however, %

[PHP] Can i get all content for list box in $_POST

Hi All, I have a list box in a page (html tag with multiple selection option). Items are added dynamically in list box, using javascript. Can i get all elements of listbox in my php code. If i do $_POST['select_tag_name']. I get a variable not an array. Thus getting only one item. Comments? --

[PHP] CGI Error

Hi All, I am getting this error when I trying to pass some url params; CGI Error The specified CGI application misbehaved by not returning a complete set of HTTP headers. The headers it did return are: And nothing Has anybody seen this before? I did a search and it seems that there are a f

Re: [PHP] Re: RE:[PHP] login scripts not secure?? help!

Also remember to keep in mind, some user's browser had the cookie disabled. Once that happen then it wouldn't work. "John W. Holmes" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > Scott Fletcher wrote: > > Um, you would be able to jump out of the admin area (logged in area) to > > p

[PHP] Re: Null Variables after session_register() ( Radio Inputs Problem )

Gohaku wrote: Apologies if this has been asked before, I'm experiencing problems with Session Variables and Radio Inputs values. For some reason, after I use session_register("number") where $number has 3 possible values { 1,2,3 }, $number IS NULL. If I don't use session_register("number"), $numb

[PHP] Re: http webmail problems.

Tom Reed wrote: On some webmail programs, when I send them an email from php, they appear as being "blank" emails. Here's the code I am using: $headers .= "From: \"$WEBSITE_name\" <$ADMIN_email>\n"; $headers .= "X-Sender: <$ADMIN_email>\n"; $headers .= "X-Mailer: $WEBSITE_name Mailer\n"; //

[PHP] Null Variables after session_register() ( Radio Inputs Problem )

Apologies if this has been asked before, I'm experiencing problems with Session Variables and Radio Inputs values. For some reason, after I use session_register("number") where $number has 3 possible values { 1,2,3 }, $number IS NULL. If I don't use session_register("number"), $number IS NOT NUL

[PHP] http webmail problems.

On some webmail programs, when I send them an email from php, they appear as being "blank" emails. Here's the code I am using: $headers .= "From: \"$WEBSITE_name\" <$ADMIN_email>\n"; $headers .= "X-Sender: <$ADMIN_email>\n"; $headers .= "X-Mailer: $WEBSITE_name Mailer\n"; // mailer $heade

Re: [PHP] fsockopen to spit out the HTTP's Location...

--- Scott Fletcher <[EMAIL PROTECTED]> wrote: > Application --> Web Browser/Web Server > Presentation --> HTTP/HTTPS/SSL and language (HTML/JavaScript, etc). > Session --> Browser-Server connection, etc. > Transport --> Port 80/Port 443, packet transfer control, etc. > Network --> IP Address/Intern

Re: [PHP] fsockopen to spit out the HTTP's Location...

> Why not delete that part of the 3rd party code then? Or send your Location > header before you call it? Curl won't help you here, for the same reasons > that fsockopen won't work. Not sure about deleting the part of the 3rd party code though, I had thought about it alot and I had been itching for

Re: [PHP] fsockopen to spit out the HTTP's Location...

> > Sigh! Well, I guess all web browsers suck at it by the way! > Suck at what exactly? Not suck at receiving the HTTP commands from the webserver but suck at not receiving the HTTP commands from the PHP. :-) I understand how the browser/webserver communication work so no wonder why it doesn't w

RE: [PHP] SQL Injection check (mysql)

PG A RARE case, in the world of web applications??? Hardly! PG PG I agree that in an optimal situation queries will not be based on PG user input, but in the world of the web this is a pipe dream. In PG 99.99% of the cases there will be some dynamic element to a query. PG The only safeguard

RE: [PHP] SQL Injection check (mysql)

--- Michael Rasmussen <[EMAIL PROTECTED]> wrote: > I think you have misunderstod the concepts of making queries based > on user input. It is not the users who should create the query, all > to should do is provide the input to narrow down the queries. To be honest, I think Pablo understands the co

RE: [PHP] SQL Injection check (mysql)

On Tue, 23 Mar 2004 09:27:29 -0800, Chris Shiflett wrote: > > This argument still makes no sense to me. Originally, you stated that a > better option to filtering and escaping data was to use a prepared > statement. Some of us have decided that you are referring to stored > procedures. > > You s

RE: [PHP] SQL Injection check (mysql)

On Tue, 23 Mar 2004 08:25:32 -0800, Pablo Gosse wrote: > > A RARE case, in the world of web applications??? Hardly! > > I agree that in an optimal situation queries will not be based on user > input, but in the world of the web this is a pipe dream. In 99.99% of the > cases there will be so

[PHP] Re: Domain & Sub-domain Handling with PHP

Galen wrote: Hi, I've done loads and loads with PHP and MySQL and stuff like that... but never had to really deal with actually creating new domains and subdomains with PHP. Especially with subdomains, I've seen lots of sites create subdomains automatically. What is the "best" technique for d

Re: [PHP] Clearing Post Data with IE

> Is there a way to get it so that i can clear _post and get it so they arent > in the header?? After you've finished all of the processing, just do: header( 'location: ' . $_SERVER['PHP_SELF'] ); exit(); Chris -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www

[PHP] Oracle 8i -- execution stops

When I make a complex query to a table with 500,000 rows via PHP, my web browser thinks for a minute and then stops the execution of the script with no error messages at all. I have set the max_execution_time to 400 and called error_reporting(E_ALL) with the same results. I'm using PHP 4.3.1 an

Re: [PHP] fsockopen to spit out the HTTP's Location...

--- Scott Fletcher <[EMAIL PROTECTED]> wrote: > Sigh! Well, I guess all web browsers suck at it by the way! Suck at what exactly? > Michal Migurski from other posting had explained that fsockopen() > do the TCP stuff or the Transport Layer. So, no wonder fsockopen() > can't get to the Network la

Re: [PHP] fsockopen to spit out the HTTP's Location...

>And finally, for those of you who are dying to know the answer to why I >can't use the header(). It's the 3rd party coding that contain the code, > >--snip-- >if(headers_sent()) >$this->Error(' '); >--snip-- Why not delete that part of the 3rd party code then? Or send your Location head

Re: [PHP] Re: RE:[PHP] login scripts not secure?? help!

Scott Fletcher wrote: Um, you would be able to jump out of the admin area (logged in area) to public/free area and back to the admin area (logged in area) only if either one of these two, not necessnary both is maintained on every webpage of that website, 1) session_start() or 2) session_id via lin

[PHP] Domain & Sub-domain Handling with PHP

Hi, I've done loads and loads with PHP and MySQL and stuff like that... but never had to really deal with actually creating new domains and subdomains with PHP. Especially with subdomains, I've seen lots of sites create subdomains automatically. What is the "best" technique for doing all this

Re: [PHP] fsockopen to spit out the HTTP's Location...

See the reply to the Chris Shiflett's reply... "Michal Migurski" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > >In plain english, can't use the header("Location: "), so have to use > >the fsockopen() instead. Just that header() is not allowed, don't ask me > >why. Just couldn'

[PHP] Re: replacing chars in input

David T-G wrote: Hi, all -- I would like to make things easier for my users and replace all of the garbage characters `'";:[EMAIL PROTECTED]&*()[]{}<>/?\|+= plus white space (\s) with underscores in the input. I am, however, having trouble getting my regexp to work. I can comfortably do $i

Re: [PHP] fsockopen to spit out the HTTP's Location...

Boy! Everyone here is itching for an answer!!! :-) Sigh! Well, I guess all web browsers suck at it by the way!! Michal Migurski from other posting had explained that fsockopen() do the TCP stuff or the Transport Layer. So, no wonder fsockopen() can't get to the Network layer, like the IP Addr

Re: [PHP] session_register vs. $_SESSION superglobal

Kim L. Laage wrote: (This msg. may arrive twice, with two different senders, I've had a little trouble with the news server) Hi, thanks for your reply. first $_SESSION works like this: session_start(); $_session[user]=$_POST[user];//if using register_globals=off $_SESSION[user]=$user;//if regis

[PHP] Re: session.bug_compat_42

James E Hicks III wrote: What does the code look like that is causing this error? I know I can turn the error off but how do I fix the code that is causing it? Warning: Unknown(): Your script possibly relies on a session side-effect which existed until PHP 4.2.3. Please be advised that the sess

Re: [PHP] Re: RE:[PHP] login scripts not secure?? help!

Um, you would be able to jump out of the admin area (logged in area) to public/free area and back to the admin area (logged in area) only if either one of these two, not necessnary both is maintained on every webpage of that website, 1) session_start() or 2) session_id via links/form. But if the p

Re: [PHP] fsockopen to spit out the HTTP's Location...

--- Scott Fletcher <[EMAIL PROTECTED]> wrote: > In plain english, can't use the header("Location: "), so have to > use the fsockopen() instead. Just that header() is not allowed, don't > ask me why. I'm asking anyway. :-) You cannot (thank goodness) connect to a remote client with fsockopen()

RE: [PHP] SQL Injection check (mysql)

--- Michael Rasmussen <[EMAIL PROTECTED]> wrote: > The idea is exactly not to do any queries dynamically generated based > on user input! This argument still makes no sense to me. Originally, you stated that a better option to filtering and escaping data was to use a prepared statement. Some of us

[PHP] Re: RE:[PHP] login scripts not secure?? help!

[snip] Then do what I did, the script below is only an example.. --snip-- [/snip] will test it and play with it a little but will it let the admin go from a login required part of the site to a public/free access part of the site i.e. jump out of the session without losing any currently open ses

Re: [PHP] login scripts not secure?? help!

--- Andy B <[EMAIL PROTECTED]> wrote: > i run into the deal where most login scripts check to see if > $_SESSION[username] or a $_SESSION var has been set or is valid. > i noticed this could be a very bad thing because there is nothing > stopping an outside link from doing something like: > href="

RE: [PHP] receiving ndr for each email sent to list

Jay Blanchard on Tuesday, March 23, 2004 5:27 AM said: > [snip] > (no theories please. unless it's correct. in which case it's ok. :) > [/snip] > > ROFLMFAO! If it is correct then it is no longer theory! Sorry Chris, > maybe I should go lay down. exactly! that's wh

Re: [PHP] session.bug_compat_42

This has nothing to do with the browser. Instead of using session_register("last_time") and setting $last_time, do this: $_SESSION['last_time'] = time(); It's shorter and it will make the warning go away. -Rasmus On Tue, 23 Mar 2004, James E Hicks III wrote: > What does the code look like

Re: [PHP] replacing chars in input

>I want to end up with > > A-Za-z0-9_- > >(letters, numbers, underscore and dash). > >If there isn't a handy character class waiting for me, what must I do to >get those chars replaced? $out = preg_replace('/\W+/', '', $in); ---

Re: [PHP] fsockopen to spit out the HTTP's Location...

>In plain english, can't use the header("Location: "), so have to use >the fsockopen() instead. Just that header() is not allowed, don't ask me >why. Just couldn't get the browser perform the HTTP LOCATION event. >--snip-- >$host = "192.168.0.2"; >$port = 443; >$url_str = "ssl://www.whatever.c

[PHP] Re: RE:[PHP] session_register vs. $_SESSION superglobal

(This msg. may arrive twice, with two different senders, I've had a little trouble with the news server) Hi, thanks for your reply. > first $_SESSION works like this: > > session_start(); > $_session[user]=$_POST[user];//if using register_globals=off > $_SESSION[user]=$user;//if register_globals=

[PHP] replacing chars in input

Hi, all -- I would like to make things easier for my users and replace all of the garbage characters `'";:[EMAIL PROTECTED]&*()[]{}<>/?\|+= plus white space (\s) with underscores in the input. I am, however, having trouble getting my regexp to work. I can comfortably do $i = preg_replace(

RE: [PHP] SQL Injection check (mysql)

> The idea is exactly not to do any queries dynamically generated based > on user input! In the rare cases where this is needed you should not > allow any unparsed input. A RARE case, in the world of web applications??? Hardly! I agree that in an optimal situation queries will not be base

Re: [PHP] Re: RE:[PHP] login scripts not secure?? help!

Here's what I do, maybe this will help to give you an idea... --snip-- --snip-- "Andy B" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > [snip] > You can use the HTTP Authentication instead for username and password. > [/snip] > > no i cant this time because the people want the lo

Re: [PHP] Re: RE:[PHP] login scripts not secure?? help!

Then do what I did, the script below is only an example.. --snip-- page1 --snip-- That way, no one see the hidden code in html stuff like or for example. Hope that will give you an idea... :-) FletchSOD "Andy B" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > [snip] > You ca

[PHP] Re: RE:[PHP] session_register vs. $_SESSION superglobal

> $_session[user]=$_POST[user];//if using register_globals=off Actually, $_SESSION with a capital letters does work... -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] RE:[PHP] session_register vs. $_SESSION superglobal

[snip] session_start(); $_SESSION = "user"; $_SESSION = "pass"; This doesn't work of course, but as I said I'm unsure of how the $_SESSION superglobal is used, and the info I've found about it didn't shed much light... I hope I'm just tired today 8-) Another semi-related question is, is it common

[PHP] session_register vs. $_SESSION superglobal

Hi, Newbie warning - this may be extremely simple. I've been given a bit of code to get to work on our test machines, but at the moment I'm drawing a blank. As far as I can tell the problem lies in the dev. using a server environment with "register_globals = On", while we use the default setting

Re: [PHP] PHPSESSID in passthru

Guillouet Nicolas wrote: Hi, I discover a surprising thing with PHPSESSID, I try something like this : $var="htmldoc -t html --quiet '' 'https://login:[EMAIL PROTECTED]/file.php?documentIdent=157&typeAffiche=3&PHPSESSID=068dd351a106bb6ead80e11a27f75100'"; echo 'var='.$var; passthru($var); passt

[PHP] Re: RE:[PHP] login scripts not secure?? help!

[snip] You can use the HTTP Authentication instead for username and password. [/snip] no i cant this time because the people want the login form to follow their color setup and stuff and with www-authenticate: box you cant do that...so for this project its out of the question... -- PHP General M

Re: [PHP] Bogus headers returned by firewalls

Pablo Gosse a écrit : munging up the HTTP_REFERER for a page? In HTTP, "Referer" is an OPTIONAL field in the HTTP/1.1 spec (see rfc 2616). I saw many strange referers (like 'Empty', 'bookmarks' 'XXX++', 'Removed by YYY', etc) sent or modified by security assistants, browsers, spiders... You can thr

Re: [PHP] Constants

Thanks, will do. "Red Wingate" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] Give this a read: http://marc.theaimsgroup.com/?l=php-dev&m=107936530102181&w=2 Am Dienstag, 23. März 2004 15:16 schrieb Red Wingate: > IIRC it was changed to > self::CONST_NAME recently > > interface Se

[PHP] Re: RE:[PHP] login scripts not secure?? help!

You can use the HTTP Authentication instead for username and password. "Andy B" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > [snip] > There is no way to inject any kind of data to the super-global Arrays at all > [snip] > > duhhh...how come i didnt think of that... well..guess its

Re: [PHP] fsockopen to spit out the HTTP's Location...

In plain english, can't use the header("Location: "), so have to use the fsockopen() instead. Just that header() is not allowed, don't ask me why. Just couldn't get the browser perform the HTTP LOCATION event. It does work when using fsockopen() for HTTP POST or GET as stated in the http://us

Re: [PHP] fsockopen to spit out the HTTP's Location...

In plain english, can't use the header("Location: "), so have to use the fsockopen() instead. Just that header() is not allowed, don't ask me why. Just couldn't get the browser perform the HTTP LOCATION event. It does work when using fsockopen() for HTTP POST or GET as stated in the http://us

Re: [PHP] Constants

Give this a read: http://marc.theaimsgroup.com/?l=php-dev&m=107936530102181&w=2 Am Dienstag, 23. März 2004 15:16 schrieb Red Wingate: > IIRC it was changed to > self::CONST_NAME recently > > interface Settings { >const UNAME = "somename"; >const PWORD = "password"; >const SERVER = "

Re: [PHP] Constants

IIRC it was changed to self::CONST_NAME recently interface Settings { const UNAME = "somename"; const PWORD = "password"; const SERVER = "localhost"; } class Conn implements Settings { public function __construct(){ $dbConn = mysql_connect(self::SERVER, self::UNAME, self

Re: [PHP] Constants

If you define constants with in a interface and then implement that interface it does not work on 5RC1 This should work, but it displays the constant name rather than value it references interface Settings { const UNAME = "somename"; const PWORD = "password"; const SERVER = "localhost";

[PHP] RE:[PHP] login scripts not secure?? help!

[snip] There is no way to inject any kind of data to the super-global Arrays at all [snip] duhhh...how come i didnt think of that... well..guess its long nights without coffee.. tnx... -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] session.bug_compat_42

What does the code look like that is causing this error? I know I can turn the error off but how do I fix the code that is causing it? Warning: Unknown(): Your script possibly relies on a session side-effect which existed until PHP 4.2.3. Please be advised that the session extension does not co

[PHP] Re: Constants

You can keep constant variables in an interface, because thay are static and do not change. Trust me, it is a bug. "Gerben" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > this is probably because Foo is an interface instead of a class. interfaces > can't contain any data as far as I

Re: [PHP] login scripts not secure?? help!

hi, securepage.php?_SESSION[username]=admin&_SESSION[pwd]=password would not register 'username' and 'pwd' to the $_SESSION array but to the $_GET and $_REQUEST-Array like: $_GET['_SESSION']['username'] => 'admin' There is no way to inject any kind of data to the super-global Arrays at all

Re: [PHP] login scripts not secure?? help!

go to secure page Turn off register globals. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: login scripts not secure?? help!

try using $HTTP_SESSION_VARS[] by the way. if hacks can find out the user-pass combination they can just use the normal way of logging in ;-) "Andy B" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] hi in an attempt to create a login system for site administrators on a website i come

[PHP] Re: php and email

try using ' instead of " "Steven Mac Intye" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > Hi all, > > Im wondering if anyone can help me with this "problem" > > I have a form with the following line of code; > > $message .= " href=\"http://127.0.0.1/devsite/activate.php?member=$r

[PHP] Re: Constants

this is probably because Foo is an interface instead of a class. interfaces can't contain any data as far as I know. "Jakes" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > The bug server looks like its down, so I will just post the bug here, and > hopefully someone > will spot it >

[PHP] login scripts not secure?? help!

hi in an attempt to create a login system for site administrators on a website i come into the following problem that bothers me because i cant find any way to fix it. problem: most login scripts/systems i look at for examples on how to make a login section from sessions (allow the administrato

  1   2   >