Richard Lynch wrote:
Why risk the possibility of your code being exposed or executed out of
context when it's so *EASY* to move the include files and set
include_path?
I just don't understand the resistance to such a simple straight-forward
elegant security measure.
For 5 minutes of time, you c
Ryan A wrote:
I noticed a site that is using php, but he is has shortened
the url so that the filename was not shown..
eg:
somesite.com/?a=1
How did they do that?
It's called a directory index. Examples include index.html and
index.php. You configure this with the DirectoryIndex directive in
Hey,
On 6/2/2005 5:17:47 AM, Richard Lynch ([EMAIL PROTECTED]) wrote:
> URL re-writing can do that -- It ends up using his 'index' file (or
> whatever) but you don't see it in the URL.
Thanks for replying.
But if I want to copy his exact way of doing things...instead of index file
I would like t
you can do that with just an index.php file.
say you have a directory called 'foo' with an index.php you can do
something like this:
if($_GET['a'] == 1)
{
echo 'blah';
}
mysite.com/foo/index.php?a=1
would be the same as:
mysite.com/foo/?a=1
Ryan A wrote:
Hey,
I noticed a site that is us
URL re-writing can do that -- It ends up using his 'index' file (or
whatever) but you don't see it in the URL.
On Wed, June 1, 2005 7:25 pm, Ryan A said:
> Hey,
> I noticed a site that is using php, but he is has shortened the url so
> that
> the filename was not shown..
> eg:
> somesite.com/?a=
On Wed, June 1, 2005 3:17 pm, Richard Davey said:
> Wednesday, June 1, 2005, 10:16:50 PM, you wrote:
>
> RL> For example, I simply can't validate with a 100% height table, but
> RL> that's the only way to get the layout I want on both ancient and
> RL> current browsers.
>
> I think you need to defi
One suggestion:
Allow the moderator to pre-approve specific logins/users/handles for a
session or if they login, forever.
So after Joe User proves him/her self as a worthy chat-ter, their posts go
through un-moderated.
On Wed, June 1, 2005 5:21 pm, Dan Rossi said:
> I've been given the bombe
Richard Davey wrote:
Hello Mark,
Monday, May 30, 2005, 4:18:20 PM, you wrote:
MS> I have my settings in php.ini set for UTF-8, and the encoding for
MS> the mysql database table's column that is using Japanese to UTF-8.
MS> Now, if I view the data stored in that column in phpmyadmin, via
MS> sa
On Wed, June 1, 2005 1:29 am, Denis Gerasimov said:
> Second, which way are you differ PHP .inc files from HTML .inc files?
There is no such thing as an HTML .inc file. :-)
All your HTML .inc files, by definition, if they are being require'd or
include'd into PHP *are* PHP .inc files.
It is mere
Hey,
I noticed a site that is using php, but he is has shortened the url so that
the filename was not shown..
eg:
somesite.com/?a=1
How did they do that? if it was url rewriting it would be somesite.com/1/ so
what is he using?
Thanks,
Ryan
--
No virus found in this outgoing message.
Checked b
On Wed, June 1, 2005 3:53 am, Marcus Bointon said:
> On 1 Jun 2005, at 11:38, Jochem Maas wrote:
>
>> all true, now imagine that you install a couple of 3rdparty php5
>> 'packages'
>> and they all define __autoload() - ain't gonna work! which is why
>> there has been
>> discussion on internals rega
--with-mysql is supposed to be the directory in which configure can find
the mysql header (.h) files and the mysql library (mysql.so) underneath
that directory.
/usr/bin/mysql_config is a program -- a "binary" if you will
It's incredibly unlikely that your MySQL header files and the mysql.so
libr
Here is a function I use to write data to a file (It is similar to PHP 5's
file_put_contents but works for those who don't have a PHP 5 installation:)
function file_put_contents($filename, $data, $file_append = false) {
$fp = fopen($filename, (!$file_append ? 'w+' : 'a+'));
if(!$fp) {
trig
On Wed, June 1, 2005 6:41 am, mayo said:
> I need to write to file. After getting a customer's order I'm sending a
> file to a distribution company. The company wants all the information in
> a preset format which they will then parse.
>
> The problem comes when I try to put in multiple orders. In
Marek Kilimajer wrote:
...helmut wrote:
What does
$this variable -> $this other variable
Means?
I have seen it and i have "used" but I am not sure what exactly it
means in regular English or Spanish wording that is.
read about variable variables
While variable variables are useful, and
On Wed, June 1, 2005 12:43 pm, ...helmut said:
> $this variable -> $this other variable
>
> Means?
>
> I have seen it and i have "used" but I am not sure what exactly it means
> in
> regular English or Spanish wording that is.
In Computer Science it is known as:
slot
property
member variable
depe
Hello Mark,
Monday, May 30, 2005, 4:18:20 PM, you wrote:
MS> I have my settings in php.ini set for UTF-8, and the encoding for
MS> the mysql database table's column that is using Japanese to UTF-8.
MS> Now, if I view the data stored in that column in phpmyadmin, via
MS> say, firefox, it displays
Jay,
Thanks. Sth new learned :) Thought mine was working. It wasn't I guess.
I received no errors. I have other scripts to revise :)
if("" = $mydata->foo) // an error is thrown. If I come back in and
finish the comparison operator (which I needed to know was broken) it
fixes the conditional st
Richard Davey wrote:
Hello Marek,
Wednesday, June 1, 2005, 9:48:36 PM, you wrote:
What does
$this variable -> $this other variable
Means?
MK> read about variable variables
Wouldn't that be $$variable? :)
It looks like an object method request to me.
I thought this was covered in that
I've been given the bombed task of coming up with a pre-moderated
threaded chat solution. I had implemented a moderated flash chat
however with 100 users all making bulky comments to the chat guests, it
became unbearable for the moderator to check them all off in time to
make them cohesive to
Net Mechanic
free for up to 5 pages
spellchecker
browser check
image check
link check
load time calculations
I've used it for many years.
http://www.netmechanic.com/toolbox/html-code.htm
Mark Cain
- Original Message -
From: "Richard Lynch" <[EMAIL PROTECTED]>
To:
Sent: Wednesday, June
I'm trying to write the results of a mysql_fetch_array db query to a
file and am unable to.
I'm putting the results into a variable $fileContent and then using
fwrite().
I would have liked to do something like:
$filecontent =
.
$result = mysql_query( "
SELECT orderedItems
Hello Marek,
Wednesday, June 1, 2005, 9:48:36 PM, you wrote:
>> What does
>> $this variable -> $this other variable
>> Means?
MK> read about variable variables
Wouldn't that be $$variable? :)
It looks like an object method request to me.
Best regards,
Richard Davey
--
http://www.launchcode
Hello Richard,
Wednesday, June 1, 2005, 10:16:50 PM, you wrote:
RL> For example, I simply can't validate with a 100% height table, but
RL> that's the only way to get the layout I want on both ancient and
RL> current browsers.
I think you need to define, quite clearly, what you regard as an
"anci
On 5/31/05, Leif Gregory <[EMAIL PROTECTED]> wrote:
> FCKEditor http://www.fckeditor.net/
>
> It rocks.
>
i'm currently working on a content management system designed for
less-than-computer-saavy users that utilized fckeditor to create/edit
content. i found it pretty easy to integrate (their
This is OT in that it's more about HTML than PHP, but solutions involving
PHP would be particularly welcome.
After playing with the W3C validator again for an hour or so...
The thing is, I really want to be backwards compatible with ancient
browsers. Like, REALLY ancient.
Like, say, going back
George Pitcher wrote:
I never managed to get this working with IIS. I could with Apache (win)
though, after making sure that Apache was logged in as the administrator.
George
Thus proving that this is a permissions issue, not a PHP issue!
Mikey
--
PHP General Mailing List (http://www.php.n
...helmut wrote:
What does
$this variable -> $this other variable
Means?
I have seen it and i have "used" but I am not sure what exactly it means in
regular English or Spanish wording that is.
read about variable variables
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, v
On Wednesday 01 June 2005 22:33, you wrote:
>
> >elseif(count($_POST)>0)
> > foreach($_POST as $key=>$value)
> > if( ($key!=='login') && ($key!=='name') && ($key!=='pass') )
> > $hiddens.=<<<_hid_
> > \n\t
> > _hid_;
>
> But what happened here? Why do you assume POST data is saf
Andy Pieters wrote:
> $valid=array('from','authorize','order');
>#copy GET to POST
>if(count($_GET)>0)
>{foreach($_GET as $key=>$value)
> if(in_array($key,$valid))
> {$key=htmlspecialchars($key);
> $value=htmlspecialchars($value);
> $hiddens.=<<<___hid
> \n\t
* janbro <[EMAIL PROTECTED]> :
> Okay, I see there is a workaround but nothing realy satisfying, but I'm
> not hoing to complain, I'm hapy to have oo in PHP at all. I never worked
> with __autoload so far, but I will give it a try and check it out
The best way to use autoload is with the auto_prep
I never managed to get this working with IIS. I could with Apache (win)
though, after making sure that Apache was logged in as the administrator.
George
> -Original Message-
> From: Mikey [mailto:[EMAIL PROTECTED]
> Sent: 1 June 2005 7:54 pm
> To: php
> Subject: Re: [PHP] Copy to network
Thanks Kristen and TG!! Worked like a charm
Kristen G. Thorson wrote:
Jack Jackson wrote:
Hi, all,
This might look like a mysql problem but I assure you it's my botching
the PHP which is the problem!
I'm building a part of a page with info from three tables: art, media
and media_art. Med
What does
$this variable -> $this other variable
Means?
I have seen it and i have "used" but I am not sure what exactly it means in
regular English or Spanish wording that is.
TAI
--
...helmut
helmutgranda.com
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http
[snip]
if(
($mydata->address != "")
and
($mydata->addresspublic == "yes")
)
{
}
But in other combinations, they work?
if($mydata->address != ""){}
or
if($mydata->addresspublic == "yes"){}
So what new lesson am I to learn now? :)
[/snip]
Always put the value first in case you accidentally try a
> Is there any way I can copy an element from one DOM document to another
> without having to dissect the original node/element and create a new
> node/element from scratch using the new DOM document and append to it?
Never mind. Apparently I can use clone_node(). When I tried that before
I was
Ahh.. an easy one. Unless I'm mistaken (and it does happen more often than I'd
like.. hah :) then you might want to ommit the first:
$media = mysql_fetch_assoc($media_result);
That's reading data into $media and then it happens again at the start of your
while loop which is why you're only ge
Jack Jackson wrote:
Hi, all,
This might look like a mysql problem but I assure you it's my botching
the PHP which is the problem!
I'm building a part of a page with info from three tables: art, media
and media_art. Media_art is the intersection table. For every entry in
art there can be one
Jeff McKeon wrote:
That won't work. I don't want the users mapping a drive on their local
machine. I tried mapping it on the server running the IIS and doing as
you suggest, but it doesn't work.
Jeff
Have you made sure that the IUSR account that IIS is running has has got
the right permi
Consider the following test script:
$doc = domxml_new_doc( '1.0' );
$domNode = $doc->create_element( 'Node' );
$node = $doc->create_element( 'NodeChild' );
$textNode = $doc->create_text_node( 'this' );
$node->append_child( $textNode );
$domNode->append_child( $node );
$doc->
Alright thanks, I see there is a workaround to cope with that. I've
never worked with __autoload, but will sure give it a look. I don't
realy feel this satisfying, but hey I'm thankful to have oo at all.
janbro
Marcus Bointon schrieb:
> On 1 Jun 2005, at 09:01, janbro wrote:
>
>> require (Class2
> This should be easy, but refuses to work:
> if(
> ($mydata->address != "")
> and
> ($mydata->addresspublic == "yes")
> )
> {
> }
Are you getting any errors? If so, what are they? Also, shouldn't
the code look like this:
if(
($mydata->address != "")
&&
($mydata->addresspublic == "yes")
)
{
}
John Taylor-Johnston wrote:
This should be easy, but refuses to work:
if(
($mydata->address != "")
and
($mydata->addresspublic == "yes")
)
{
}
But in other combinations, they work?
if($mydata->address != ""){}
or
if($mydata->addresspublic == "yes"){}
So what new lesson am I to learn now? :)
Okay, I see there is a workaround but nothing realy satisfying, but I'm
not hoing to complain, I'm hapy to have oo in PHP at all. I never worked
with __autoload so far, but I will give it a try and check it out
thx
janbro
Marcus Bointon schrieb:
> On 1 Jun 2005, at 09:01, janbro wrote:
>
>> requi
Consider the following test code:
$doc = domxml_new_doc( '1.0' );
$baseDocument = domxml_new_doc( '1.0' );
$domNode = $doc->create_element( 'Node' );
$node = $doc->create_element( 'NodeChild' );
$textNode = $doc->create_text_node( 'this' );
$node->append_child( $textNode );
Hi, all,
This might look like a mysql problem but I assure you it's my botching
the PHP which is the problem!
I'm building a part of a page with info from three tables: art, media
and media_art. Media_art is the intersection table. For every entry in
art there can be one or more entries in me
This should be easy, but refuses to work:
if(
($mydata->address != "")
and
($mydata->addresspublic == "yes")
)
{
}
But in other combinations, they work?
if($mydata->address != ""){}
or
if($mydata->addresspublic == "yes"){}
So what new lesson am I to learn now? :)
John
--
John Taylor-Johnsto
On May 31, 2005, at 1:48 PM, Michael O'Neal wrote:
Thanks John. That's one of the reasons I haven't gone that route. The
whole operation seemed cheesy to me.
I appreciate the feedback though.
On Tue, 31 May 2005, Michael O'Neal wrote:
Anyone else? I have a hard time believing it's not ou
That won't work. I don't want the users mapping a drive on their local
machine. I tried mapping it on the server running the IIS and doing as
you suggest, but it doesn't work.
Jeff
> -Original Message-
> From: Clive Zagno [mailto:[EMAIL PROTECTED]
> Sent: Wednesday, June 01, 2005 10:04
its on my local machine, in your case it will your w2k box.
clive
Jeff McKeon wrote:
Is that drive mapped on your local machine or on the web server?
Jeff
-Original Message-
From: Clive Zagno [mailto:[EMAIL PROTECTED]
Sent: Wednesday, June 01, 2005 8:31 PM
To: Jeff McKeon; php
Sub
Is that drive mapped on your local machine or on the web server?
Jeff
> -Original Message-
> From: Clive Zagno [mailto:[EMAIL PROTECTED]
> Sent: Wednesday, June 01, 2005 8:31 PM
> To: Jeff McKeon; php
> Subject: Re: [PHP] Copy to network share
>
>
> sorry I ment to send to email to the
All,
The syntax is correct... It's not a quotes problem. I have the path in
quotes in my actual code.
Jeffrey S. McKeon
Manager of Information Technology
Telaurus Communications LLC
[EMAIL PROTECTED]
+1 (973) 889-8990 ex 209
> -Original Message-
> From: Andy Pieters [mailto:[EMAIL PROT
sorry I ment to send to email to the list
I tried the code bellow on my windows machine. I have a mapped network
drive on my windows machine (i: drive) that links to a samba share (my
htdocs directory on my linux dev machine). It worked fine.
echo getcwd();
chdir('i:');
echo "";
echo getcwd()
Hey thanks for all the replies...
the finger print scanner is actually alot more convient than anything
else for $38 it's became pretty addictive... now i don't have to
type all those long server passwords anymore.. LOL... i am way too
lazy!!!
I actually bought this thing to integrate a quick
Leif Gregory wrote:
Hello Martin,
Sunday, May 29, 2005, 9:24:00 PM, you wrote:
M> I saw files like "file.inc.php" and "file.inc"
M> What is the *.inc suffix good for ?
It's good for a lot of trouble if the webserver hasn't been set up to
parse .inc files as PHP. If it hasn't then someone can re
I need to write to file. After getting a customer's order I'm sending a
file to a distribution company. The company wants all the information in
a preset format which they will then parse.
The problem comes when I try to put in multiple orders. In other words
how does one use
while($row = mysql_f
Sorry I didnt know the post delay is that LONG...
On 5/31/05, Jason Barnett <[EMAIL PROTECTED]> wrote:
>
> Martin Zvarik wrote:
> > Hi,
> > I saw files like "file.inc.php" and "file.inc"
> >
> > What is the *.inc suffix good for ?
> >
> > Thank you for replies.
> >
> > Martin
>
> STOP SPAMMIN
> trying to build php4 with mysql4.1-12, for use in apache2. i have the
> following "./compile" that works for php5. however, when i try to use it for
> php4, i get a msg, stating that it can't find the MySQL Headers...
>From http://us3.php.net/manual/en/ref.mysql.php:
===
For compiling, simply
On Wednesday 01 June 2005 14:42, Jeff McKeon wrote:
>
> $dirhandle = opendir(server\\share);
> Readdir($dirhandle);
>
> Chdir(server//share);
>
> Chdir(server\\share);
>
> Warning: chdir(): No such file or directory (errno 2)
>
> Is what I'm trying to do possible and if so, how?
You s
> -Original Message-
> From: Amir Mohammad Saied [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, May 31, 2005 10:34 PM
> To: php-general@lists.php.net
> Subject: [PHP] Re: php forum and (almost certainly 0T) client editor
>
> For your 2nd question, try kupu
> http://kupu.oscom.org/
> It really
I've got PHP 4.3 running on a Win2k IIS 5.0 web server. I need to
upload a file and then copy it to a samba share (share level security)
on a linux box across the network.
I can
$dirhandle = opendir(server\\share);
Readdir($dirhandle);
With no problem but I can't changed to the that dir to
> -Original Message-
> From: Joe Harman [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, May 31, 2005 8:24 PM
> actually what I need to have it do is just fill in the user's name and
> password... security is not high on the priority list... the only
> thing that the fingerprint reader is going
On 31/05/05, W Luke <[EMAIL PROTECTED]> wrote:
> On 31/05/05, Murray @ PlanetThoughtful <[EMAIL PROTECTED]> wrote:
> > > > >
> > > function replace($string){
> > > preg_match("/^<\^([a-zA-Z]+?)_([a-zA-Z]+?)>/", $string, $matcharr);
> > > $string = str_replace($matcharr[0], $matcharr[1]
hi...
trying to build php4 with mysql4.1-12, for use in apache2. i have the
following "./compile" that works for php5. however, when i try to use it for
php4, i get a msg, stating that it can't find the MySQL Headers...
can anybody provide any pointers as far as what the Headers are for mysql,
an
On 1 Jun 2005, at 11:38, Jochem Maas wrote:
all true, now imagine that you install a couple of 3rdparty php5
'packages'
and they all define __autoload() - ain't gonna work! which is why
there has been
discussion on internals regarding the possibility of use a handler-
function stack
for auto
Hi!
I assume many of you are running PHP under Apache.
I just installed Apache 2.0 on Windows XP. To keep it simple, what changes to
I have to make to the configuration file? I keep the .php fles in the D:/
drive (a CD-RW drive). Are there any other changes I need to make?
Tony
Denis Gerasimov wrote:
Order allow,deny
Deny from all
Without this rule people would be able to access the .inc file directly
and since PHP won't parse it, the raw source code would be visible which
could be a security problem. If you prevent this simply by putting .php
onto th
eoghan wrote:
maybe have a look at extends
class Class1 extends Class2 {...
he will still have to make sure that Class2
is loaded. besides wrapping 1 object inside another is perfectly
acceptable, if my GOF terminology serves me well then this
is usually termed a Delegation pattern (not th
Marcus Bointon wrote:
On 1 Jun 2005, at 09:01, janbro wrote:
require (Class2.php);
I bet you didn't cut'n'paste that from a working file :-)
class Class1{
private function ... {
$refClass2 = new Class2;
}
}
Now my question, is it possible to skip that require/ include part?
Hi all
I just got the ok from the client pertaining the disclosure of parts of the
code.
Basically I made admin and a user must be loged in in order to access any file
in that directory. (except index.php)
Here is the file index.php
LogedIn())
{$dest=PAGE_LOGIN_SUCCESS;
$dest=getShopDest
maybe have a look at extends
class Class1 extends Class2 {...
janbro wrote:
Hi List,
I'm using the oo orientation of PHP5 for a while now. All Classes I've
got have a require on top them, if I try to reference to other classes.
something like
require (Class2.php);
class Class1{
pr
>
>
>
> Order allow,deny
> Deny from all
>
>
> Without this rule people would be able to access the .inc file directly
> and since PHP won't parse it, the raw source code would be visible which
> could be a security problem. If you prevent this simply by putting .php
> onto
Hello janbro,
Wednesday, June 1, 2005, 9:01:57 AM, you wrote:
j> Now my question, is it possible to skip that require/ include part?
j> In Java you don't need that, as class and file names are identical.
Personally I'd __autoload them, but this might not be ideal for your
file structure. Worth a
On 1 Jun 2005, at 09:01, janbro wrote:
require (Class2.php);
class Class1{
private function ... {
$refClass2 = new Class2;
}
}
Now my question, is it possible to skip that require/ include part? In
Java you don't need that, as class and file names are identical.
PHP doesn't ha
> -Original Message-
> From: Bostjan Skufca @ domenca.si [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, May 31, 2005 6:57 PM
> > > is it possible to mount CVS/SVN repository as filesystem?
> >
> > a. why would you want to? (the whole idea is that you _dont_ edit
files
> > directly in the repo
moving outside the webtree is the best option, where practical.
Calling the files whatever.inc.php allows you to disallow access to
.inc.php files via the apache config file.
On 6/1/05, Richard Lynch <[EMAIL PROTECTED]> wrote:
> On Tue, May 31, 2005 10:55 am, Leif Gregory said:
> > Hello Martin,
>
On 1 Jun 2005, at 06:22, Richard Lynch wrote:
You've got files that people can get executed *COMPLETELY* out of
context,
that *NOBODY* even though about being executed out of context, much
less
*TESTED* in any kind of QA process!
I can surf to http://example.com/admin.inc and who knows what
Hi List,
I'm using the oo orientation of PHP5 for a while now. All Classes I've
got have a require on top them, if I try to reference to other classes.
something like
require (Class2.php);
class Class1{
private function ... {
$refClass2 = new Class2;
}
}
Now my qu
http://php.net/sprintf
On Thu, May 26, 2005 8:35 pm, mayo said:
> I need to be able to format data.
>
> Printf() is perfect because I need a certain amount of characters (30
> for address).
>
> However I need this formatted data to be inside a file that's fwrite()
> and then FTPed to a distribut
On Wed, May 25, 2005 3:01 pm, Jack Jackson said:
> Hi, dumb config issue.
>
>
> I'm putting a php_value include_path statement in an .htaccess file
>
>php_value include_path
> ".:/home/user/public_html/dis/admin/:/home/nick/"
>php_value auto_prepend_file
> /home/user/public_html/dis/admin
fopen() most likely is not sending the same kinds of headers that an HTTP
connection would send, which is what you are really checking in httpd.conf
(Which might not be all that secure, come to think of it...)
Anyway, you should dump out the data you test in the restricted page, and
surf to it,
On Tue, 2005-05-31 at 22:08 -0700, Richard Lynch wrote:
> On Tue, May 31, 2005 8:48 pm, Danny Brow said:
> > Could someone point me to an example with code for dynamic drop downs in
> > PHP? I would like to be able to have drop downs like "Select Country"
> > and another drop down show the states/p
82 matches
Mail list logo
