RE: [PHP] Two websites need to share part of one database,suggestions please

On Fri, 2005-07-08 at 19:46, Chris W. Parker wrote: > Robert Cummings > on Friday, July 08, 2005 3:32 PM said: > > > > Use a bitvector field in the table and use a bitmask for filtering for > > which sites can access what products. > > I think I understand what a b

RE: [PHP] Two websites need to share part of one database,suggestions please

Robert Cummings on Friday, July 08, 2005 3:32 PM said: > Use a bitvector field in the table and use a bitmask for filtering for > which sites can access what products. I think I understand what a bitmask is after doing some research but would you please give me an

Re: [PHP] file function

Well, it supposed to give you array. http://us2.php.net/manual/en/function.file.php array file ( string filename [, int use_include_path [, resource context]] ) What do you want exactly? Ezra On Fri, 2005-07-08 at 16:34 -0700, Joseph Lee wrote: > Hi, > > I tried file() in the following lin

[PHP] file function

Hi, I tried file() in the following lines: However, it only gave me authFile = Array What's wrong with this file function? I tried single quotes, but got the same answer, too. Thanks, Joe Sell on Yahoo! Auctions – no fees

Re: [PHP] Two websites need to share part of one database, suggestions please

On Fri, 2005-07-08 at 18:20, Chris W. Parker wrote: > Hello, > > We have two websites. One website is already up and running, the other > is not. > > The first website (I'll call it one.com) contains a large number of the > products and is meant for a specific audience. The second website (I'll >

[PHP] Two websites need to share part of one database, suggestions please

Hello, We have two websites. One website is already up and running, the other is not. The first website (I'll call it one.com) contains a large number of the products and is meant for a specific audience. The second website (I'll call it, yep you guessed it, two.com) will contain a small subset o

RE: [PHP] back slashes

[snip] Lets say I have a string: "c:\www\test" I want to insert it into a database, but what ends up getting inserted is: c:wwwtest I can not get php to double the back slashes no matter what I do! $string = str_replace("\\", "", $string); That is what I want to do, get all single '\' i

[PHP] back slashes

     Hello all,    I’m attempting to insert a windows path into a mysql database via PHP, but it keeps ineterpreting the backslashes as escape chars. Lets say I have a string: "c:\www\test" I want to insert it into a database, but what ends up getting inserted is: c:wwwtest I can not get

Re: [PHP] Re: Security, Late Nights and Overall Paranoia

Okay: >From what I´ve read here, there seems to be a lot of useful information - very litte of which is relevent to the question. My understanding is that you(the OP) have a template-editing page, which your designers can log into in order to edit the page, without having ftp/sftp access? It is

RE: [PHP] Re: Security, Late Nights and Overall Paranoia

True. People can steal sessions within a firewall as well. Unless if browsers can do digital signature, there is no a good way to validate users. I think you would agree that for now it comes down to two choices: 1. Focus on convenience, let security slack a little or 2. Focus on security, and t

Re: [PHP] Re: Security, Late Nights and Overall Paranoia

On Jul 8, 2005, at 1:25 PM, Ezra Nugroho wrote: Here is one security measure that you HAVE to do if you allow people to submit contents to your site. 1. track client's IP. 2. Associate sensitive cookies with the IP, if they don't match, ignore it or invalidate the cookie. We may not stop th

Re: [PHP] Re: Security, Late Nights and Overall Paranoia

Here is one security measure that you HAVE to do if you allow people to submit contents to your site. 1. track client's IP. 2. Associate sensitive cookies with the IP, if they don't match, ignore it or invalidate the cookie. We may not stop the information redirection. We can make the informati

Re: [PHP] using require

On Sat, 2005-05-14 at 19:34 -0700, Richard Lynch wrote: > On Fri, October 14, 2005 11:33 am, Cima said: > > i have my web site working something like this: in every php script i have > > require(auth.php). this auth.php has my connection to my postgresql server > > and database along with some othe

Re: [PHP] Re: Security, Late Nights and Overall Paranoia

On Jul 8, 2005, at 12:31 PM, Edward Vermillion wrote: On Jul 8, 2005, at 12:02 PM, Ezra Nugroho wrote: I am just wondering, how could someone craft an html to steal cookies? If your cookie distribution is done right, I don't think you need to worry about this. That's what XSS is all abou

Re: [PHP] Re: Security, Late Nights and Overall Paranoia

On Jul 8, 2005, at 12:02 PM, Ezra Nugroho wrote: I am just wondering, how could someone craft an html to steal cookies? If your cookie distribution is done right, I don't think you need to worry about this. That's what XSS is all about. I don't have the link handy but I do have a PDF file

Re: [PHP] Re: Security, Late Nights and Overall Paranoia

I am just wondering, how could someone craft an html to steal cookies? If your cookie distribution is done right, I don't think you need to worry about this. There are a gazillion of sites (CMS-based, wiki-based, etc, including php.net) that allow users to contribute html. They are not concern a

Re: [PHP] Re: Security, Late Nights and Overall Paranoia

On 7/8/05, Ryan A <[EMAIL PROTECTED]> wrote: > I am not really bothered about the closing tags (for example ) > I am more bothered about the opening closing tag (for example should be ) > as this can mess up my page...but this cant do squat: [i > or this: i] That's where a good preview function

Re: [PHP] Re: Security, Late Nights and Overall Paranoia

On Jul 8, 2005, at 4:21 AM, <[EMAIL PROTECTED]> wrote: Personally, I don't think it's a bad idea at all. The best way (and probably ONLY real way) to achieve decent security would be to limit the subset of tags the user can post. Best way to achieve this is to use your own tagging system (e.g.

Re: [PHP] Re: Security, Late Nights and Overall Paranoia

> > Yep, but this has no way of breaking my html > > If [/i] is missing, it'd be the same as being missing. > > I can just as easily clean out any missing tags as I can any > missing [/i] tags. > I am not really bothered about the closing tags (for example ) I am more bothered about the ope

Re: [PHP] Re: Security, Late Nights and Overall Paranoia

On 7/8/05, Ryan A <[EMAIL PROTECTED]> wrote: > Yep, but this has no way of breaking my html If [/i] is missing, it'd be the same as being missing. I can just as easily clean out any missing tags as I can any missing [/i] tags. -- Greg Donald Zend Certified Engineer MySQL Core Certificati

RE: [PHP] Re: iPowerWeb ISP Are they good?

Thanks guys, getting some great recommendations... From what I hear, I wont be using IpowerWeb, some people had nothing but good to say, but I found quite a few more complaints then good. eHostPros does sound very nice, I'll look into them as well. Jason E.J. Manaigre Web Site Development Coo

Re: [PHP] Re: Security, Late Nights and Overall Paranoia

Hey, > > The problem with this approach is if people dont close their tags properly > Nothing makes it impossible for me to hand type and not close one of those > tags. > > [i]blah Yep, but this has no way of breaking my html the max you would get is: [i this will be in italics which is

Re: [PHP] Re: Security, Late Nights and Overall Paranoia

On 7/8/05, Ryan A <[EMAIL PROTECTED]> wrote: > The problem with this approach is if people dont close their tags properly Nothing makes it impossible for me to hand type and not close one of those tags. [i]blah -- Greg Donald Zend Certified Engineer MySQL Core Certification http://destiney.com

Re: [PHP] Re: Security, Late Nights and Overall Paranoia

Hey, > > The typical way that forums handle this is to use what is called > > "BBCode". In short, you have a non-HTML way for users to supply > > [i]This text will be in italics.[/i] > > [b]This text will be in bold.[/b] > If you're gonna allow the tag then just allow it. There's no > p

Re: [PHP] Register globals and ini_set

I was setting the $_SESSION by: $_SESSION['var_name'] = "this"; or $my_local = "this"; $_SESSION['var_name'] = $my_local; I had stopped using session_register() some time back. "Sporatically" meaning that some of my variables are working fine, while others seem to become empty when referenced b

RE: [PHP] RE: Display picture from MySQL

Here is my situation I have 3 record data as (lotID is char and Picture is longblob type) LotId |Picture --- 123 |Picture1 124 |Picture2 125 |Picture3 then I would like to display like this >>> Lot ID : 123 Picture: Picture1 Lot ID : 124 Picture: Picture2 Lot ID : 125

Re: [PHP] Re: Security, Late Nights and Overall Paranoia

On 7/8/05, Jason Barnett <[EMAIL PROTECTED]> wrote: > The typical way that forums handle this is to use what is called > "BBCode". In short, you have a non-HTML way for users to supply > information that will produce markup instead of just plain text. So if > you want to allow italics, bolds, URL

Re: [PHP] Register globals and ini_set

Since you mention the PHP version was old (4.1) then I have to ask: were you using the $_SESSION array all along or were you using session_register to register session variables? Although you probably aren't since that would be rather easy to debug. The script in which your global_variable wa

[PHP] Re: Register globals and ini_set

[EMAIL PROTECTED] wrote: Hi, If i use, at the beginning of my scripts, ini_set('register_globals', 0), register globals will be turned off? Thanks ini_set() just doesn't make sense for that directive. register_globals takes the input data from HTTP requests and sets them in the symbol tab

Re: [PHP] Register globals and ini_set

I'm having a serious pain with globals.. maybe someone can help. My major client moved her service from one server to another, and with it, PHP went from 4.1 to 4.2+. Register Globals was turned off, and when everything failed to work, tech support turned them back on via .htaccess. I'm plannin

[PHP] Re: Security, Late Nights and Overall Paranoia

The typical way that forums handle this is to use what is called "BBCode". In short, you have a non-HTML way for users to supply information that will produce markup instead of just plain text. So if you want to allow italics, bolds, URL's, etc. then you have some codes for it like: [i]This

Re: [PHP] Re: iPowerWeb ISP Are they good?

I had a client hosted on Powweb and I dropped that service pretty fast. Now I host primarily on eHostPros.com (past 2-3 years). I've had a few problems, but they work pretty close with the clients to handle issues. Maybe a 90-95% satisfaction rate for me. The nice thing is their billing system;

Re: [PHP] Problem serializing a mysqli_result object.

But why are you going to all of that trouble? What does the mysqli_result object have that you really need? If you just need the result set then you can fetch it as an assoc array and serialize that. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/u

[PHP] Re: iPowerWeb ISP Are they good?

I have used iPowerWeb for a few years now and have only had "maybe" 5 min. worth out outages. Even when I had a question on a Sunday, there was someone to answer the tech phone. It did take a while but still, its all good in my book. Chris ""Jason Manaigre"" <[EMAIL PROTECTED]> wrote in messag

Re: [PHP] Register globals and ini_set

if you have php <= 4.2.3 yes, otherwise no. it has to be set in php.ini, .htaccess, or httpd.conf [EMAIL PROTECTED] wrote: Hi, If i use, at the beginning of my scripts, ini_set('register_globals', 0), register globals will be turned off? Thanks -- PHP General Mailing List (http://www.ph

[PHP] Register globals and ini_set

Hi, If i use, at the beginning of my scripts, ini_set('register_globals', 0), register globals will be turned off? Thanks

Re: [PHP] recompiling php

Çäðàâñòâóéòå, blackwater. Âû ïèñàëè 6 èþëÿ 2005 ã., 18:57:17: > I have a linux box which I use periodically. I built php 5.0.3 on it > and it runs fine. I just came across a situation where I need to > compile in the zlib extension so I got into my php folder and did > ./configure with my option

[PHP] Re: Strange Problem: session_set_save_handler

Ok, i try to describe what i´ve done. i have written a sql-wrapper-class wich is used to insert and update the entries in the mysql-table. the mysql-table has the following columns (types) id varchar(255) - holds the session-id data blob - holds the session-data created timestamp - used to id