Thank you, all who replied. This helps me understand. I might give a
try to the workarounds some suggested.
Great newsgroup.
Jeff
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
brian wrote:
Jeff Cohan wrote:
It seems that the server had to know the size of the file in order
to know it exceeded MAX_FILE_SIZE. So how can my script find out the
size?
Not at all. The user-agent is built to ignore files that exceed the
MAX_FILE_SIZE value.
Ack! I meant, "The user-age
Jeff Cohan wrote:
Dan Parry wrote:
I might be wrong but this would be classed as
'exploitable'... Webservers should not be allowed
to read from or write to clients... Of course there
is ActiveX...
I think we're off the point.
My script is simply interrogating the value of the
$_FILES[use
Ray wrote:
On Saturday 22 September 2007 7:39:01 pm Dan Parry wrote:
This would be the exploitable 'feature' I mentioned... Client-side files
should never be readable
Dan
If the contents of a file were readable, I would definitely agree with you.
I'm not convinced that the ability to det
Jeff Cohan wrote:
Dan Parry wrote:
I might be wrong but this would be classed as
'exploitable'... Webservers should not be allowed
to read from or write to clients... Of course there
is ActiveX...
I think we're off the point.
My script is simply interrogating the value of the
$_FILES[userf
On Saturday 22 September 2007 7:39:01 pm Dan Parry wrote:
> > -Original Message-
> > From: Ray [mailto:[EMAIL PROTECTED]
> > Sent: 23 September 2007 02:25
> > To: php-general@lists.php.net
> > Subject: Re: [PHP] MAX_FILE_SIZE not working with file uploads
> >
> > On Saturday 22 September 20
> -Original Message-
> From: Ray [mailto:[EMAIL PROTECTED]
> Sent: 23 September 2007 02:25
> To: php-general@lists.php.net
> Subject: Re: [PHP] MAX_FILE_SIZE not working with file uploads
>
> On Saturday 22 September 2007 7:44:55 pm Jeff Cohan wrote:
> > Dan Parry wrote:
> > > I might be w
On Saturday 22 September 2007 7:44:55 pm Jeff Cohan wrote:
> Dan Parry wrote:
> > I might be wrong but this would be classed as
> > 'exploitable'... Webservers should not be allowed
> > to read from or write to clients... Of course there
> > is ActiveX...
>
> I think we're off the point.
>
> My scr
So replace ' \" ' instead of ' " '.
On 9/22/07, Jim Lucas <[EMAIL PROTECTED]> wrote:
> Kevin Waterson wrote:
> > I am using str_replace to strip double quotes.
> >
> > $string = 'This string has "quotes" in it';
> >
> > $string = str_replace('"', '', $string);
> >
> > this seems to work, yet when
> -Original Message-
> From: Jeff Cohan [mailto:[EMAIL PROTECTED]
> Sent: 23 September 2007 02:45
> To: php-general@lists.php.net
> Subject: Re: [PHP] MAX_FILE_SIZE not working with file uploads
>
>
>
> Dan Parry wrote:
> > I might be wrong but this would be classed as
> > 'exploitable'.
Dan Parry wrote:
> I might be wrong but this would be classed as
> 'exploitable'... Webservers should not be allowed
> to read from or write to clients... Of course there
> is ActiveX...
I think we're off the point.
My script is simply interrogating the value of the
$_FILES[userfile][size] a
> -Original Message-
> From: Jeff Cohan [mailto:[EMAIL PROTECTED]
> Sent: 23 September 2007 00:02
> To: php-general@lists.php.net
> Subject: Re: [PHP] MAX_FILE_SIZE not working with file uploads
>
> Chris wrote:
> > [error] => 2
> > And also gives you an error code.
>
> Yes, I know and kn
> -Original Message-
> From: Daniel Brown [mailto:[EMAIL PROTECTED]
> Sent: 21 September 2007 23:27
> To: Stut
> Cc: Eric Lommatsch; php-general@lists.php.net
> Subject: Re: [PHP] Access name of variable in $_POST array
>
> On 9/21/07, Stut <[EMAIL PROTECTED]> wrote:
> > Please include the
Per Jessen wrote:
Stut wrote:
Stefano Esposito wrote:
i'm in need to limit the numbers of conection to the database,
whithout loose of functionality. There is a general strategy to
achieve this?
1) Caching
2) Caching
3) Caching
And if all that fails...
4) Caching
And mysqls query cache do
* Disclaimer: The following may sound condescending (I hope not) but
you said you're a newbie so I'll try to start with the very basics.
For your database tables questions you basically want the tables to
represent real life "things". For example, a player, a team, etc.
So let's make a quick list
Chris wrote:
> [error] => 2
> And also gives you an error code.
Yes, I know and knew that. That's why the upload ultimately fails
(which is okay).
My point is that when a file's size exceeds the MAX_FILE_SIZE value,
I want the browser to (a) detect that it's too large BEFORE
attempting to upload
On Saturday 22 September 2007 12:06:27 Karl James wrote:
> HAHAHA!! VERY FUNY!!
>
> Apparently, no one wants to help.
> So, much for the sympathy factor.
>
> Karl
>
>
> Original Message
> From: Børge_Holen <[EMAIL PROTECTED]>
> Sent: 09/22/07 12:29 PM
> To: php-general@lists.php.net
>
On Saturday 22 September 2007 02:33:57 Crayon Shin Chan wrote:
> On Friday 21 September 2007, Karl james wrote:
> > I am in need of some help.
> > I would love to get some assistance on this.
> > I need to start creating a database for my website.
> > This will be for a fantasy football league webs
At 3:33 PM +0800 9/22/07, Crayon Shin Chan wrote:
On Friday 21 September 2007, Karl james wrote:
I am in need of some help.
I would love to get some assistance on this.
I need to start creating a database for my website.
This will be for a fantasy football league website.
To store stats on
Stut wrote:
> Stefano Esposito wrote:
>> i'm in need to limit the numbers of conection to the database,
>> whithout loose of functionality. There is a general strategy to
>> achieve this?
>
> 1) Caching
> 2) Caching
> 3) Caching
>
> And if all that fails...
>
> 4) Caching
And mysqls query cach
On Friday 21 September 2007, Karl james wrote:
> I am in need of some help.
> I would love to get some assistance on this.
> I need to start creating a database for my website.
> This will be for a fantasy football league website.
> To store stats on the database for archive purposes,
> And be abl
Kevin Waterson wrote:
I am using str_replace to strip double quotes.
$string = 'This string has "quotes" in it';
$string = str_replace('"', '', $string);
this seems to work, yet when I put the $string into mysql,
it uses backslashes to escape where the quotes were. The
double-quotes are gone,
22 matches
Mail list logo
