Hello,
on 06/10/2009 03:10 PM Eddie Drapkin said the following:
> I've been charged with writing a class that handles forms, once they've been
> POSTed to. The idea of the class is to handle the most common use-cases of
> POST forms, and any special functionality can be handled with a child class
Thanks! Peter.
I’m very clear now.
"Peter Ford" wrote in message
news:bd.38.16665.07c6f...@pb1.pair.com...
Keith wrote:
Let's say user A and user B submitting purchase order form with
"order.php" at the same time, with method=post action='confirmation.php'.
(1) Will $_POST['order'] submitt
Have a look at Zend Form
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
On Wed, Jun 10, 2009 at 3:10 PM, Nitsan Bin-Nun wrote:
> Usually I would support you on this one. In chemistry you always keep
> your stock "pure" and make any observations or mixtures in clean and
> other glasses in order to keep it pure.
>
> When it comes to printing an output or hosting it in a
if(PHP_SAPI == 'cli') { }
or
if(php_sapi_name() == 'cli') { }
On Wed, Jun 10, 2009 at 3:42 PM, Tom Worster wrote:
> what's a reliable way to detect that the sapi is cli, including in a
> included scripts?
>
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http
what's a reliable way to detect that the sapi is cli, including in a
included scripts?
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Usually I would support you on this one. In chemistry you always keep
your stock "pure" and make any observations or mixtures in clean and
other glasses in order to keep it pure.
When it comes to printing an output or hosting it in a variables and
then printing it out it is just a matter of taste.
Ashley Sheridan wrote:
> On Wed, 2009-06-10 at 14:40 -0400, Andrew Ballard wrote:
>> On Wed, Jun 10, 2009 at 2:26 PM, Ashley
>> Sheridan wrote:
>>> On Wed, 2009-06-10 at 14:14 -0400, Eddie Drapkin wrote:
On Wed, Jun 10, 2009 at 2:08 PM, Ashley Sheridan
wrote:
> On Wed, 2009-06-10
On Wed, Jun 10, 2009 at 2:56 PM, Ashley
Sheridan wrote:
> On Wed, 2009-06-10 at 14:40 -0400, Andrew Ballard wrote:
>> On Wed, Jun 10, 2009 at 2:26 PM, Ashley
>> Sheridan wrote:
>> > On Wed, 2009-06-10 at 14:14 -0400, Eddie Drapkin wrote:
>> >> On Wed, Jun 10, 2009 at 2:08 PM, Ashley Sheridan
>> >>
On Wed, 2009-06-10 at 14:40 -0400, Andrew Ballard wrote:
> On Wed, Jun 10, 2009 at 2:26 PM, Ashley
> Sheridan wrote:
> > On Wed, 2009-06-10 at 14:14 -0400, Eddie Drapkin wrote:
> >> On Wed, Jun 10, 2009 at 2:08 PM, Ashley Sheridan
> >> wrote:
> >>
> >> > On Wed, 2009-06-10 at 19:03 +0100, Ashley Sh
On Wed, Jun 10, 2009 at 2:26 PM, Ashley
Sheridan wrote:
> On Wed, 2009-06-10 at 14:14 -0400, Eddie Drapkin wrote:
>> On Wed, Jun 10, 2009 at 2:08 PM, Ashley Sheridan
>> wrote:
>>
>> > On Wed, 2009-06-10 at 19:03 +0100, Ashley Sheridan wrote:
>> > > On Wed, 2009-06-10 at 23:17 +0530, Sudheer Satyana
Thank you. I'm looking at PEAR Mail_mime right now. It seems promising.
Fernando.
> Date: Wed, 10 Jun 2009 23:14:11 +0530
> From: sudhee...@binaryvibes.co.in
> To: phps...@gmail.com
> CC: jfer...@hotmail.com; rich...@php.net; php-general@lists.php.net
> Subject: Re: [PHP] Mail function and hot
On Wed, 2009-06-10 at 14:14 -0400, Eddie Drapkin wrote:
> On Wed, Jun 10, 2009 at 2:08 PM, Ashley Sheridan
> wrote:
>
> > On Wed, 2009-06-10 at 19:03 +0100, Ashley Sheridan wrote:
> > > On Wed, 2009-06-10 at 23:17 +0530, Sudheer Satyanarayana wrote:
> > > > Ashley Sheridan wrote:
> > > > > On Wed,
On Wed, Jun 10, 2009 at 2:08 PM, Ashley Sheridan
wrote:
> On Wed, 2009-06-10 at 19:03 +0100, Ashley Sheridan wrote:
> > On Wed, 2009-06-10 at 23:17 +0530, Sudheer Satyanarayana wrote:
> > > Ashley Sheridan wrote:
> > > > On Wed, 2009-06-10 at 23:05 +0530, Sudheer Satyanarayana wrote:
> > > >
> > >
I've been charged with writing a class that handles forms, once they've been
POSTed to. The idea of the class is to handle the most common use-cases of
POST forms, and any special functionality can be handled with a child class
at a later date, but for our uses, we're going to have mostly pretty t
On Wed, 2009-06-10 at 19:59 +0200, Nitsan Bin-Nun wrote:
> That would do the job.
>
> If you are already digging into it, take a look at XSRF/CSRF which are
> both can be very harmful, especially for ecommerce websites.
>
> On Wed, Jun 10, 2009 at 8:08 PM, Ashley
> Sheridan wrote:
> > On Wed, 200
That would do the job.
If you are already digging into it, take a look at XSRF/CSRF which are
both can be very harmful, especially for ecommerce websites.
On Wed, Jun 10, 2009 at 8:08 PM, Ashley
Sheridan wrote:
> On Wed, 2009-06-10 at 19:03 +0100, Ashley Sheridan wrote:
>> On Wed, 2009-06-10 at 2
On Wed, 2009-06-10 at 19:03 +0100, Ashley Sheridan wrote:
> On Wed, 2009-06-10 at 23:17 +0530, Sudheer Satyanarayana wrote:
> > Ashley Sheridan wrote:
> > > On Wed, 2009-06-10 at 23:05 +0530, Sudheer Satyanarayana wrote:
> > >
> > >>> I've been doing a bit of reading, and I can't really understa
On Wed, 2009-06-10 at 23:17 +0530, Sudheer Satyanarayana wrote:
> Ashley Sheridan wrote:
> > On Wed, 2009-06-10 at 23:05 +0530, Sudheer Satyanarayana wrote:
> >
> >>> I've been doing a bit of reading, and I can't really understand why XSS
> >>> is such an issue. Sure, if a user can insert a
Ashley Sheridan wrote:
On Wed, 2009-06-10 at 23:05 +0530, Sudheer Satyanarayana wrote:
I've been doing a bit of reading, and I can't really understand why XSS
is such an issue. Sure, if a user can insert a
Richard was likely suggestion his mail example as listed in his signature
Other options include
phpmailer
pear's mime mail
various other classes available www.phpclasses.org
Fernando,
I recommend you check out the various PHP frameworks out there. Instead
of randomly searching for clas
On Wed, 2009-06-10 at 23:05 +0530, Sudheer Satyanarayana wrote:
> > I've been doing a bit of reading, and I can't really understand why XSS
> > is such an issue. Sure, if a user can insert a
I reckon Dan brown is fond of pillow talks instead of PHP(pillow has
p*nux) in here very much ;)
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
I've been doing a bit of reading, and I can't really understand why XSS
is such an issue. Sure, if a user can insert a
Thanks. I'll check that out.
> Date: Wed, 10 Jun 2009 18:24:45 +0100
> Subject: Re: [PHP] Mail function and hotmail
> From: rich...@php.net
> To: phps...@gmail.com
> CC: jfer...@hotmail.com; php-general@lists.php.net
>
> Hi,
>
> > pear's mime mail
>
> I believe I had a hand in that too. It's
Hi,
> pear's mime mail
I believe I had a hand in that too. It's like a bad rash - it gets
everywhere... :-)
--
Richard Heyes
HTML5 graphing: RGraph (www.rgraph.net - updated 6th June)
PHP mail: RMail (www.phpguru.org/rmail)
PHP datagrid: RGrid (www.phpguru.org/rgrid)
PHP Template: RTemplate (ww
On Wed, Jun 10, 2009 at 1:11 PM, Fernando G wrote:
>
> I have not idea of what else to use. Your suggestions are appreciated.
>
> Fernando.
>
>> Date: Wed, 10 Jun 2009 18:04:31 +0100
>> From: rich...@php.net
>> To: jfer...@hotmail.com
>> CC: php-general@lists.php.net
>> Subject: Re: [PHP] Mail fun
kranthi, you are wrong here. popen() will open a pipe to a process.
You must have meant fopen() which doesnt work with pipes, but with
files.
you first popen php (ie execute it)
you then write the code you want php to exec (php is still executing,
reading your input)
at the end you pclose php and
I have not idea of what else to use. Your suggestions are appreciated.
Fernando.
> Date: Wed, 10 Jun 2009 18:04:31 +0100
> From: rich...@php.net
> To: jfer...@hotmail.com
> CC: php-general@lists.php.net
> Subject: Re: [PHP] Mail function and hotmail
>
> Hi,
>
> > ...
>
> Use something that i
Hi,
> ...
Use something that is already proven to work. It will save you an
awful lot of time.
--
Richard Heyes
HTML5 graphing: RGraph (www.rgraph.net - updated 6th June)
PHP mail: RMail (www.phpguru.org/rmail)
PHP datagrid: RGrid (www.phpguru.org/rgrid)
PHP Template: RTemplate (www.phpguru.org
Ashley Sheridan wrote:
> On Wed, 2009-06-10 at 18:28 +0200, Nitsan Bin-Nun wrote:
>> mysql_real_escape_string() only sanitise the input. I would personally
>> only allow [a-zA-Z0-9-_] in search string but that's just me ;)
>> Validate the input in some way, or make extra sanitisation of it
>> befor
On Wed, 2009-06-10 at 12:59 -0400, Fernando G wrote:
> Hello,
>
> I am sending an html message with and embedded image using the following code:
>
> // Read message from html template
> $message = fread("template.html", filesize("template.html"));
>
> // I replace the values in $message that are
On Wed, 2009-06-10 at 12:55 -0400, Eddie Drapkin wrote:
> The problem with using a database escaping string for output escaping
> is that something like (despite being the world's lamest XSS)
>
> location.href('google.com')
>
> Would output mostly the same and with some cleverness, it wouldn't be
Hello,
I am sending an html message with and embedded image using the following code:
// Read message from html template
$message = fread("template.html", filesize("template.html"));
// I replace the values in $message that are necessary to
// fill the tempalte
...
// Generate a boundary stri
The problem with using a database escaping string for output escaping is
that something like (despite being the world's lamest XSS)
location.href('google.com')
Would output mostly the same and with some cleverness, it wouldn't be too
hard to get that to function properly with a full fledged XSS a
> https://www.xxx.co.uk/register.php";| grep "123"
I wonder what kind of browser could make this, probably a hacker-made one!
This URL will have to be translated into its equivalent URI, if using
GET the HTTP message's start line would look like:
GET /register.php"| grep "123" HTTP/1.1
First of
I'm working on something similar, here's the pseudo-code of what
happens to ensure the PHP script run by my server doesnt see any
difference than when it runs under apache or others...
Say the php file to execute is "index.php" and it was called from a
form post, the form tag also specified GET ar
On Wed, 2009-06-10 at 18:28 +0200, Nitsan Bin-Nun wrote:
> mysql_real_escape_string() only sanitise the input. I would personally
> only allow [a-zA-Z0-9-_] in search string but that's just me ;)
> Validate the input in some way, or make extra sanitisation of it
> before running the search query.
>
What exactly is the problem or error message you get?
Also if this is your script, really, it needs a LOT of cleanup!!
Here's an example that could point out the problem:
> $FileName =
> str_replace(".jpg", "", $FileName);
>
> $FileName =
> str_replace("/", "", $ImageName);
> $Fil
Hi all,
I'm looking at adding a new search feature to my site, and one of the
elements of this is to echo back in the search results page, the
original string the user searched for. Up until now, XSS hasn't (afaik)
been an issue for my site, but I can see from a mile off this will be.
What would y
2009/6/10 Robin Vickery
>
>
> 2009/6/10 Dotan Cohen
>
>> > Just checked your site in Elinks (works like Lynx) and I'm getting the
>> > headers come back to me. I'm assuming you changed your site code before
>> > me sending this and after you sent the original message?
>> >
>>
>> The individual h
2009/6/10 Dotan Cohen
> > Just checked your site in Elinks (works like Lynx) and I'm getting the
> > headers come back to me. I'm assuming you changed your site code before
> > me sending this and after you sent the original message?
> >
>
> The individual headers are as they always were. It's th
2009/6/8 HELP!
> opening of the sorket is ok and writting LOGIN packet to the sorket is also
> ok but reading the response to know if the login is accepted or rejected is
> a not OK.
Don't use fread() to read from sockets, use stream_get_contents(). Example 3
on the fread() manual page tells yo
On Wed, Jun 10, 2009 at 08:37:23AM -0400, tedd wrote:
>
> Think about it -- why are all languages are looking more and more
> alike? Why is it that you can jump from versions of BASIC to C, C++,
> php, JAVA, javascript and others and not find yourself in a
> completely foreign environment? You t
Daniel Brown wrote:
On Wed, Jun 10, 2009 at 09:14, Robert Cummings wrote:
He was quite active... when I raised a really good point all he could do was
scream.
and it is at this point that I would like to remind you that
we are on the air, gentlemen, live and being recorded for future
On Wed, Jun 10, 2009 at 9:13 AM, Robert Cummings wrote:
> Daniel Brown wrote:
>>
>> On Wed, Jun 10, 2009 at 09:06, Robert Cummings
>> wrote:
>>>
>>> Dan, I'd appreciate it if you wouldn't share our pillow talk with the
>>> list
>>> at large.
>>
>> Oh, stop, it's not like I mentioned the rash for
On Wed, Jun 10, 2009 at 09:16, tedd wrote:
>
> That's Okay, I just say it better than you. :-)
Show-off.
--
daniel.br...@parasane.net || danbr...@php.net
http://www.parasane.net/ || http://www.pilotpig.net/
50% Off All Shared Hosting Plans at PilotPig: Use Coupon DOW1
--
PHP General M
On Wed, Jun 10, 2009 at 09:14, Robert Cummings wrote:
>
> He was quite active... when I raised a really good point all he could do was
> scream.
and it is at this point that I would like to remind you that
we are on the air, gentlemen, live and being recorded for future
generations to sea
At 9:07 AM -0400 6/10/09, Robert Cummings wrote:
Daniel Brown wrote:
On Wed, Jun 10, 2009 at 08:59, Robert Cummings wrote:
Don't you have VB applications to write?
And this after I just mentioned your name in another thread
without throwing up in my mouth.
You've finally got those gag r
At 8:53 AM -0400 6/10/09, Daniel Brown wrote:
On Wed, Jun 10, 2009 at 08:37, tedd wrote:
Beside, this is how languages evolve. There is no job that any tool is
designed for. The "job" is our current perception of the task at hand and
that is always changing.
That's the point I was tryi
Eddie Drapkin wrote:
The question then becomes whether he was one of the boring catchers and
just sort of "sat there" or was "actively discussing" with you.
He was quite active... when I raised a really good point all he could do
was scream.
Cheers,
Rob.
--
http://www.interjinn.com
Applicati
The question then becomes whether he was one of the boring catchers and just
sort of "sat there" or was "actively discussing" with you.
On Wed, Jun 10, 2009 at 9:11 AM, Robert Cummings wrote:
> Eddie Drapkin wrote:
>
>> Dan, I do appreciate when you share your pillow talk with the list at
>> larg
Daniel Brown wrote:
On Wed, Jun 10, 2009 at 09:06, Robert Cummings wrote:
Dan, I'd appreciate it if you wouldn't share our pillow talk with the list
at large.
Oh, stop, it's not like I mentioned the rash for which you've been
getting that cream.
I just realized... today isn't Friday ;)
On Wed, Jun 10, 2009 at 09:11, Daniel Brown wrote:
> On Wed, Jun 10, 2009 at 09:06, Robert Cummings wrote:
>>
>> Dan, I'd appreciate it if you wouldn't share our pillow talk with the list
>> at large.
>
> Oh, stop, it's not like I mentioned the rash for which you've been
> getting that cream.
On Wed, Jun 10, 2009 at 09:06, Robert Cummings wrote:
>
> Dan, I'd appreciate it if you wouldn't share our pillow talk with the list
> at large.
Oh, stop, it's not like I mentioned the rash for which you've been
getting that cream.
--
daniel.br...@parasane.net || danbr...@php.net
http://www
Eddie Drapkin wrote:
Dan, I do appreciate when you share your pillow talk with the list at large.
Just so everyone knows... Dan was catcher when we were having that long
"deep" talk.
Cheers,
Rob.
--
http://www.interjinn.com
Application and Templating Framework for PHP
--
PHP General Mailing
Dan, I do appreciate when you share your pillow talk with the list at large.
Cheers,
Eddie
On Wed, Jun 10, 2009 at 9:06 AM, Robert Cummings wrote:
> Daniel Brown wrote:
>
>> On Wed, Jun 10, 2009 at 01:41, R. S. Patil wrote:
>>
>>> Hi,
>>>
>>> We are in phase of evaluating PHP as Serverside techn
Daniel Brown wrote:
On Wed, Jun 10, 2009 at 08:59, Robert Cummings wrote:
Don't you have VB applications to write?
And this after I just mentioned your name in another thread
without throwing up in my mouth.
You've finally got those gag reflexes under control... call me!!
*wink wink* *n
Daniel Brown wrote:
On Wed, Jun 10, 2009 at 01:41, R. S. Patil wrote:
Hi,
We are in phase of evaluating PHP as Serverside technology for our first web
application.
We have finalized Flex for user interface and Birt as reporting engine. Now
the data services
are to be evaluated. Flex forums reco
On Wed, 2009-06-10 at 08:53 -0400, Daniel Brown wrote:
> On Wed, Jun 10, 2009 at 08:37, tedd wrote:
> >
> > Beside, this is how languages evolve. There is no job that any tool is
> > designed for. The "job" is our current perception of the task at hand and
> > that is always changing.
>
> That
On Wed, Jun 10, 2009 at 08:59, Robert Cummings wrote:
>
> Don't you have VB applications to write?
And this after I just mentioned your name in another thread
without throwing up in my mouth.
--
daniel.br...@parasane.net || danbr...@php.net
http://www.parasane.net/ || http://www.pilotpig.ne
On Wed, Jun 10, 2009 at 01:41, R. S. Patil wrote:
> Hi,
>
> We are in phase of evaluating PHP as Serverside technology for our first web
> application.
> We have finalized Flex for user interface and Birt as reporting engine. Now
> the data services
> are to be evaluated. Flex forums recommended us
Daniel Brown wrote:
On Wed, Jun 10, 2009 at 08:37, tedd wrote:
Beside, this is how languages evolve. There is no job that any tool is
designed for. The "job" is our current perception of the task at hand and
that is always changing.
That's the point I was trying to get at in the email I wr
On Wed, Jun 10, 2009 at 08:37, tedd wrote:
>
> Beside, this is how languages evolve. There is no job that any tool is
> designed for. The "job" is our current perception of the task at hand and
> that is always changing.
That's the point I was trying to get at in the email I wrote last
night t
At 2:28 AM +0100 6/10/09, Michael wrote:
The standard PHP execution model is geared almost exclusively
towards web-used (though crons etc. are reasonable)... that is, to
sit in/with a server and handle requests... to operate over, at
maximum, "insane" lifespans of 30 seconds.
There are langua
At 11:49 AM -0400 6/8/09, Daniel Brown wrote:
>On Mon, Jun 8, 2009 at 11:48, tedd wrote:
>> Hi gang:
>>
>> I've heard that php can be used for more than web programming, but I
>> am not aware of specifically how that can be done. So, let me ask
>> directly -- can php be used to create a Mac A
Keith wrote:
> Let's say user A and user B submitting purchase order form with
> "order.php" at the same time, with method=post action='confirmation.php'.
>
> (1) Will $_POST['order'] submitted by user A replaced by
> $_POST['order'] submitted by user B, and the both user A & B getting the
> sam
67 matches
Mail list logo
