On 31.08.2011 11:23, Peet Grobler wrote:
Is it possible to get the actual sql that is being used to query or
update the database?>
E.g
$sth = $dbh->prepare ("update table set field=?, field2=? where id=?);
mysqli_bind_param ($sth, 'ssi', 'text1', 'text2', 10);
$sth->execute();
Something like $st
On 26.08.2011 07:56, tamouse mailing lists wrote:
I'm encountering this on a script, but I can't figure out where it's
actually failing. How do I debug this problem???
What does you log say?
Make sure that you turn error reporting on and crank up the info it
spits out.
I always develop with
On 25.08.2011 16:06, Ron Piggott wrote:
I am trying to figure out if it is possible to have PHP work within an XML
document.
Right now the PHP is displayed as a comment.
Thoughts anyone?
Ron
How are you executing the XML file? By calling it with your browser?
You may need to tell your webserve
On 25.08.2011 15:48, Ashley Sheridan wrote:
So its the same message except for the bits at the bottom that are different?
Sounds like its not the same message then.
Ash
True, it is a message which has been intentionally modified to appear
different even though 99.9% of the content is the same
On 25.08.2011 15:00, Andreas wrote:
Am 25.08.2011 11:01, schrieb John Black:
True, a SESSION can be reset by closing the browser but I am not
trying to deny a user from submitting different information again. I
want to prevent them from submitting the same data again by accident
(back button or
On 24.08.2011 21:38, Mike Mackintosh wrote:
On Aug 24, 2011, at 11:52, John Black wrote:
On 08/24/2011 03:04 AM, Jason Pruim wrote:
Wondering what everyone does to prevent multiple form submissions?
My form is simply getting emailed to my email, and it redirects to a success
page when
On 08/24/2011 03:04 AM, Jason Pruim wrote:
Wondering what everyone does to prevent multiple form submissions?
My form is simply getting emailed to my email, and it redirects to a success
page when submitted...
Would it be as simple as doing something with the cache control? Basically I'm
trying
On 28.07.2011 12:53, Alex Nikitin wrote:
Just as a word of caution to everyone on this list, mcrypt version of
blowfish (which is implemented by php) (in linux) has an 8bit bug in it, and
thus should not be used for hashing passwords even as backup. Basically if
you use a character such as say a
On 28.07.2011 11:13, John Black wrote:
This approach makes it impractical to bruteforce the hash because every
single test will have to run md5() 3000 times before it can validate a
single hash.
--
John
I am sorry, I made a mistake here, 3000 times is not enough for this.
The actual code for
I would like to add some info about storing the password hash in the
database.
I recently tested how quickly one can brute force a simple md5('foo')
hash with a modern GPU. The results have been truly eye opening
I have been able to break hundreds of hashes with my ATI 6870 in a
couple of
On 28.07.2011 03:58, Jason Pruim wrote:
Hey everyone,
So I know this is related pretty strictly to paypal... But I also know that you
all most likely use it :)
So with that said... Has anyone successfully setup the IPN with paypal? I'm
trying to figure out to get it up and working...
Hi Jason
On 04/08/2010 06:51 PM, Andre Polykanine wrote:
> 2. (Just a suggestion) It's better to put the SQL tables and
> fields between grave accents (backquotes).
But if you do that then you will have to remove them again when you
decide to switch or support PostgreSQL.
--
John
After coming into cont
On 03/16/2010 08:50 PM, John Black wrote:
So I just set $include = './include/abc/def/' at the top of the
correction, I set $include to the relative path of the include directory
and then use it like this:
$include = '../../include/';
require $include.'abc/file1.ph
On 03/16/2010 06:57 PM, Robert P. J. Day wrote:
i have a project (let's call it "proj") which lives in the "proj"
directory and which contains several subdirs, some of which might
contain their own subdirs and so on. some of those subdirs might
contain utility classes that i want to include o
Ashley Sheridan wrote:
I was wondering if there were any ways to simulate loads on a PHP script
running on the server? Basically, I'd just like to take one of my sites
through a dry-run so to speak and simulate x number of visitors.
Ideally, I'd prefer something that didn't have to be installed o
On 03/08/2010 10:45 PM, John Black wrote:
You can use SPF, DomainKeys plus valid DNS information.
I have setup SPF records for my domains. If you attempt to send E-Mail
as if it was sent from my server then any server doing SPF record
checking will not accept or simply drop your message.
I have
On 03/08/2010 06:18 PM, Richard Quadling wrote:
On 8 March 2010 13:06, Teus Benschop wrote:
On Mon, 2010-03-08 at 10:21 +, Richard Quadling wrote:
Contrary to popular belief, to send an email you do not need to have
your own SMTP server. All you need to know is the SMTP server
responsible
On 03/01/2010 07:54 PM, Thomas H. George wrote:
Any suggestions?
Tom
Yes I have one. Whatever book you are using, burn it then shoot it!
Without looking at the query, it is most likely failing because you are
inserting un-escaped data into your database.
So when you enter something like: G
On 02/27/2010 06:09 AM, Austin Powers wrote:
It is purely a guess that I need to start again from a complete clean setup
(reformatting my hard disk and reinstall OS X again) but that is pretty much
out of the question.
I guess my question is:
"How can I completely uninstall PHP so that I can star
On 02/23/2010 01:16 AM, Andre Polykanine wrote:
Hello everyone,
I've just subscribed to the list, and I already have a question.
what I need to do is to send mail using sockets. Actually, the
built-in Mail() function is great and I wouldn't have to search for
something else if I didn't need more
On 02/22/2010 11:42 PM, Michael Shadle wrote:
The difference here is you can at least have some control over the data
and expect it in a certain fashion. Also the behavior of cookies vs. get
vs. post are different (cookies have length and expiration limits, get
has length limits, post has server
On 02/22/2010 11:17 PM, Michael Shadle wrote:
"Secure" might be the wrong term here. As you can easily change GET to
POST and vice-versa and send any cookies you like, this is why I tried
to revise my statement and quantify it better... in a properly coded
app it doesn't present much issue. Howev
On 02/22/2010 10:37 PM, Michael Shadle wrote:
On Mon, Feb 22, 2010 at 1:30 PM, David Murphy wrote:
Richard,
The use of $_REQUEST it no more a security hole than $_GET or $_REQUEST,
they should ALL be treats as bad data until normalized and sanitized. The
claim that it opens a security hole is
On 02/22/2010 09:39 PM, Slack-Moehrle wrote:
Hi All,
I have Forms that I submit for processing. I have seen examples of people using
either $_POST or $_REQUEST.
When would I choose one over the other?
When you don't care how you get the data use $_REQUEST.
$_REQUEST will contain $_GET,$_POST,$
Adam Richardson wrote:
Do you have output buffering turned on?
THANK YOU!
That was it, for some reason ARCH has a "tweaked" php.ini in their main
repo, that sucks.
Thank you, I have been looking all over to fix this!
--
John
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe,
I am running into a strange problem and I hope someone might have an
idea why this is happening.
My installation of PHP will *NOT* display the warning message below on
my development machine where it should display it (sample code at the
bottom).
Warning: session_start() [function.session-star
Brian Dunning wrote:
But I do want to add some level of code obfuscation to prevent them
from making simple changes to my code that allow them to exceed the
privileges they've purchased.
I have used PHP Processor 1.5 from http://gridinsoft.com for this. Back
when I was looking around
LAMP wrote:
Hi,
The company I work for, hosts online events registration applications.
After a registered registered himself for an event he will get a
confirmation email saying he registered successfully.
Currently, in the header part of the mail(), in "From" it says e.g.
ord...@computility.co
Ali Asghar Toraby Parizy wrote:
Ok, thanks
but how can i create serial number that nobody can guess it. for example
when i use sha1() every body can examine it too! and so they can create it
themselves!
what strategy is useful to protect license?
Ahh, so you are trying to protect your PHP code
Ali Asghar Toraby Parizy wrote:
Hi friends
I have an application I want to sell it in my website
How can i use PayPal to marketing? i understand php so i am eager to write
some php code, myself.
How can i implement a php code to use PayPal gateway
Thanks for any help
Create a PayPal developer a
Ali Asghar Toraby Parizy wrote:
hi friends
I need a hash function to build a Unique serial number by mixing a request
code and a user name
request codes are strings like this: They are literally HEX codes of MAC mac
addresses.
"002314EFD000544AB05345300045675609782123C3254B312123D12312EE13123F123
The same can be said about the removal of magic_quotes(), it will break
A LOT of old scripts.
I am in the same boat, I did not keep up to date with the PHP developer
plans and just found out about ereg when I installed PHP 5.3.
I think it was handled properly by displaying warning messages befo
Israel Ekpo wrote:
That is not good.
5.1.6 was released in August 2006.
More than 3 years ago. There are a lot of bug fixes since then
http://www.php.net/ChangeLog-5.php
It looks like the php libraries are not maintained in CentOS and Red Hat
Repositories.
I posted the current RHEL version beca
Bob McConnell wrote:
I just checked the Red Hat 5.4 manifest and it shows php-5.1.6-23.el5 -
php-5.1.6-23.2.el5_3. CentOS simply repackages the Red Hat kit without
the proprietary bits. I don't understand why they are so far behind on a
build that was just released last month, but our hosting ser
Israel Ekpo wrote:
I just finishing testing against 5.2.10 down to 5.2.4. I am not sure how
many people are still using versions between 5.2.0 and 5.2.3
I would like to know those ones too
Well anybody running CentOS 5 or RedHat Linux Enterprise 5 using the
official repo will be using PHP 5.1.
Al wrote:
Anyone see a problem if I login into the smtp server with Username
different than the Return-Path?
It seems to work OK; but, I know from experience using the mail servers
that increasingly everything must be exactly right to prevent recipient
mail servers from rejecting emails.
All
Israel Ekpo wrote:
I would really appreciate some feedback as it will be useful in helping me
determine which PHP version numbers to do my regression tests against.
I used to write software for 4.1 and above but I am now dropping PHP 4
and will only write for PHP 5 and above. I would still wri
Skip Evans wrote:
Now, if I can just get rid of that red line at the 80 column mark. I
haven't bothered with 80 columns since I wrote assembly on a terminal
connected to a PDP-11 in college.
Sorry forgot to include this.
Tools=>Options=>Formatting
Set Right Margin to 200 (200 is the largest n
Jean Lee wrote:
Could you explain what was my fault concerned about this case?
" . $contents . "";
?>
As Andrew pointed out, you need to use htmlspecialchars()
echo "" .htmlspecialchars($contents).
"";
The reason for that is because the text may contain html control
characters like <>&'" w
James McLean wrote:
I myself and I'm sure many others will agree that sticking to 'around'
80 chars is best-practice, it's handy for those times when you need to
fix code in an emergency in an 80 col terminal, among other reasons.
Personally the 80 col marker (I set it to 78 cols actually) is one
Brian Dunning wrote:
I want to kill everyones' '/admin' cookies, but I'm worried that some
browsers might erase both cookies if I do this. Does anyone know if I
can safely kill the '/admin' cookie without risking deletion of the '/'
cookie?
How about you store the data, expire both cookies th
Bob McConnell wrote:
I strongly recommend you call the help desk at Shaw and ask them to
explain what is happening. They should know what is going on with their
servers. Everyone on this list appears to be guessing at the problem,
which is not likely to help you.
But they are educated guesses :
Michael Shadle wrote:
Oct 25 22:00:01 sql02 php: PHP Warning: mysqli_connect():
(HY000/2013): Lost connection to MySQL server at 'sending
authentication information', system error: 32 in
/home/foo/web/foo.com/core.php on line 2394
mysql 5.0.75 on ubuntu jaunty 64-bit
php 5.2.11 (but has been sh
Looks like Steve posted the answer so here is something related.
I use the function below to deal with those annoying magic quotes setups.
The function will remove the magically annoying quotes from the POST,
GET, COOKIE and REQUEST arrays. Simply save it to a file and include it
on top of your
James Prentice wrote:
> Also, I notice that in the mail.log file, the 'from:' value is
'www-d...@homemade'. The actual 'from:' value is provided to the php
mail() function via a web form, so should be somebody's email address
(e.g. my own in this case).
I think PHP will use the apache user and
Lars Nielsen wrote:
Can anyone recommend an IDE with both subversion and ftp integration?
I have played a little with eclipse but find the integrations a little
dificult to manage.
Idealy I want a local development server with LAMP+svn and then an easy
opportunity to publish a site to a productio
Paul M Foster wrote:
> 4. All due respect to Kranthi, but I believe he's wrong about relaying
mail from your webserver to the ISP's mailserver. I believe the ISP's
mailserver doesn't care, as long as the mail comes from your "pipe". You
could probably call yourself "pi...@pepperoni.com" and your
Paul M Foster wrote:
Regarding the rejection of dynamic IPs by smarthosts, are you saying
that it's a "blacklist" of sorts that lets them know an IP is dynamic?
(Serious question. I don't know the mechanism by which they determine
what is and isn't a dynamic IP.)
I run my own mail server and us
Dotan Cohen wrote:
So far as I understand mysql_real_escape_string() was invented because
addslashes() is not adequate.
Correct, addslashes() works fine for latin1 (single byte encoding) but
does not work properly when used with a multibyte encoded string.
That is most likely the reason why my
Gary wrote:
I believe they are human spammers as all the input fields are correctly
filled out (phone in phone, address in address etc).
As I said they are mostly the same IP.
Would it be better to include this script in the processing script rather
than at the top of the page?
If it is fixe
Jonathan Tapicer wrote:
I suggest you add a good captcha to the form and that way you can
avoid spam forever.
You can find a question/answer based CAPTCHA system here.
http://www.network-technologies.org/tiny.php?id=1
The system can be used to protect comment forms, email forms or act as a
bo
resea soul wrote:
I'm using the function file_get_contents($url). If the url is invalid the
function displays a warning message while I am using my own customized
message. I want to get rid of the warning message.
This should do it:
@file_get_contents($url)
--
John
Gott ist eine faust
Don wrote:
I use PHP to read data form a mysql 5 table. allow the user to edit the data
and then update the table. I am having trouble with French characters.
Before the update: Pas de description d�taill�e
After the update:Pas de description détaillée
It is an encoding problem.
My Thund
SED wrote:
How can I access an index for IP to a country (or a more detailed location)?
I have not yet found a function for that in PHP nor a free to use website
that offers a remote search.
http://www.hostip.info/ is free, provides a database to download and
even allows you to query the datab
cr.vege...@gmail.com wrote:
In php.ini I defined: error_log = C:\Inetpub\wwwroot\PHPError.log
then restarted the server with iisreset.exe
then started with IE: http://127.0.0.1/.../phpinfo.php
and after 10 minutes still "Connecting / Waiting for .../phpinfo.php"
and still no C:\Inetpub\wwwroot\PH
cr.vege...@gmail.com wrote:
Where / how to look for a PHP specific log file ?
Inside php.ini is the option to specify a separate PHP log file
here is the setting for my main system (Linux)
error_log = /home/user/php_log.txt
Remember to restart your webserver after adjusting php.ini
EDIT: Sry,
Hi Andrei,
Thank you for writing.
>I have read announcement about CodeSecure. I am sorry to say, but I am
>not sure this product is worth $49.
No problem, that is totally your opinion and you have a right to it.
> The problem is not $49, which is very small amount indeed,
Yes, this is aimed at
Hey,
> I think he just answered the other guy's question with your answer to
another one ;-).
Oh, ok.
> btw. http://www.securecents.com/secureCode_features.php only returns a
404.
DAMN! we changed the name from SecureCode to CodeSecure and I guess forgot
to make the change on the site :-(
anyway
Hi Jason,
Did I say something wrong?
A bit puzzled as you just copied what I wrote to the other guy and
reposted
Cheers,
-JB
> On Wednesday 22 October 2003 21:38, Bas wrote:
> > Is it free?
>
> > > For details, check us out at http://www.secureCents.com
>
> --
> Jason Wong -> Gremlins Ass
Hey David,
>% We sell our software with 2 keys, one key looks something like this
"oÜ??X?
>% "
>% (this changes according to the password you set when you are encoding)
>Right.
>% and the other key is just a normal php script (encoded of course)
>You mean obfuscated and garbled? OK, but I don'
Hey again David,
% >Hey, that's a nice offer.
% Thanks, we aim to please :-) this offer is open to _anybody_ on the list,
% but please send us one file at time to "example encode" and not more.
>Oops. Sorry. I figured you'd need both to have them work together.
>Perhaps not; perhaps only the co
Hey David,
>Hey, that's a nice offer.
Thanks, we aim to please :-) this offer is open to _anybody_ on the list,
but please send us one file at at time to "example encode" and not more.
>work in progress (see it at
> http://hd-vzw.com/internal/
I got a basic authentication box pop up at me...!!?
Hi,
Nope sorry, we dont have an "actual example" anywhere but we can do better
than that,
send me any file, however big and i'll encode it and send it back to you.
Remember: It does not matter if you have HTML,XML or greek in your php
file...
Cheers,
-JB.
<[EMAIL PROTECTED]&
ced this already on Wednesday. So re-announcing the same
> version seems kinda redundant.
>
> Cheers,
> Rob.
>
> On Fri, 2003-10-17 at 12:19, John Black wrote:
> > Greetings everyone,
> > We have just launched a new product called codeSECURE and would like you
to
>
Greetings everyone,
We have just launched a new product called codeSECURE and would like you to
check it out.
codeSECURE is a PHP obfuscator.
Basically codeSecure is a small collection of scripts to "obfuscate" or
"garble up" php code so that PHP developers can protect their intellectual
property
>ah
I take it you are pleased :-))
Regards,
-JB
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Hi again Dan,
Sorry, I have been very busy and looking back I dont think I cleared the
license issue totally.
If you are selling software from your site, it does not matter how many
people buy your software that is encoded with codeSecure, the license is
site wise,
ie:
if you are selling software
Hi,
Using open software and charging makes us feel guilty...the license works on
the honor system, if you are using it or more than 3 sites please buy a
license if you don'tfight your guilt :-)
To answer your question...everything will work, no odd or error messages to
embarrass you or your cus
Greetings everyone,
We have just launched a new product called codeSECURE and would like you to
check it out.
codeSECURE is a PHP obfuscator.
Basically codeSecure is a small collection of scripts to "obfuscate" or
"garble up" php code so that PHP developers can protect their intellectual
property
69 matches
Mail list logo
