Re: [PHP] Some Advice

2013-06-25 Thread Alex Pojarsky
Putting your session-ID into post will require you to POST every page, rather then GET it. And every anchor user clicks will have to POST, not GET. On Tue, Jun 25, 2013 at 4:32 PM, wrote: > You should at least check the IP of the client additionally to have some > prove > it is the same client y

Re: [PHP] array_map() with multiple callback functions

2013-05-07 Thread Alex Nikitin
Something like: $cleanData = array_map(function($str){return strtolower(trim($str));}, $passedData); -- The trouble with programmers is that you can never tell what a programmer is doing until it’s too late. ~Seymour Cray On Tue, May 7, 2013 at 4:29 PM, George Langley wrote: > Hi all. I want t

Re: [PHP] Web User Management

2013-01-31 Thread Alex Pojarsky
Hey. Depends on your customisation needs. If you need something robust and don't need anything very specific - you should be ok with Drupal, Joomla or something similar. If you are going to need a lot of complex internals that are not in these engines - you may want to try some lightweight flexibl

[PHP] Patch: Specify temp directory

2013-01-18 Thread ALeX
would really appreciate if the patch would be included and hopefully also some other people. Regards, ALeX. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: Multithreading for OOP PHP

2012-11-03 Thread Alex Nikitin
Threading doesn't increase complexity? Spoken truly like somebody who has not had to actually write, test and debug proper, high performance threaded code. Please tell me how threading doesn't increase complexity of any data structure? I may agree if you talk about php running in cli, but then the

Re: [PHP] Re: Multithreading for OOP PHP

2012-10-31 Thread Alex Nikitin
You do all that in the context of a single PHP instance and linear code, calling curl_multi handles its own threading, you just get back results, you dont have to store it anywhere outside PHP memory space, and you can configure timeouts and all that stuff, or you can regulate it yourself. The data

Re: [PHP] Re: Multithreading for OOP PHP

2012-10-31 Thread Alex Nikitin
> > > That's all understood but there are times when that one request from > the visitor requires many sub-requests like connection to DB and > making SOAP calls. I would say it's more than just "there are times", that's how a typical script lives, it imports libraries, queries the database, and

Re: [PHP] Re: Multithreading for OOP PHP

2012-10-31 Thread Alex Nikitin
will introduce new places where php apps fail, new security concerns, etc, and I think we are far from having current issues fixed... Want to parallelize your PHP execution? Learn to love curl_multi :) In this case, fix the program, not the programming language. Just my $0.02 -- Alex -- The troubl

Re: [PHP] How to write and read serial or parallel port

2012-07-26 Thread Alex Nikitin
ant to use PHP for this to begin with. I mean sure you can write your own vfat implementation in PHP, etc, etc, but it doesn't mean that it's a good idea to do so. -- Alex -- The trouble with programmers is that you can never tell what a programmer is doing until it’s too late. ~Seymour Cray -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Dynamic open_basedir and mod_vhost_alias

2012-04-02 Thread Alex Domoradov
Maybe anyone can point me in the right direction. I need to modify this patch http://www.phpbuilder.com/lists/php-developer-list/2000101/0994.php and replace VIRTUAL_DOCUMENT_ROOT with real path. As described in patch note - "When using mod_vhost_alias the DOCUMENT_ROOT = PATH_TRANSLATED - SCRIPT

Re: [PHP] including PHP code from another server..

2012-03-26 Thread Alex Pojarsky
I understand what performance issues this brings, but as for security was just a bit curious. You have just showed me what I was thinking about, but you wrote it much better, clear and structured. Thank you. 2012/3/26 Stuart Dallas : > On 26 Mar 2012, at 17:41, Alex Pojarsky wrote: > >

Re: [PHP] including PHP code from another server..

2012-03-26 Thread Alex Pojarsky
Now, as the issue adressed and script removed, can you please explain what exactly are the issues of using such approach? I mean security ones, not performance. 2012/3/26 Lester Caine : > Curtis Maurand wrote: >> >> rsync is your friend. > > and is even available for windows machines ... > > -- >

Re: [PHP] basic captcha

2012-02-20 Thread Alex Nikitin
Just a few notes on the previous responses. Delaying with JavaScript, like validating with JavaScript is a rather pointless endeavor. Think about it, you are putting your "limiting" mechanism, on the hackers' computer... You can still post to your server as fast as you want. With regards to using

Re: [PHP] Re: sql injection protection

2012-01-24 Thread Alex Nikitin
You don't need to store it in the database as b64, just undo the encoding into your inputs for the purpose of the explanation, this is language independent b64e - encoding function b64d - decoding function pseudo code given: bad_num = ') union select * from foo --' bad_str = "" good_num = 1234

Re: [PHP] Re: sql injection protection

2012-01-24 Thread Alex Nikitin
> question 1 > > If you use the PHP filters & sanitizations, and you plan on using PDO > with binded params, are you absolutely safe? And if not, why? What are > the other ways for them to still make it in - even with PD0 and binded > params properly in place? Just curious. There are no known expl

Re: [PHP] Reading only RGB portion of an image, file_get_conents minus file headers etc

2012-01-23 Thread Alex Nikitin
Absolutely agreed. A part of what i was asking deals with what he is actually doing... -- The trouble with programmers is that you can never tell what a programmer is doing until it’s too late.  ~Seymour Cray On Mon, Jan 23, 2012 at 9:37 PM, Robert Cummings wrote: > On 12-01-23 09:29 PM, A

Re: [PHP] Reading only RGB portion of an image, file_get_conents minus file headers etc

2012-01-23 Thread Alex Nikitin
programmer is doing until it’s too late.  ~Seymour Cray On Mon, Jan 23, 2012 at 7:51 PM, Robert Cummings wrote: > On 12-01-23 01:32 PM, Alex Nikitin wrote: >> >> If you don't mind me asking, if you want performance, which is kind of >> essential if you are processing a larg

Re: [PHP] Re: sql injection protection

2012-01-23 Thread Alex Nikitin
Start off with the fact that that article is from 2006, and its written by a programmer... > I was simply asking expert opinion with the intention to learn. > There is so much docs out there (I mean not just out there but at top > security sites like owasp ) that recommends database specific escap

Re: [PHP] php.net problems?

2012-01-23 Thread Alex Nikitin
Rasmus confirmed that they are having issues with php.net: You can use the sk.php.net mirror while they fix their problems, as well as docs.php.net. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Reading only RGB portion of an image, file_get_conents minus file headers etc

2012-01-23 Thread Alex Nikitin
If you don't mind me asking, if you want performance, which is kind of essential if you are processing a large number of files, why are you doing it in PHP? -- The trouble with programmers is that you can never tell what a programmer is doing until it’s too late.  ~Seymour Cray -- PHP General Mai

Re: [PHP] php.net problems?

2012-01-23 Thread Alex Nikitin
Can't get to doc at all here... -- The trouble with programmers is that you can never tell what a programmer is doing until it’s too late.  ~Seymour Cray -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: sql injection protection

2012-01-23 Thread Alex Nikitin
There is so much no, answers are in line. > At the top of each php page which interacts with a database, just have > this one liner This has already been mentioned, but again, no, no connection if you are not actually interacting with the database. > $DBH = safe_connection("database_name_here");

Re: [PHP] if http_referer is not reliable then how do we ...

2012-01-19 Thread Alex Nikitin
continue (like a secret random password stored in the session), just a simple time-out won't solve the issue. Both used together should provide for a good way to stop any useful spamming done with your script. ~ Alex -- The trouble with programmers is that you can never tell what a prog

Re: [PHP] Re: sql injection protection

2012-01-17 Thread Alex Nikitin
tever words you allow, and you have to allow certain words for your queries to run ;) Anyways, hopefully this is something for you guys to think about and hopefully enough to stop suggesting escaping as a viable option to stop any sort of simple code injection... ~ Alex -- The trouble with progr

Re: [PHP] OOP problems

2011-12-15 Thread Alex Pojarsky
I'm not sure I've understood you correctly, but you may try something like the following primitive autoloader (I didn't debug it, it's just an example): class Base { protected $_path = ''; public function construct($base_path) { $this->_path = $base_path; } public func

[PHP] Re: PHP Download Of Application Question?

2011-10-09 Thread Alex McLain
other approaches beyond Apache and PHP. > >So any ideas out there? > > Thanks for the help > Thomas Dineen That sounds like the kind of thing Java Web Start does. There's lots on Google about it. http://download.oracle.com/javase/6/docs/technotes/guides/javaws/ -Alex

Re: [PHP] Dereferencing an array.

2011-09-14 Thread Alex Nikitin
it's only marginally faster, but it does look a bit cleaner, and is a bit more memory efficient: $records[] = unserialize(serialize($boundParams)); -- The trouble with programmers is that you can never tell what a programmer is doing until it’s too late.  ~Seymour Cray On Wed, Sep 14, 2011 at

Re: [PHP] Querying a database for 50 users' information: 50 queries or a WHERE array?

2011-09-14 Thread Alex Nikitin
MySQL real escape string doesn't work, it's a bad solution to the problem that has been with the internets since the very beginning, and if people program like they are taught to by books, doesn't look like it's going away any time soon. The problem of course is that various programming languages

Re: [PHP] Querying a database for 50 users' information: 50 queries or a WHERE array?

2011-09-14 Thread Alex Nikitin
You can use a limit with a nested select, you just can't use it in some cases, like inside an "IN" statement, but something like this should work: SELECT id, data, etc FROM table JOIN (SELECT special_id as id FROM special_table ORDER BY special_id LIMIT 0, 1000) AS table2 USING (id) Note: syntax

Re: [PHP] Stop PHP execution on client connection closed

2011-09-14 Thread Alex Nikitin
On Wed, Sep 14, 2011 at 4:04 AM, Marco Lanzotti wrote: > Il 13/09/2011 20:58, Alex Nikitin ha scritto: > > Correction on Marco's post. You can absolutely stop a mysql query > > I know I can stop a query, but I don't know how to realize HTTP client > has closed conne

Re: [PHP] What would you like to see in most in a text editor?

2011-09-13 Thread Alex Nikitin
+1 on terminal. For gui-based ones, i like to be able to syntax check my code and run it from within the editor window, tabs for dozens of files i usually have open at once, highlight that supports many languages as i can be working on many at once (php, css, js, ruby, python, C, lua, sql, for the

Re: [PHP] Querying a database for 50 users' information: 50 queries or a WHERE array?

2011-09-13 Thread Alex Nikitin
On Tue, Sep 13, 2011 at 3:45 PM, Dotan Cohen wrote: > On Tue, Sep 13, 2011 at 21:34, Alex Nikitin wrote: > > And this will be faster or at least more efficient with a limit (e.g. > limit > > 50) this way when you have found the 50 users in the "in" statement, you

Re: [PHP] Stop PHP execution on client connection closed

2011-09-13 Thread Alex Nikitin
Absolutely, it was only a minor correction of a sub-point. -- The trouble with programmers is that you can never tell what a programmer is doing until it’s too late. ~Seymour Cray On Tue, Sep 13, 2011 at 3:20 PM, Jim Lucas wrote: > On 9/13/2011 11:58 AM, Alex Nikitin wrote: > > On

Re: [PHP] PHP FPM and OCI crashes

2011-09-13 Thread Alex Nikitin
On Tue, Sep 13, 2011 at 10:40 AM, linuxsupport wrote: > I enabled debug in log and found this in the log file > > [13-Sep-2011 17:03:19.966801] DEBUG: pid 16974, fpm_got_signal(), line 76: > received SIGCHLD > [13-Sep-2011 17:03:19.966832] WARNING: pid 16974, fpm_children_bury(), line > 252: [pool

Re: [PHP] Stop PHP execution on client connection closed

2011-09-13 Thread Alex Nikitin
On Tue, Sep 13, 2011 at 11:44 AM, Jim Lucas wrote: > On 9/12/2011 7:40 AM, Marco Lanzotti wrote: > > Hi all, I'm new in the list and I already have a question for you. > > I'm running an heavy query on my DB in a PHP script called by AJAX. > > Because client often abort AJAX connection to ask a n

Re: [PHP] Querying a database for 50 users' information: 50 queries or a WHERE array?

2011-09-13 Thread Alex Nikitin
On Tue, Sep 13, 2011 at 2:06 PM, Steve Staples wrote: > On Tue, 2011-09-13 at 09:48 -0700, David Harkness wrote: > > On Tue, Sep 13, 2011 at 7:29 AM, Ashley Sheridan > > wrote: > > > > > SELECT * FROM table WHERE userID IN (1,2,3,4,5,etc) > > > > > > > +1. And this is a great place to use implode

Re: [PHP] dev to production server

2011-09-07 Thread Alex Nikitin
If you have to ask these questions, i don't think you should be the person to do it, i'm sorry. I wouldn't recommend doing it on a mac, or even one single box, i wouldnt recommend doig it on non-server hardware, infact most of the time i would recommend you just buy already pre-sertup servers so t

Re: [PHP] Opening Multiple Files

2011-09-07 Thread Alex Nikitin
On Wed, Sep 7, 2011 at 10:21 AM, Ron Piggott wrote: > > Hi Everyone > > I am trying to load an HTML book into mySQL. The book was distributed with > each chapter being it’s own HTML file. > > The only way I know how to open a file is by specifying the file name. > Such as: > > $myFile = "B01C00

Re: [PHP] Struggling with MySQL query

2011-08-09 Thread Alex Nikitin
Sorry but escaping doesnt protect against mysql injection either, it is not a good answer, nor does it really work, its an effort, yes, buuut in unicode world we pretty much have the ability to override what it means to be a character through best guess matching, etc, iiit just doesnt quite work; e

RE: [PHP] Struggling with MySQL query

2011-08-09 Thread Alex Nikitin
It would be easier and faster to convert your string to lower case, than perform the upper operation on every entry in the database. Also, just to point it out, your code is very vulnerable to SQL injection. But the suggestion is right, dump the query to make sure its correct, and check for mysql

Re: [PHP] Login with Remember me Feature

2011-08-07 Thread Alex Nikitin
27;t work, if you don't believe me, listen to the keynote that Dan Kaminsky gave at the last HOPE conference, he gives a good overview of why... Please either use parameterized queries, or the awesome hack that is base 64, don't assume that just because the function is called mysql_real_escape

Re: [PHP] Studying mcrypt

2011-08-04 Thread Alex Nikitin
On Thu, Aug 4, 2011 at 12:23 PM, Donovan Brooke wrote: > Alex Nikitin wrote: > [snip] > > There is code obfuscation with PHP, and you can compile it into C++ with >> HipHop for php for example... >> > [snip] > > > Of course, obfuscation is never a great secu

Re: [PHP] Studying mcrypt

2011-08-04 Thread Alex Nikitin
On Thu, Aug 4, 2011 at 10:31 AM, Donovan Brooke wrote: > Alex Nikitin wrote: > [snip] > > Also you shouldn't actually encrypt passwords, the proper way to store >> them >> is hashed, so that if someone grabs your database, they dont have your >> pa

Re: [PHP] Studying mcrypt

2011-08-03 Thread Alex Nikitin
On Wed, Aug 3, 2011 at 4:05 PM, Ashley Sheridan wrote: > ** > On Wed, 2011-08-03 at 15:35 -0400, Alex Nikitin wrote: > > On Wed, Aug 3, 2011 at 3:08 PM, Ashley Sheridan > wrote: > > > ** > > On Wed, 2011-08-03 at 22:02 +0300, Andre Polykanine wrote: > > &g

Re: [PHP] Studying mcrypt

2011-08-03 Thread Alex Nikitin
On Wed, Aug 3, 2011 at 3:08 PM, Ashley Sheridan wrote: > ** > On Wed, 2011-08-03 at 22:02 +0300, Andre Polykanine wrote: > > Hello Alex, > > Thanks for the tip. I'm not storing it in the database (you see, it's > "asdfasdf" and the key string is

Re: [PHP] Studying mcrypt

2011-08-03 Thread Alex Nikitin
I have a neat class you can play with... -- The trouble with programmers is that you can never tell what a programmer is doing until it’s too late. ~Seymour Cray On Wed, Aug 3, 2011 at 2:27 PM, Alex Nikitin wrote: > Yes, since it's trying to represent in characters some purely bin

Re: [PHP] Studying mcrypt

2011-08-03 Thread Alex Nikitin
Yes, since it's trying to represent in characters some purely binary data, it is not unlikely that you will get VERY weird characters (and you do). Also you shouldn't actually encrypt passwords, the proper way to store them is hashed, so that if someone grabs your database, they dont have your pas

Re: [PHP] Phone numbers....

2011-07-31 Thread Alex Nikitin
There are databases with area codes for the first 3, so you only have to generate 1 million. Why do you need to store all of them again? On Jul 31, 2011 4:06 PM, "Jason Pruim" wrote: > No I'm not looking for your phone number... Or for the guy/girl whose number you thought you got last night at th

Re: [PHP] Membership site

2011-07-28 Thread Alex Nikitin
Just as a word of caution to everyone on this list, mcrypt version of blowfish (which is implemented by php) (in linux) has an 8bit bug in it, and thus should not be used for hashing passwords even as backup. Basically if you use a character such as say a British pound in your password, blowfish wi

Re: [PHP] Re: Tree menu list in php

2011-07-27 Thread Alex Nikitin
That would be so extreemely inefficient both resources and bandwidth-wise, however an interesting thought... On Jul 27, 2011 4:02 AM, "Pete Ford" wrote: > On 26/07/11 18:20, alekto wrote: >> Hi, >> is there a way to create a tree menu list only by using php/html/css? >> I found some, but they are

Re: [PHP] dependency check

2011-07-22 Thread Alex Nikitin
On Fri, Jul 22, 2011 at 3:09 PM, Ashley Sheridan wrote: > ** > On Fri, 2011-07-22 at 09:51 -0400, Alex Nikitin wrote: > > It would still be quicker with shell tools, imho, granted that some command > line elitistry would be required... Also if you are going to be doing strin

Re: [PHP] dependency check

2011-07-22 Thread Alex Nikitin
doing until it’s too late. ~Seymour Cray On Fri, Jul 22, 2011 at 9:33 AM, Nilesh Govindarajan wrote: > On 07/22/2011 06:56 PM, Alex Nikitin wrote: > > > > > > Or you could just grep the directory, not saying you have to do this, > > but this was kind of fun to write an

Re: [PHP] dependency check

2011-07-22 Thread Alex Nikitin
On Fri, Jul 22, 2011 at 8:17 AM, Nilesh Govindarajan wrote: > On 07/22/2011 11:21 AM, Andreas Moroder wrote: > > Hallo, > > > > I have a PHP application made of many files ( php, images etc. ) > > I have a strong suspicion that many of the files in the application > > directory are no more in use,

Re: [PHP] IF stream lining

2011-07-13 Thread Alex Nikitin
if( $val !== "with" && $val !== "from") simple comparison = faster solution... also you want type-safe you could do something like if(!in_array($val, array("from","with"))) but its neither elegant nor fast On Jul 14, 2011 12:22 AM, "Ron Piggott" wrote:

RE: [PHP] Your language sucks because...

2011-07-13 Thread Alex Nikitin
nyways, just my $.02 With Regards... --Alex On Jul 13, 2011 9:15 PM, "Florian Müller" wrote:

Re: [PHP] mysqli_query() returns NULL?

2011-06-18 Thread Alex
If you were to use the proper object form of it, you'd spot the mistake, as it will tell you that you are trying to perform an action on a non-object. It might be a bug, or the developers might not have cared figuring that if you threw it in an if(!...) it would validate as false anyways. But i

Re: [PHP] trying to combine two forms into a single form

2011-06-09 Thread Alex Nikitin
Actually if you want a very simple way, with a little JS, you can b64 encode the file and fill in the file field in the form with it (you can hide it or dynamically tack it on or something), so that you get everything when you submit the form including the file (you just gotta make a file back out

Re: [PHP] trying to combine two forms into a single form

2011-06-09 Thread Alex Nikitin
On Thu, Jun 9, 2011 at 8:37 AM, matty jones wrote: > I have a mediawiki extension that allows me to design a form in the wiki to > facilitate data entry into the wiki and it works good except that I also > want to be able to up load images and take the file location/name and enter > that into the

Re: [PHP] Re: Fuzzy Array Search

2011-06-07 Thread Alex Nikitin
hould get out of, use ===, its much safer . Also try the same algorithm on 10 arrays of some number of values 10-1000 perhaps, that would give you better performance statistics :) -- Alex -- The trouble with programmers is that you can never tell what a programmer is doing until it’s too

Re: [PHP] Re: Fuzzy Array Search

2011-06-07 Thread Alex Nikitin
If you don't need the location, you can implode the array and use preg match, quickly testing it, that gives you about 4.5 times performance increase, but it wont give you the location, only if a certain value exists within the array... You can kind of do some really clever math to get your search

Re: [PHP] Fuzzy Array Search

2011-06-07 Thread Alex Nikitin
What do you mean by "fuzzy search"? Like an approximate search, and instead of you stepping through the array, you guesstimate where to start, or search for approximate string value in an array of strings? -- The trouble with programmers is that you can never tell what a programmer is doing until

Re: [PHP] htaccess question

2011-05-23 Thread Alex Nikitin
On Mon, May 23, 2011 at 11:52 AM, Al wrote: > How can I prevent access to all files in a directory except one with an > htaccess file. > > I've tried several approaches found with Googling; but, none seem to work. > > e.g., > > Order Allow,Deny > Deny from all > > > This seems to me as it shoul

Re: [PHP] strcmp()?

2011-05-23 Thread Alex Nikitin
On Mon, May 23, 2011 at 9:32 AM, Joshua Kehn wrote: > > On May 23, 2011, at 9:28 AM, Alex Nikitin wrote: > > > There is an interesting note in the comments for strcmp: > > "Well, I am using PHP 4.0 and both strcmp and strcasecmp appear to be > giving me very a

Re: [PHP] A Review Request

2011-05-21 Thread Alex
- From: "tedd" To: "Joshua Kehn" , "PHP General" Subject: [PHP] A Review Request Date: Sat, May 21, 2011 9:26 am At 2:49 PM -0400 5/19/11, Joshua Kehn wrote: >On May 19, 2011, at 2:44 PM, Andre Polykanine wrote: > >> Hello Alex, >> >>

Re: [PHP] A Review Request

2011-05-20 Thread Alex Nikitin
@David Fair enough, then i have seen so many badly designed sewage systems, that the backed up sewage monsters come to me in my dreams... :) wait no the other one :( @Paul And my girlfriend, apparently -- The trouble with programmers is that you can never tell what a programmer is doing until it’

Re: [PHP] A Review Request

2011-05-20 Thread Alex Nikitin
apons prepares them for the battlefield... Alex -- The trouble with programmers is that you can never tell what a programmer is doing until it’s too late. ~Seymour Cray On Fri, May 20, 2011 at 2:12 PM, tedd wrote: > At 11:11 AM -0400 5/20/11, Alex Nikitin wrote: > >> Also to tedd,

Re: [PHP] PHP Brainteasers 2011

2011-05-20 Thread Alex Nikitin
, 2, PREG_SPLIT_OFFSET_CAPTURE); $exponent = decbin((-$tmp[1][1])+127); } $f = bindec($exponent.$significand); return (!$sign) ? $f : $f^0x; } I guess the function name and variable names will offer some assistance in determining what this does, but i think its an interest

Re: [PHP] A Review Request

2011-05-20 Thread Alex Nikitin
ed sorting functions, so it's not really worth any more of my time, but it was kind of fun to figure out how to do all of that, especially converting signed ints and floats to positive ints and back :) -- Alex -- -- The trouble with programmers is that you can never tell what a programmer is doing

Re: [PHP] A Review Request

2011-05-19 Thread Alex Nikitin
erver messes up i look at code i'm still SOL... no keys, so your "protected" area is still protected -- The trouble with programmers is that you can never tell what a programmer is doing until it’s too late. ~Seymour Cray On Thu, May 19, 2011 at 8:57 PM, tedd wrote: > At 2:

Re: [PHP] A Review Request

2011-05-19 Thread Alex Nikitin
hus did not fulfil its primary duty, in today's web world some security is not any better then no security, protecting against regular users is pointless as they are not the ones who will try to break your system ;) Just my $.02 -- Alex The trouble with programmers is that you can ne

Re: [PHP] A Review Request

2011-05-19 Thread Alex Nikitin
=== or preg_match for me, lol, unless its all just math :) -- The trouble with programmers is that you can never tell what a programmer is doing until it’s too late. ~Seymour Cray On Thu, May 19, 2011 at 3:26 PM, Joshua Kehn wrote: > On May 19, 2011, at 3:16 PM, Alex Nikitin wr

Re: [PHP] A Review Request

2011-05-19 Thread Alex Nikitin
s types, it would work well as well. Infact if you dont need to determing anything about the string, i would suggest using the === operator as it is significantly faster: timed: 0m0.724s wrote: > Hello Alex, > > Two (stupid?) questions: > 1. Why PHP_SELF is better than SCRIPT_NAME?

Re: [PHP] Filtering data not with mysql...

2011-05-19 Thread Alex Nikitin
t, it does not allow you to insecurely interpolate, and it does use prepared statements for everything, i am sharing it with anyone who wants to look at it... Anyways, here's a direct link: http://c2047862.cdn.cloudfiles.rackspacecloud.com/Friday%20Keynote%20-%20Dan%20Kaminsky.mp3 Enjoy,

Re: [PHP] A Review Request

2011-05-19 Thread Alex Nikitin
AND ($password== $pw)) +$pw='1a91d62f7ca67399625a4368a6ab5d4a3baa6073'; //sha1 hash of the password: php -r "echo sha1(\"pw\");" +if (@strcmp($id, $_POST['user_id']) == 0 && strcmp($pw, sha1($_POST['password'])) == 0) -- Alex -- -- The tro

RE: [PHP] Security Question

2011-04-08 Thread Alex Nikitin
Best way to learn about security of something is to learn how to break it... On Apr 8, 2011 3:55 PM, "Jay Blanchard" wrote: > > [snip] > whats the best way to learn about security in php? > [/snip] > > Study, study, study! > > Chris Shiflett is a recognized expert on PHP security - > http://shifl

Re: [PHP] newbie - function is undefined

2011-04-01 Thread Alex Nikitin
, and less bandwidth. If you include the JS file with php, every time you request the page the javascript will be pulled from your hard drive by php and sent back as a part of the server response (your end web page). ~ Alex On Fri, Apr 1, 2011 at 5:32 PM, Jim Giner wrote: > > functio

Re: [PHP] String eval assistance

2011-03-16 Thread Alex
I'm not sure as to why strpos does what it does here, at least its not immediately obvious, but, a solution to this would be to use a regular expression search, it would be more exact, it has never failed me, and it will be faster; I recall reading that preg functions were faster at then str one

Re: [PHP] imap_search ?

2011-03-07 Thread Alex
Imap remains open after you search and doesn't close until you call imap_close. Firstly the code shouldn't be written like that, while should not operate on a fail condition of a function exec, that's just bad coding practice and that's what causes a loop here. If there are no messages in the em

Re: [PHP] Double method access (Hi everyone! :))

2011-03-04 Thread alex
, but two?. I mean I have been trying but I got an error* * Fatal error: Call to a member function ... on a non-object in ... I think the problem is $this->getTable() returns non-object. There is nothing wrong with using multiply "->" as long as return-value from previous

Re: [PHP] something about dates in mysql

2011-03-03 Thread Alex
Just a correction, dates in mysql are not strings by any means, they are stored in 3 bytes (date and time or 8 bytes for datetime) and that's nowhere enough for a string, however the representation of the date is a formatted string, so for all intents and purposes any comparison to a date field

Re: [PHP] Help needed with mysql import

2011-03-02 Thread Alex
You shouldn't have a default value in an auto increment field. You can set AUTO_INCREMENT to 0 and start with 1, but as auto increment is a unique field and its automagically incremented, you should not set a default value on it... -- Sent from my Android phone with K-9 Mail. Please excuse my br

Re: [PHP] executing external php script

2011-03-02 Thread Alex
The exec function should help you there -- Sent from my Android phone with K-9 Mail. Please excuse my brevity. "ƒAƒ‹ƒxƒ‹ƒg" wrote: hi! what I want to do is execute php script and don't wait for output. found something like this_ > /dev/null 2>&1 &`;

Re: [PHP] Re: Sorting an array

2011-03-01 Thread Alex
That or do it in mysql before you get the data back, its also pretty good at sorting, you know ;) -- Sent from my Android phone with K-9 Mail. Please excuse my brevity. FeIn wrote: Also check http://www.php.net/manual/en/function.natsort.php On Tue, Mar 1, 2011 at 1:39 PM, David Robley wrote

Re: [PHP] improve speed of PHP answers

2011-02-10 Thread Alex Nikitin
The same content is served, the page looks exactly the same, nobody had to really change any code (there was a change in one of our framework modules that one of the plug-ins calls, but it was small enough (5 lines)), minus the wait... a lot of it :) Hopefully this gives you ideas that work

Re: [PHP] Memcache problems

2011-02-03 Thread Alex Nikitin
connection to 127.0.0.1 would ever possibly get dropped, loopback device never hits your network hardware... ~Alex On Thu, Feb 3, 2011 at 5:00 PM, Jostein Eriksen wrote: > On 02/03/2011 10:49 PM, Adam Richardson wrote: > >> On Thu, Feb 3, 2011 at 4:19 PM, Jostein Eriksen >>

Re: [PHP] Memcache problems

2011-02-03 Thread Alex Nikitin
other hand it could be neither; but to help you figure out where to look, one should hope to see a little bit more info... ~Alex On Thu, Feb 3, 2011 at 3:10 PM, Jostein Eriksen wrote: > Hi, > > I've been having some problems with memcache lately. > It seems to me that php is dropp

Re: [PHP] preg_replace question

2011-01-25 Thread Alex Nikitin
sult)) { $internal_links[] = array('phrase'=>$row->phrase, 'link'=>$row->link); } (you can figure out how to do it with array_push if you choose to, but you get the general idea) ~ Alex On Jan 25, 2011 6:35 AM, "Merlin Morgenstern" wrote: > Am 2

Re: [PHP] preg_replace question

2011-01-24 Thread Alex Nikitin
27;=>"http://wolframalpha.com";)), -1); Output: süße knuffige http://google.com";>Beagle http://wolframalpha.com";>Welpen ab ~Alex

Re: [PHP] Pros/Cons of using mysqli prepared statments

2010-11-04 Thread Alex Nikitin
to work around that, instantiate it with a query or result object from a statement and you get a uniform way to get the result array... http://pastebin.com/sAhZJcNX ~ Alex On Thu, Nov 4, 2010 at 5:38 PM, Jay Blanchard wrote: > [snip] > Just don't go too far. > [/snip] > >

[PHP] Re: Weird preg issue

2010-11-04 Thread Alex Nikitin
but that doesnt work if you add something after the "Mooo" *sigh*. well it gets kept On Thu, Nov 4, 2010 at 3:47 PM, Alex Nikitin wrote: > Hi, > > I'm kind of new to this list, and so if there have been discussions about > this, i am not quite aware of them

[PHP] Re: Weird preg issue

2010-11-04 Thread Alex Nikitin
der for this to work correctly, not sure about the elegantly part, but you can just limit preg_replace preg_replace('/(?:(?!"[a-zA-Z\s]*").)*/', '', $str, 1); and that seems to work correctly... Neat... kinda... On Thu, Nov 4, 2010 at 3:47 PM, Alex Nikitin wrote:

[PHP] Weird preg issue

2010-11-04 Thread Alex Nikitin
... Any ideas? bug, something i'm not getting, something in the way preg works? Thanks in advance, ~ Alex

RE: [PHP] multi thread work?

2010-08-04 Thread Alex Major
the previous one > > is it possible to let the script focus another curl process without > wait > answer of the previous one > > i hope if u could understand me ^^ This question has been asked several times over the last week, have a look over the archive ;). You need to be lo

Re: [PHP] GD - import a PNG image and make transparant

2010-05-13 Thread Alex Davies
'm currently looking through Karl's example to see if I can work it out, but if anyone can point out a super-simple way of achieving the pseudo-code above, i'd be very grateful! Cheers, Alex On Thu, May 13, 2010 at 1:34 AM, Ashley Sheridan wrote: > On Thu, 2010-05-13 at 00:12 +010

[PHP] GD - import a PNG image and make transparant

2010-05-12 Thread Alex Davies
The images that this outputs, at opacity levels 0,1 and 80 on a red and green background (screenshots of a HTML page) can be downloaded from http://www.box.net/shared/h9zn4tjgro Any help appreciated! Cheers, Alex

[PHP] PHP Application Structre

2010-05-10 Thread Alex Major
ed some insight into which is the recommended approach and why. I've been building bigger and bigger sites so having a solid foundation is becoming more and more important. Thanks for any help/feedback, I hope I've been clear. Alex.

RE: [PHP] Still searching for a bugtracking system

2010-03-30 Thread Alex Major
seems heavy, I know it has its supporters but I've always found it to be overkill for the projects I've worked on. Alex. -Original Message- From: Andre Polykanine [mailto:an...@oire.org] Sent: 30 March 2010 14:14 To: php-general@lists.php.net Subject: [PHP] Still searching f

RE: [PHP] Event Handling

2010-03-15 Thread Alex Major
heridan.co.uk] Sent: 15 March 2010 12:56 To: Midhun Girish Cc: Jochem Maas; David Hutto; php-general@lists.php.net; Alex Major Subject: Re: [PHP] Event Handling On Mon, 2010-03-15 at 18:28 +0530, Midhun Girish wrote: > rene "a page with an ajax script that kicks off the check-for-recen

[PHP] Event Handling

2010-03-15 Thread Alex Major
inded. I was hoping that someone might have some experience with this kind of issue and could point me in the right direction. I'm sure I've missed something right in front of me. Alex.

Re: [PHP] Why does CURLOPT_FOLLOWLOCATION require open_basedir to be turned off?

2009-12-13 Thread Alex S Kurilo
I can't see any conceivable benefit to this restriction when using open_basedir, as I thought that related to the local file system - unless CURL can use file:// URLs to access the local system? That's the problem. I always use open_basedir (not all the sites on my servers are safe enough). An

  1   2   3   4   5   6   7   8   9   >