From jim at bizcomputinginc.com Wed Oct 1 07:44:02 2003 From: jim at bizcomputinginc.com (Jim Hendricks) Date: Wed, 1 Oct 2003 07:44:02 -0400 Subject: [nycphp-talk] Yet another dissatisfied customer... References: <00e201c387cc$acd9f830$67a76244@philofsoa> Message-ID: <0ba501c38811$4fb465b0$6501a8c0@Notebook> If you have informed the client of how the end user will preceive the application as broken because there was inventory available when they placed an item in the cart, but the inventory was gone by the time they checked out, and they still want to go with the FIFO, then you need to consider how important this client is to your business. If they are not that important, then stand on principle, state that you can't intentionally develop a defective application, then see how the cookie crumbles. If they are important to your business, make sure they understand that the only reason you are developing the application in a way you consider defective is because they have asked for it, and you will not be held responsible if later their customers are complaining about this defective behavior. You may also want to put code in to track when this situation occurs. This way, when you see a high occurance of this, you can inform your client that your warning is coming true. Jim ______________________________________________________________ Jim Hendricks, President, Biz Computing, Inc Phone: (201) 599-9380 Email: jim at bizcomputinginc.com Web: www.bizcomputinginc.com Snail: Jim Hendricks, Biz Computing, Inc., 255 McKinley Ave, New Milford, NJ 07646 ______________________________________________________________ ----- Original Message ----- From: Phil Powell To: NYPHP Talk Sent: Tuesday, September 30, 2003 11:32 PM Subject: Re: [nycphp-talk] Yet another dissatisfied customer... Yes thanx, however, the client wanted a "FIFO" solution which means that if there are 30 items in stock and you ordered all 30 while someone else ordered 1, both of you will see 30 in stock until one of you checks out; whoever checks out first, wins! Phil ----- Original Message ----- From: tom at supertom.com To: NYPHP Talk Sent: Tuesday, September 30, 2003 8:40 AM Subject: RE: [nycphp-talk] Yet another dissatisfied customer... Phil, The way this is done in the manufacturing world is with an "inventory allocated" field. This field holds the number of quantity of your current inventory that is "held" or allocated for another purpose, such as checkout. Similar to inventory in a store, nothing should get removed from inventory until it is sold. What this means to you - I would decrement inventory on the screen, and if he is that particular about it, display both the inventory and the allocated fields. However, with this said, personally I feel that you need to do whatever the customer is asking for, as long as it is in the scope and budget of the project. As a consultant, it is your job to inform him of the risks involved (which you have done), but ultimately do what he asks. Phil, I hope you are doing this job for ALOT more than the last one (architecture for $68, remember?). :-) Good Luck! Tom *************************************************** What's Tom listening to right now? Find out here: http://www.supertom.com/current_track.php -----Original Message----- From: talk-bounces at lists.nyphp.org [mailto:talk-bounces at lists.nyphp.org]On Behalf Of Phil Powell Sent: Tuesday, September 30, 2003 1:37 AM To: NYPHP Talk Subject: [nycphp-talk] Yet another dissatisfied customer... ...am I cursed? Another client is threatening to "delete everything" calling my work a "waste of time". There is, however, one possible sane reason for this, and I need to get some PHP guru advice on how to handle this. You have ordered one item and placed it into your cart. Let's say you ordered one small black t-shirt. Your cart will have the product_id, color_id and size_id for the small black t-shirt. The quantity of this item is, let's say 30. You have one in your cart, so how many are available: 1) 29 2) 30 Now let's say that while I ordered one small black t-shirt, Sven ordered 1 small black t-shirt, Anders ordered one black t-shirt, and Olov ordered one black t-shirt. If all four of us, at one time, are all ordering the same item and putting it into our carts, how many should there be available to us: 1) 26 2) 25 3) 29 4) 30 This is where the contention comes in. The client wants it done "FIFO" (First In First Out) meaning that whoever gets it first will subtract the quantity - but I dispute that (coming from somewhat of a Java background) that since PHP doesn't so single-threading, that means that all four of us could order t-shirts, but the quantity has to reflect that all four of us are ordering (multi-threading). I dunno, help! Phil ---------------------------------------------------------------------------- _______________________________________________ talk mailing list talk at lists.nyphp.org http://lists.nyphp.org/mailman/listinfo/talk ------------------------------------------------------------------------------ _______________________________________________ talk mailing list talk at lists.nyphp.org http://lists.nyphp.org/mailman/listinfo/talk -------------- next part -------------- An HTML attachment was scrubbed... URL: From oprusak at trafficmac.com Wed Oct 1 09:57:48 2003 From: oprusak at trafficmac.com (Ophir Prusak) Date: Wed, 1 Oct 2003 09:57:48 -0400 Subject: [nycphp-talk] Yet another dissatisfied customer... References: <00e201c387cc$acd9f830$67a76244@philofsoa> <0ba501c38811$4fb465b0$6501a8c0@Notebook> Message-ID: <004f01c38823$ff7841d0$5356a8c0@CPXPDEV10> 1. From my personal experience, this doesn't happen all that often. The success (or lack of) the site will have little to do with how you deal with this situation. 2. If you want my $0.02, I think the solution is really better approached from a UI perspective. Don't show an inventory on the product page. If the product has several variants (like A shirt with sizes and colors) there is no good way of showing inventory even if you wanted to. If the product has only 1 variant (like a music CD), if you really have to, just show a general term for inventory levels on the product page, something like: "In stock", "Only a few left", "Out of stock". Then whenever you decide to actually decrease stock levels, do the check. ----- Original Message ----- From: Jim Hendricks To: NYPHP Talk Sent: Wednesday, October 01, 2003 7:44 AM Subject: Re: [nycphp-talk] Yet another dissatisfied customer... If you have informed the client of how the end user will preceive the application as broken because there was inventory available when they placed an item in the cart, but the inventory was gone by the time they checked out, and they still want to go with the FIFO, then you need to consider how important this client is to your business. If they are not that important, then stand on principle, state that you can't intentionally develop a defective application, then see how the cookie crumbles. If they are important to your business, make sure they understand that the only reason you are developing the application in a way you consider defective is because they have asked for it, and you will not be held responsible if later their customers are complaining about this defective behavior. You may also want to put code in to track when this situation occurs. This way, when you see a high occurance of this, you can inform your client that your warning is coming true. Jim ______________________________________________________________ Jim Hendricks, President, Biz Computing, Inc Phone: (201) 599-9380 Email: jim at bizcomputinginc.com Web: www.bizcomputinginc.com Snail: Jim Hendricks, Biz Computing, Inc., 255 McKinley Ave, New Milford, NJ 07646 ______________________________________________________________ ----- Original Message ----- From: Phil Powell To: NYPHP Talk Sent: Tuesday, September 30, 2003 11:32 PM Subject: Re: [nycphp-talk] Yet another dissatisfied customer... Yes thanx, however, the client wanted a "FIFO" solution which means that if there are 30 items in stock and you ordered all 30 while someone else ordered 1, both of you will see 30 in stock until one of you checks out; whoever checks out first, wins! Phil ----- Original Message ----- From: tom at supertom.com To: NYPHP Talk Sent: Tuesday, September 30, 2003 8:40 AM Subject: RE: [nycphp-talk] Yet another dissatisfied customer... Phil, The way this is done in the manufacturing world is with an "inventory allocated" field. This field holds the number of quantity of your current inventory that is "held" or allocated for another purpose, such as checkout. Similar to inventory in a store, nothing should get removed from inventory until it is sold. What this means to you - I would decrement inventory on the screen, and if he is that particular about it, display both the inventory and the allocated fields. However, with this said, personally I feel that you need to do whatever the customer is asking for, as long as it is in the scope and budget of the project. As a consultant, it is your job to inform him of the risks involved (which you have done), but ultimately do what he asks. Phil, I hope you are doing this job for ALOT more than the last one (architecture for $68, remember?). :-) Good Luck! Tom *************************************************** What's Tom listening to right now? Find out here: http://www.supertom.com/current_track.php -----Original Message----- From: talk-bounces at lists.nyphp.org [mailto:talk-bounces at lists.nyphp.org]On Behalf Of Phil Powell Sent: Tuesday, September 30, 2003 1:37 AM To: NYPHP Talk Subject: [nycphp-talk] Yet another dissatisfied customer... ...am I cursed? Another client is threatening to "delete everything" calling my work a "waste of time". There is, however, one possible sane reason for this, and I need to get some PHP guru advice on how to handle this. You have ordered one item and placed it into your cart. Let's say you ordered one small black t-shirt. Your cart will have the product_id, color_id and size_id for the small black t-shirt. The quantity of this item is, let's say 30. You have one in your cart, so how many are available: 1) 29 2) 30 Now let's say that while I ordered one small black t-shirt, Sven ordered 1 small black t-shirt, Anders ordered one black t-shirt, and Olov ordered one black t-shirt. If all four of us, at one time, are all ordering the same item and putting it into our carts, how many should there be available to us: 1) 26 2) 25 3) 29 4) 30 This is where the contention comes in. The client wants it done "FIFO" (First In First Out) meaning that whoever gets it first will subtract the quantity - but I dispute that (coming from somewhat of a Java background) that since PHP doesn't so single-threading, that means that all four of us could order t-shirts, but the quantity has to reflect that all four of us are ordering (multi-threading). I dunno, help! Phil -------------------------------------------------------------------------- _______________________________________________ talk mailing list talk at lists.nyphp.org http://lists.nyphp.org/mailman/listinfo/talk ---------------------------------------------------------------------------- _______________________________________________ talk mailing list talk at lists.nyphp.org http://lists.nyphp.org/mailman/listinfo/talk ------------------------------------------------------------------------------ _______________________________________________ talk mailing list talk at lists.nyphp.org http://lists.nyphp.org/mailman/listinfo/talk -------------- next part -------------- An HTML attachment was scrubbed... URL: From soazine at pop.erols.com Wed Oct 1 11:00:18 2003 From: soazine at pop.erols.com (soazine at pop.erols.com) Date: Wed, 1 Oct 2003 11:00:18 -0400 Subject: [nycphp-talk] Class does not retain parameter value - have no way to know to check it Message-ID: <410-22003103115018911@M2W046.mail2web.com> Is there a way within the class "constructor" function to verify if a parameter passed into the class has retained its value? I keep apparently losing the parameter value somewhere in the structure of the class and I can't figure out how to verify when/if it gets lost. The class I can't copy onto here, unless you want to see a class that's 200 lines long and has 30 parameters. Phil -------------------------------------------------------------------- mail2web - Check your email from the web at http://mail2web.com/ . From danielc at analysisandsolutions.com Wed Oct 1 11:38:16 2003 From: danielc at analysisandsolutions.com (Analysis & Solutions) Date: Wed, 1 Oct 2003 11:38:16 -0400 Subject: [nycphp-talk] Class does not retain parameter value - have no way to know to check it In-Reply-To: <410-22003103115018911@M2W046.mail2web.com> References: <410-22003103115018911@M2W046.mail2web.com> Message-ID: <20031001153816.GA948@panix.com> Alas: Guess he forgot what he said on September 24th... > Ok maybe I have asked too many questions here I am afraid. I guess I > should just dart out of here. --Dan -- FREE scripts that make web and database programming easier http://www.analysisandsolutions.com/software/ T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y 4015 7th Ave #4AJ, Brooklyn NY v: 718-854-0335 f: 718-854-0409 From davevgl at yahoo.com Wed Oct 1 13:22:33 2003 From: davevgl at yahoo.com (David Vogel) Date: Wed, 1 Oct 2003 10:22:33 -0700 (PDT) Subject: [nycphp-talk] handling vague dates. Message-ID: <20031001172234.60367.qmail@web14307.mail.yahoo.com> Hey, I have a small batch of dates that I'd like to get into a db. Almost all of them are specific, eg October 1. However, a few refer to things that happen around a certain time. For example students' "Housing bill for spring semester due" is listed as 'Early January'. So, I'm not sure how to set up the db to accomodate the oddballs. Any suggestions would be much appreciated. thanks, Dave __________________________________ Do you Yahoo!? The New Yahoo! Shopping - with improved product search http://shopping.yahoo.com From dan at cain.sh Wed Oct 1 13:28:50 2003 From: dan at cain.sh (Daniel J Cain Jr.) Date: Wed, 1 Oct 2003 12:28:50 -0500 Subject: [nycphp-talk] PHP Timing Mechanism References: <18D7B8CAA5284F478470828806DB124603789F6A@psle01.xchg.pwj.com> <3F7A3B4C.6070806@nyphp.org> Message-ID: <004201c38841$7ae0f200$1500a8c0@adminh52t7j5z0> >From the php.net web site: http://us4.php.net/function.set-time-limit Note: The set_time_limit() function and the configuration directive max_execution_time only affect the execution time of the script itself. Any time spent on activity that happens outside the execution of the script such as system calls using system(), the sleep() function, database queries, etc. is not included when determining the maximum time that the script has been running. That might explain what you are seeing. From joshmccormack at travelersdiary.com Wed Oct 1 13:31:00 2003 From: joshmccormack at travelersdiary.com (joshmccormack at travelersdiary.com) Date: Wed, 1 Oct 2003 12:31:00 -0500 (CDT) Subject: [nycphp-talk] handling vague dates. In-Reply-To: <20031001172234.60367.qmail@web14307.mail.yahoo.com> Message-ID: How about adding a column for date modifiers with options like "on date or within next 15 days" or something, and then change the oddballs to regular dates (search and replace) and just have entries in the date modifiers column for them? Josh On Wed, 1 Oct 2003, David Vogel wrote: > Hey, > > I have a small batch of dates that I'd like to get into a db. Almost > all of them are specific, eg October 1. However, a few refer to things > that happen around a certain time. For example students' "Housing bill > for spring semester due" is listed as 'Early January'. > > So, I'm not sure how to set up the db to accomodate the oddballs. Any > suggestions would be much appreciated. > > thanks, > Dave > > __________________________________ > Do you Yahoo!? > The New Yahoo! Shopping - with improved product search > http://shopping.yahoo.com > _______________________________________________ > talk mailing list > talk at lists.nyphp.org > http://lists.nyphp.org/mailman/listinfo/talk > From hans at nyphp.org Wed Oct 1 13:40:26 2003 From: hans at nyphp.org (Hans Zaunere) Date: Wed, 01 Oct 2003 13:40:26 -0400 Subject: [nycphp-talk] handling vague dates. In-Reply-To: <20031001172234.60367.qmail@web14307.mail.yahoo.com> References: <20031001172234.60367.qmail@web14307.mail.yahoo.com> Message-ID: <3F7B118A.7080905@nyphp.org> David Vogel wrote: > Hey, > > I have a small batch of dates that I'd like to get into a db. Almost > all of them are specific, eg October 1. However, a few refer to things > that happen around a certain time. For example students' "Housing bill > for spring semester due" is listed as 'Early January'. > > So, I'm not sure how to set up the db to accomodate the oddballs. Any > suggestions would be much appreciated. I've dealt with almost the same thing. Very often, patients will say "I was sick in March" or "I came down with xyz in 1970". I wrote http://pcomd.net/Ymd to handle these types of things (you can just download/copy the source without worrying about the pCom part of it) and it's worked great. While the code is tuned for MySQL the premise remains the same for any DB; use ISO dates, which have no problem being ambiguous and are super fast/portable (they're just ints). The only items I see that Ymd wouldn't address for you is stating "early xyz...", and they require at least a year to be used (although these could be hacked out). HTH, H From dorgan at optonline.net Wed Oct 1 13:42:45 2003 From: dorgan at optonline.net (Donald J. Organ IV) Date: Wed, 01 Oct 2003 13:42:45 -0400 Subject: [nycphp-talk] handling vague dates. References: <20031001172234.60367.qmail@web14307.mail.yahoo.com> Message-ID: <00ee01c38843$6d14ec60$c801a8c0@dj> just use a varchar field, and display that way.and you could always you strftime(); ----- Original Message ----- From: "David Vogel" To: Sent: Wednesday, October 01, 2003 1:22 PM Subject: [nycphp-talk] handling vague dates. > Hey, > > I have a small batch of dates that I'd like to get into a db. Almost > all of them are specific, eg October 1. However, a few refer to things > that happen around a certain time. For example students' "Housing bill > for spring semester due" is listed as 'Early January'. > > So, I'm not sure how to set up the db to accomodate the oddballs. Any > suggestions would be much appreciated. > > thanks, > Dave > > __________________________________ > Do you Yahoo!? > The New Yahoo! Shopping - with improved product search > http://shopping.yahoo.com > _______________________________________________ > talk mailing list > talk at lists.nyphp.org > http://lists.nyphp.org/mailman/listinfo/talk From tgales at tgaconnect.com Wed Oct 1 13:45:13 2003 From: tgales at tgaconnect.com (Tim Gales) Date: Wed, 1 Oct 2003 13:45:13 -0400 Subject: [nycphp-talk] handling vague dates. In-Reply-To: <20031001172234.60367.qmail@web14307.mail.yahoo.com> Message-ID: <002f01c38843$c47a1f70$bf8d3818@OBERON1> What you want to do involves setting up some 'fuzzy' sets for use with 'fuzzy' logic. e.g "early in the week" is in the set of ('Mon', 'Tue' ) "middle of the week is in the set of ('Tue', 'Wed'. Thu') "end of the week is in the set of ( 'Thu', 'Fri') Typically such sets are used for queries (instead of input) like "What do I have scheduled for the "end of the week"? However you could associate a key phrase like "mid-week" for input. T. Gales & Associates Helping People Connect with Technology http://www.tgaconnect.com -----Original Message----- From: talk-bounces at lists.nyphp.org [mailto:talk-bounces at lists.nyphp.org] On Behalf Of David Vogel Sent: Wednesday, October 01, 2003 1:23 PM To: talk at lists.nyphp.org Subject: [nycphp-talk] handling vague dates. Hey, I have a small batch of dates that I'd like to get into a db. Almost all of them are specific, eg October 1. However, a few refer to things that happen around a certain time. For example students' "Housing bill for spring semester due" is listed as 'Early January'. So, I'm not sure how to set up the db to accomodate the oddballs. Any suggestions would be much appreciated. thanks, Dave __________________________________ Do you Yahoo!? The New Yahoo! Shopping - with improved product search http://shopping.yahoo.com _______________________________________________ talk mailing list talk at lists.nyphp.org http://lists.nyphp.org/mailman/listinfo/talk From davevgl at yahoo.com Wed Oct 1 14:15:35 2003 From: davevgl at yahoo.com (David Vogel) Date: Wed, 1 Oct 2003 11:15:35 -0700 (PDT) Subject: [nycphp-talk] handling vague dates. In-Reply-To: <3F7B118A.7080905@nyphp.org> Message-ID: <20031001181535.85227.qmail@web14311.mail.yahoo.com> Thanks, for all the suggestions, that helps a lot. dv --- Hans Zaunere wrote: > > > David Vogel wrote: > > > Hey, > > > > I have a small batch of dates that I'd like to get into a db. > Almost > > all of them are specific, eg October 1. However, a few refer to > things > > that happen around a certain time. For example students' "Housing > bill > > for spring semester due" is listed as 'Early January'. > > > > So, I'm not sure how to set up the db to accomodate the oddballs. > Any > > suggestions would be much appreciated. > > I've dealt with almost the same thing. Very often, patients will say > "I was sick in March" or "I came down with xyz in 1970". > > I wrote http://pcomd.net/Ymd to handle these types of things (you can > just download/copy the source without worrying about the pCom part of > it) and it's worked great. While the code is tuned for MySQL the > premise remains the same for any DB; use ISO dates, which have no > problem being ambiguous and are super fast/portable (they're just > ints). The only items I see that Ymd wouldn't address for you is > stating "early xyz...", and they require at least a year to be used > (although these could be hacked out). > > HTH, > > H > > > _______________________________________________ > talk mailing list > talk at lists.nyphp.org > http://lists.nyphp.org/mailman/listinfo/talk __________________________________ Do you Yahoo!? The New Yahoo! Shopping - with improved product search http://shopping.yahoo.com From tgales at tgaconnect.com Wed Oct 1 16:26:49 2003 From: tgales at tgaconnect.com (Tim Gales) Date: Wed, 1 Oct 2003 16:26:49 -0400 Subject: [nycphp-talk] OpenSSL Patches Message-ID: <003701c3885a$5875dfa0$bf8d3818@OBERON1> There is a new patch available for OpenSSL (versions 0.9.7c and 0.9.6k.) It turns out under the SSL/TLS parser is vulnerable to a specially crafted malicious security certificate (X.509) which could cause it to crash . This means you would have no way to connect via secure sockets. The sky is definitely not falling here (my opinion) but you might want to read about it. http://www.kb.cert.org/vuls/id/935264 T. Gales & Associates Helping People Connect with Technology http://www.tgaconnect.com -------------- next part -------------- An HTML attachment was scrubbed... URL: From vinay_chinnam at yahoo.com Wed Oct 1 21:15:16 2003 From: vinay_chinnam at yahoo.com (Vinay Chinnam) Date: Wed, 1 Oct 2003 18:15:16 -0700 (PDT) Subject: [nycphp-talk] cURL install Message-ID: <20031002011516.95144.qmail@web13601.mail.yahoo.com> Hi guys, I am trying to get linkpoint select API integrated into an osCommerce installation and get the following error at the very first step. Fatal error: Call to undefined function: curl_init() I asked for cURL to be installed and after a short time I was told that he got it installed from instructions found at some website (http://www.viaverio.com/support/virtual/admin/curl/index.cfm ) but the phpinfo doesnt show any section which says that curl is installed/enabled. I do see curl in the config line as below.. '--with-curl=shared,/usr/local/curl' but even now I get the fatal error .. anything I missed? . help anyone! I can put up a public phpinfo if required .. thanks, Vinay --------------------------------- Do you Yahoo!? The New Yahoo! Shopping - with improved product search -------------- next part -------------- An HTML attachment was scrubbed... URL: From andrew at digitalpulp.com Wed Oct 1 21:58:56 2003 From: andrew at digitalpulp.com (Andrew Yochum) Date: Wed, 1 Oct 2003 21:58:56 -0400 Subject: [nycphp-talk] cURL install In-Reply-To: <20031002011516.95144.qmail@web13601.mail.yahoo.com> References: <20031002011516.95144.qmail@web13601.mail.yahoo.com> Message-ID: <20031002015848.GA24078@localhost.localdomain> Hi Vinay, Since you are compiling the cURL extension as a shared library, the module must be loaded in your php.ini. You'll need to add something like: extension=curl.so I'm not sure of the actual name of the library, but you should find it in /usr/lib/php4 or somewhere similar. If you don't have that file the attempt to add curl support may have failed. You'll want to look at the output of the configure script to be sure it found everything it needed for curl support. Hope that helps and good luck with the LP Select API. Andrew On Wed, Oct 01, 2003 at 06:15:16PM -0700, Vinay Chinnam wrote: > Hi guys, > I am trying to get linkpoint select API integrated into an osCommerce installation and get the following error at the very first step. > Fatal error: Call to undefined function: curl_init() > > I asked for cURL to be installed and after a short time I was told that he got it installed from instructions found at some website (http://www.viaverio.com/support/virtual/admin/curl/index.cfm ) but the phpinfo doesnt show any section which says that curl is installed/enabled. > I do see curl in the config line as below.. > '--with-curl=shared,/usr/local/curl' > > but even now I get the fatal error .. anything I missed? . help anyone! > I can put up a public phpinfo if required .. > > thanks, > Vinay -- Andrew Yochum Digital Pulp, Inc. 212.679.0676x255 andrew at digitalpulp.com From dkrook at hotmail.com Thu Oct 2 00:59:29 2003 From: dkrook at hotmail.com (D C Krook) Date: Thu, 02 Oct 2003 00:59:29 -0400 Subject: [nycphp-talk] OT: Apache access_log integrity Message-ID: Folks, I'm trying to trim the fat from Apache's access_log: removing my own IP addresses from the log; stripping referer spam; bots; etc. While I understand that I can exclude known IP addresses and other common patterns via mod_setenvif, I'd like to be able to do this on an ad hoc basis when I notice certain spikes in useless records in the log and/or when my IP changes when hitting my own site from various wireless points. My first idea was to grep the logs by using a shell or Perl script that I could add to my daily cron or call arbitrarily like so: #!/bin/sh grep -v "192.168.1.1" /var/log/apache/access_log > /var/log/apache/access_log.tmp mv /var/log/apache/access_log.tmp /var/log/apache/access_log /export/home/krook/bin/restart-apache.sh Of course, this has the drawback of restarting Apache everytime the access_log is changed by the script, but the second or two of down time is acceptable if it means logs that can be regularly analyzed for useful reports that don't have "http://jeff-knights-online-viagra-megastore" as my top referer. I'd like to know if anyone else had addressed this problem in a sucessful way or has any best practice, either via mod_setenvif, Perl, CLI PHP, cron etc. I've Googled the following topics without any good results: "strip line from access_log perl" "clean access_log" "setEnvIf" "eliminate referer spam access_log" "remove line from log" Thanks in advance for any tips. -Dan _________________________________________________________________ MSN 8 helps eliminate e-mail viruses. Get 2 months FREE*. http://join.msn.com/?page=features/virus From danielc at analysisandsolutions.com Thu Oct 2 02:26:49 2003 From: danielc at analysisandsolutions.com (Analysis & Solutions) Date: Thu, 2 Oct 2003 02:26:49 -0400 Subject: [nycphp-talk] Fwd: TONS of difficulties getting/using Studio 3 Message-ID: <20031002062649.GA6528@panix.com> Hey Folks: Here's the note I just fired off to Zeev about my experiences with their site and the new Zend Studio IDE. --Dan ----- Forwarded message from Analysis & Solutions ----- From: Analysis & Solutions To: zeev at zend.com Date: Thu, 2 Oct 2003 02:24:20 -0400 Subject: TONS of difficulties getting/using Studio 3 Greetings Zeev: Congratulations on launching version 3 of Zend Studio. Daniel Kushner provided a demonstration of the IDE at the September meeting of the NYPHP group. I subsequently downloaded the package for a test spin. Unfortunately, nearly every step of the process was problematic. So, like the version 2.6 I tried a while back, the problems outweighed the price/benefit ratio, so I decided not to purchase the IDE at this point. Here's what happened. * Discount Period Thank you for providing a 50% discount code for the NYPHP group. The code's expiration date offered only three days for playing with things. This rubbed me the wrong way. * Upgrade Terms The one year upgrade period also seems unusually short. * Website Advanced Search Submitting terms from the Advanced Search form lead (and still does) to a nonexistent page. * Website Contact Form Bugs I went to report the search problem via the contact form. Upon submitting it, there was no indication that there was an error nor that the message was sent. I subsequently realized this was because I'd left off the browser, which was a required field. A warning should have been provided. * Website's VERY Small Fonts Fonts on the site are set via px. Worse, they're set to a very small px size. Lower case letters wind up being only 1.5mm tall on my screen. OUCH! * Website Information Center Requires JavaScript This section is completely useless without JavaScript turned on. This is unnecessary -- particularly from the makers of the world's greatest server side language. Worse, no message is displayed saying JS is needed. All one sees is the navigation links and two blank panes below. * Download Downloading the files requires cookies and JavaScript. Again, not only is this lame, there's no indication that this is the case. * Activation Information Email This email wound up being a huge chunk of HTML marketing crap. It wound up getting cought by my spam filters. Geez. All we need is the activation code, please. * Installation: Choose Components On Windows 2000, this dialog box has the background color hard coded to white, while the text color is left to Windows' default window text color... which on my system is white. Makes this screen impossible to read. * Colors of File/Project Pane & Code Completion Box Similar background color settings conflicts occurred in the IDE itself. * PHP Version Warning I'm using development builds of PHP 5 on my system. So, when the debugger system is turned on, I get a series of message box warnings for each HTTP request. No fun. * Debug/Profile Command Line Scripts The IDE GUI doesn't have the ability to deal with command line scripts. This is a major shortcomming for me, since these are my biggest projects. Users should be able to type in a script name and arguments and have the system debug/profile the results. I hope these experiences provide guidance for improving Zend's website and software. If you have any questions, please let me know. L'shana tovah, if you're into that stuff. Thanks, --Dan Daniel Convissor ----- End forwarded message ----- -- T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y data intensive web and database programming http://www.AnalysisAndSolutions.com/ 4015 7th Ave #4, Brooklyn NY 11232 v: 718-854-0335 f: 718-854-0409 From psaw at pswebcode.com Thu Oct 2 05:30:26 2003 From: psaw at pswebcode.com (pswebcode, nyc) Date: Thu, 2 Oct 2003 05:30:26 -0400 Subject: [nycphp-talk] OT: Apache access_log integrity In-Reply-To: Message-ID: <001301c388c7$d1874b00$68e4a144@bronco> Did you look at Webalizer, an app that has many startup config options that allow you to remove/massage info to generate focused reports and charts from Apache logs. Also, cron to grab, analyze and archive your logs systematically. Then maybe you could do some set it and forget it type of processing. PSaw -----Original Message----- From: talk-bounces at lists.nyphp.org [mailto:talk-bounces at lists.nyphp.org] On Behalf Of D C Krook Sent: Thursday, October 02, 2003 12:59 AM To: talk at lists.nyphp.org Subject: [nycphp-talk] OT: Apache access_log integrity Folks, I'm trying to trim the fat from Apache's access_log: removing my own IP addresses from the log; stripping referer spam; bots; etc. While I understand that I can exclude known IP addresses and other common patterns via mod_setenvif, I'd like to be able to do this on an ad hoc basis when I notice certain spikes in useless records in the log and/or when my IP changes when hitting my own site from various wireless points. My first idea was to grep the logs by using a shell or Perl script that I could add to my daily cron or call arbitrarily like so: #!/bin/sh grep -v "192.168.1.1" /var/log/apache/access_log > /var/log/apache/access_log.tmp mv /var/log/apache/access_log.tmp /var/log/apache/access_log /export/home/krook/bin/restart-apache.sh Of course, this has the drawback of restarting Apache everytime the access_log is changed by the script, but the second or two of down time is acceptable if it means logs that can be regularly analyzed for useful reports that don't have "http://jeff-knights-online-viagra-megastore" as my top referer. I'd like to know if anyone else had addressed this problem in a sucessful way or has any best practice, either via mod_setenvif, Perl, CLI PHP, cron etc. I've Googled the following topics without any good results: "strip line from access_log perl" "clean access_log" "setEnvIf" "eliminate referer spam access_log" "remove line from log" Thanks in advance for any tips. -Dan _________________________________________________________________ MSN 8 helps eliminate e-mail viruses. Get 2 months FREE*. http://join.msn.com/?page=features/virus _______________________________________________ talk mailing list talk at lists.nyphp.org http://lists.nyphp.org/mailman/listinfo/talk From hans at nyphp.org Thu Oct 2 09:35:30 2003 From: hans at nyphp.org (Hans Zaunere) Date: Thu, 02 Oct 2003 09:35:30 -0400 Subject: [nycphp-talk] OT: Apache access_log integrity In-Reply-To: References: Message-ID: <3F7C29A2.4000906@nyphp.org> D C Krook wrote: > Folks, > > I'm trying to trim the fat from Apache's access_log: removing my own IP > addresses from the log; stripping referer spam; bots; etc. > > While I understand that I can exclude known IP addresses and other > common patterns via mod_setenvif, I'd like to be able to do this on an > ad hoc basis when I notice certain spikes in useless records in the log > and/or when my IP changes when hitting my own site from various wireless > points. > > My first idea was to grep the logs by using a shell or Perl script that > I could add to my daily cron or call arbitrarily like so: > > #!/bin/sh > grep -v "192.168.1.1" /var/log/apache/access_log > > /var/log/apache/access_log.tmp > mv /var/log/apache/access_log.tmp /var/log/apache/access_log > /export/home/krook/bin/restart-apache.sh > > Of course, this has the drawback of restarting Apache everytime the > access_log is changed by the script, but the second or two of down time > is acceptable if it means logs that can be regularly analyzed for useful > reports that don't have "http://jeff-knights-online-viagra-megastore" as > my top referer. > > I'd like to know if anyone else had addressed this problem in a > sucessful way or has any best practice, either via mod_setenvif, Perl, > CLI PHP, cron etc. I haven't had to do this type of thing exactly, but an idea that just popped in there: CustomLog can take a pipe instead of a flat file (see http://httpd.apache.org/docs/mod/mod_log_config.html#customlog for syntax). For example: CustomLog |speciallogger.psh where specialogger.psh is a PHP CLI, of course :) specialogger.psh could then have some scheme to ignore certain types of lines that come in on stdin, or log them in some preferred way (via mysql,file,etc). It could also speak to a DB, which would determine what lines are ignored and which are not (maybe just via a set of regexs). There's a lot of possibilities, and would especially be handy for sites without huge amounts of traffic (although I could see it tuned for even those with a lot of traffic). > I've Googled the following topics without any good results: > "strip line from access_log perl" > "clean access_log" > "setEnvIf" > "eliminate referer spam access_log" > "remove line from log" A good man is he who reveals what he's googled for :) HTH, H From sklar at sklar.com Thu Oct 2 10:20:28 2003 From: sklar at sklar.com (David Sklar) Date: Thu, 2 Oct 2003 10:20:28 -0400 Subject: [nycphp-talk] OT: Apache access_log integrity In-Reply-To: <3F7C29A2.4000906@nyphp.org> Message-ID: >A good man is he who reveals what he's googled for :) This is an excellent summary of the previously discussed document or presentation or whatever containing tips about good list etiquette and how to ask questions that will get answered! David From dmintz at panix.com Thu Oct 2 10:38:43 2003 From: dmintz at panix.com (David Mintz) Date: Thu, 2 Oct 2003 10:38:43 -0400 (EDT) Subject: [nycphp-talk] OT: Apache access_log integrity In-Reply-To: References: Message-ID: On Thu, 2 Oct 2003, David Sklar wrote: > >A good man is he who reveals what he's googled for :) > > This is an excellent summary of the previously discussed document or > presentation or whatever containing tips about good list etiquette and how > to ask questions that will get answered! And it would make a cool sig (with proper attribution, of course). Out of context, it has a certain ambiguity... (-: --- David Mintz http://davidmintz.org/ Email: See http://dmintzweb.com/whitelist.php first! "Y d?le p'abajo" Tito Rojas From dmintz at panix.com Thu Oct 2 10:55:12 2003 From: dmintz at panix.com (David Mintz) Date: Thu, 2 Oct 2003 10:55:12 -0400 (EDT) Subject: [nycphp-talk] kudos for a NYPHPer In-Reply-To: <7156C7DA-F4E5-11D7-85DA-000393B9FB36@mac.com> References: <7156C7DA-F4E5-11D7-85DA-000393B9FB36@mac.com> Message-ID: from the blow-your-own-horn dept: There's a Spanish<>English court interpreters glossary application that I wrote with MySQL/PHP. The private read-write version lets the user insert, update, delete. However we have also put a read-only public version out there: http://sdnyinterpreters.org/term/ Now here's the point. Some French terminologists run a site called lexicool.com that finds, evaluates and ranks web-based multilingual dictionaries and glossaries -- translators' tools, basically -- based on presentation and useablility. And in the category of Spanish<>English Legal/Administration the winner is.... no not me, a United Nations site was first, but ours was second in a field of 54. Note that both First and Second Place go to organizations based in NY. I love NY! --- David Mintz http://davidmintz.org/ Email: See http://dmintzweb.com/whitelist.php first! "Y d?le p'abajo" Tito Rojas From David.SextonJr at ubs.com Thu Oct 2 11:55:21 2003 From: David.SextonJr at ubs.com (Sexton, David) Date: Thu, 2 Oct 2003 11:55:21 -0400 Subject: [nycphp-talk] PHP Timing Mechanism Message-ID: <18D7B8CAA5284F478470828806DB124603789F70@psle01.xchg.pwj.com> That does explain it, but it sort of defeats the purpose of having a maximum_execution_time directive in this case. I would think that a large percentage of PHP scripts have some kind of external processing going on, particularly DB connectivity. Anyways, thanks for the side note! -----Original Message----- From: Daniel J Cain Jr. [mailto:dan at cain.sh] Sent: Wednesday, October 01, 2003 1:29 PM To: NYPHP Talk Subject: Re: [nycphp-talk] PHP Timing Mechanism >From the php.net web site: http://us4.php.net/function.set-time-limit Note: The set_time_limit() function and the configuration directive max_execution_time only affect the execution time of the script itself. Any time spent on activity that happens outside the execution of the script such as system calls using system(), the sleep() function, database queries, etc. is not included when determining the maximum time that the script has been running. That might explain what you are seeing. Please do not transmit orders or instructions regarding a UBS account by email. The information provided in this email or any attachments is not an official transaction confirmation or account statement. For your protection, do not include account numbers, Social Security numbers, credit card numbers, passwords or other non-public information in your email. Because the information contained in this message may be privileged, confidential, proprietary or otherwise protected from disclosure, please notify us immediately by replying to this message and deleting it from your computer if you have received this communication in error. Thank you. UBS Financial Services Inc. UBS International Inc. From jonbaer at jonbaer.net Thu Oct 2 12:17:18 2003 From: jonbaer at jonbaer.net (jon baer) Date: Thu, 2 Oct 2003 12:17:18 -0400 Subject: [nycphp-talk] OT: Apache access_log integrity References: <3F7C29A2.4000906@nyphp.org> Message-ID: <002601c38900$a6e90440$6700a8c0@thinkpad> you could also use sed on the log, not sure if this what u were looking for: sed -i.backup "s/my ip/XXX.XXX.XXX.XXX/g" access_log - jon From danielc at analysisandsolutions.com Thu Oct 2 13:47:16 2003 From: danielc at analysisandsolutions.com (Analysis & Solutions) Date: Thu, 2 Oct 2003 13:47:16 -0400 Subject: [nycphp-talk] Fwd: TONS of difficulties getting/using Studio 3 Message-ID: <20031002174715.GA4788@panix.com> ----- Forwarded message from Zeev Suraski ----- From: Zeev Suraski To: Analysis & Solutions Date: Thu, 02 Oct 2003 10:49:52 +0200 Subject: Re: TONS of difficulties getting/using Studio 3 Dan, Thanks for your email. I value it very much, and will do my best to see that we improve things in all the fronts you mentioned. I'll send you a more detailed response in the near future with an update regarding these various issues. Thanks again, and Shana Tova! Zeev ----- End forwarded message ----- -- FREE scripts that make web and database programming easier http://www.analysisandsolutions.com/software/ T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y 4015 7th Ave #4AJ, Brooklyn NY v: 718-854-0335 f: 718-854-0409 From stephen at musgrave.org Thu Oct 2 14:59:01 2003 From: stephen at musgrave.org (Stephen Musgrave) Date: Thu, 02 Oct 2003 14:59:01 -0400 Subject: [nycphp-talk] store's opening hours Message-ID: I've got a stumper.. or at least it is over here.. and I've been looking for a solution. For each day of the week, I have an opening time and closing time for a store. If the opening and closing times are the same for sequential days, I would like to display the days as a range. For example: Mon-Fri 10:00 to 7:00 Sat-Sun 11:00 to 5:00 Does anybody have any ideas? Resources? Philosophies? Stephen Musgrave // stephen at musgrave.org // http://musgrave.org // 718-486-6514 From agfische at email.smith.edu Thu Oct 2 15:12:55 2003 From: agfische at email.smith.edu (Aaron Fischer) Date: Thu, 2 Oct 2003 15:12:55 -0400 Subject: [nycphp-talk] handling forms (relative newbie) In-Reply-To: Message-ID: <6D87FA80-F50C-11D7-9251-0003930D07F2@email.smith.edu> After some fumbling and stumbling I seem to have things working OK. However, right now I am naming each form element/post variable individually to put the data into session_register, which could be a pain the longer the form gets! I would like to, as Adam put it, "stuff the POSTed data" into $_SESSION using $_POST but I don't see how to do this. Example my code: session_start(); session_register('first_name','last_name',etc.,etc.many more fields to follow...); header ("Location: session_results.php"); exit; Session Results page: session_start(); echo "$_SESSION[first_name]"; Whenever I start trying to use session_register with _POST things go south quick. Hints/suggestions? TIA, -Aaron On Tuesday, September 30, 2003, at 04:23 pm, Adam Maccabee Trachtenberg wrote: > My advice is to try it with cookies first because it might be easier > to test. (On your machine, you don't need to worry about rejecting > cookies.) > > Once that's working, add in the URL rewriting. This might not be > necessary, but when dealing with something new, I don't like to jump > in head first, as it makes it really difficult to debug. > > -adam From drydell at worldnet.att.net Thu Oct 2 15:26:53 2003 From: drydell at worldnet.att.net (David Rydell) Date: Thu, 2 Oct 2003 15:26:53 -0400 Subject: [nycphp-talk] handling forms (relative newbie) In-Reply-To: <6D87FA80-F50C-11D7-9251-0003930D07F2@email.smith.edu> Message-ID: saving the _POST array should work with no problems... using your example code (_POST array has first_name, last_name): session_start(); session_register('_POST'); $_SESSION['_POST'] = $_POST; header ("Location: session_results.php"); exit; Session Results page: session_start(); $_POST = $_SESSION['_POST']; echo $_POST['first_name']; echo $_POST['last_name']; --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.516 / Virus Database: 313 - Release Date: 9/1/2003 From shiflett at php.net Thu Oct 2 15:27:23 2003 From: shiflett at php.net (Chris Shiflett) Date: Thu, 2 Oct 2003 12:27:23 -0700 (PDT) Subject: [nycphp-talk] handling forms (relative newbie) In-Reply-To: <6D87FA80-F50C-11D7-9251-0003930D07F2@email.smith.edu> Message-ID: <20031002192723.96190.qmail@web14306.mail.yahoo.com> --- Aaron Fischer wrote: > I am naming each form element/post variable individually to put the > data into session_register, which could be a pain the longer the > form gets! [snip] > session_start(); > session_register('first_name','last_name',etc.,etc.many more fields to > follow...); You can forget the session register and use $_SESSION instead: session_start(); $_SESSION['foo'] = $_POST['foo']; But, before I continue, I should point out that my example code here leaves out the most important step: Make sure $_POST['foo'] is exactly what you think it should be. Always filter your data. You should validate $_POST['foo'] and then put it into $_SESSION['foo']. If security was absolutely no concern, you could throw everything from $_POST into your session like this: $_SESSION = $_POST But that is very bad. So, don't let the inconvenience dissuade you from being mindful about security. > header ("Location: session_results.php"); The URL in a Location header should be absolute: http://www.ietf.org/rfc/rfc2616.txt In section 14.30, the syntax for the Location header is defined: "The field value consists of a single absolute URI." Hope that helps. Chris ===== My Blog http://shiflett.org/ HTTP Developer's Handbook http://httphandbook.org/ RAMP Training Courses http://www.nyphp.org/ramp From sklar at sklar.com Thu Oct 2 15:42:03 2003 From: sklar at sklar.com (David Sklar) Date: Thu, 2 Oct 2003 15:42:03 -0400 Subject: [nycphp-talk] store's opening hours In-Reply-To: Message-ID: On Thursday, October 02, 2003 2:59 PM, wrote: > I've got a stumper.. or at least it is over here.. and I've been > looking for a solution. > > For each day of the week, I have an opening time and closing time for > a store. If the opening and closing times are the same for > sequential days, I would like to display the days as a range. For > example: > > Mon-Fri 10:00 to 7:00 > Sat-Sun 11:00 to 5:00 > > Does anybody have any ideas? Resources? Philosophies? How about something like the code below? It's the same kind of logic you use when you're printing out a list of date-sorted items and you want a new header only when the day changes, e.g. something like October 1 --------- 10:00 Get Haircut 12:00 Eat Lunch October 2 --------- 12:00 Eat Lunch The idea is that while iterating through your items, you keep track of the relevant attribute (day) of the current item and compare it to the attribute of the previous or next item. If the two are different, then it's time to print a header (or a listing of hours). David ---------------- $open_close = array('Mon' => array('10:00','4:00'), 'Tue' => array('10:00','4:00'), 'Wed' => array('10:00','3:30'), 'Thu' => array('10:00','4:00'), 'Fri' => array('10:00','4:00'), 'Sat' => array('9:00','5:00'), 'Sun' => array('9:00','5:00')); $days = array_keys($open_close); // The first line of hours starts with the first day $first_day = $days[0]; for ($i = 0, $j = count($open_close); $i < $j; $i++) { // What's the name of the current day? $today = $days[$i]; if (($i == ($j - 1)) || // Is this the last day? (($tomorrow = $days[$i+1]) && // What's the name of tomorrow? // Does tomorrow open at a different time than today? (($open_close[$today][0] != $open_close[$tomorrow][0]) || // Does tomorrow close at a different time than today? ($open_close[$today][1] != $open_close[$tomorrow][1])))) { // If it's the last day, or tomorrow's times are different // than today's times, then report the times for // $first_day to $today printf("%s%s %4s to %4s\n", // Don't print "Mon-Mon", just print "Mon"; ($first_day == $today) ? ' ' : $first_day.'-', $today, $open_close[$today][0], $open_close[$today][1]); // The next line of output starts with tomorrow $first_day = $tomorrow; } } From jsiegel1 at optonline.net Thu Oct 2 15:46:22 2003 From: jsiegel1 at optonline.net (Jeff Siegel) Date: Thu, 02 Oct 2003 15:46:22 -0400 Subject: [nycphp-talk] handling forms (relative newbie) In-Reply-To: <6D87FA80-F50C-11D7-9251-0003930D07F2@email.smith.edu> Message-ID: <004a01c3891d$db8acef0$6401a8c0@EZDSDELL> I just did this. session_id(); session_start(); $_SESSION = $_POST; header("Location:myresultspage.php?code=" . session_id()); exit; And then on the results page.... session_id($_GET['code']); session_start(); $_POST = $_SESSION; Jeff Siegel -----Original Message----- From: talk-bounces at lists.nyphp.org [mailto:talk-bounces at lists.nyphp.org] On Behalf Of Aaron Fischer Sent: Thursday, October 02, 2003 2:13 PM To: NYPHP Talk Subject: Re: [nycphp-talk] handling forms (relative newbie) After some fumbling and stumbling I seem to have things working OK. However, right now I am naming each form element/post variable individually to put the data into session_register, which could be a pain the longer the form gets! I would like to, as Adam put it, "stuff the POSTed data" into $_SESSION using $_POST but I don't see how to do this. Example my code: session_start(); session_register('first_name','last_name',etc.,etc.many more fields to follow...); header ("Location: session_results.php"); exit; Session Results page: session_start(); echo "$_SESSION[first_name]"; Whenever I start trying to use session_register with _POST things go south quick. Hints/suggestions? TIA, -Aaron On Tuesday, September 30, 2003, at 04:23 pm, Adam Maccabee Trachtenberg wrote: > My advice is to try it with cookies first because it might be easier > to test. (On your machine, you don't need to worry about rejecting > cookies.) > > Once that's working, add in the URL rewriting. This might not be > necessary, but when dealing with something new, I don't like to jump > in head first, as it makes it really difficult to debug. > > -adam _______________________________________________ talk mailing list talk at lists.nyphp.org http://lists.nyphp.org/mailman/listinfo/talk From crisscott at netzero.com Thu Oct 2 15:47:19 2003 From: crisscott at netzero.com (Scott Mattocks) Date: Thu, 02 Oct 2003 15:47:19 -0400 Subject: [nycphp-talk] handling forms (relative newbie) In-Reply-To: <004a01c3891d$db8acef0$6401a8c0@EZDSDELL> References: <004a01c3891d$db8acef0$6401a8c0@EZDSDELL> Message-ID: <3F7C80C7.9070100@netzero.com> > $_SESSION = $_POST; You just killed anything else you had in the session with that line. You probably don't want to overwrite your entire session array. Use something like was suggested before: $_SESSION['_POST'] = $_POST; This will still let you access other info that was in your session. Scott Mattocks > -----Original Message----- > From: talk-bounces at lists.nyphp.org [mailto:talk-bounces at lists.nyphp.org] > On Behalf Of Aaron Fischer > Sent: Thursday, October 02, 2003 2:13 PM > To: NYPHP Talk > Subject: Re: [nycphp-talk] handling forms (relative newbie) > > > After some fumbling and stumbling I seem to have things working OK. > However, right now I am naming each form element/post variable > individually to put the data into session_register, which could be a > pain the longer the form gets! I would like to, as Adam put it, "stuff > the POSTed data" into $_SESSION using $_POST but I don't see how to do > this. > > Example my code: > session_start(); > session_register('first_name','last_name',etc.,etc.many more fields to > follow...); > header ("Location: session_results.php"); > exit; > > Session Results page: > session_start(); > echo "$_SESSION[first_name]"; > > Whenever I start trying to use session_register with _POST things go > south quick. > > Hints/suggestions? > > TIA, > > -Aaron > > On Tuesday, September 30, 2003, at 04:23 pm, Adam Maccabee Trachtenberg > wrote: > > >>My advice is to try it with cookies first because it might be easier >>to test. (On your machine, you don't need to worry about rejecting >>cookies.) >> >>Once that's working, add in the URL rewriting. This might not be >>necessary, but when dealing with something new, I don't like to jump >>in head first, as it makes it really difficult to debug. >> >>-adam > > > _______________________________________________ > talk mailing list > talk at lists.nyphp.org > http://lists.nyphp.org/mailman/listinfo/talk > > _______________________________________________ > talk mailing list > talk at lists.nyphp.org > http://lists.nyphp.org/mailman/listinfo/talk > > From dmintz at panix.com Thu Oct 2 15:57:05 2003 From: dmintz at panix.com (David Mintz) Date: Thu, 2 Oct 2003 15:57:05 -0400 (EDT) Subject: [nycphp-talk] handling forms (relative newbie) In-Reply-To: <3F7C80C7.9070100@netzero.com> References: <004a01c3891d$db8acef0$6401a8c0@EZDSDELL> <3F7C80C7.9070100@netzero.com> Message-ID: You could also consider array_merge() to update $_SESSION with $_POST variables -- after your sanity check of course. $_SESSION = array_merge($_SESSION,$_POST); http://us3.php.net/manual/en/function.array-merge.php On Thu, 2 Oct 2003, Scott Mattocks wrote: > > > $_SESSION = $_POST; > > You just killed anything else you had in the session with that line. You > probably don't want to overwrite your entire session array. Use > something like was suggested before: > $_SESSION['_POST'] = $_POST; > This will still let you access other info that was in your session. --- David Mintz http://davidmintz.org/ Email: See http://dmintzweb.com/whitelist.php first! "Y d?le p'abajo" Tito Rojas From agfische at email.smith.edu Thu Oct 2 15:59:57 2003 From: agfische at email.smith.edu (Aaron Fischer) Date: Thu, 2 Oct 2003 15:59:57 -0400 Subject: [nycphp-talk] handling forms (relative newbie) In-Reply-To: Message-ID: That works, thanks! One thing I am wondering is why one needs to use the line: $_POST = $_SESSION['_POST']; If $_SESSION now has the array stored, it seems that this should work: echo $_SESSION['first_name']; ? -Aaron On Thursday, October 2, 2003, at 03:26 pm, David Rydell wrote: > session_start(); > session_register('_POST'); > $_SESSION['_POST'] = $_POST; > header ("Location: session_results.php"); > exit; > > Session Results page: > > session_start(); > $_POST = $_SESSION['_POST']; > > echo $_POST['first_name']; > echo $_POST['last_name']; From crisscott at netzero.com Thu Oct 2 15:58:44 2003 From: crisscott at netzero.com (Scott Mattocks) Date: Thu, 02 Oct 2003 15:58:44 -0400 Subject: [nycphp-talk] handling forms (relative newbie) In-Reply-To: References: Message-ID: <3F7C8374.408@netzero.com> If you used $_SESSION['_POST'] = $_POST then the session array has as an element an array containing the post data. Since you have an array in an array you would access it like this: echo $_SESSION['_POST']['first_name']; Scott Mattocks Aaron Fischer wrote: > That works, thanks! > > One thing I am wondering is why one needs to use the line: > $_POST = $_SESSION['_POST']; > > If $_SESSION now has the array stored, it seems that this should work: > echo $_SESSION['first_name']; > > ? > > -Aaron > > On Thursday, October 2, 2003, at 03:26 pm, David Rydell wrote: > >> session_start(); >> session_register('_POST'); >> $_SESSION['_POST'] = $_POST; >> header ("Location: session_results.php"); >> exit; >> >> Session Results page: >> >> session_start(); >> $_POST = $_SESSION['_POST']; >> >> echo $_POST['first_name']; >> echo $_POST['last_name']; > > > _______________________________________________ > talk mailing list > talk at lists.nyphp.org > http://lists.nyphp.org/mailman/listinfo/talk > > From dmintz at panix.com Thu Oct 2 16:06:04 2003 From: dmintz at panix.com (David Mintz) Date: Thu, 2 Oct 2003 16:06:04 -0400 (EDT) Subject: [nycphp-talk] handling forms (relative newbie) In-Reply-To: References: Message-ID: On Thu, 2 Oct 2003, Aaron Fischer wrote: > > If $_SESSION now has the array stored, it seems that this should work: > echo $_SESSION['first_name']; It would if you had used array_merge() instead (-: But you have a two-dimensional array now, so you need to say $_SESSION['_POST']['first_name'] --- David Mintz http://davidmintz.org/ Email: See http://dmintzweb.com/whitelist.php first! "Y d?le p'abajo" Tito Rojas From dmintz at panix.com Thu Oct 2 16:07:11 2003 From: dmintz at panix.com (David Mintz) Date: Thu, 2 Oct 2003 16:07:11 -0400 (EDT) Subject: [nycphp-talk] handling forms (relative newbie) In-Reply-To: References: Message-ID: Oops, my bad for repeating what he just said. Shoulda finished reading the thread. On Thu, 2 Oct 2003, David Mintz wrote: > On Thu, 2 Oct 2003, Aaron Fischer wrote: > > > > > If $_SESSION now has the array stored, it seems that this should work: > > echo $_SESSION['first_name']; > > It would if you had used array_merge() instead (-: But you have a > two-dimensional array now, so you need to say > > $_SESSION['_POST']['first_name'] From jsiegel1 at optonline.net Thu Oct 2 16:11:51 2003 From: jsiegel1 at optonline.net (Jeff Siegel) Date: Thu, 02 Oct 2003 16:11:51 -0400 Subject: [nycphp-talk] handling forms (relative newbie) In-Reply-To: <3F7C80C7.9070100@netzero.com> Message-ID: <005a01c38921$6c16de70$6401a8c0@EZDSDELL> Unless, of course, "killing anything else" is the intention...no? Jeff Siegel -----Original Message----- From: talk-bounces at lists.nyphp.org [mailto:talk-bounces at lists.nyphp.org] On Behalf Of Scott Mattocks Sent: Thursday, October 02, 2003 2:47 PM To: NYPHP Talk Subject: Re: [nycphp-talk] handling forms (relative newbie) > $_SESSION = $_POST; You just killed anything else you had in the session with that line. You probably don't want to overwrite your entire session array. Use something like was suggested before: $_SESSION['_POST'] = $_POST; This will still let you access other info that was in your session. Scott Mattocks > -----Original Message----- > From: talk-bounces at lists.nyphp.org [mailto:talk-bounces at lists.nyphp.org] > On Behalf Of Aaron Fischer > Sent: Thursday, October 02, 2003 2:13 PM > To: NYPHP Talk > Subject: Re: [nycphp-talk] handling forms (relative newbie) > > > After some fumbling and stumbling I seem to have things working OK. > However, right now I am naming each form element/post variable > individually to put the data into session_register, which could be a > pain the longer the form gets! I would like to, as Adam put it, "stuff > the POSTed data" into $_SESSION using $_POST but I don't see how to do > this. > > Example my code: > session_start(); > session_register('first_name','last_name',etc.,etc.many more fields to > follow...); > header ("Location: session_results.php"); > exit; > > Session Results page: > session_start(); > echo "$_SESSION[first_name]"; > > Whenever I start trying to use session_register with _POST things go > south quick. > > Hints/suggestions? > > TIA, > > -Aaron > > On Tuesday, September 30, 2003, at 04:23 pm, Adam Maccabee Trachtenberg > wrote: > > >>My advice is to try it with cookies first because it might be easier >>to test. (On your machine, you don't need to worry about rejecting >>cookies.) >> >>Once that's working, add in the URL rewriting. This might not be >>necessary, but when dealing with something new, I don't like to jump >>in head first, as it makes it really difficult to debug. >> >>-adam > > > _______________________________________________ > talk mailing list > talk at lists.nyphp.org > http://lists.nyphp.org/mailman/listinfo/talk > > _______________________________________________ > talk mailing list > talk at lists.nyphp.org > http://lists.nyphp.org/mailman/listinfo/talk > > _______________________________________________ talk mailing list talk at lists.nyphp.org http://lists.nyphp.org/mailman/listinfo/talk From stephen at musgrave.org Thu Oct 2 17:16:31 2003 From: stephen at musgrave.org (Stephen Musgrave) Date: Thu, 02 Oct 2003 17:16:31 -0400 Subject: [nycphp-talk] store's opening hours In-Reply-To: Message-ID: That's a nice piece of work. Thank you so much... Something certainly to learn from! On 10/2/03 3:42 PM, "David Sklar" wrote: > $open_close = array('Mon' => array('10:00','4:00'), > 'Tue' => array('10:00','4:00'), > 'Wed' => array('10:00','3:30'), > 'Thu' => array('10:00','4:00'), > 'Fri' => array('10:00','4:00'), > 'Sat' => array('9:00','5:00'), > 'Sun' => array('9:00','5:00')); > > $days = array_keys($open_close); > // The first line of hours starts with the first day > $first_day = $days[0]; > for ($i = 0, $j = count($open_close); $i < $j; $i++) { > // What's the name of the current day? > $today = $days[$i]; > if (($i == ($j - 1)) || // Is this the last day? > (($tomorrow = $days[$i+1]) && // What's the name of tomorrow? > // Does tomorrow open at a different time than today? > (($open_close[$today][0] != $open_close[$tomorrow][0]) || > // Does tomorrow close at a different time than today? > ($open_close[$today][1] != $open_close[$tomorrow][1])))) { > > // If it's the last day, or tomorrow's times are different > // than today's times, then report the times for > // $first_day to $today > printf("%s%s %4s to %4s\n", > // Don't print "Mon-Mon", just print "Mon"; > ($first_day == $today) ? ' ' : $first_day.'-', > $today, > $open_close[$today][0], > $open_close[$today][1]); > // The next line of output starts with tomorrow > $first_day = $tomorrow; > } > } From adam at trachtenberg.com Thu Oct 2 18:26:47 2003 From: adam at trachtenberg.com (Adam Maccabee Trachtenberg) Date: Thu, 2 Oct 2003 18:26:47 -0400 (EDT) Subject: [nycphp-talk] handling forms (relative newbie) In-Reply-To: <3F7C8374.408@netzero.com> Message-ID: My preferred way of handling this is something like this: $fields = array('username', 'password', 'zipcode'); foreach ($fields as $f) { $_SESSION[$f] = $_POST[$f]; } This avoids: 1) The $_SESSION clobbering problem. 2) Needing to do $_SESSION['_POST']['username']. It does require you to update the array when the fields change, but this way you're guaranteed to only get the fields you want. I like the array_merge() solution if you want all the variables. -adam On Thu, 2 Oct 2003, Scott Mattocks wrote: > If you used $_SESSION['_POST'] = $_POST then the session array has as an > element an array containing the post data. Since you have an array in > an array you would access it like this: > echo $_SESSION['_POST']['first_name']; > > Scott Mattocks > > Aaron Fischer wrote: > > > That works, thanks! > > > > One thing I am wondering is why one needs to use the line: > > $_POST = $_SESSION['_POST']; > > > > If $_SESSION now has the array stored, it seems that this should work: > > echo $_SESSION['first_name']; > > > > ? > > > > -Aaron > > > > On Thursday, October 2, 2003, at 03:26 pm, David Rydell wrote: > > > >> session_start(); > >> session_register('_POST'); > >> $_SESSION['_POST'] = $_POST; > >> header ("Location: session_results.php"); > >> exit; > >> > >> Session Results page: > >> > >> session_start(); > >> $_POST = $_SESSION['_POST']; > >> > >> echo $_POST['first_name']; > >> echo $_POST['last_name']; > > > > > > _______________________________________________ > > talk mailing list > > talk at lists.nyphp.org > > http://lists.nyphp.org/mailman/listinfo/talk > > > > > > _______________________________________________ > talk mailing list > talk at lists.nyphp.org > http://lists.nyphp.org/mailman/listinfo/talk > -- adam at trachtenberg.com author of o'reilly's php cookbook avoid the holiday rush, buy your copy today! From dkrook at hotmail.com Thu Oct 2 20:48:32 2003 From: dkrook at hotmail.com (D C Krook) Date: Thu, 02 Oct 2003 20:48:32 -0400 Subject: [nycphp-talk] OT: Apache access_log integrity Message-ID: Psaw, Hans and Jon, Thanks for all the suggestions. I think I'm going to settle on a combination of the following solution: - a daily cron job that strips by regex my two most common IP variations, - a standalone script that does the same with given parameters, - take advantage of Webalizer's exclusion options. Psaw, thanks for the tip, I really didn't realize it was that flexible but it has a ton of great conf options that can be used retroactively against already generated reports. Thanks again for the tips, I'll keep you posted if I need to add some more processing or if I find a simpler solution. -Dan >Did you look at Webalizer, an app that has many startup config options that >allow you to remove/massage info to generate focused reports and charts >from >Apache logs. Also, cron to grab, analyze and archive your logs >systematically. >Then maybe you could do some set it and forget it type of processing. PSaw _________________________________________________________________ MSN 8 helps eliminate e-mail viruses. Get 2 months FREE*. http://join.msn.com/?page=features/virus From tgales at tgaconnect.com Fri Oct 3 05:54:24 2003 From: tgales at tgaconnect.com (Tim Gales) Date: Fri, 3 Oct 2003 05:54:24 -0400 Subject: [nycphp-talk] kudos for a NYPHPer In-Reply-To: Message-ID: <001001c38994$53a47dc0$bf8d3818@OBERON1> David, Congratulations... T. Gales & Associates Helping People Connect with Technology http://www.tgaconnect.com -----Original Message----- From: talk-bounces at lists.nyphp.org [mailto:talk-bounces at lists.nyphp.org] On Behalf Of David Mintz Sent: Thursday, October 02, 2003 10:55 AM To: talk at lists.nyphp.org Subject: [nycphp-talk] kudos for a NYPHPer from the blow-your-own-horn dept: There's a Spanish<>English court interpreters glossary application that I wrote with MySQL/PHP. The private read-write version lets the user insert, update, delete. However we have also put a read-only public version out there: http://sdnyinterpreters.org/term/ Now here's the point. Some French terminologists run a site called lexicool.com that finds, evaluates and ranks web-based multilingual dictionaries and glossaries -- translators' tools, basically -- based on presentation and useablility. And in the category of Spanish<>English Legal/Administration the winner is.... no not me, a United Nations site was first, but ours was second in a field of 54. Note that both First and Second Place go to organizations based in NY. I love NY! --- David Mintz http://davidmintz.org/ Email: See http://dmintzweb.com/whitelist.php first! "Y d?le p'abajo" Tito Rojas _______________________________________________ talk mailing list talk at lists.nyphp.org http://lists.nyphp.org/mailman/listinfo/talk From agfische at email.smith.edu Fri Oct 3 08:53:50 2003 From: agfische at email.smith.edu (Aaron Fischer) Date: Fri, 3 Oct 2003 08:53:50 -0400 Subject: [nycphp-talk] handling forms (relative newbie) In-Reply-To: <3F7C8374.408@netzero.com> Message-ID: That makes perfect sense. Thanks. -A On Thursday, October 2, 2003, at 03:58 pm, Scott Mattocks wrote: > If you used $_SESSION['_POST'] = $_POST then the session array has as > an element an array containing the post data. Since you have an array > in an array you would access it like this: > echo $_SESSION['_POST']['first_name']; > > Scott Mattocks From jonbaer at jonbaer.net Fri Oct 3 09:11:47 2003 From: jonbaer at jonbaer.net (jon baer) Date: Fri, 3 Oct 2003 09:11:47 -0400 Subject: [nycphp-talk] OT: Apache access_log integrity References: Message-ID: <001c01c389af$e67a1b30$6400a8c0@thinkpad> i think i forgot to mention that sed can delete lines cleanly in place (u might have known this) ... sed -i.backup "/192.168.0.1/d" /var/log/httpd/access.1 - jon ----- Original Message ----- From: "D C Krook" To: Sent: Thursday, October 02, 2003 8:48 PM Subject: RE: [nycphp-talk] OT: Apache access_log integrity > Psaw, Hans and Jon, > > Thanks for all the suggestions. I think I'm going to settle on a > combination of the following solution: > > - a daily cron job that strips by regex my two most common IP variations, > - a standalone script that does the same with given parameters, > - take advantage of Webalizer's exclusion options. Psaw, thanks for the > tip, I really didn't realize it was that flexible but it has a ton of great > conf options that can be used retroactively against already generated > reports. > > Thanks again for the tips, I'll keep you posted if I need to add some more > processing or if I find a simpler solution. > > -Dan > > > >Did you look at Webalizer, an app that has many startup config options that > >allow you to remove/massage info to generate focused reports and charts > >from > >Apache logs. Also, cron to grab, analyze and archive your logs > >systematically. > >Then maybe you could do some set it and forget it type of processing. PSaw > > _________________________________________________________________ > MSN 8 helps eliminate e-mail viruses. Get 2 months FREE*. > http://join.msn.com/?page=features/virus > > _______________________________________________ > talk mailing list > talk at lists.nyphp.org > http://lists.nyphp.org/mailman/listinfo/talk > From jsiegel1 at optonline.net Fri Oct 3 15:07:21 2003 From: jsiegel1 at optonline.net (Jeff Siegel) Date: Fri, 03 Oct 2003 15:07:21 -0400 Subject: [nycphp-talk] handling forms (relative newbie) In-Reply-To: Message-ID: <000601c389e1$a032da40$6401a8c0@EZDSDELL> I'm not exactly clear *why* it matters if you just do $_SESSION = $_POST? (Perhaps I overlooked something in the thread?) Assuming that the data has been "cleaned" before you dump post into session, and assuming that when you pull the data out you don't blindly grab all the post vars but handle them by name, e.g., $_POST['myname'], etc., and even if someone put some bogus additional post var in there you wouldn't be handling it (since you are handling the post vars by name), so, what's the source of the potential harm? Jeff Siegel -----Original Message----- From: talk-bounces at lists.nyphp.org [mailto:talk-bounces at lists.nyphp.org] On Behalf Of Aaron Fischer Sent: Friday, October 03, 2003 7:54 AM To: NYPHP Talk Subject: Re: [nycphp-talk] handling forms (relative newbie) That makes perfect sense. Thanks. -A On Thursday, October 2, 2003, at 03:58 pm, Scott Mattocks wrote: > If you used $_SESSION['_POST'] = $_POST then the session array has as > an element an array containing the post data. Since you have an array > in an array you would access it like this: > echo $_SESSION['_POST']['first_name']; > > Scott Mattocks _______________________________________________ talk mailing list talk at lists.nyphp.org http://lists.nyphp.org/mailman/listinfo/talk From shiflett at php.net Fri Oct 3 15:34:03 2003 From: shiflett at php.net (Chris Shiflett) Date: Fri, 3 Oct 2003 12:34:03 -0700 (PDT) Subject: [nycphp-talk] handling forms (relative newbie) In-Reply-To: <000601c389e1$a032da40$6401a8c0@EZDSDELL> Message-ID: <20031003193403.39677.qmail@web14310.mail.yahoo.com> --- Jeff Siegel wrote: > I'm not exactly clear *why* it matters if you just do $_SESSION = > $_POST? (Perhaps I overlooked something in the thread?) > > Assuming that the data has been "cleaned" before you dump post into > session, and assuming that when you pull the data out you don't > blindly grab all the post vars but handle them by name, e.g., > $_POST['myname'], etc., and even if someone put some bogus additional > post var in there you wouldn't be handling it (since you are handling > the post vars by name), so, what's the source of the potential harm? Well, one potentially bad thing is that your session becomes only what was in $_POST. So, if you had other important data in there, you would overwrite it. Of course, I doubt I'm saying anything that isn't obvious here. The other risk is more ... vague. If your software architecture is such that a developer can screw up and create a security vulnerability, it is a good idea to see if it is possible to design your application such that this is not the case. Of course, this is not always possible, and depending on how badly the developer screws up, there may be nothing in the design that can help. In general, naming conventions are very important. Developers need to see $_POST and immediately be suspicious about the data. If they begin to get used to data in $_POST being filtered, then they might mistakenly use tainted data (thinking it was filtered). In addition, consider something like this: 1. Validate $_POST['foo'] 2. Validate $_POST['bar'] 3. $_SESSION = $_POST 4. $_SESSION['blah'] is used somewhere important So, there are two problems here. One problem is that step 3 should send red flags to an alert developer. If this sort of assignment is allowed, you're deteriorating this natural security-conscious instinct that you want to foster. The second problem is, of course, that $_SESSION['blah'] is tainted data. Yes, it is tainted because of a failure on the part of the developer, but imagine this instead: 1. Validate $_POST['foo'] and store it in $clean['foo'] 2. Validate $_POST['bar'] and store it in $clean['bar'] 3. $_SESSION = $clean 4. $_SESSION['blah'] is used somewhere important The developer makes the same mistake here by failing to filter $_POST['blah']. However, now the only harm is that there is no $_SESSION['blah'] - better than it being tainted! Also, depending on your error reporting (which you should set high), you will be alerted to this error. This is much safer. Also, your developers don't have to tolerate seeing $_POST being trusted. They can continue to always be suspicious of client data. Hope that helps. Chris ===== My Blog http://shiflett.org/ HTTP Developer's Handbook http://httphandbook.org/ RAMP Training Courses http://www.nyphp.org/ramp From jsiegel1 at optonline.net Fri Oct 3 22:09:46 2003 From: jsiegel1 at optonline.net (Jeff Siegel) Date: Fri, 03 Oct 2003 22:09:46 -0400 Subject: [nycphp-talk] handling forms (relative newbie) In-Reply-To: <20031003193403.39677.qmail@web14310.mail.yahoo.com> Message-ID: <002001c38a1c$a0f983d0$6401a8c0@EZDSDELL> Well argued. The bottom line, if I've correctly understood your arguments, is that it is not necessarily wrong to do it the way I proposed (functionally speaking). However, it is "bad practice" in general and a type of practice that should not be encouraged. Further, it can introduce, for lack of a better term, "sloppy thinking" in terms of application architecture and can create a sense of "security" (laxity may perhaps be a better word) among developers - vis-?-vis client data - when developers should *always* be wary of client data. And, of course, it plays havoc with any other session data that may exist. Jeff Siegel -----Original Message----- From: talk-bounces at lists.nyphp.org [mailto:talk-bounces at lists.nyphp.org] On Behalf Of Chris Shiflett Sent: Friday, October 03, 2003 2:34 PM To: NYPHP Talk Subject: RE: [nycphp-talk] handling forms (relative newbie) --- Jeff Siegel wrote: > I'm not exactly clear *why* it matters if you just do $_SESSION = > $_POST? (Perhaps I overlooked something in the thread?) > > Assuming that the data has been "cleaned" before you dump post into > session, and assuming that when you pull the data out you don't > blindly grab all the post vars but handle them by name, e.g., > $_POST['myname'], etc., and even if someone put some bogus additional > post var in there you wouldn't be handling it (since you are handling > the post vars by name), so, what's the source of the potential harm? Well, one potentially bad thing is that your session becomes only what was in $_POST. So, if you had other important data in there, you would overwrite it. Of course, I doubt I'm saying anything that isn't obvious here. The other risk is more ... vague. If your software architecture is such that a developer can screw up and create a security vulnerability, it is a good idea to see if it is possible to design your application such that this is not the case. Of course, this is not always possible, and depending on how badly the developer screws up, there may be nothing in the design that can help. In general, naming conventions are very important. Developers need to see $_POST and immediately be suspicious about the data. If they begin to get used to data in $_POST being filtered, then they might mistakenly use tainted data (thinking it was filtered). In addition, consider something like this: 1. Validate $_POST['foo'] 2. Validate $_POST['bar'] 3. $_SESSION = $_POST 4. $_SESSION['blah'] is used somewhere important So, there are two problems here. One problem is that step 3 should send red flags to an alert developer. If this sort of assignment is allowed, you're deteriorating this natural security-conscious instinct that you want to foster. The second problem is, of course, that $_SESSION['blah'] is tainted data. Yes, it is tainted because of a failure on the part of the developer, but imagine this instead: 1. Validate $_POST['foo'] and store it in $clean['foo'] 2. Validate $_POST['bar'] and store it in $clean['bar'] 3. $_SESSION = $clean 4. $_SESSION['blah'] is used somewhere important The developer makes the same mistake here by failing to filter $_POST['blah']. However, now the only harm is that there is no $_SESSION['blah'] - better than it being tainted! Also, depending on your error reporting (which you should set high), you will be alerted to this error. This is much safer. Also, your developers don't have to tolerate seeing $_POST being trusted. They can continue to always be suspicious of client data. Hope that helps. Chris ===== My Blog http://shiflett.org/ HTTP Developer's Handbook http://httphandbook.org/ RAMP Training Courses http://www.nyphp.org/ramp _______________________________________________ talk mailing list talk at lists.nyphp.org http://lists.nyphp.org/mailman/listinfo/talk From dan at cain.sh Sat Oct 4 15:04:07 2003 From: dan at cain.sh (Daniel J Cain Jr.) Date: Sat, 04 Oct 2003 14:04:07 -0500 Subject: [nycphp-talk] handling forms (relative newbie) In-Reply-To: <20031002192723.96190.qmail@web14306.mail.yahoo.com> References: <20031002192723.96190.qmail@web14306.mail.yahoo.com> Message-ID: <1065294247.44653.10.camel@gigabeast.home.cain.sh> On Thu, 2003-10-02 at 14:27, Chris Shiflett wrote: > [snip] > > > session_start(); > > session_register('first_name','last_name',etc.,etc.many more fields to > > follow...); > > You can forget the session register and use $_SESSION instead: As an added note to forgetting session_register(). This caution is listed at http://www.php.net/session_register : "If you are using $_SESSION (or $HTTP_SESSION_VARS), do not use session_register(), session_is_registered(), and session_unregister()." I don't know the specific reason for sure. But I seem to recall having unexpected results from mixing the two 'methods' on projects in the past (legacy code that existed prior to $_SESSION in PHP). The issues I ran across may be attributed to PHP bugs at the version level I was using at the time. But in case its still on going just passing along a word of caution. From hans at nyphp.org Sun Oct 5 11:46:02 2003 From: hans at nyphp.org (Hans Zaunere) Date: Sun, 05 Oct 2003 11:46:02 -0400 Subject: [nycphp-talk] AMP comments In-Reply-To: <1064685458.5025.23.camel@gigabeast.home.cain.sh> References: <000d01c38393$b519bd60$bf8d3818@OBERON1> <1064685458.5025.23.camel@gigabeast.home.cain.sh> Message-ID: <3F803CBA.90105@nyphp.org> Daniel J Cain Jr. wrote: > On Thu, 2003-09-25 at 13:34, Tim Gales wrote: > >>Perhaps we could have a web page, and ask people to read it >>before signing up. > > > It might be useful to provide info in a "Welcome to the NYPHP mailing > list" upon signing up to the list. I am by no means an expert in > netiquette and would find it helpful to read some information how to > effectively use the mailing list as an 'additional' resource. > > Not to insult the readers intelligence nor scare off newer users from > even posting to the list. But maybe info on how to trim response posts > for readability and how to effectively ask questions (steps taken > already, code examples, etc.). > > Just a thought that occurred to me while reading Tim's response. I'll > leave it to the mailing list veterans to fill in any blanks or > oversights. There's been a couple who have expressed interest in writing these types of guidelines up, which I think is very important. If others are either interested or experienced in such guidelines, please contact me and we'll get somethings down on paper, and finally up on the site. I also setup a forum at http://forum.nyphp.org. It's barebones right now, and needs to be tweaked for nyphp's look and functionality. If you have experience managing a forum like this, please contact me and we can work together on getting this resource out to the community. Thanks, H From soazine at erols.com Sun Oct 5 11:48:23 2003 From: soazine at erols.com (Phil Powell) Date: Sun, 5 Oct 2003 11:48:23 -0400 Subject: [nycphp-talk] how do you do date math? Message-ID: <04d401c38b58$1ca03470$67a76244@philofsoa> I honestly have found nothing on www.mysql.com or anywhere else that can address this problem. All I simply want to do is to delete rows from a table where nnet_produkt_record_entered is more than 24 hours old. I thought this would do it but it produces a mysql_error near 'HOURS)': $sql = 'DELETE FROM nnet_produkt_bestilling ' . 'WHERE nnet_produkt_placement < DATE_SUB(NOW(), INTERVAL 24 HOURS)'; Any ideas, sorry I'm fresh out as usual. Thanx Phil -------------- next part -------------- An HTML attachment was scrubbed... URL: From hans at nyphp.org Sun Oct 5 11:57:29 2003 From: hans at nyphp.org (Hans Zaunere) Date: Sun, 05 Oct 2003 11:57:29 -0400 Subject: [nycphp-talk] how do you do date math? In-Reply-To: <04d401c38b58$1ca03470$67a76244@philofsoa> References: <04d401c38b58$1ca03470$67a76244@philofsoa> Message-ID: <3F803F69.3040004@nyphp.org> Phil Powell wrote: > I honestly have found nothing on www.mysql.com or > anywhere else that can address this problem. All I simply want to do is > to delete rows from a table where nnet_produkt_record_entered is more > than 24 hours old. I thought this would do it but it produces a > mysql_error near 'HOURS)': > > $sql = 'DELETE FROM nnet_produkt_bestilling ' . > 'WHERE nnet_produkt_placement < DATE_SUB(NOW(), INTERVAL 24 > HOURS)'; Close, but your syntax is a little off. Maybe something like: DELETE FROM nnet_produkt_bestilling WHERE nnet_produkt_placement < NOW() - INTERVAL 1 DAY Although in your text above, you mention nnet_produkt_record_entered so you may want to check that you're using the correct columns. H From delta at rochester.rr.com Sun Oct 5 16:12:13 2003 From: delta at rochester.rr.com (deedee) Date: Sun, 5 Oct 2003 16:12:13 -0400 Subject: [nycphp-talk] Re:forum.nyphp.org References: <000d01c38393$b519bd60$bf8d3818@OBERON1> <1064685458.5025.23.camel@gigabeast.home.cain.sh> <3F803CBA.90105@nyphp.org> Message-ID: <003201c38b7c$f7617230$fc00fe0a@KEITZWS2> you are quick! i was surprised to see a welcome back message "Welcome back; your last visit was on Oct 5 2003, 03:03 PM " i havent been here before so unsure who the message was for. plus i noticed it is showing about an hour earlier than my actual first visit i signed up as the #2 member and am looking forward to checking out all the links and features of forum.nyphp.org as well as watching the success. ----- Original Message ----- From: "Hans Zaunere" To: "NYPHP Talk" Sent: Sunday, October 05, 2003 11:46 AM Subject: Re: [nycphp-talk] AMP comments > > > Daniel J Cain Jr. wrote: > > > On Thu, 2003-09-25 at 13:34, Tim Gales wrote: > > > >>Perhaps we could have a web page, and ask people to read it > >>before signing up. > > > > > > It might be useful to provide info in a "Welcome to the NYPHP mailing > > list" upon signing up to the list. I am by no means an expert in > > netiquette and would find it helpful to read some information how to > > effectively use the mailing list as an 'additional' resource. > > > > Not to insult the readers intelligence nor scare off newer users from > > even posting to the list. But maybe info on how to trim response posts > > for readability and how to effectively ask questions (steps taken > > already, code examples, etc.). > > > > Just a thought that occurred to me while reading Tim's response. I'll > > leave it to the mailing list veterans to fill in any blanks or > > oversights. > > There's been a couple who have expressed interest in writing these types of guidelines up, which I think is very important. If others are either interested or experienced in such guidelines, please contact me and we'll get somethings down on paper, and finally up on the site. > > I also setup a forum at http://forum.nyphp.org. It's barebones right now, and needs to be tweaked for nyphp's look and functionality. If you have experience managing a forum like this, please contact me and we can work together on getting this resource out to the community. > > > Thanks, > > H > > _______________________________________________ > talk mailing list > talk at lists.nyphp.org > http://lists.nyphp.org/mailman/listinfo/talk > From soazine at erols.com Sun Oct 5 16:30:14 2003 From: soazine at erols.com (Phil Powell) Date: Sun, 5 Oct 2003 16:30:14 -0400 Subject: [nycphp-talk] how do you do date math? References: <04d401c38b58$1ca03470$67a76244@philofsoa> <3F803F69.3040004@nyphp.org> Message-ID: <05b601c38b7f$7cb4b170$67a76244@philofsoa> Thanx, that was it! Phil ----- Original Message ----- From: "Hans Zaunere" To: "NYPHP Talk" Sent: Sunday, October 05, 2003 11:57 AM Subject: Re: [nycphp-talk] how do you do date math? > > > Phil Powell wrote: > > > I honestly have found nothing on www.mysql.com or > > anywhere else that can address this problem. All I simply want to do is > > to delete rows from a table where nnet_produkt_record_entered is more > > than 24 hours old. I thought this would do it but it produces a > > mysql_error near 'HOURS)': > > > > $sql = 'DELETE FROM nnet_produkt_bestilling ' . > > 'WHERE nnet_produkt_placement < DATE_SUB(NOW(), INTERVAL 24 > > HOURS)'; > > Close, but your syntax is a little off. Maybe something like: > > DELETE FROM nnet_produkt_bestilling > WHERE nnet_produkt_placement < NOW() - INTERVAL 1 DAY > > Although in your text above, you mention nnet_produkt_record_entered so you may want to check that you're using the correct columns. > > > H > > > > _______________________________________________ > talk mailing list > talk at lists.nyphp.org > http://lists.nyphp.org/mailman/listinfo/talk From soazine at erols.com Sun Oct 5 16:32:24 2003 From: soazine at erols.com (Phil Powell) Date: Sun, 5 Oct 2003 16:32:24 -0400 Subject: [nycphp-talk] Your recommendations for credit-card processing 3rd party Message-ID: <05c801c38b7f$c9794020$67a76244@philofsoa> I am looking at www.authorize.net as the credit-card 3rd party solution for the freelance project I'm doing; they seem very PHP-friendly. However, on the site it does not list account pricing information or how much they "take off the top". Anyone have a better or another solution or do you also recommend Authorize.net? Thanx Phil -------------- next part -------------- An HTML attachment was scrubbed... URL: From dan at mx2pro.com Sun Oct 5 17:14:21 2003 From: dan at mx2pro.com (Dan Horning) Date: Sun, 5 Oct 2003 17:14:21 -0400 Subject: [nycphp-talk] Re:forum.nyphp.org In-Reply-To: <003201c38b7c$f7617230$fc00fe0a@KEITZWS2> Message-ID: <20031005211427.1B5C3A85E5@virtu.nyphp.org> If anyone comes up with particular forums that they might want just post them to the suggestions area of the forums - Dan Horning 1-866-284-3150 (Toll-Free) President: Technical Evangelism & Media Systems Administration MX2 Productions Media from concept to execution. > -----Original Message----- > From: talk-bounces at lists.nyphp.org > [mailto:talk-bounces at lists.nyphp.org] On Behalf Of deedee > Sent: Sunday, October 05, 2003 4:12 PM > To: NYPHP Talk > Subject: [nycphp-talk] Re:forum.nyphp.org > > you are quick! > i was surprised to see a welcome back message > "Welcome back; your last visit was on Oct 5 2003, 03:03 PM " > i havent been here before so unsure who the message was for. > plus i noticed it is showing about an hour earlier than my > actual first > visit > > i signed up as the #2 member and am looking forward to > checking out all the > links and features of forum.nyphp.org as well as watching the success. > ----- Original Message ----- > From: "Hans Zaunere" > To: "NYPHP Talk" > Sent: Sunday, October 05, 2003 11:46 AM > Subject: Re: [nycphp-talk] AMP comments > > > > > > > > Daniel J Cain Jr. wrote: > > > > > On Thu, 2003-09-25 at 13:34, Tim Gales wrote: > > > > > >>Perhaps we could have a web page, and ask people to read it > > >>before signing up. > > > > > > > > > It might be useful to provide info in a "Welcome to the > NYPHP mailing > > > list" upon signing up to the list. I am by no means an expert in > > > netiquette and would find it helpful to read some > information how to > > > effectively use the mailing list as an 'additional' resource. > > > > > > Not to insult the readers intelligence nor scare off > newer users from > > > even posting to the list. But maybe info on how to trim > response posts > > > for readability and how to effectively ask questions (steps taken > > > already, code examples, etc.). > > > > > > Just a thought that occurred to me while reading Tim's > response. I'll > > > leave it to the mailing list veterans to fill in any blanks or > > > oversights. > > > > There's been a couple who have expressed interest in > writing these types > of guidelines up, which I think is very important. If others > are either > interested or experienced in such guidelines, please contact > me and we'll > get somethings down on paper, and finally up on the site. > > > > I also setup a forum at http://forum.nyphp.org. It's > barebones right now, > and needs to be tweaked for nyphp's look and functionality. > If you have > experience managing a forum like this, please contact me and > we can work > together on getting this resource out to the community. > > > > > > Thanks, > > > > H > > > > _______________________________________________ > > talk mailing list > > talk at lists.nyphp.org > > http://lists.nyphp.org/mailman/listinfo/talk > > > > > _______________________________________________ > talk mailing list > talk at lists.nyphp.org > http://lists.nyphp.org/mailman/listinfo/talk > From soazine at erols.com Sun Oct 5 22:41:38 2003 From: soazine at erols.com (Phil Powell) Date: Sun, 5 Oct 2003 22:41:38 -0400 Subject: [nycphp-talk] Site dies when class calls this method: no DIE statement. HELP Message-ID: <068f01c38bb3$5e54f9e0$67a76244@philofsoa> function setTableStr($tableRefName) { // VOID "METHOD" SEE NOTE BELOW /*----------------------------------------------------------------------------- This function will set the class property $this->tableStr to the appropriate table name depending upon the scope of that which is calling it -------------------------------------------------------------------------------*/ $this->tableStr = 'nnet_table_'; $this->tableStr .= (strcmp(strtolower($tableRefName), 'head') == 0) ? 'head' : 'line'; } The moment this method in the Betaling class is called by another method in the Betaling class, insert_table_line(), everything just dies. No error statement, no HTML display, no nothing, just a complete nothingness!! This method is important to determine which table I will be doing insertion, and it's all the code I can provide that might make sense, I'm sorry. If you need more I am not even sure what I can provide for you. But honestly, I can't explain it better than the class method just.. dies. Phil -------------- next part -------------- An HTML attachment was scrubbed... URL: From soazine at erols.com Sun Oct 5 22:54:55 2003 From: soazine at erols.com (Phil Powell) Date: Sun, 5 Oct 2003 22:54:55 -0400 Subject: [nycphp-talk] Ok let me ask a better question Message-ID: <06ca01c38bb5$391191a0$67a76244@philofsoa> if you have a Bestilling class with method display_cart(), and you have a Betaling class that extends Bestilling, how do you call display_cart from a Betaling class instance? Phil -------------- next part -------------- An HTML attachment was scrubbed... URL: From ian at plusfour.org Sun Oct 5 23:28:25 2003 From: ian at plusfour.org (Ian Forsyth) Date: Sun, 5 Oct 2003 20:28:25 -0700 Subject: [nycphp-talk] Ok let me ask a better question In-Reply-To: <06ca01c38bb5$391191a0$67a76244@philofsoa> Message-ID: <253B9596-F7AD-11D7-8DB3-003065778656@plusfour.org> Class Bestilling { var $something; function Bestilling ( ) { $this->something = 'Great Choice'; } function display_cart () { if ( isset( $this->something ) ) { print $this->something; } } } Class Betaling extends Bestilling { var $foobar; function Betaling () { $this->Bestilling(); // depending on your version of //php you have, you might have to initialize the class you are extending $this->foobar = 'A great purchase'; } } $new_class =& new Betaling; $new_class->display_cart(); On Sunday, October 5, 2003, at 07:54 PM, Phil Powell wrote: > ?if you have a Bestilling class with method display_cart(), and you > have a Betaling class that extends Bestilling, how do you call > display_cart from a Betaling class instance? > ? > Phil > _______________________________________________ > talk mailing list > talk at lists.nyphp.org > http://lists.nyphp.org/mailman/listinfo/talk From soazine at erols.com Sun Oct 5 23:29:08 2003 From: soazine at erols.com (Phil Powell) Date: Sun, 5 Oct 2003 23:29:08 -0400 Subject: [nycphp-talk] Ok let me ask a better question References: <253B9596-F7AD-11D7-8DB3-003065778656@plusfour.org> Message-ID: <070101c38bba$00d01280$67a76244@philofsoa> you lost me. :( Phil ----- Original Message ----- From: "Ian Forsyth" To: "NYPHP Talk" Sent: Sunday, October 05, 2003 11:28 PM Subject: Re: [nycphp-talk] Ok let me ask a better question Class Bestilling { var $something; function Bestilling ( ) { $this->something = 'Great Choice'; } function display_cart () { if ( isset( $this->something ) ) { print $this->something; } } } Class Betaling extends Bestilling { var $foobar; function Betaling () { $this->Bestilling(); // depending on your version of //php you have, you might have to initialize the class you are extending $this->foobar = 'A great purchase'; } } $new_class =& new Betaling; $new_class->display_cart(); On Sunday, October 5, 2003, at 07:54 PM, Phil Powell wrote: > if you have a Bestilling class with method display_cart(), and you > have a Betaling class that extends Bestilling, how do you call > display_cart from a Betaling class instance? > > Phil > _______________________________________________ > talk mailing list > talk at lists.nyphp.org > http://lists.nyphp.org/mailman/listinfo/talk _______________________________________________ talk mailing list talk at lists.nyphp.org http://lists.nyphp.org/mailman/listinfo/talk From danielc at analysisandsolutions.com Sun Oct 5 23:43:23 2003 From: danielc at analysisandsolutions.com (Analysis & Solutions) Date: Sun, 5 Oct 2003 23:43:23 -0400 Subject: [nycphp-talk] Ok let me ask a better question In-Reply-To: <06ca01c38bb5$391191a0$67a76244@philofsoa> References: <06ca01c38bb5$391191a0$67a76244@philofsoa> Message-ID: <20031006034323.GA7971@panix.com> Hi Phil: On Sun, Oct 05, 2003 at 10:54:55PM -0400, Phil Powell wrote: > if you have a Bestilling class with method display_cart(), and you have > a Betaling class that extends Bestilling, how do you call display_cart > from a Betaling class instance? By reading the manual and/or online tutorials. --Dan -- FREE scripts that make web and database programming easier http://www.analysisandsolutions.com/software/ T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y 4015 7th Ave #4AJ, Brooklyn NY v: 718-854-0335 f: 718-854-0409 From soazine at erols.com Mon Oct 6 00:04:14 2003 From: soazine at erols.com (Phil Powell) Date: Mon, 6 Oct 2003 00:04:14 -0400 Subject: [nycphp-talk] Ok let me ask a better question References: <06ca01c38bb5$391191a0$67a76244@philofsoa> <20031006034323.GA7971@panix.com> Message-ID: <072501c38bbe$e8239900$67a76244@philofsoa> Thanx, assuming I have and still don't get it, perhaps you could enlighten me further, because, I would not ask if, after careful investigation, that I STILL DO NOT KNOW! Phil ----- Original Message ----- From: "Analysis & Solutions" To: "NYPHP Talk" Sent: Sunday, October 05, 2003 11:43 PM Subject: Re: [nycphp-talk] Ok let me ask a better question > Hi Phil: > > On Sun, Oct 05, 2003 at 10:54:55PM -0400, Phil Powell wrote: > > > if you have a Bestilling class with method display_cart(), and you have > > a Betaling class that extends Bestilling, how do you call display_cart > > from a Betaling class instance? > > By reading the manual and/or online tutorials. > > --Dan > > -- > FREE scripts that make web and database programming easier > http://www.analysisandsolutions.com/software/ > T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y > 4015 7th Ave #4AJ, Brooklyn NY v: 718-854-0335 f: 718-854-0409 > _______________________________________________ > talk mailing list > talk at lists.nyphp.org > http://lists.nyphp.org/mailman/listinfo/talk From soazine at erols.com Mon Oct 6 00:08:19 2003 From: soazine at erols.com (Phil Powell) Date: Mon, 6 Oct 2003 00:08:19 -0400 Subject: [nycphp-talk] any of you ever wrote a get_next_id function in PHP? Message-ID: <073601c38bbf$79ed6000$67a76244@philofsoa> function getNewID($fieldName, $tableName) { // INT "METHOD" FOR NON-AUTO-INCREMENT FIELDS global $dbConn; $sql = "SELECT MAX($fieldName) FROM $tableName"; $query = mysql_query($sql, $dbConn) or die('Could not perform query: ' . mysql_error()); if (!($row = mysql_fetch_row($query))) return 1; return $row[0]; } I'm trying to retrieve the max(ID) from a column that cannot be auto_incremented (since mySQL version on this remote site only allows for tables to have ONE auto_increment field - how stupid), the basic premise is this: I either return 1) the max ID 2) '1' How have you guys done it, or what have I missed? Phil -------------- next part -------------- An HTML attachment was scrubbed... URL: From csnyder at chxo.com Mon Oct 6 00:19:17 2003 From: csnyder at chxo.com (Chris Snyder) Date: Mon, 06 Oct 2003 00:19:17 -0400 Subject: [nycphp-talk] Ok let me ask a better question In-Reply-To: <20031006034323.GA7971@panix.com> References: <06ca01c38bb5$391191a0$67a76244@philofsoa> <20031006034323.GA7971@panix.com> Message-ID: <3F80ED45.1010206@chxo.com> OR by hiring a programmer. Analysis & Solutions wrote: >Hi Phil: > >On Sun, Oct 05, 2003 at 10:54:55PM -0400, Phil Powell wrote: > > > >>if you have a Bestilling class with method display_cart(), and you have >>a Betaling class that extends Bestilling, how do you call display_cart >>from a Betaling class instance? >> >> > >By reading the manual and/or online tutorials. > >--Dan > > > From danielc at analysisandsolutions.com Mon Oct 6 00:27:30 2003 From: danielc at analysisandsolutions.com (Analysis & Solutions) Date: Mon, 6 Oct 2003 00:27:30 -0400 Subject: [nycphp-talk] Ok let me ask a better question In-Reply-To: <072501c38bbe$e8239900$67a76244@philofsoa> References: <06ca01c38bb5$391191a0$67a76244@philofsoa> <20031006034323.GA7971@panix.com> <072501c38bbe$e8239900$67a76244@philofsoa> Message-ID: <20031006042730.GB9405@panix.com> Hi Phil: On Mon, Oct 06, 2003 at 12:04:14AM -0400, Phil Powell wrote: > Thanx, assuming I have and still don't get it, perhaps you could enlighten > me further, because, I would not ask if, after careful investigation, that I > STILL DO NOT KNOW! I'll be glad to. Please provide the URI's of the manual page(s) you looked at and then we can go over the subject matter contained therein. Thanks, --Dan ... snipping unnecessary context, 'cuz I care about y'all ... -- FREE scripts that make web and database programming easier http://www.analysisandsolutions.com/software/ T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y 4015 7th Ave #4AJ, Brooklyn NY v: 718-854-0335 f: 718-854-0409 From soazine at erols.com Mon Oct 6 00:39:34 2003 From: soazine at erols.com (Phil Powell) Date: Mon, 6 Oct 2003 00:39:34 -0400 Subject: [nycphp-talk] Ok let me ask a better question References: <06ca01c38bb5$391191a0$67a76244@philofsoa><20031006034323.GA7971@panix.com><072501c38bbe$e8239900$67a76244@philofsoa> <20031006042730.GB9405@panix.com> Message-ID: <076601c38bc3$d7da2ff0$67a76244@philofsoa> Well I would go into php.net, phpbuilder, zend, nyphp.org and pcom.net but in the course of frustration, a long walk, prayer and a call from a cool friend of mine.. I fixed it. Phil ----- Original Message ----- From: "Analysis & Solutions" To: "NYPHP Talk" Sent: Monday, October 06, 2003 12:27 AM Subject: Re: [nycphp-talk] Ok let me ask a better question > Hi Phil: > > On Mon, Oct 06, 2003 at 12:04:14AM -0400, Phil Powell wrote: > > Thanx, assuming I have and still don't get it, perhaps you could enlighten > > me further, because, I would not ask if, after careful investigation, that I > > STILL DO NOT KNOW! > > I'll be glad to. Please provide the URI's of the manual page(s) you > looked at and then we can go over the subject matter contained therein. > > Thanks, > > --Dan > > ... snipping unnecessary context, 'cuz I care about y'all ... > > -- > FREE scripts that make web and database programming easier > http://www.analysisandsolutions.com/software/ > T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y > 4015 7th Ave #4AJ, Brooklyn NY v: 718-854-0335 f: 718-854-0409 > _______________________________________________ > talk mailing list > talk at lists.nyphp.org > http://lists.nyphp.org/mailman/listinfo/talk From jsiegel1 at optonline.net Mon Oct 6 09:21:21 2003 From: jsiegel1 at optonline.net (Jeff Siegel) Date: Mon, 06 Oct 2003 09:21:21 -0400 Subject: [nycphp-talk] Apache 2.0/Virtual Host with SSL Message-ID: <000401c38c0c$bc3baeb0$6501a8c0@EZDSDELL> Wondering how to handle the following problem. I installed Apache 2.0 using RH 9 (it comes bundled with PHP 4.2.2). After setting up virtual hosts using that beautifully written article I found at http://phundamentals.nyphp.org, I then tested some of my code which redirects a user to an HTTPS connection. I keep getting an Err 404. Thinking it might be the code I created two simple test pages: the first page has a link to the second page. Here's the link: click me. Now, "unap" is a virtual host on the server and all other links work correctly on the server but not this one. *However*, if I change the link to a fixed IP address, i.e., click me...it works fine. It seems, then, there is an Apache configuration that I'm missing. Hopefully someone can point me in the right direction. Jeff Siegel From hans at nyphp.org Mon Oct 6 09:55:33 2003 From: hans at nyphp.org (Hans Zaunere) Date: Mon, 06 Oct 2003 09:55:33 -0400 Subject: [nycphp-talk] Apache 2.0/Virtual Host with SSL In-Reply-To: <000401c38c0c$bc3baeb0$6501a8c0@EZDSDELL> References: <000401c38c0c$bc3baeb0$6501a8c0@EZDSDELL> Message-ID: <3F817455.5030909@nyphp.org> Jeff Siegel wrote: > Wondering how to handle the following problem. > > I installed Apache 2.0 using RH 9 (it comes bundled with PHP 4.2.2). > After setting up virtual hosts using that beautifully written article I > found at http://phundamentals.nyphp.org, I then tested some of my code > which redirects a user to an HTTPS connection. I keep getting an Err > 404. Thinking it might be the code I created two simple test pages: the > first page has a link to the second page. Here's the link: href="https://unap/test2.php">click me. Now, "unap" is a virtual > host on the server and all other links work correctly on the server but > not this one. *However*, if I change the link to a fixed IP address, > i.e., click me...it > works fine. It seems, then, there is an Apache configuration that I'm > missing. Hopefully someone can point me in the right direction. It looks like a configuration issue with ssl/apache. Basically, an SSL server can be seperate from a non-SSL server. It's generaly just another virtual host (based on port), with it's own document root, permissions, directives, etc. I'm not sure of the default httpd.conf that RH 9 uses, but I have a feeling this is the case. You have to make sure that either: 1) the two vhosts overlap, considering that name based and "SSL based" vhosts can be independant, or 2) that you're not letting Apache fallback to a default vhost (ie, the main server). Also keep in mind the ordering of vhost directives, and the document roots of each - if a request doesn't match a named host, AND the fact that it's either SSL or not, the request will fall back to the main server. Hope that doesn't confuse too much :) Hans ------------------------------- Try the new NYPHP Forums Today! http://forums.nyphp.org From jonbaer at jonbaer.net Mon Oct 6 10:27:27 2003 From: jonbaer at jonbaer.net (jon baer) Date: Mon, 6 Oct 2003 10:27:27 -0400 Subject: [nycphp-talk] Re:forum.nyphp.org References: <000d01c38393$b519bd60$bf8d3818@OBERON1><1064685458.5025.23.camel@gigabeast.home.cain.sh><3F803CBA.90105@nyphp.org> <003201c38b7c$f7617230$fc00fe0a@KEITZWS2> Message-ID: <008b01c38c15$f805d700$6700a8c0@thinkpad> hey, im actually working on something called "smartboard" which is an integration of AIML for FAQs (AIML is just a regex-like XML pattern matcher used in AI chatbots) and phpBB, ive already coded SOAP/RPC functionality into the AIML side + it will mainly be for the nycwireless stuff (hardware/software/device faqs) ... im mainly looking to parse examples from the php.net manual ... for example: http://us3.php.net/mysql_connect does anyone know if there is a methodical way to grab it from the site (either XML based or text based) so that it could be integrated? or do you think i should do this w/ offline docs? i will donate the work if i can get it going. - jon From tgales at tgaconnect.com Mon Oct 6 10:39:13 2003 From: tgales at tgaconnect.com (Tim Gales) Date: Mon, 6 Oct 2003 10:39:13 -0400 Subject: [nycphp-talk] Apache 2.0/Virtual Host with SSL In-Reply-To: <000401c38c0c$bc3baeb0$6501a8c0@EZDSDELL> Message-ID: <000001c38c17$9d212f40$bf8d3818@OBERON1> Jeff, The NameVirtualHost directive can be either an ip address or a domain name Which one is yours? T. Gales & Associates Helping People Connect with Technology http://www.tgaconnect.com -----Original Message----- From: talk-bounces at lists.nyphp.org [mailto:talk-bounces at lists.nyphp.org] On Behalf Of Jeff Siegel Sent: Monday, October 06, 2003 9:21 AM To: 'NYPHP Talk' Subject: [nycphp-talk] Apache 2.0/Virtual Host with SSL Wondering how to handle the following problem. I installed Apache 2.0 using RH 9 (it comes bundled with PHP 4.2.2). After setting up virtual hosts using that beautifully written article I found at http://phundamentals.nyphp.org, I then tested some of my code which redirects a user to an HTTPS connection. I keep getting an Err 404. Thinking it might be the code I created two simple test pages: the first page has a link to the second page. Here's the link: click me. Now, "unap" is a virtual host on the server and all other links work correctly on the server but not this one. *However*, if I change the link to a fixed IP address, i.e., click me...it works fine. It seems, then, there is an Apache configuration that I'm missing. Hopefully someone can point me in the right direction. Jeff Siegel _______________________________________________ talk mailing list talk at lists.nyphp.org http://lists.nyphp.org/mailman/listinfo/talk From danielc at analysisandsolutions.com Mon Oct 6 11:17:59 2003 From: danielc at analysisandsolutions.com (Analysis & Solutions) Date: Mon, 6 Oct 2003 11:17:59 -0400 Subject: [nycphp-talk] Ok let me ask a better question In-Reply-To: <076601c38bc3$d7da2ff0$67a76244@philofsoa> References: <20031006042730.GB9405@panix.com> <076601c38bc3$d7da2ff0$67a76244@philofsoa> Message-ID: <20031006151759.GA28118@panix.com> Hi Phil: On Mon, Oct 06, 2003 at 12:39:34AM -0400, Phil Powell wrote: > Well I would go into php.net, phpbuilder, zend, nyphp.org and > pcom.net but So now you're saying "would." Your last email said "assuming that I have" as to imply that you actually "did." Which is it? If you actually "did," what are the URI's you actually looked at? You can look in your web browser's history (in IE: it's the icon in the tool bar that looks like a sun dial). --Dan -- FREE scripts that make web and database programming easier http://www.analysisandsolutions.com/software/ T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y 4015 7th Ave #4AJ, Brooklyn NY v: 718-854-0335 f: 718-854-0409 From shiflett at php.net Mon Oct 6 11:40:45 2003 From: shiflett at php.net (Chris Shiflett) Date: Mon, 6 Oct 2003 08:40:45 -0700 (PDT) Subject: [nycphp-talk] Ok let me ask a better question In-Reply-To: <072501c38bbe$e8239900$67a76244@philofsoa> Message-ID: <20031006154045.62960.qmail@web14302.mail.yahoo.com> --- Phil Powell wrote: > I would not ask if, after careful investigation, that I STILL DO > NOT KNOW! Most people on this list learn well from experience, and experience has shown that you do not give anything "careful investigation" prior to asking the list. Your questions would be better received and easier to answer if you would put forth some effort of your own (before or after you ask, in fact; we're forgiving). In the future, perhaps you should add this URL to your list of things to reference prior to asking a question: http://www.catb.org/~esr/faqs/smart-questions.html Hope that helps. Chris ===== My Blog http://shiflett.org/ HTTP Developer's Handbook http://httphandbook.org/ RAMP Training Courses http://www.nyphp.org/ramp From soazine at pop.erols.com Mon Oct 6 12:19:18 2003 From: soazine at pop.erols.com (soazine at pop.erols.com) Date: Mon, 6 Oct 2003 12:19:18 -0400 Subject: [nycphp-talk] Ok let me ask a better question Message-ID: <293580-220031016161918597@M2W047.mail2web.com> I've been shown that URL before and have read it and read it, which only goes to show I must either have a learning disability or a different method of understanding computing than everyone else here. Trust me, I read stuff, online and off. If I've gone to answering questions that means I have exhausted EVERY SINGLE OPTION I am aware of. I just can't intuitively know things like you guys, I'm not that intelligent, as you have most likely ascertained for yourselves. So sorry, but you can show me the URL a million times; I will probably STILL get it wrong because I just can't know exactly what to see online or in manuals that will give me the clear answer every single time. Phil Original Message: ----------------- From: Chris Shiflett shiflett at php.net Date: Mon, 6 Oct 2003 08:40:45 -0700 (PDT) To: talk at lists.nyphp.org Subject: Re: [nycphp-talk] Ok let me ask a better question --- Phil Powell wrote: > I would not ask if, after careful investigation, that I STILL DO > NOT KNOW! Most people on this list learn well from experience, and experience has shown that you do not give anything "careful investigation" prior to asking the list. Your questions would be better received and easier to answer if you would put forth some effort of your own (before or after you ask, in fact; we're forgiving). In the future, perhaps you should add this URL to your list of things to reference prior to asking a question: http://www.catb.org/~esr/faqs/smart-questions.html Hope that helps. Chris ===== My Blog http://shiflett.org/ HTTP Developer's Handbook http://httphandbook.org/ RAMP Training Courses http://www.nyphp.org/ramp _______________________________________________ talk mailing list talk at lists.nyphp.org http://lists.nyphp.org/mailman/listinfo/talk -------------------------------------------------------------------- mail2web - Check your email from the web at http://mail2web.com/ . From jsiegel1 at optonline.net Mon Oct 6 11:35:36 2003 From: jsiegel1 at optonline.net (Jeff Siegel) Date: Mon, 06 Oct 2003 11:35:36 -0400 Subject: [nycphp-talk] Apache 2.0/Virtual Host with SSL In-Reply-To: <3F817455.5030909@nyphp.org> Message-ID: <000801c38c1f$7d35d2a0$6501a8c0@EZDSDELL> I had tried adding in a virtual host with a specific port, namely, 443, but then realized there's more going on here that I realized and the docs aren't as clear as one might hope. Jeff -----Original Message----- From: talk-bounces at lists.nyphp.org [mailto:talk-bounces at lists.nyphp.org] On Behalf Of Hans Zaunere Sent: Monday, October 06, 2003 8:56 AM To: NYPHP Talk Subject: Re: [nycphp-talk] Apache 2.0/Virtual Host with SSL Jeff Siegel wrote: > Wondering how to handle the following problem. > > I installed Apache 2.0 using RH 9 (it comes bundled with PHP 4.2.2). > After setting up virtual hosts using that beautifully written article I > found at http://phundamentals.nyphp.org, I then tested some of my code > which redirects a user to an HTTPS connection. I keep getting an Err > 404. Thinking it might be the code I created two simple test pages: the > first page has a link to the second page. Here's the link: href="https://unap/test2.php">click me. Now, "unap" is a virtual > host on the server and all other links work correctly on the server but > not this one. *However*, if I change the link to a fixed IP address, > i.e., click me...it > works fine. It seems, then, there is an Apache configuration that I'm > missing. Hopefully someone can point me in the right direction. It looks like a configuration issue with ssl/apache. Basically, an SSL server can be seperate from a non-SSL server. It's generaly just another virtual host (based on port), with it's own document root, permissions, directives, etc. I'm not sure of the default httpd.conf that RH 9 uses, but I have a feeling this is the case. You have to make sure that either: 1) the two vhosts overlap, considering that name based and "SSL based" vhosts can be independant, or 2) that you're not letting Apache fallback to a default vhost (ie, the main server). Also keep in mind the ordering of vhost directives, and the document roots of each - if a request doesn't match a named host, AND the fact that it's either SSL or not, the request will fall back to the main server. Hope that doesn't confuse too much :) Hans ------------------------------- Try the new NYPHP Forums Today! http://forums.nyphp.org _______________________________________________ talk mailing list talk at lists.nyphp.org http://lists.nyphp.org/mailman/listinfo/talk From heli_travel at yahoo.com Mon Oct 6 12:53:14 2003 From: heli_travel at yahoo.com (LIAO YANG) Date: Mon, 6 Oct 2003 09:53:14 -0700 (PDT) Subject: [nycphp-talk] A question about Postnuke In-Reply-To: <293580-220031016161918597@M2W047.mail2web.com> Message-ID: <20031006165314.62272.qmail@web12202.mail.yahoo.com> Hi All: After finished the installation, I try to add some weblinks to a category, but I can't add the second one, I alwasy get "The link existed" or "no authorisation to operate this". does any one know what is problem, do I need to modify the code? is it a bug? Thanks in advance! Yang __________________________________ Do you Yahoo!? The New Yahoo! Shopping - with improved product search http://shopping.yahoo.com From jsiegel1 at optonline.net Mon Oct 6 11:35:36 2003 From: jsiegel1 at optonline.net (Jeff Siegel) Date: Mon, 06 Oct 2003 11:35:36 -0400 Subject: [nycphp-talk] Apache 2.0/Virtual Host with SSL In-Reply-To: <000001c38c17$9d212f40$bf8d3818@OBERON1> Message-ID: <000901c38c1f$7efd2520$6501a8c0@EZDSDELL> An IP address. Below is the relevant section of httpd.conf. NameVirtualHost 192.168.1.112:80 DocumentRoot /var/www/html ServerName linux2 DocumentRoot /var/www/html/unap ServerName unap DocumentRoot /var/www/html/jeff ServerName myproj2 -----Original Message----- From: talk-bounces at lists.nyphp.org [mailto:talk-bounces at lists.nyphp.org] On Behalf Of Tim Gales Sent: Monday, October 06, 2003 9:39 AM To: 'NYPHP Talk' Subject: RE: [nycphp-talk] Apache 2.0/Virtual Host with SSL Jeff, The NameVirtualHost directive can be either an ip address or a domain name Which one is yours? T. Gales & Associates Helping People Connect with Technology http://www.tgaconnect.com -----Original Message----- From: talk-bounces at lists.nyphp.org [mailto:talk-bounces at lists.nyphp.org] On Behalf Of Jeff Siegel Sent: Monday, October 06, 2003 9:21 AM To: 'NYPHP Talk' Subject: [nycphp-talk] Apache 2.0/Virtual Host with SSL Wondering how to handle the following problem. I installed Apache 2.0 using RH 9 (it comes bundled with PHP 4.2.2). After setting up virtual hosts using that beautifully written article I found at http://phundamentals.nyphp.org, I then tested some of my code which redirects a user to an HTTPS connection. I keep getting an Err 404. Thinking it might be the code I created two simple test pages: the first page has a link to the second page. Here's the link: click me. Now, "unap" is a virtual host on the server and all other links work correctly on the server but not this one. *However*, if I change the link to a fixed IP address, i.e., click me...it works fine. It seems, then, there is an Apache configuration that I'm missing. Hopefully someone can point me in the right direction. Jeff Siegel _______________________________________________ talk mailing list talk at lists.nyphp.org http://lists.nyphp.org/mailman/listinfo/talk _______________________________________________ talk mailing list talk at lists.nyphp.org http://lists.nyphp.org/mailman/listinfo/talk From danielc at analysisandsolutions.com Mon Oct 6 13:37:01 2003 From: danielc at analysisandsolutions.com (Analysis & Solutions) Date: Mon, 6 Oct 2003 13:37:01 -0400 Subject: [nycphp-talk] Ok let me ask a better question In-Reply-To: <20031006151759.GA28118@panix.com> References: <20031006042730.GB9405@panix.com> <076601c38bc3$d7da2ff0$67a76244@philofsoa> <20031006151759.GA28118@panix.com> Message-ID: <20031006173700.GA22574@panix.com> Hello Again Phil: On Mon, Oct 06, 2003 at 11:17:59AM -0400, Analysis & Solutions wrote: > Hi Phil: > > On Mon, Oct 06, 2003 at 12:39:34AM -0400, Phil Powell wrote: > > Well I would go into php.net, phpbuilder, zend, nyphp.org and > > pcom.net but > > So now you're saying "would." Your last email said "assuming that I have" > as to imply that you actually "did." Which is it? If you actually "did," > what are the URI's you actually looked at? You can look in your web > browser's history (in IE: it's the icon in the tool bar that looks like a > sun dial). By your lack of response, I'll take this discussion to mean "would," thus you didn't actually read the PHP manual on line. By the way, the manual has code examples that you can cut and paste, then examine and play with to determine how things work. Enjoy, --Dan -- FREE scripts that make web and database programming easier http://www.analysisandsolutions.com/software/ T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y 4015 7th Ave #4AJ, Brooklyn NY v: 718-854-0335 f: 718-854-0409 From dan at mx2pro.com Mon Oct 6 14:00:51 2003 From: dan at mx2pro.com (Dan Horning) Date: Mon, 6 Oct 2003 14:00:51 -0400 Subject: [nycphp-talk] A question about Postnuke In-Reply-To: <20031006165314.62272.qmail@web12202.mail.yahoo.com> Message-ID: <20031006180055.9CE75A85ED@virtu.nyphp.org> Simple... You have to add categories then add links... However you must be logged in and adding them.. Oh wait When using the pn admin panels .. Don't use your back button... Click forward only - Dan Horning 1-866-284-3150 (Toll-Free) President: Technical Evangelism & Media Systems Administration MX2 Productions Media from concept to execution. > -----Original Message----- > From: talk-bounces at lists.nyphp.org > [mailto:talk-bounces at lists.nyphp.org] On Behalf Of LIAO YANG > Sent: Monday, October 06, 2003 12:53 PM > To: NYPHP Talk > Subject: [nycphp-talk] A question about Postnuke > > Hi All: > After finished the installation, I try to add some weblinks to a > category, but I can't add the second one, I alwasy get "The link > existed" or "no authorisation to operate this". > does any one know what is problem, do I need to modify the code? > is it a bug? > > Thanks in advance! > > Yang > > __________________________________ > Do you Yahoo!? > The New Yahoo! Shopping - with improved product search > http://shopping.yahoo.com > _______________________________________________ > talk mailing list > talk at lists.nyphp.org > http://lists.nyphp.org/mailman/listinfo/talk > From dan at mx2pro.com Mon Oct 6 14:02:10 2003 From: dan at mx2pro.com (Dan Horning) Date: Mon, 6 Oct 2003 14:02:10 -0400 Subject: [nycphp-talk] Apache 2.0/Virtual Host with SSL In-Reply-To: <000901c38c1f$7efd2520$6501a8c0@EZDSDELL> Message-ID: <20031006180213.EEBCFA85ED@virtu.nyphp.org> What cpu are you using to connect to your internal network server? If you haven't setup those hostnames in your hosts file... They aren't going to connect - Dan Horning 1-866-284-3150 (Toll-Free) President: Technical Evangelism & Media Systems Administration MX2 Productions Media from concept to execution. > -----Original Message----- > From: talk-bounces at lists.nyphp.org > [mailto:talk-bounces at lists.nyphp.org] On Behalf Of Jeff Siegel > Sent: Monday, October 06, 2003 11:36 AM > To: tgales at tgaconnect.com; 'NYPHP Talk' > Subject: RE: [nycphp-talk] Apache 2.0/Virtual Host with SSL > > An IP address. Below is the relevant section of httpd.conf. > > NameVirtualHost 192.168.1.112:80 > > > DocumentRoot /var/www/html > ServerName linux2 > > > DocumentRoot /var/www/html/unap > ServerName unap > > > DocumentRoot /var/www/html/jeff > ServerName myproj2 > > > -----Original Message----- > From: talk-bounces at lists.nyphp.org > [mailto:talk-bounces at lists.nyphp.org] > On Behalf Of Tim Gales > Sent: Monday, October 06, 2003 9:39 AM > To: 'NYPHP Talk' > Subject: RE: [nycphp-talk] Apache 2.0/Virtual Host with SSL > > > Jeff, > > The NameVirtualHost directive can be either an ip address or > a domain name > > Which one is yours? > > > > T. Gales & Associates > Helping People Connect with Technology > http://www.tgaconnect.com > > -----Original Message----- > From: talk-bounces at lists.nyphp.org > [mailto:talk-bounces at lists.nyphp.org] On Behalf Of Jeff > Siegel > Sent: Monday, October 06, 2003 9:21 AM > To: 'NYPHP Talk' > Subject: [nycphp-talk] Apache 2.0/Virtual Host with SSL > > Wondering how to handle the following problem. > > I installed Apache 2.0 using RH 9 (it comes bundled with PHP > 4.2.2). > After setting up virtual hosts using that beautifully > written article I > found at http://phundamentals.nyphp.org, I then tested some > of my code > which redirects a user to an HTTPS connection. I keep > getting an Err > 404. Thinking it might be the code I created two simple test > pages: the > first page has a link to the second page. Here's the link: > href="https://unap/test2.php">click me. Now, "unap" is a > virtual > host on the server and all other links work correctly on the > server but > not this one. *However*, if I change the link to a fixed IP > address, > i.e., click > me...it > works fine. It seems, then, there is an Apache configuration > that I'm > missing. Hopefully someone can point me in the right > direction. > > Jeff Siegel > > _______________________________________________ > talk mailing list > talk at lists.nyphp.org > http://lists.nyphp.org/mailman/listinfo/talk > > _______________________________________________ > talk mailing list > talk at lists.nyphp.org > http://lists.nyphp.org/mailman/listinfo/talk > > _______________________________________________ > talk mailing list > talk at lists.nyphp.org > http://lists.nyphp.org/mailman/listinfo/talk > From soazine at pop.erols.com Mon Oct 6 14:04:38 2003 From: soazine at pop.erols.com (soazine at pop.erols.com) Date: Mon, 6 Oct 2003 14:04:38 -0400 Subject: [nycphp-talk] Ok let me ask a better question Message-ID: <63340-22003101618438769@M2W075.mail2web.com> I am not having to prove to you whether or not I read the manuals. I know I did and that's all that matters. I read them and they didn't make it clear to me, and I explained that already. I've moved on, thanks for your help. Phil Original Message: ----------------- From: Analysis & Solutions danielc at analysisandsolutions.com Date: Mon, 6 Oct 2003 13:37:01 -0400 To: talk at lists.nyphp.org Subject: Re: [nycphp-talk] Ok let me ask a better question Hello Again Phil: On Mon, Oct 06, 2003 at 11:17:59AM -0400, Analysis & Solutions wrote: > Hi Phil: > > On Mon, Oct 06, 2003 at 12:39:34AM -0400, Phil Powell wrote: > > Well I would go into php.net, phpbuilder, zend, nyphp.org and > > pcom.net but > > So now you're saying "would." Your last email said "assuming that I have" > as to imply that you actually "did." Which is it? If you actually "did," > what are the URI's you actually looked at? You can look in your web > browser's history (in IE: it's the icon in the tool bar that looks like a > sun dial). By your lack of response, I'll take this discussion to mean "would," thus you didn't actually read the PHP manual on line. By the way, the manual has code examples that you can cut and paste, then examine and play with to determine how things work. Enjoy, --Dan -- FREE scripts that make web and database programming easier http://www.analysisandsolutions.com/software/ T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y 4015 7th Ave #4AJ, Brooklyn NY v: 718-854-0335 f: 718-854-0409 _______________________________________________ talk mailing list talk at lists.nyphp.org http://lists.nyphp.org/mailman/listinfo/talk -------------------------------------------------------------------- mail2web - Check your email from the web at http://mail2web.com/ . From chris at wildcharacters.com Mon Oct 6 15:15:56 2003 From: chris at wildcharacters.com (Chris Hubbard) Date: Mon, 6 Oct 2003 11:15:56 -0800 Subject: [nycphp-talk] Ok let me ask a better question In-Reply-To: <63340-22003101618438769@M2W075.mail2web.com> Message-ID: Phil, You are correct you don't have to prove anything to anyone. However if you are requesting help, then you should plan on making the request in a way that people are likely to provide help and not grief. If the request even hints that you haven't done "sufficient" research first, then you're likely to get grief. If you spend a couple minutes in the first email explaining what you have done and what you have tried, then it's likely that you'll get your question answered. Think about the time you've spent on this thread. If you had provided a "better" request, then you would have saved that time. Words in quotes are to be considered very subjective. Chris -----Original Message----- From: talk-bounces at lists.nyphp.org [mailto:talk-bounces at lists.nyphp.org]On Behalf Of soazine at pop.erols.com Sent: Monday, October 06, 2003 10:05 AM To: talk at lists.nyphp.org Subject: Re: [nycphp-talk] Ok let me ask a better question I am not having to prove to you whether or not I read the manuals. I know I did and that's all that matters. I read them and they didn't make it clear to me, and I explained that already. I've moved on, thanks for your help. Phil Original Message: ----------------- From: Analysis & Solutions danielc at analysisandsolutions.com Date: Mon, 6 Oct 2003 13:37:01 -0400 To: talk at lists.nyphp.org Subject: Re: [nycphp-talk] Ok let me ask a better question Hello Again Phil: On Mon, Oct 06, 2003 at 11:17:59AM -0400, Analysis & Solutions wrote: > Hi Phil: > > On Mon, Oct 06, 2003 at 12:39:34AM -0400, Phil Powell wrote: > > Well I would go into php.net, phpbuilder, zend, nyphp.org and > > pcom.net but > > So now you're saying "would." Your last email said "assuming that I have" > as to imply that you actually "did." Which is it? If you actually "did," > what are the URI's you actually looked at? You can look in your web > browser's history (in IE: it's the icon in the tool bar that looks like a > sun dial). By your lack of response, I'll take this discussion to mean "would," thus you didn't actually read the PHP manual on line. By the way, the manual has code examples that you can cut and paste, then examine and play with to determine how things work. Enjoy, --Dan -- FREE scripts that make web and database programming easier http://www.analysisandsolutions.com/software/ T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y 4015 7th Ave #4AJ, Brooklyn NY v: 718-854-0335 f: 718-854-0409 _______________________________________________ talk mailing list talk at lists.nyphp.org http://lists.nyphp.org/mailman/listinfo/talk -------------------------------------------------------------------- mail2web - Check your email from the web at http://mail2web.com/ . _______________________________________________ talk mailing list talk at lists.nyphp.org http://lists.nyphp.org/mailman/listinfo/talk From soazine at pop.erols.com Mon Oct 6 14:17:49 2003 From: soazine at pop.erols.com (soazine at pop.erols.com) Date: Mon, 6 Oct 2003 14:17:49 -0400 Subject: [nycphp-talk] For Dan - per request Message-ID: <410-220031016181749923@M2W086.mail2web.com> STEPS I FOLLOWED IN PURSUIT OF ORIGINAL PROBLEM 10/6/2003 @ 1:30AM EST ---------------------------------------------------------------------------- --------------------------------- http://us2.php.net/manual/en/ref.classobj.php Highlight: Example 2. test_script.php
One important thing to note in the example above is that the object $leafy is an instance of the class Spinach which is a subclass of Vegetable, therefore the last part of the script above will output: [...] Parentage: Object leafy does not belong to a subclass of Spinach Object leafy belongs to class spinach a subclass of Vegetable ------------------------------------------------------------------------- (incidentally, I DID just that in my subclass to reference the superclass' method: $cartQuery = $this->display_cart(); ------------------------------------------------------------------------- http://www.phpbuilder.com/manual/keyword.extends.php ------------------------------------------------------------------------- http://www.zend.com/zend/zengine/zengine-issue10.php (based upon a comp.lang.php newsgroup article I thought would maybe clarify the SYNTAX of calling a superclass method from a subclass using the Namespace operator - was wrong there!) ------------------------------------------------------------------------- http://groups.google.com/groups?hl=en&lr=&ie=ISO-8859-1&q=class+extends&btnG =Google+Search&meta=group%3Dcomp.lang.php Couldn't find anything there other than the typical denotation $this->super_class_method() ------------------------------------------------------------------------- http://www.pcoms.net/ That was suggested by Dan Horning. I found nothing there that pertained to my problem. ------------------------------------------------------------------------- There you have it. As you can see I followed the steps to the letter in searching out the problem on my own, which was to no avail at the time, hence, my decision to brainlessly post on nyphp.org my apparently inane questions about classes and calling the superclass method from the subclass. I hope that offers proof of my ability to follow instruction. Phil -------------------------------------------------------------------- mail2web - Check your email from the web at http://mail2web.com/ . From danielc at analysisandsolutions.com Mon Oct 6 14:37:33 2003 From: danielc at analysisandsolutions.com (Analysis & Solutions) Date: Mon, 6 Oct 2003 14:37:33 -0400 Subject: [nycphp-talk] For Dan - per request In-Reply-To: <410-220031016181749923@M2W086.mail2web.com> References: <410-220031016181749923@M2W086.mail2web.com> Message-ID: <20031006183732.GA29735@panix.com> Hi Phil: On Mon, Oct 06, 2003 at 02:17:49PM -0400, soazine at pop.erols.com wrote: > > http://us2.php.net/manual/en/ref.classobj.php Okay. Here's part of the problem. You're looking at PHP's functions that manipulate classes. You need to be looking at the "language reference" section that explains how to write your own objects and utilize them. Manual: http://us2.php.net/manual/en/index.php Section II: Language Reference Subsection 13: Classes and Objects http://us2.php.net/manual/en/language.oop.php Read the text there then copy the example. Then, since you're interested in extensions of classes, click the link on the top of the chapter named "extends." Read that information. Copy the examples into the same file as the other example. In there is this line, that answers your question of how to access a method from the original class: $ncart->add_item("10", 1); // (inherited functionality from cart) That's how you call ANYTHING from any part of the class when you're in PHP code that's not part of a class. Execute the example to see what it does. > http://groups.google.com/groups?hl=en&lr=&ie=ISO-8859-1&q=class+extends&btnG > =Google+Search&meta=group%3Dcomp.lang.php > > Couldn't find anything there other than the typical denotation > $this->super_class_method() Which is how you call a method of the the class (be it a parent, child or itself) from _inside_ any method of the class regardless of whether you're in the parent, child or present class. > There you have it. As you can see I followed the steps to the letter in > searching out the problem on my own, which was to no avail at the time, > hence, my decision to brainlessly post on nyphp.org my apparently inane > questions about classes and calling the superclass method from the subclass. If you posted these URI's up front, we could have told you up front that you were looking in the wrong places and point you to the right place. --Dan -- FREE scripts that make web and database programming easier http://www.analysisandsolutions.com/software/ T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y 4015 7th Ave #4AJ, Brooklyn NY v: 718-854-0335 f: 718-854-0409 From agfische at email.smith.edu Mon Oct 6 15:57:22 2003 From: agfische at email.smith.edu (Aaron Fischer) Date: Mon, 6 Oct 2003 15:57:22 -0400 Subject: [nycphp-talk] Syntax question (was handling forms (relative newbie)) In-Reply-To: <20031003193403.39677.qmail@web14310.mail.yahoo.com> Message-ID: <4C9116AE-F837-11D7-A252-0003930D07F2@email.smith.edu> Quick question: I noticed on some posts to my original question the syntax for accessing an array element of $_POST or $_SESSION uses single quotes around the array element. In the reference book I am using there are no quotes, just something like $_SESSION[first_name]. I googled a number of discussions and articles and have found examples of both methods. So, my question is, does it matter if one uses the single quotes or no quotes as both seem to work? Are there any security issues or other nuances I should be aware of or is the language just forgiving in this respect and I could choose either way? TIA, -Aaron On Friday, October 3, 2003, at 03:34 pm, Chris Shiflett wrote: > 1. Validate $_POST['foo'] > 2. Validate $_POST['bar'] > 3. $_SESSION = $_POST > 4. $_SESSION['blah'] is used somewhere important From hans at nyphp.org Mon Oct 6 16:04:50 2003 From: hans at nyphp.org (Hans Zaunere) Date: Mon, 06 Oct 2003 16:04:50 -0400 Subject: [nycphp-talk] Apache 2.0/Virtual Host with SSL In-Reply-To: <000901c38c1f$7efd2520$6501a8c0@EZDSDELL> References: <000901c38c1f$7efd2520$6501a8c0@EZDSDELL> Message-ID: <3F81CAE2.8040107@nyphp.org> Jeff Siegel wrote: > An IP address. Below is the relevant section of httpd.conf. > > NameVirtualHost 192.168.1.112:80 > > > DocumentRoot /var/www/html > ServerName linux2 > > > DocumentRoot /var/www/html/unap > ServerName unap > > > DocumentRoot /var/www/html/jeff > ServerName myproj2 > Ahh, try adding another NameVirtualHost, specifically: NameVirtualHost 192.168.1.112:443 H From dmintz at panix.com Mon Oct 6 16:06:07 2003 From: dmintz at panix.com (David Mintz) Date: Mon, 6 Oct 2003 16:06:07 -0400 (EDT) Subject: [nycphp-talk] Syntax question (was handling forms (relative newbie)) In-Reply-To: <4C9116AE-F837-11D7-A252-0003930D07F2@email.smith.edu> References: <4C9116AE-F837-11D7-A252-0003930D07F2@email.smith.edu> Message-ID: On Mon, 6 Oct 2003, Aaron Fischer wrote: > Quick question: I noticed on some posts to my original question the > syntax for accessing an array element of $_POST or $_SESSION uses > single quotes around the array element. In the reference book I am > using there are no quotes, just something like $_SESSION[first_name]. > I googled a number of discussions and articles and have found examples > of both methods. > > So, my question is, does it matter if one uses the single quotes or no > quotes as both seem to work? Are there any security issues or other > nuances I should be aware of or is the language just forgiving in this > respect and I could choose either way? I think I know this one. Saying array[foo] without quotes is something you can (usually) get away with but it's deprecated. Bad habit. If you have error reporting set to report 'notices', PHP will give you a warning about it. Notice: PHPDocument1 line 5 - Use of undefined constant foo - assumed 'foo' btw, if you want to embed $array["foo"] within a doble-quoted string, you can do it protecting it with {}. echo "Value of \$array["foo"] is now {$array["foo"]}, isn't that fascinating."; HTH --- David Mintz http://davidmintz.org/ Email: See http://dmintzweb.com/whitelist.php first! "Y d?le p'abajo" Tito Rojas From hans at nyphp.org Mon Oct 6 16:17:19 2003 From: hans at nyphp.org (Hans Zaunere) Date: Mon, 06 Oct 2003 16:17:19 -0400 Subject: [nycphp-talk] Syntax question (was handling forms (relative newbie)) In-Reply-To: <4C9116AE-F837-11D7-A252-0003930D07F2@email.smith.edu> References: <4C9116AE-F837-11D7-A252-0003930D07F2@email.smith.edu> Message-ID: <3F81CDCF.5080500@nyphp.org> Aaron Fischer wrote: > Quick question: I noticed on some posts to my original question the > syntax for accessing an array element of $_POST or $_SESSION uses single > quotes around the array element. In the reference book I am using there > are no quotes, just something like $_SESSION[first_name]. I googled a > number of discussions and articles and have found examples of both methods. > > So, my question is, does it matter if one uses the single quotes or no > quotes as both seem to work? Are there any security issues or other > nuances I should be aware of or is the language just forgiving in this > respect and I could choose either way? It matters; unfortunately PHP lets people be too sloppy in this respect. Doing: $anarray[elementname]; assumes elementname as a constant first; since it's not a constant first, it takes it literally as a string. This is *very* bad (performance/security/style) and any book that gives examples like this should have it's worth reconsidered. You should always do: $anarray['elementname']; unless you need to get fancy, as in the following examples: define('ELEMENTNUM', 5); $anarray[ELEMENTNUM]; // This is totally different from the very first example. $elementname = 'somethingelse'; $anarray[$elementname]; // This is the same as writing $anarray['somethingelse']; $elementname = 'elementnum'; $anarray["{$elementname}5"]; // This could also be written $anarray[$elementname.'5']; So yeah, don't ever do $_SESSION[first_name]; PHP is loosely typed and forgiving - but don't take advantage of it too much, as it'll come around and burn you some time :) H From hans at nyphp.org Mon Oct 6 16:22:32 2003 From: hans at nyphp.org (Hans Zaunere) Date: Mon, 06 Oct 2003 16:22:32 -0400 Subject: [nycphp-talk] Re:forum.nyphp.org In-Reply-To: <008b01c38c15$f805d700$6700a8c0@thinkpad> References: <000d01c38393$b519bd60$bf8d3818@OBERON1><1064685458.5025.23.camel@gigabeast.home.cain.sh><3F803CBA.90105@nyphp.org> <003201c38b7c$f7617230$fc00fe0a@KEITZWS2> <008b01c38c15$f805d700$6700a8c0@thinkpad> Message-ID: <3F81CF08.6060706@nyphp.org> jon baer wrote: > hey, > > im actually working on something called "smartboard" which is an integration > of AIML for FAQs (AIML is just a regex-like XML pattern matcher used in AI > chatbots) and phpBB, ive already coded SOAP/RPC functionality into the AIML > side + it will mainly be for the nycwireless stuff (hardware/software/device > faqs) ... im mainly looking to parse examples from the php.net manual ... > for example: > > http://us3.php.net/mysql_connect > $link = mysql_connect("localhost", "mysql_user", "mysql_password") > or die("Could not connect: " . mysql_error()); > print ("Connected successfully"); > mysql_close($link); > ?> > does anyone know if there is a methodical way to grab it from the site > (either XML based or text based) so > that it could be integrated? or do you think i should do this w/ offline > docs? > i will donate the work if i can get it going. It's tricky, but maybe this can steer you in the right direction: http://cvs.php.net/cvs.php/phpdoc?login=2 http://cvs.php.net/cvs.php/phpdoc/howto?login=2 http://www.php.net/manual/en/about.php H From shiflett at php.net Mon Oct 6 16:37:50 2003 From: shiflett at php.net (Chris Shiflett) Date: Mon, 6 Oct 2003 13:37:50 -0700 (PDT) Subject: [nycphp-talk] Syntax question (was handling forms (relative newbie)) In-Reply-To: <3F81CDCF.5080500@nyphp.org> Message-ID: <20031006203750.43646.qmail@web14309.mail.yahoo.com> --- Hans Zaunere wrote: > $anarray[elementname]; > > assumes elementname as a constant Hans beat me to it. Specifically, your syntax declares elementname to be a constant, such as ELEMENTNUM is in Hans's example: > define('ELEMENTNUM', 5); PHP can tolerate your error and continue. But, this is no better practice than writing broken HTML tables that IE happens to render; it doesn't make them right. :-) Chris ===== My Blog http://shiflett.org/ HTTP Developer's Handbook http://httphandbook.org/ RAMP Training Courses http://www.nyphp.org/ramp From danielc at analysisandsolutions.com Mon Oct 6 16:40:02 2003 From: danielc at analysisandsolutions.com (Analysis & Solutions) Date: Mon, 6 Oct 2003 16:40:02 -0400 Subject: [nycphp-talk] Syntax question (was handling forms (relative newbie)) In-Reply-To: References: <4C9116AE-F837-11D7-A252-0003930D07F2@email.smith.edu> Message-ID: <20031006204001.GA14168@panix.com> On Mon, Oct 06, 2003 at 04:06:07PM -0400, David Mintz wrote: > > btw, if you want to embed $array["foo"] within a doble-quoted string... Also, use single quotes, unless you need the information therein to be evaluated, in which case you'd need double quotes. --Dan -- FREE scripts that make web and database programming easier http://www.analysisandsolutions.com/software/ T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y 4015 7th Ave #4AJ, Brooklyn NY v: 718-854-0335 f: 718-854-0409 From dmintz at panix.com Mon Oct 6 16:59:47 2003 From: dmintz at panix.com (David Mintz) Date: Mon, 6 Oct 2003 16:59:47 -0400 (EDT) Subject: [nycphp-talk] Syntax question (was handling forms (relative newbie)) In-Reply-To: <20031006204001.GA14168@panix.com> References: <4C9116AE-F837-11D7-A252-0003930D07F2@email.smith.edu> <20031006204001.GA14168@panix.com> Message-ID: On Mon, 6 Oct 2003, Analysis & Solutions wrote: > On Mon, Oct 06, 2003 at 04:06:07PM -0400, David Mintz wrote: > > > > btw, if you want to embed $array["foo"] within a doble-quoted string... > > Also, use single quotes, unless you need the information therein to be > evaluated, in which case you'd need double quotes. Ah, good point. BTW in the don't-trust-everything-you-read department: Hans just said any book that says to say $array[elementname] should be reconsidered. Just such a book is where I picked up the nasty habit back in the day. Likewise, register_globals. I seem to recall in ancient times (4 years ago?) reading PHP tutorials online that said, in substance, PHP is just great because if you have a form element named "foo", then when the form is submitted you automatically get its value available to you in $foo, isn't that the coolest? --- David Mintz http://davidmintz.org/ Email: See http://dmintzweb.com/whitelist.php first! "Y d?le p'abajo" Tito Rojas From agfische at email.smith.edu Mon Oct 6 17:13:16 2003 From: agfische at email.smith.edu (Aaron Fischer) Date: Mon, 6 Oct 2003 17:13:16 -0400 Subject: [nycphp-talk] Syntax question (was handling forms (relative newbie)) In-Reply-To: <3F81CDCF.5080500@nyphp.org> Message-ID: Thanks for all of the responses. I'm very happy I asked as I definitely DON'T want to develop bad habits that could potentially come back to torment me later! BTW, the book that I am using which gives the no quote examples is "Advanced PHP for the World Wide Web" by Larry Ullman, part of the Visual Quickpro series by Peachpit Press. Perhaps this was acceptable back when it was written (copyright 2002), as it is also using $HTTP_POST_VARS instead of $_POST? Hmm, the cover does say that it covers PHP versions 3 and 4... -Aaron On Monday, October 6, 2003, at 04:17 pm, Hans Zaunere wrote: > So yeah, don't ever do $_SESSION[first_name]; PHP is loosely typed > and forgiving - but don't take advantage of it too much, as it'll come > around and burn you some time :) > > H From shiflett at php.net Mon Oct 6 17:21:49 2003 From: shiflett at php.net (Chris Shiflett) Date: Mon, 6 Oct 2003 14:21:49 -0700 (PDT) Subject: [nycphp-talk] Syntax question (was handling forms (relative newbie)) In-Reply-To: Message-ID: <20031006212149.50035.qmail@web14309.mail.yahoo.com> --- David Mintz wrote: > I seem to recall in ancient times (4 years ago?) reading PHP > tutorials online that said, in substance, PHP is just great because > if you have a form element named "foo", then when the form is > submitted you automatically get its value available to you in $foo, > isn't that the coolest? Yes, that was the coolest. :-) It all has to do with perspective. If you go back five years ago or more, most people using PHP also have experience working with CGIs written in C or something like that. These people know *exactly* where and how they are getting data from the client. In fact, they know all too well and are wanting to get rid of some of the hassle. PHP takes away the hassle, freeing developers to focus on the business logic. This is very nice, but it is only nice because the developers are already experienced. They understand what PHP is doing for them. Now we have people who learn Web development with PHP. They have no previous experience. This is where the "problem" originates. PHP makes things so easy that it abstracts many of the details from you. The result is that developers have no idea where data is coming from or how. What makes this worse is that these developers often don't care. Security vulnerabilities spread like the plague... So, the PHP development team decides to make register_globals disabled by default. This won't solve these security vulnerabilities, but it does force developers to understand where data comes from and can save them from a few common errors. Now the problem is that php-general gets several questions a week that boil down to the same thing - register_globals is disabled, and the developer asking the question doesn't understand why $foo is empty. Unfortunately, a lot of people get tired of answering this same question (or begging the one asking the question to search the archives, where the question has been answered in great detail) and instruct the developer to enable register_globals. Of course, the types of people asking this question are exactly the ones who need to leave register_globals disabled and crank up their error reporting to the highest level. Security vulnerabilities continue to spread like the plague... That's a very abbreviated history from my perspective. Hopefully the next chapter will be better. :-) I should also mention that I develop with register_globals disabled, and I do not mean to suggest that experienced developers are immune from errors. I only mean to point out that the major problem with register_globals is a result of a new generation (Internet time moves quickly, you know) of developers who begin with PHP. Chris ===== My Blog http://shiflett.org/ HTTP Developer's Handbook http://httphandbook.org/ RAMP Training Courses http://www.nyphp.org/ramp From jonbaer at jonbaer.net Mon Oct 6 17:21:23 2003 From: jonbaer at jonbaer.net (jon baer) Date: Mon, 6 Oct 2003 17:21:23 -0400 Subject: [nycphp-talk] Polls w/ only text ... Message-ID: <00e601c38c4f$cfa1fa70$6700a8c0@thinkpad> before i started coding just thought id ask ... i have to do a survey which consists of questions that don't pertain to a static number of questions but rather like 30 text-based questions ... in order to get @ least statistics im thinking to do regex w/ an array/key tree + counter ... something like: if (array_key_exists($list, $text)) { $list[$text]++; } else { $list[] = $text; } id rather get the stats more accurate if its possible + was thinking of what other ways this could be accomplished easily in PHP. any insights on textual statitics w/ forms? - jon pgp key: http://www.jonbaer.net/jonbaer.asc fingerprint: F438 A47E C45E 8B27 F68C 1F9B 41DB DB8B 9A0C AF47 From soazine at pop.erols.com Mon Oct 6 18:11:39 2003 From: soazine at pop.erols.com (soazine at pop.erols.com) Date: Mon, 6 Oct 2003 18:11:39 -0400 Subject: [nycphp-talk] list() produces wrong values for variables when set from array Message-ID: <63340-220031016221139451@M2W070.mail2web.com> I am having to set up an HTML form page dynamically created by elements in a "glued" array, the same way I've done it in TCL before, except that I'd use a list instead of an array, but anyway.. Everything works until you get to the part where I am setting variables in the list() function if it flags to 'radio'; there every single variable is set to the wrong value! I have looked over my code now for a good hour and I can't find what I did wrong, so I am going to have to get a second pair of eyes to look at it and tell me what I missed. Thanx Phil -------------------------------------------------------------------- mail2web - Check your email from the web at http://mail2web.com/ . From jlacey at att.net Mon Oct 6 18:22:09 2003 From: jlacey at att.net (John Lacey) Date: Mon, 06 Oct 2003 16:22:09 -0600 Subject: [nycphp-talk] Syntax question (was handling forms (relative newbie)) In-Reply-To: References: Message-ID: <3F81EB11.8050209@att.net> Aaron Fischer wrote: > > BTW, the book that I am using which gives the no quote examples is > "Advanced PHP for the World Wide Web" by Larry Ullman, part of the > Visual Quickpro series by Peachpit Press. Perhaps this was acceptable > back when it was written (copyright 2002), as it is also using > $HTTP_POST_VARS instead of $_POST? Hmm, the cover does say that it > covers PHP versions 3 and 4... Larry Ullman has done a much better job with coding in his new book "PHP and MySQL for Dynamic Web Sites" (2003) John From tgales at tgaconnect.com Mon Oct 6 18:39:06 2003 From: tgales at tgaconnect.com (Tim Gales) Date: Mon, 6 Oct 2003 18:39:06 -0400 Subject: [nycphp-talk] Apache 2.0/Virtual Host with SSL In-Reply-To: <000801c38c1f$7d35d2a0$6501a8c0@EZDSDELL> Message-ID: <000401c38c5a$a6bdaea0$bf8d3818@OBERON1> Jeff, I was playing around with my apache (2.043) server on windows -- Starting it with different command switches Apache -t -D DUMP_VHOSTS showed me my virtual hosts Have you tried setting your LogLevel to info or debug To get more info in the error log? Just some thoughts.. T. Gales & Associates Helping People Connect with Technology http://www.tgaconnect.com -----Original Message----- From: talk-bounces at lists.nyphp.org [mailto:talk-bounces at lists.nyphp.org] On Behalf Of Jeff Siegel Sent: Monday, October 06, 2003 11:36 AM To: 'NYPHP Talk' Subject: RE: [nycphp-talk] Apache 2.0/Virtual Host with SSL I had tried adding in a virtual host with a specific port, namely, 443, but then realized there's more going on here that I realized and the docs aren't as clear as one might hope. Jeff -----Original Message----- From: talk-bounces at lists.nyphp.org [mailto:talk-bounces at lists.nyphp.org] On Behalf Of Hans Zaunere Sent: Monday, October 06, 2003 8:56 AM To: NYPHP Talk Subject: Re: [nycphp-talk] Apache 2.0/Virtual Host with SSL Jeff Siegel wrote: > Wondering how to handle the following problem. > > I installed Apache 2.0 using RH 9 (it comes bundled with PHP 4.2.2). > After setting up virtual hosts using that beautifully written article I > found at http://phundamentals.nyphp.org, I then tested some of my code > which redirects a user to an HTTPS connection. I keep getting an Err > 404. Thinking it might be the code I created two simple test pages: the > first page has a link to the second page. Here's the link: href="https://unap/test2.php">click me. Now, "unap" is a virtual > host on the server and all other links work correctly on the server but > not this one. *However*, if I change the link to a fixed IP address, > i.e., click me...it > works fine. It seems, then, there is an Apache configuration that I'm > missing. Hopefully someone can point me in the right direction. It looks like a configuration issue with ssl/apache. Basically, an SSL server can be seperate from a non-SSL server. It's generaly just another virtual host (based on port), with it's own document root, permissions, directives, etc. I'm not sure of the default httpd.conf that RH 9 uses, but I have a feeling this is the case. You have to make sure that either: 1) the two vhosts overlap, considering that name based and "SSL based" vhosts can be independant, or 2) that you're not letting Apache fallback to a default vhost (ie, the main server). Also keep in mind the ordering of vhost directives, and the document roots of each - if a request doesn't match a named host, AND the fact that it's either SSL or not, the request will fall back to the main server. Hope that doesn't confuse too much :) Hans ------------------------------- Try the new NYPHP Forums Today! http://forums.nyphp.org _______________________________________________ talk mailing list talk at lists.nyphp.org http://lists.nyphp.org/mailman/listinfo/talk _______________________________________________ talk mailing list talk at lists.nyphp.org http://lists.nyphp.org/mailman/listinfo/talk From delta at rochester.rr.com Mon Oct 6 21:32:13 2003 From: delta at rochester.rr.com (deedee) Date: Mon, 6 Oct 2003 21:32:13 -0400 Subject: [nycphp-talk] Apache 2.0/Virtual Host with SSL References: <000901c38c1f$7efd2520$6501a8c0@EZDSDELL> Message-ID: <008f01c38c72$d5ba90c0$fc00fe0a@KEITZWS2> jeff, "name based virtual hosts dont work with ssl because of the nature of the ssl protocol" as quoted from http://httpd.apache.org/docs-2.0/vhosts/ therefore, you could get this working much 'easier' with ip-based virtual hosts. each virtual host will require its own ip address. however in efforts to give you a heads up, you should take a look at your ssl.conf file; i believe you'll need to add your virtual hosts in that file to actually get ssl working. the default server is all that is defined initially. using https and ssl requires certificates....you'll probably want to set up a separate certificate for each virtual host. good luck with this one. deedee ----- Original Message ----- From: "Jeff Siegel" To: ; "'NYPHP Talk'" Sent: Monday, October 06, 2003 11:35 AM Subject: RE: [nycphp-talk] Apache 2.0/Virtual Host with SSL > An IP address. Below is the relevant section of httpd.conf. > > NameVirtualHost 192.168.1.112:80 > > > DocumentRoot /var/www/html > ServerName linux2 > > > DocumentRoot /var/www/html/unap > ServerName unap > > > DocumentRoot /var/www/html/jeff > ServerName myproj2 > > > -----Original Message----- > From: talk-bounces at lists.nyphp.org [mailto:talk-bounces at lists.nyphp.org] > On Behalf Of Tim Gales > Sent: Monday, October 06, 2003 9:39 AM > To: 'NYPHP Talk' > Subject: RE: [nycphp-talk] Apache 2.0/Virtual Host with SSL > > > Jeff, > > The NameVirtualHost directive can be either an ip address or > a domain name > > Which one is yours? > > > > T. Gales & Associates > Helping People Connect with Technology > http://www.tgaconnect.com > > -----Original Message----- > From: talk-bounces at lists.nyphp.org > [mailto:talk-bounces at lists.nyphp.org] On Behalf Of Jeff > Siegel > Sent: Monday, October 06, 2003 9:21 AM > To: 'NYPHP Talk' > Subject: [nycphp-talk] Apache 2.0/Virtual Host with SSL > > Wondering how to handle the following problem. > > I installed Apache 2.0 using RH 9 (it comes bundled with PHP > 4.2.2). > After setting up virtual hosts using that beautifully > written article I > found at http://phundamentals.nyphp.org, I then tested some > of my code > which redirects a user to an HTTPS connection. I keep > getting an Err > 404. Thinking it might be the code I created two simple test > pages: the > first page has a link to the second page. Here's the link: > href="https://unap/test2.php">click me. Now, "unap" is a > virtual > host on the server and all other links work correctly on the > server but > not this one. *However*, if I change the link to a fixed IP > address, > i.e., click > me...it > works fine. It seems, then, there is an Apache configuration > that I'm > missing. Hopefully someone can point me in the right > direction. > > Jeff Siegel > > _______________________________________________ > talk mailing list > talk at lists.nyphp.org > http://lists.nyphp.org/mailman/listinfo/talk > > _______________________________________________ > talk mailing list > talk at lists.nyphp.org > http://lists.nyphp.org/mailman/listinfo/talk > > _______________________________________________ > talk mailing list > talk at lists.nyphp.org > http://lists.nyphp.org/mailman/listinfo/talk > From danielc at analysisandsolutions.com Mon Oct 6 22:12:46 2003 From: danielc at analysisandsolutions.com (Analysis & Solutions) Date: Mon, 6 Oct 2003 22:12:46 -0400 Subject: [nycphp-talk] php in security focus #217 Message-ID: <20031007021246.GA20861@panix.com> ----------------------------- SecurityFocus Newsletter #217 ----------------------------- Server Stuff ------------ Apache2 MOD_CGI STDERR Denial Of Service Vulnerability http://www.securityfocus.com/bid/8725 OpenSSL ASN.1 Parsing Vulnerabilities http://www.securityfocus.com/bid/8732 OpenSSL SSLv2 Client_Master_Key Remote Denial Of Service Vul... http://www.securityfocus.com/bid/8746 PHP Stuff --------- GuppY HTML Injection Vulnerability http://www.securityfocus.com/bid/8717 Multiple Geeklog Vulnerabilities http://www.securityfocus.com/bid/8718 Invision Power Board Insecure Permissions Vulnerability http://www.securityfocus.com/bid/8737 Multiple DCP-Portal SQL Injection Vulnerabilities http://www.securityfocus.com/bid/8739 -- FREE scripts that make web and database programming easier http://www.analysisandsolutions.com/software/ T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y 4015 7th Ave #4AJ, Brooklyn NY v: 718-854-0335 f: 718-854-0409 From soazine at erols.com Mon Oct 6 23:55:50 2003 From: soazine at erols.com (Phil Powell) Date: Mon, 6 Oct 2003 23:55:50 -0400 Subject: [nycphp-talk] mySQL 3.23.41 SELECT syntax to get MAX(revenue) < 8411 Message-ID: <0a4201c38c86$e70003b0$67a76244@philofsoa> Before I go any further, allow me to show you the list of URLs and newsgroups I researched before posting this: http://www.zend.com/htsearch.php?config=&words=mySQL+having+max+select+single-row&method=and&format=long&sort=score http://www.mysql.com/doc/en/SELECT.html http://www.google.com/custom?q=mysql+having+max+single+row&sa=Google+Search&cof=LW%3A125%3BL%3Ahttp%3A%2F%2Fnyphp.org%2Fimg%2Fnyphp.logo.gif%3BLH%3A91%3BAH%3Aleft%3BS%3Ahttp%3A%2F%2Fnyphp.org%3BAWFID%3Af52dcf93f3c7bdad%3B&domains=nyphp.org%3Blists.nyphp.org&sitesearch=nyphp.org http://www.google.com/custom?q=mysql+having+max+single+row&sa=Google+Search&cof=LW%3A125%3BL%3Ahttp%3A%2F%2Fnyphp.org%2Fimg%2Fnyphp.logo.gif%3BLH%3A91%3BAH%3Aleft%3BS%3Ahttp%3A%2F%2Fnyphp.org%3BAWFID%3Af52dcf93f3c7bdad%3B&domains=nyphp.org%3Blists.nyphp.org&sitesearch=lists.nyphp.org http://www.phpbuilder.com/search/?sort=Score&method=and&config=manual&restrict=&exclude=&words=mysql+having+max+single+row http://www.phpfreaks.com/mysqlmanual/page/manual_Reference.html#SELECT comp.lang.php alt.php mysql.users Unfortunately, either due to an oversight on my part or due to not addressing this I have not found any solution to this (also posted to experts-exchange.com, to no avail). I want to select the max(revenue) from bonus where revenue < 8411. Here is the query I tried: select revenue, bonus from bonuses where revenue < 8411 having max(revenue) < 8411 This produces no results, so, not understanding honestly (even after reading mysql.com ' s tutorials on WHERE vs HAVING), I used my "hammer-peg-into-hole" comprehension process and kept at it: select revenue, bonuses from bonuses having max(revenue) < 8411 This produces too many results when I only need one. I need to come up with a clean DB solution to this and I at this point just don't know what I would need to do to do it, sorry, I hope this is the best possible approach to the problem. My last hurdle toward getting the shopping cart completed - I could have it all done tonight! Phil -------------- next part -------------- An HTML attachment was scrubbed... URL: From soazine at erols.com Tue Oct 7 00:06:54 2003 From: soazine at erols.com (Phil Powell) Date: Tue, 7 Oct 2003 00:06:54 -0400 Subject: [nycphp-talk] mySQL 3.23.41 SELECT syntax to get MAX(revenue) < 8411 References: <0a4201c38c86$e70003b0$67a76244@philofsoa> <6.0.0.22.0.20031007000301.02419c40@mail.thesafrans.com> Message-ID: <0a8901c38c88$71fef100$67a76244@philofsoa> Oh crap the solution was so horrifically easy I would never have THOUGHT of that! Thanx Phil ----- Original Message ----- From: "Richard Safran" To: "Phil Powell" Sent: Tuesday, October 07, 2003 12:05 AM Subject: Re: [nycphp-talk] mySQL 3.23.41 SELECT syntax to get MAX(revenue) < 8411 > At 11:55 PM 10/6/2003, you wrote: > >"Phil Powell" > > SELECT revenue,bonus from bonuses where revenue < 8411 order by revenue > desc limit 1 > > > From henry at beewh.com Mon Oct 6 23:08:38 2003 From: henry at beewh.com (Henry Ponce) Date: Tue, 7 Oct 2003 00:08:38 -0300 Subject: [nycphp-talk] mySQL 3.23.41 SELECT syntax to get MAX(revenue) < 8411 In-Reply-To: <0a4201c38c86$e70003b0$67a76244@philofsoa> References: <0a4201c38c86$e70003b0$67a76244@philofsoa> Message-ID: <200310070008.38522.henry@beewh.com> try this: select revenue, bonuses from bonuses group by some_field having max(revenue)< 8411 ps: some_field should be replaced by the proper field that you choose to use. hope it helps. -- An. Henry Ponce Linux Registered User # 303567 NYC From adam at trachtenberg.com Tue Oct 7 00:59:08 2003 From: adam at trachtenberg.com (Adam Maccabee Trachtenberg) Date: Tue, 7 Oct 2003 00:59:08 -0400 (EDT) Subject: [nycphp-talk] mySQL 3.23.41 SELECT syntax to get MAX(revenue) < 8411 In-Reply-To: <0a4201c38c86$e70003b0$67a76244@philofsoa> Message-ID: On Mon, 6 Oct 2003, Phil Powell wrote: > I want to select the max(revenue) from bonus where revenue < 8411. > Here is the query I tried: > > select revenue, bonus > from bonuses > where revenue < 8411 > having max(revenue) < 8411 > > This produces no results, so, not understanding honestly (even after > reading mysql.com ' s tutorials on WHERE vs HAVING), I used my > "hammer-peg-into-hole" comprehension process and kept at it: You use WHERE when you want to place restrictions upon your query based on upon information already in the table. You use HAVING when you need to restrict based upon the results of an aggregate function (like count() and average()) and a GROUP BY clause. While max() is an aggregate function, you don't really want to use HAVING here; in fact, it doesn't make any sense at all. That's SQL-specific, not MySQL. A good example of when to use HAVING is something like this: You have a table containing order, item, and price. (You can have multiple items in an order.) To find all the items for a specific order: SELECT * FROM sales WHERE order = $order; To find the total sales for each order: SELECT SUM(price) AS total FROM sales GROUP BY order; To find only the orders with total sales of $50 or more: SELECT SUM(price) AS total FROM sales GROUP BY order HAVING total >= 50; You can't do a WHERE here, since total is not a column in any particular row. And you don't want to only have items with price >= 50, since 2 $25 items in one order still give you a $50 total. -adam -- adam at trachtenberg.com author of o'reilly's php cookbook avoid the holiday rush, buy your copy today! From dan at mx2pro.com Tue Oct 7 11:43:28 2003 From: dan at mx2pro.com (Dan Horning) Date: Tue, 7 Oct 2003 11:43:28 -0400 Subject: [nycphp-talk] Talk test - ignore Message-ID: <20031007154330.9A6DDA8759@virtu.nyphp.org> - Dan Horning 1-866-284-3150 (Toll-Free) President: Technical Evangelism & Media Systems Administration MX2 Productions Media from concept to execution. From jsiegel1 at optonline.net Tue Oct 7 12:52:37 2003 From: jsiegel1 at optonline.net (Jeff Siegel) Date: Tue, 07 Oct 2003 12:52:37 -0400 Subject: [nycphp-talk] Apache 2.0/Virtual Host with SSL In-Reply-To: <20031006180213.EEBCFA85ED@virtu.nyphp.org> Message-ID: <000001c38cf3$69c22aa0$6501a8c0@EZDSDELL> The hosts file has been modified (running Win XP). -----Original Message----- From: talk-bounces at lists.nyphp.org [mailto:talk-bounces at lists.nyphp.org] On Behalf Of Dan Horning Sent: Monday, October 06, 2003 1:02 PM To: 'NYPHP Talk' Subject: RE: [nycphp-talk] Apache 2.0/Virtual Host with SSL What cpu are you using to connect to your internal network server? If you haven't setup those hostnames in your hosts file... They aren't going to connect - Dan Horning 1-866-284-3150 (Toll-Free) President: Technical Evangelism & Media Systems Administration MX2 Productions Media from concept to execution. > -----Original Message----- > From: talk-bounces at lists.nyphp.org > [mailto:talk-bounces at lists.nyphp.org] On Behalf Of Jeff Siegel > Sent: Monday, October 06, 2003 11:36 AM > To: tgales at tgaconnect.com; 'NYPHP Talk' > Subject: RE: [nycphp-talk] Apache 2.0/Virtual Host with SSL > > An IP address. Below is the relevant section of httpd.conf. > > NameVirtualHost 192.168.1.112:80 > > > DocumentRoot /var/www/html > ServerName linux2 > > > DocumentRoot /var/www/html/unap > ServerName unap > > > DocumentRoot /var/www/html/jeff > ServerName myproj2 > > > -----Original Message----- > From: talk-bounces at lists.nyphp.org > [mailto:talk-bounces at lists.nyphp.org] > On Behalf Of Tim Gales > Sent: Monday, October 06, 2003 9:39 AM > To: 'NYPHP Talk' > Subject: RE: [nycphp-talk] Apache 2.0/Virtual Host with SSL > > > Jeff, > > The NameVirtualHost directive can be either an ip address or > a domain name > > Which one is yours? > > > > T. Gales & Associates > Helping People Connect with Technology > http://www.tgaconnect.com > > -----Original Message----- > From: talk-bounces at lists.nyphp.org > [mailto:talk-bounces at lists.nyphp.org] On Behalf Of Jeff > Siegel > Sent: Monday, October 06, 2003 9:21 AM > To: 'NYPHP Talk' > Subject: [nycphp-talk] Apache 2.0/Virtual Host with SSL > > Wondering how to handle the following problem. > > I installed Apache 2.0 using RH 9 (it comes bundled with PHP > 4.2.2). > After setting up virtual hosts using that beautifully > written article I > found at http://phundamentals.nyphp.org, I then tested some > of my code > which redirects a user to an HTTPS connection. I keep > getting an Err > 404. Thinking it might be the code I created two simple test > pages: the > first page has a link to the second page. Here's the link: > href="https://unap/test2.php">click me. Now, "unap" is a > virtual > host on the server and all other links work correctly on the > server but > not this one. *However*, if I change the link to a fixed IP > address, > i.e., click > me...it > works fine. It seems, then, there is an Apache configuration > that I'm > missing. Hopefully someone can point me in the right > direction. > > Jeff Siegel > > _______________________________________________ > talk mailing list > talk at lists.nyphp.org > http://lists.nyphp.org/mailman/listinfo/talk > > _______________________________________________ > talk mailing list > talk at lists.nyphp.org > http://lists.nyphp.org/mailman/listinfo/talk > > _______________________________________________ > talk mailing list > talk at lists.nyphp.org > http://lists.nyphp.org/mailman/listinfo/talk > _______________________________________________ talk mailing list talk at lists.nyphp.org http://lists.nyphp.org/mailman/listinfo/talk From jsiegel1 at optonline.net Wed Oct 8 06:46:23 2003 From: jsiegel1 at optonline.net (Jeff Siegel) Date: Wed, 08 Oct 2003 06:46:23 -0400 Subject: [nycphp-talk] Apache 2.0/Virtual Host with SSL In-Reply-To: <008f01c38c72$d5ba90c0$fc00fe0a@KEITZWS2> Message-ID: <000c01c38d89$78de33d0$6501a8c0@EZDSDELL> Thanks for pointing this out. This issue will obviously require more investigation. Jeff -----Original Message----- From: talk-bounces at lists.nyphp.org [mailto:talk-bounces at lists.nyphp.org] On Behalf Of deedee Sent: Monday, October 06, 2003 8:32 PM To: NYPHP Talk Subject: Re: [nycphp-talk] Apache 2.0/Virtual Host with SSL jeff, "name based virtual hosts dont work with ssl because of the nature of the ssl protocol" as quoted from http://httpd.apache.org/docs-2.0/vhosts/ therefore, you could get this working much 'easier' with ip-based virtual hosts. each virtual host will require its own ip address. however in efforts to give you a heads up, you should take a look at your ssl.conf file; i believe you'll need to add your virtual hosts in that file to actually get ssl working. the default server is all that is defined initially. using https and ssl requires certificates....you'll probably want to set up a separate certificate for each virtual host. good luck with this one. deedee ----- Original Message ----- From: "Jeff Siegel" To: ; "'NYPHP Talk'" Sent: Monday, October 06, 2003 11:35 AM Subject: RE: [nycphp-talk] Apache 2.0/Virtual Host with SSL > An IP address. Below is the relevant section of httpd.conf. > > NameVirtualHost 192.168.1.112:80 > > > DocumentRoot /var/www/html > ServerName linux2 > > > DocumentRoot /var/www/html/unap > ServerName unap > > > DocumentRoot /var/www/html/jeff > ServerName myproj2 > > > -----Original Message----- > From: talk-bounces at lists.nyphp.org [mailto:talk-bounces at lists.nyphp.org] > On Behalf Of Tim Gales > Sent: Monday, October 06, 2003 9:39 AM > To: 'NYPHP Talk' > Subject: RE: [nycphp-talk] Apache 2.0/Virtual Host with SSL > > > Jeff, > > The NameVirtualHost directive can be either an ip address or > a domain name > > Which one is yours? > > > > T. Gales & Associates > Helping People Connect with Technology > http://www.tgaconnect.com > > -----Original Message----- > From: talk-bounces at lists.nyphp.org > [mailto:talk-bounces at lists.nyphp.org] On Behalf Of Jeff > Siegel > Sent: Monday, October 06, 2003 9:21 AM > To: 'NYPHP Talk' > Subject: [nycphp-talk] Apache 2.0/Virtual Host with SSL > > Wondering how to handle the following problem. > > I installed Apache 2.0 using RH 9 (it comes bundled with PHP > 4.2.2). > After setting up virtual hosts using that beautifully > written article I > found at http://phundamentals.nyphp.org, I then tested some > of my code > which redirects a user to an HTTPS connection. I keep > getting an Err > 404. Thinking it might be the code I created two simple test > pages: the > first page has a link to the second page. Here's the link: > href="https://unap/test2.php">click me. Now, "unap" is a > virtual > host on the server and all other links work correctly on the > server but > not this one. *However*, if I change the link to a fixed IP > address, > i.e., click > me...it > works fine. It seems, then, there is an Apache configuration > that I'm > missing. Hopefully someone can point me in the right > direction. > > Jeff Siegel > > _______________________________________________ > talk mailing list > talk at lists.nyphp.org > http://lists.nyphp.org/mailman/listinfo/talk > > _______________________________________________ > talk mailing list > talk at lists.nyphp.org > http://lists.nyphp.org/mailman/listinfo/talk > > _______________________________________________ > talk mailing list > talk at lists.nyphp.org > http://lists.nyphp.org/mailman/listinfo/talk > _______________________________________________ talk mailing list talk at lists.nyphp.org http://lists.nyphp.org/mailman/listinfo/talk From hans at nyphp.org Wed Oct 8 10:49:24 2003 From: hans at nyphp.org (Hans Zaunere) Date: Wed, 08 Oct 2003 10:49:24 -0400 Subject: [nycphp-talk] Oracle and PHP Message-ID: <3F8423F4.7090408@nyphp.org> AOP Technology? POA? http://otn.oracle.com/tech/opensource/index.html Never a dull day. H From tgales at tgaconnect.com Wed Oct 8 11:14:52 2003 From: tgales at tgaconnect.com (Tim Gales) Date: Wed, 8 Oct 2003 11:14:52 -0400 Subject: [nycphp-talk] Apache 2.0/Virtual Host with SSL In-Reply-To: <000c01c38d89$78de33d0$6501a8c0@EZDSDELL> Message-ID: <000401c38dae$ecd7d6e0$bf8d3818@OBERON1> Jeff, There a guy who says: 3) It is possible to have multiple Name Based Virtual Hosts plus a single SSL Name Based Virtual Host on a single IP, despite what it says in the mod_ssl faq. I can give the details on request. Find out more by looking here: http://forums.devshed.com/t59482/s.html T. Gales & Associates Helping People Connect with Technology http://www.tgaconnect.com -----Original Message----- From: talk-bounces at lists.nyphp.org [mailto:talk-bounces at lists.nyphp.org] On Behalf Of Jeff Siegel Sent: Wednesday, October 08, 2003 6:46 AM To: 'NYPHP Talk' Subject: RE: [nycphp-talk] Apache 2.0/Virtual Host with SSL Thanks for pointing this out. This issue will obviously require more investigation. Jeff -----Original Message----- From: talk-bounces at lists.nyphp.org [mailto:talk-bounces at lists.nyphp.org] On Behalf Of deedee Sent: Monday, October 06, 2003 8:32 PM To: NYPHP Talk Subject: Re: [nycphp-talk] Apache 2.0/Virtual Host with SSL jeff, "name based virtual hosts dont work with ssl because of the nature of the ssl protocol" as quoted from http://httpd.apache.org/docs-2.0/vhosts/ therefore, you could get this working much 'easier' with ip-based virtual hosts. each virtual host will require its own ip address. however in efforts to give you a heads up, you should take a look at your ssl.conf file; i believe you'll need to add your virtual hosts in that file to actually get ssl working. the default server is all that is defined initially. using https and ssl requires certificates....you'll probably want to set up a separate certificate for each virtual host. good luck with this one. deedee ----- Original Message ----- From: "Jeff Siegel" To: ; "'NYPHP Talk'" Sent: Monday, October 06, 2003 11:35 AM Subject: RE: [nycphp-talk] Apache 2.0/Virtual Host with SSL > An IP address. Below is the relevant section of httpd.conf. > > NameVirtualHost 192.168.1.112:80 > > > DocumentRoot /var/www/html > ServerName linux2 > > > DocumentRoot /var/www/html/unap > ServerName unap > > > DocumentRoot /var/www/html/jeff > ServerName myproj2 > > > -----Original Message----- > From: talk-bounces at lists.nyphp.org [mailto:talk-bounces at lists.nyphp.org] > On Behalf Of Tim Gales > Sent: Monday, October 06, 2003 9:39 AM > To: 'NYPHP Talk' > Subject: RE: [nycphp-talk] Apache 2.0/Virtual Host with SSL > > > Jeff, > > The NameVirtualHost directive can be either an ip address or > a domain name > > Which one is yours? > > > > T. Gales & Associates > Helping People Connect with Technology > http://www.tgaconnect.com > > -----Original Message----- > From: talk-bounces at lists.nyphp.org > [mailto:talk-bounces at lists.nyphp.org] On Behalf Of Jeff > Siegel > Sent: Monday, October 06, 2003 9:21 AM > To: 'NYPHP Talk' > Subject: [nycphp-talk] Apache 2.0/Virtual Host with SSL > > Wondering how to handle the following problem. > > I installed Apache 2.0 using RH 9 (it comes bundled with PHP > 4.2.2). > After setting up virtual hosts using that beautifully > written article I > found at http://phundamentals.nyphp.org, I then tested some > of my code > which redirects a user to an HTTPS connection. I keep > getting an Err > 404. Thinking it might be the code I created two simple test > pages: the > first page has a link to the second page. Here's the link: > href="https://unap/test2.php">click me. Now, "unap" is a > virtual > host on the server and all other links work correctly on the > server but > not this one. *However*, if I change the link to a fixed IP > address, > i.e., click > me...it > works fine. It seems, then, there is an Apache configuration > that I'm > missing. Hopefully someone can point me in the right > direction. > > Jeff Siegel > > _______________________________________________ > talk mailing list > talk at lists.nyphp.org > http://lists.nyphp.org/mailman/listinfo/talk > > _______________________________________________ > talk mailing list > talk at lists.nyphp.org > http://lists.nyphp.org/mailman/listinfo/talk > > _______________________________________________ > talk mailing list > talk at lists.nyphp.org > http://lists.nyphp.org/mailman/listinfo/talk > _______________________________________________ talk mailing list talk at lists.nyphp.org http://lists.nyphp.org/mailman/listinfo/talk _______________________________________________ talk mailing list talk at lists.nyphp.org http://lists.nyphp.org/mailman/listinfo/talk From jsiegel1 at optonline.net Wed Oct 8 12:23:37 2003 From: jsiegel1 at optonline.net (Jeff Siegel) Date: Wed, 08 Oct 2003 12:23:37 -0400 Subject: [nycphp-talk] Apache 2.0/Virtual Host with SSL In-Reply-To: <000401c38dae$ecd7d6e0$bf8d3818@OBERON1> Message-ID: <003501c38db8$9184bc40$6501a8c0@EZDSDELL> Thanks so much for tracking this down. Is it my imagination but the "details" on how it is done is not there? If you've got the details, pass 'em along! I'm sure there are others that would be interested in this. Jeff Siegel -----Original Message----- From: talk-bounces at lists.nyphp.org [mailto:talk-bounces at lists.nyphp.org] On Behalf Of Tim Gales Sent: Wednesday, October 08, 2003 10:15 AM To: 'NYPHP Talk' Subject: RE: [nycphp-talk] Apache 2.0/Virtual Host with SSL Jeff, There a guy who says: 3) It is possible to have multiple Name Based Virtual Hosts plus a single SSL Name Based Virtual Host on a single IP, despite what it says in the mod_ssl faq. I can give the details on request. Find out more by looking here: http://forums.devshed.com/t59482/s.html T. Gales & Associates Helping People Connect with Technology http://www.tgaconnect.com -----Original Message----- From: talk-bounces at lists.nyphp.org [mailto:talk-bounces at lists.nyphp.org] On Behalf Of Jeff Siegel Sent: Wednesday, October 08, 2003 6:46 AM To: 'NYPHP Talk' Subject: RE: [nycphp-talk] Apache 2.0/Virtual Host with SSL Thanks for pointing this out. This issue will obviously require more investigation. Jeff -----Original Message----- From: talk-bounces at lists.nyphp.org [mailto:talk-bounces at lists.nyphp.org] On Behalf Of deedee Sent: Monday, October 06, 2003 8:32 PM To: NYPHP Talk Subject: Re: [nycphp-talk] Apache 2.0/Virtual Host with SSL jeff, "name based virtual hosts dont work with ssl because of the nature of the ssl protocol" as quoted from http://httpd.apache.org/docs-2.0/vhosts/ therefore, you could get this working much 'easier' with ip-based virtual hosts. each virtual host will require its own ip address. however in efforts to give you a heads up, you should take a look at your ssl.conf file; i believe you'll need to add your virtual hosts in that file to actually get ssl working. the default server is all that is defined initially. using https and ssl requires certificates....you'll probably want to set up a separate certificate for each virtual host. good luck with this one. deedee ----- Original Message ----- From: "Jeff Siegel" To: ; "'NYPHP Talk'" Sent: Monday, October 06, 2003 11:35 AM Subject: RE: [nycphp-talk] Apache 2.0/Virtual Host with SSL > An IP address. Below is the relevant section of httpd.conf. > > NameVirtualHost 192.168.1.112:80 > > > DocumentRoot /var/www/html > ServerName linux2 > > > DocumentRoot /var/www/html/unap > ServerName unap > > > DocumentRoot /var/www/html/jeff > ServerName myproj2 > > > -----Original Message----- > From: talk-bounces at lists.nyphp.org [mailto:talk-bounces at lists.nyphp.org] > On Behalf Of Tim Gales > Sent: Monday, October 06, 2003 9:39 AM > To: 'NYPHP Talk' > Subject: RE: [nycphp-talk] Apache 2.0/Virtual Host with SSL > > > Jeff, > > The NameVirtualHost directive can be either an ip address or > a domain name > > Which one is yours? > > > > T. Gales & Associates > Helping People Connect with Technology > http://www.tgaconnect.com > > -----Original Message----- > From: talk-bounces at lists.nyphp.org > [mailto:talk-bounces at lists.nyphp.org] On Behalf Of Jeff > Siegel > Sent: Monday, October 06, 2003 9:21 AM > To: 'NYPHP Talk' > Subject: [nycphp-talk] Apache 2.0/Virtual Host with SSL > > Wondering how to handle the following problem. > > I installed Apache 2.0 using RH 9 (it comes bundled with PHP > 4.2.2). > After setting up virtual hosts using that beautifully > written article I > found at http://phundamentals.nyphp.org, I then tested some > of my code > which redirects a user to an HTTPS connection. I keep > getting an Err > 404. Thinking it might be the code I created two simple test > pages: the > first page has a link to the second page. Here's the link: > href="https://unap/test2.php">click me. Now, "unap" is a > virtual > host on the server and all other links work correctly on the > server but > not this one. *However*, if I change the link to a fixed IP > address, > i.e., click > me...it > works fine. It seems, then, there is an Apache configuration > that I'm > missing. Hopefully someone can point me in the right > direction. > > Jeff Siegel > > _______________________________________________ > talk mailing list > talk at lists.nyphp.org > http://lists.nyphp.org/mailman/listinfo/talk > > _______________________________________________ > talk mailing list > talk at lists.nyphp.org > http://lists.nyphp.org/mailman/listinfo/talk > > _______________________________________________ > talk mailing list > talk at lists.nyphp.org > http://lists.nyphp.org/mailman/listinfo/talk > _______________________________________________ talk mailing list talk at lists.nyphp.org http://lists.nyphp.org/mailman/listinfo/talk _______________________________________________ talk mailing list talk at lists.nyphp.org http://lists.nyphp.org/mailman/listinfo/talk _______________________________________________ talk mailing list talk at lists.nyphp.org http://lists.nyphp.org/mailman/listinfo/talk From dan at cain.sh Wed Oct 8 12:51:23 2003 From: dan at cain.sh (Daniel J Cain Jr.) Date: Wed, 08 Oct 2003 16:51:23 -0000 Subject: [nycphp-talk] Apache 2.0/Virtual Host with SSL In-Reply-To: <000401c38dae$ecd7d6e0$bf8d3818@OBERON1> References: <000401c38dae$ecd7d6e0$bf8d3818@OBERON1> Message-ID: <1065631876.78887.16.camel@localhost> On Wed, 2003-10-08 at 10:14, Tim Gales wrote: > Jeff, > > There a guy who says: > 3) It is possible to have multiple Name Based Virtual Hosts > plus a single SSL Name Based Virtual Host on a single IP, > despite what it says in the mod_ssl faq. I can give the > details on request. It is impossible to have more than one SSL enabled site on a single IP without using an external device to hold multiple IP's and forward to a single IP but on different ports. What I am trying to say is that these cannot be hosted on a single IP (but one could be): https://www.example1.com https://www.example2.com https://www.example3.com You can have multiple virtual hosts that use http and a single https virtual host all on a single IP though. This is possible: https://secure.hosting.com http://www.example1.com http://www.example2.com http://www.example3.com The reason (unless something major has changed in the TCP/IP world) is that SSL happens at a lower level in the TCP/IP protocol stack than the browser sending over what site it is looking for. If someone can prove me wrong please provide details I would LOVE for it to be possible and it has been over a year since I have needed to implement something like this. From tgales at tgaconnect.com Wed Oct 8 14:24:43 2003 From: tgales at tgaconnect.com (Tim Gales) Date: Wed, 8 Oct 2003 14:24:43 -0400 Subject: [nycphp-talk] Apache 2.0/Virtual Host with SSL In-Reply-To: <1065631876.78887.16.camel@localhost> Message-ID: <000001c38dc9$726d3b50$bf8d3818@OBERON1> >From the original message: "the first page has a link to the second page. Here's the link: click me. "unap" is a virtual host on the server and all other links work correctly on the server but not this one. *However*, if I change the link to a fixed IP address, i.e., click me...it works fine. I don't think he's trying to have multiple ssl virtual hosts -- I think he just wants the the one he was to work "name based". I feel a little guilty about sending the message about that link because, like you, I don't think it's possible. And I would not want to send anyone on a wild goose chase. But hey, you never know it might help... T. Gales & Associates Helping People Connect with Technology http://www.tgaconnect.com -----Original Message----- From: talk-bounces at lists.nyphp.org [mailto:talk-bounces at lists.nyphp.org] On Behalf Of Daniel J Cain Jr. Sent: Wednesday, October 08, 2003 12:51 PM To: NYPHP Talk Subject: RE: [nycphp-talk] Apache 2.0/Virtual Host with SSL On Wed, 2003-10-08 at 10:14, Tim Gales wrote: > Jeff, > > There a guy who says: > 3) It is possible to have multiple Name Based Virtual Hosts > plus a single SSL Name Based Virtual Host on a single IP, > despite what it says in the mod_ssl faq. I can give the > details on request. It is impossible to have more than one SSL enabled site on a single IP without using an external device to hold multiple IP's and forward to a single IP but on different ports. What I am trying to say is that these cannot be hosted on a single IP (but one could be): https://www.example1.com https://www.example2.com https://www.example3.com You can have multiple virtual hosts that use http and a single https virtual host all on a single IP though. This is possible: https://secure.hosting.com http://www.example1.com http://www.example2.com http://www.example3.com The reason (unless something major has changed in the TCP/IP world) is that SSL happens at a lower level in the TCP/IP protocol stack than the browser sending over what site it is looking for. If someone can prove me wrong please provide details I would LOVE for it to be possible and it has been over a year since I have needed to implement something like this. _______________________________________________ talk mailing list talk at lists.nyphp.org http://lists.nyphp.org/mailman/listinfo/talk From jsiegel1 at optonline.net Wed Oct 8 17:07:35 2003 From: jsiegel1 at optonline.net (Jeff Siegel) Date: Wed, 08 Oct 2003 17:07:35 -0400 Subject: [nycphp-talk] Apache 2.0/Virtual Host with SSL In-Reply-To: <000001c38dc9$726d3b50$bf8d3818@OBERON1> Message-ID: <002e01c38de0$32c9c2e0$6501a8c0@EZDSDELL> Just to clarify...it was a single SSL virtual host. And the Apache docs *do* say it ain't do-able. So...I'm looking into IP aliasing as the "solution" and then change httpd.conf to do IP-based virtual hosts. Jeff Siegel -----Original Message----- From: talk-bounces at lists.nyphp.org [mailto:talk-bounces at lists.nyphp.org] On Behalf Of Tim Gales Sent: Wednesday, October 08, 2003 1:25 PM To: 'NYPHP Talk' Subject: RE: [nycphp-talk] Apache 2.0/Virtual Host with SSL >From the original message: "the first page has a link to the second page. Here's the link: click me. "unap" is a virtual host on the server and all other links work correctly on the server but not this one. *However*, if I change the link to a fixed IP address, i.e., click me...it works fine. I don't think he's trying to have multiple ssl virtual hosts -- I think he just wants the the one he was to work "name based". I feel a little guilty about sending the message about that link because, like you, I don't think it's possible. And I would not want to send anyone on a wild goose chase. But hey, you never know it might help... T. Gales & Associates Helping People Connect with Technology http://www.tgaconnect.com -----Original Message----- From: talk-bounces at lists.nyphp.org [mailto:talk-bounces at lists.nyphp.org] On Behalf Of Daniel J Cain Jr. Sent: Wednesday, October 08, 2003 12:51 PM To: NYPHP Talk Subject: RE: [nycphp-talk] Apache 2.0/Virtual Host with SSL On Wed, 2003-10-08 at 10:14, Tim Gales wrote: > Jeff, > > There a guy who says: > 3) It is possible to have multiple Name Based Virtual Hosts > plus a single SSL Name Based Virtual Host on a single IP, > despite what it says in the mod_ssl faq. I can give the > details on request. It is impossible to have more than one SSL enabled site on a single IP without using an external device to hold multiple IP's and forward to a single IP but on different ports. What I am trying to say is that these cannot be hosted on a single IP (but one could be): https://www.example1.com https://www.example2.com https://www.example3.com You can have multiple virtual hosts that use http and a single https virtual host all on a single IP though. This is possible: https://secure.hosting.com http://www.example1.com http://www.example2.com http://www.example3.com The reason (unless something major has changed in the TCP/IP world) is that SSL happens at a lower level in the TCP/IP protocol stack than the browser sending over what site it is looking for. If someone can prove me wrong please provide details I would LOVE for it to be possible and it has been over a year since I have needed to implement something like this. _______________________________________________ talk mailing list talk at lists.nyphp.org http://lists.nyphp.org/mailman/listinfo/talk _______________________________________________ talk mailing list talk at lists.nyphp.org http://lists.nyphp.org/mailman/listinfo/talk From shiflett at php.net Wed Oct 8 17:13:12 2003 From: shiflett at php.net (Chris Shiflett) Date: Wed, 8 Oct 2003 14:13:12 -0700 (PDT) Subject: [nycphp-talk] Apache 2.0/Virtual Host with SSL In-Reply-To: <002e01c38de0$32c9c2e0$6501a8c0@EZDSDELL> Message-ID: <20031008211312.6848.qmail@web14307.mail.yahoo.com> I haven't been following this thread, but I did notice a comment buried in the middle of it all about having SSL-enabled hosts using name-based virtual hosting. This isn't possible, because of a chicken and egg problem. You can read more about this here: http://shiflett.org/books/http-developers-handbook/chapters/18 (specifically, the section entitled Virtual Hosting) How does the Web server know which certificate to use? Hope that helps. Chris ===== My Blog http://shiflett.org/ HTTP Developer's Handbook http://httphandbook.org/ RAMP Training Courses http://www.nyphp.org/ramp From jsiegel1 at optonline.net Wed Oct 8 17:38:04 2003 From: jsiegel1 at optonline.net (Jeff Siegel) Date: Wed, 08 Oct 2003 17:38:04 -0400 Subject: [nycphp-talk] Apache 2.0/Virtual Host with SSL In-Reply-To: <20031008211312.6848.qmail@web14307.mail.yahoo.com> Message-ID: <004d01c38de4$752254f0$6501a8c0@EZDSDELL> Damn! I hadn't gotten that far in the book! (Thanks for pointing it out.) Jeff -----Original Message----- From: talk-bounces at lists.nyphp.org [mailto:talk-bounces at lists.nyphp.org] On Behalf Of Chris Shiflett Sent: Wednesday, October 08, 2003 4:13 PM To: NYPHP Talk; tgales at tgaconnect.com Subject: RE: [nycphp-talk] Apache 2.0/Virtual Host with SSL I haven't been following this thread, but I did notice a comment buried in the middle of it all about having SSL-enabled hosts using name-based virtual hosting. This isn't possible, because of a chicken and egg problem. You can read more about this here: http://shiflett.org/books/http-developers-handbook/chapters/18 (specifically, the section entitled Virtual Hosting) How does the Web server know which certificate to use? Hope that helps. Chris ===== My Blog http://shiflett.org/ HTTP Developer's Handbook http://httphandbook.org/ RAMP Training Courses http://www.nyphp.org/ramp _______________________________________________ talk mailing list talk at lists.nyphp.org http://lists.nyphp.org/mailman/listinfo/talk From delta at rochester.rr.com Wed Oct 8 22:43:12 2003 From: delta at rochester.rr.com (deedee) Date: Wed, 8 Oct 2003 22:43:12 -0400 Subject: [nycphp-talk] Oracle and PHP References: <3F8423F4.7090408@nyphp.org> Message-ID: <013301c38e0f$15197770$fc00fe0a@KEITZWS2> could be OPA, which some of my dutch friends call their grandfather.... the grandfather of all platforms! hmmm! its catchy! i was inspired by the Installing Oracle9i Database on Red Hat Linux 9 procedures and to see the Oracle Technical Network (OTN) is engaged in a Migration to Linux project at a Hospital.... what would be the acronym for that ... PALO? Hans, thanks for sharing the info... deedee ----- Original Message ----- From: "Hans Zaunere" To: Sent: Wednesday, October 08, 2003 10:49 AM Subject: [nycphp-talk] Oracle and PHP > > > AOP Technology? POA? > > http://otn.oracle.com/tech/opensource/index.html > > Never a dull day. > > H > > _______________________________________________ > talk mailing list > talk at lists.nyphp.org > http://lists.nyphp.org/mailman/listinfo/talk > From nyphp at websapp.com Thu Oct 9 12:10:51 2003 From: nyphp at websapp.com (Daniel Kushner) Date: Thu, 9 Oct 2003 12:10:51 -0400 Subject: [nycphp-talk] Fonts and GD Message-ID: Hi PHPers, Sorry for the large file post and please forgive my ignorance in graphics and fonts! The attached files show graphs generated using JGraph (http://www.aditus.nu/jpgraph/index.php) version 1.12.1. The fonts in the good.jpg are what else but good, and visa versa for the bad.jpg. The .html files are phpinfo's for each server. The good fonts are being generated using PHP 4.0.6 and bad fonts are on a server running PHP 4.1.2. Both servers have GD 1.8.3. Any pointers in how to get the PHP 4.1.2 to generate fonts as in the 4.0.6 installation would be appriciated. Thanks, Daniel -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: good.jpg Type: image/jpeg Size: 22926 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: bad.jpg Type: image/jpeg Size: 28530 bytes Desc: not available URL: -------------- next part -------------- An HTML attachment was scrubbed... URL: From chendry at nyc.rr.com Thu Oct 9 12:48:16 2003 From: chendry at nyc.rr.com (Christopher Hendry) Date: Thu, 9 Oct 2003 12:48:16 -0400 Subject: [nycphp-talk] Fonts and GD In-Reply-To: Message-ID: looks like it's a 4.1.2 problem. You might try what is suggested here, as it looks like you're actually using 2 different fonts (compare the 'M's in Message): http://www.wellho.net/forum/8415150301.html Or, I'd just try dropping the font size 2 pts, as it doesn't truly look solvable: http://bugs.php.net/bug.php?id=17437 But then again, all I did was Google it ;) Hope that helps. C -> -----Original Message----- -> From: talk-bounces at lists.nyphp.org -> [mailto:talk-bounces at lists.nyphp.org]On Behalf Of Daniel Kushner -> Sent: Thursday, October 09, 2003 12:11 PM -> To: talk at lists.nyphp.org -> Subject: [nycphp-talk] Fonts and GD -> -> -> Hi PHPers, -> -> Sorry for the large file post and please forgive my ignorance in graphics -> and fonts! -> -> The attached files show graphs generated using JGraph -> (http://www.aditus.nu/jpgraph/index.php) version 1.12.1. The fonts in the -> good.jpg are what else but good, and visa versa for the bad.jpg. -> The .html -> files are phpinfo's for each server. The good fonts are being generated -> using PHP 4.0.6 and bad fonts are on a server running PHP 4.1.2. Both -> servers have GD 1.8.3. -> -> Any pointers in how to get the PHP 4.1.2 to generate fonts as -> in the 4.0.6 -> installation would be appriciated. -> -> Thanks, -> Daniel -> From soazine at pop.erols.com Thu Oct 9 17:30:55 2003 From: soazine at pop.erols.com (soazine at pop.erols.com) Date: Thu, 9 Oct 2003 17:30:55 -0400 Subject: [nycphp-talk] I need help with eval() with a class void method call Message-ID: <265000-220031049213055304@M2W048.mail2web.com> I have this line in my code: eval('$field->' . $val . '(' . $max . ',' . $errDisplayArray[$key] . ');'); where $field is a predefined class instance, $val is a string containing the name of an existing method within the class, and $errDisplayArray[$key] will be an array element containing text that goes appropriately into the class method whose name is in $val. Whenever I run this I get a parse error, however, upon using a die() statement instead of eval it configures as so (and works!): $field->setMaxLength(40,"The last name cannot be more than 40 characters"); when I insert this line verbatim into my code I receive no breakage of any kind upon that line. I have read the eval() statement all over php.net, phpbuilder, phpfreaks and zend and I can't see what I'm doing wrong. Could someone clarify it for me? Thanx Phil -------------------------------------------------------------------- mail2web - Check your email from the web at http://mail2web.com/ . From nyphp at websapp.com Thu Oct 9 17:49:25 2003 From: nyphp at websapp.com (Daniel Kushner) Date: Thu, 9 Oct 2003 17:49:25 -0400 Subject: [nycphp-talk] I need help with eval() with a class void method call In-Reply-To: <265000-220031049213055304@M2W048.mail2web.com> Message-ID: You can try using the call_user_func function here: --Daniel > -----Original Message----- > From: talk-bounces at lists.nyphp.org > [mailto:talk-bounces at lists.nyphp.org]On Behalf Of soazine at pop.erols.com > Sent: Thursday, October 09, 2003 5:31 PM > To: talk at lists.nyphp.org > Subject: [nycphp-talk] I need help with eval() with a class void method > call > > > I have this line in my code: > > eval('$field->' . $val . '(' . $max . ',' . > $errDisplayArray[$key] . ');'); > > where $field is a predefined class instance, $val is a string containing > the name of an existing method within the class, and > $errDisplayArray[$key] > will be an array element containing text that goes appropriately into the > class method whose name is in $val. > > Whenever I run this I get a parse error, however, upon using a die() > statement instead of eval it configures as so (and works!): > > $field->setMaxLength(40,"The last name cannot be more than 40 > characters"); > > when I insert this line verbatim into my code I receive no breakage of any > kind upon that line. I have read the eval() statement all over php.net, > phpbuilder, phpfreaks and zend and I can't see what I'm doing > wrong. Could > someone clarify it for me? > > Thanx > Phil > > -------------------------------------------------------------------- > mail2web - Check your email from the web at > http://mail2web.com/ . > > > _______________________________________________ > talk mailing list > talk at lists.nyphp.org > http://lists.nyphp.org/mailman/listinfo/talk > From drydell at worldnet.att.net Thu Oct 9 22:13:57 2003 From: drydell at worldnet.att.net (David Rydell) Date: Thu, 9 Oct 2003 22:13:57 -0400 Subject: [nycphp-talk] I need help with eval() with a class void method call In-Reply-To: <265000-220031049213055304@M2W048.mail2web.com> Message-ID: eval is not needed... $field->$val($max, $errDisplayArray[$key]); should work with no problem. I use this technique in several scripts. It also works for static calls, ie Classname::$function($parm); --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.516 / Virus Database: 313 - Release Date: 9/1/2003 From hans at nyphp.org Thu Oct 9 22:28:10 2003 From: hans at nyphp.org (Hans Zaunere) Date: Thu, 09 Oct 2003 22:28:10 -0400 Subject: [nycphp-talk] Oracle and PHP In-Reply-To: <013301c38e0f$15197770$fc00fe0a@KEITZWS2> References: <3F8423F4.7090408@nyphp.org> <013301c38e0f$15197770$fc00fe0a@KEITZWS2> Message-ID: <3F86193A.5090401@nyphp.org> deedee wrote: > could be OPA, which some of my dutch friends call their grandfather.... > the grandfather of all platforms! hmmm! its catchy! Of course there's POA (PHP/Oracle/Apache), pronounced Powa (as in power :) > i was inspired by the Installing Oracle9i Database on Red Hat Linux 9 > procedures and to see the Oracle Technical Network (OTN) is engaged in a > Migration to Linux project at a Hospital.... Oddly enough I just did a Oracle 8i install on RH9, and at a hospital of sorts. I've done easier things, but it was rewarding to see Oracle startup, and then drain all my RAM :) H From enunez at tiaa-cref.org Fri Oct 10 12:01:41 2003 From: enunez at tiaa-cref.org (Nunez, Eddy) Date: Fri, 10 Oct 2003 10:01:41 -0600 Subject: [nycphp-talk] I need help with eval() with a class void method call Message-ID: <7CE0EC1FC2D0D411910700508BE38D0F0A6D9D70@msxnyusr01.msx.ops.tiaa-cref.org> Wow.... $func( var1, var2, etc ) Didn't know that was valid without some fancy evals. Thanks Dave. Dang, my PHP manual is out-of-date! -Eddy -----Original Message----- From: David Rydell [mailto:drydell at worldnet.att.net] Sent: Thursday, October 09, 2003 10:14 PM To: soazine at erols.com; NYPHP Talk Subject: RE: [nycphp-talk] I need help with eval() with a class void method call eval is not needed... $field->$val($max, $errDisplayArray[$key]); should work with no problem. I use this technique in several scripts. It also works for static calls, ie Classname::$function($parm); --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.516 / Virus Database: 313 - Release Date: 9/1/2003 _______________________________________________ talk mailing list talk at lists.nyphp.org http://lists.nyphp.org/mailman/listinfo/talk ************************************************************** This message, including any attachments, contains confidential information intended for a specific individual and purpose, and is protected by law. If you are not the intended recipient, please contact sender immediately by reply e-mail and destroy all copies. You are hereby notified that any disclosure, copying, or distribution of this message, or the taking of any action based on it, is strictly prohibited. TIAA-CREF ************************************************************** From max at idsociety.com Fri Oct 10 12:27:44 2003 From: max at idsociety.com (max goldberg) Date: Fri, 10 Oct 2003 12:27:44 -0400 Subject: [nycphp-talk] pcntl_* functions. Message-ID: <3F86DE00.7060601@idsociety.com> I'm using the pcntl_fork function to split up a workload between a bunch of processes. I've managed to separate the master from the children, but I am having some trouble with the pcntl_waitpid function. I was wondering if anyone has any documentation or examples of it's usage. I looked at http://www.php.net/manual/en/function.pcntl-waitpid.php but it still isn't really clear to me. Here is a quick script I made up: --- --- The result is : Master Starting Up. [ 2003-10-10 12:24:17 ] ( 1065803057 ) [ CHILD ] Fork Initializing....! [ CHILD ] Sleeping for 20! [ MASTER ] Starting thread with pid 28773 ... [ MASTER ] Starting thread with pid 28774 ... [ CHILD ] Fork Initializing....! [ CHILD ] Sleeping for 40! [ MASTER ] Starting thread with pid 28775 ... [ CHILD ] Fork Initializing....! [ CHILD ] Sleeping for 60! [ MASTER ] Waiting For Children to Die! [ CHILD ] Done Sleeping! [ MASTER ] My Children are dead! [max at computer:/] $ [ CHILD ] Done Sleeping! [ CHILD ] Done Sleeping! Obviously the master is only waiting for the first child to die out before it responds that they are all done.I have a few options, one of which is keep an array of the pid's of each fork and then loop and wait for each of them.I was just wondering if it was possible to have it wait for any and all forked processes with one command. Does anyone have any experience with this? Thanks, and sorry for the long mail! -Max From jonbaer at jonbaer.net Fri Oct 10 12:54:38 2003 From: jonbaer at jonbaer.net (jon baer) Date: Fri, 10 Oct 2003 12:54:38 -0400 Subject: [nycphp-talk] time tracking apps ... Message-ID: <007201c38f4f$31bc53c0$afab54a2@thinkpad> trying to look for a simple time tracking app (for charging clients based on hourly rates), is there anything in php @ the moment that could create an invoice for you? i had envisioned an app a long time ago that could link your IM to your paypal account for consulting but it never happened so im sure there are web-based projects that might do the same thing ... phil, what are you using? :-) (i guess its pen+paper vs. php+mysql) - jon pgp key: http://www.jonbaer.net/jonbaer.asc fingerprint: F438 A47E C45E 8B27 F68C 1F9B 41DB DB8B 9A0C AF47 From csnyder at chxo.com Fri Oct 10 13:43:18 2003 From: csnyder at chxo.com (Chris Snyder) Date: Fri, 10 Oct 2003 13:43:18 -0400 Subject: [nycphp-talk] PHP and Instant Messenger -- was: time tracking apps ... In-Reply-To: <007201c38f4f$31bc53c0$afab54a2@thinkpad> References: <007201c38f4f$31bc53c0$afab54a2@thinkpad> Message-ID: <3F86EFB6.8090508@chxo.com> jon baer wrote: >i had envisioned an app a long time ago that could link >your IM to your paypal account for consulting... > I read this and imagined a chat bot that listens for InstantMessages from you, so you can tell it when you start and stop working on various projects. It would generate an invoice with a PayPal link on request. This would be excellently cool, but I don't think that's what you mean. :-) I know we have people on the list that have written IRC bots in PHP (or at least thought about it)... has anyone written an IM bot in PHP? It's theoretically possible using a command line IM client... csnyder From jonbaer at jonbaer.net Fri Oct 10 13:50:50 2003 From: jonbaer at jonbaer.net (jon baer) Date: Fri, 10 Oct 2003 13:50:50 -0400 Subject: [nycphp-talk] PHP and Instant Messenger -- was: time tracking apps... References: <007201c38f4f$31bc53c0$afab54a2@thinkpad> <3F86EFB6.8090508@chxo.com> Message-ID: <008a01c38f57$0b9bea40$afab54a2@thinkpad> well ... technically speaking it can be easily conceived using a number of different methods (for example using ngrep or snort), you can do analysis on your networking to just track certain protocols + then analyze w/ PHP to do tracking results ... im doing this now w/ a PHP app called AirRecon to track wireless packets/traffic, so it can be reapplied to monitoring instant messaging, not to mention there is also phpcap which might be used to do the #entire# logging w/ php. you would just need to create an invoice manager class or something. - jon pgp key: http://www.jonbaer.net/jonbaer.asc fingerprint: F438 A47E C45E 8B27 F68C 1F9B 41DB DB8B 9A0C AF47 From Thomas.Freedman at ubs.com Fri Oct 10 14:17:20 2003 From: Thomas.Freedman at ubs.com (Freedman, Tom S.) Date: Fri, 10 Oct 2003 14:17:20 -0400 Subject: [nycphp-talk] pcntl_* functions. Message-ID: > -----Original Message----- > From: max goldberg [mailto:max at idsociety.com] [snip!] > if ($is_daemon == true) { > $waitpid_status = null; > echo "[ MASTER ] Waiting For Children to Die!\n"; > pcntl_waitpid (-1, &$waitpid_status, WUNTRACED); > echo "[ MASTER ] My Children are dead!\n"; [snip!] > Obviously the master is only waiting for the first child to die out > before it responds > that they are all done.I have a few options, one of which is keep an > array of the pid's > of each fork and then loop and wait for each of them.I was just > wondering if it was > possible to have it wait for any and all forked processes with one > command. Does > anyone have any experience with this? There really isn't any other way to do it than to keep track of all your child PIDs and test for them all to return. pcntl_waitpid(-1, $foo), as you say, returns once any child exits. > > Thanks, and sorry for the long mail! > -Max Hey, long mails mean less time spend asking for more info! :-) -Tom Please do not transmit orders or instructions regarding a UBS account by email. The information provided in this email or any attachments is not an official transaction confirmation or account statement. For your protection, do not include account numbers, Social Security numbers, credit card numbers, passwords or other non-public information in your email. Because the information contained in this message may be privileged, confidential, proprietary or otherwise protected from disclosure, please notify us immediately by replying to this message and deleting it from your computer if you have received this communication in error. Thank you. UBS Financial Services Inc. UBS International Inc. From hans at nyphp.org Sat Oct 11 21:36:02 2003 From: hans at nyphp.org (Hans Zaunere) Date: Sat, 11 Oct 2003 21:36:02 -0400 Subject: [nycphp-talk] pcntl_* functions. In-Reply-To: <3F86DE00.7060601@idsociety.com> References: <3F86DE00.7060601@idsociety.com> Message-ID: <3F88B002.70203@nyphp.org> max goldberg wrote: > I'm using the pcntl_fork function to split up a workload between a bunch > of processes. > I've managed to separate the master from the children, but I am having > some trouble with > the pcntl_waitpid function. I was wondering if anyone has any > documentation or examples > of it's usage. I looked at > http://www.php.net/manual/en/function.pcntl-waitpid.php but it > still isn't really clear to me. > > Here is a quick script I made up: > --- > > $max_children = 3; > $is_daemon = true; > $forks = 0; > > if ($is_daemon) { > echo 'Master Starting Up. [' . date(' Y-m-d H:i:s ') . '] ( ' . > mktime() . " ) \n"; > > for ($forks = 1; $forks <= $max_children; $forks++) { > > $new_pid = pcntl_fork(); > > if ($new_pid == -1) { > die('Could not fork.'); > } > else if ($new_pid != 0) { > echo "[ MASTER ] Starting thread with pid $new_pid ... \n"; > $thread_list[$forks] = $new_pid; > } > else { > echo "[ CHILD ] Fork Initializing....!\n"; > $is_daemon = false; > $i_am = $forks; > break; > } > } > } > > if ($is_daemon == true) { > $i_am = 0; > } > else { > $seconds = (int)($i_am * 20); > echo "[ CHILD ] Sleeping for $seconds!\n"; > sleep($seconds); > echo "[ CHILD ] Done Sleeping!\n"; > exit(1); > } > > if ($is_daemon == true) { > $waitpid_status = null; > echo "[ MASTER ] Waiting For Children to Die!\n"; > pcntl_waitpid (-1, &$waitpid_status, WUNTRACED); > echo "[ MASTER ] My Children are dead!\n"; > } > > ?> > --- > > The result is : > Master Starting Up. [ 2003-10-10 12:24:17 ] ( 1065803057 ) > [ CHILD ] Fork Initializing....! > [ CHILD ] Sleeping for 20! > [ MASTER ] Starting thread with pid 28773 ... > [ MASTER ] Starting thread with pid 28774 ... > [ CHILD ] Fork Initializing....! > [ CHILD ] Sleeping for 40! > [ MASTER ] Starting thread with pid 28775 ... > [ CHILD ] Fork Initializing....! > [ CHILD ] Sleeping for 60! > [ MASTER ] Waiting For Children to Die! > [ CHILD ] Done Sleeping! > [ MASTER ] My Children are dead! > [max at computer:/] $ [ CHILD ] Done Sleeping! > [ CHILD ] Done Sleeping! > > > Obviously the master is only waiting for the first child to die out > before it responds > that they are all done.I have a few options, one of which is keep an > array of the pid's > of each fork and then loop and wait for each of them.I was just > wondering if it was > possible to have it wait for any and all forked processes with one > command. Does > anyone have any experience with this? waitpid() itself takes a single process id, and so only lets the parent be aware of a single child process at a time, as you've pointed out. Probably the correct way to handle this is using signals, since the parent gets a SIGCHLD (IIRC) when a child exits. This might possibly help: http://www.ecst.csuchico.edu/~beej/guide/ipc/fork.html H From jsiegel1 at optonline.net Mon Oct 13 07:58:55 2003 From: jsiegel1 at optonline.net (Jeff Siegel) Date: Mon, 13 Oct 2003 07:58:55 -0400 Subject: [nycphp-talk] Session object destruction failed Message-ID: <004901c39181$6196d730$6501a8c0@EZDSDELL> My error handler emails me when there is an error and this morning I received a message that said "Session object destruction failed." Since I've never received this message before (the site has been live for a number of months) I'm not panicking over it. However, just wondering if there is anything that I should look for in terms of the environment that might cause this error. The site is running PHP ver. 4.1.2 and is on a dedicated box. Jeff Siegel From jay at trans-city.com Mon Oct 13 16:47:57 2003 From: jay at trans-city.com (Jay Greenspan) Date: Mon, 13 Oct 2003 16:47:57 -0400 Subject: [nycphp-talk] table to tab-delimit In-Reply-To: <007201c38f4f$31bc53c0$afab54a2@thinkpad> Message-ID: <86A28FAA-FDBE-11D7-ACD2-0003939BBBC2@trans-city.com> At this point I know I'm making a relatively easy task difficult. How would you go about converting an HTML table to tab-delimited text. assuming same number of columns for each row and that there will be attributes within the table tags. thanks -j From adam at trachtenberg.com Mon Oct 13 16:58:29 2003 From: adam at trachtenberg.com (Adam Maccabee Trachtenberg) Date: Mon, 13 Oct 2003 16:58:29 -0400 (EDT) Subject: [nycphp-talk] table to tab-delimit In-Reply-To: <86A28FAA-FDBE-11D7-ACD2-0003939BBBC2@trans-city.com> Message-ID: On Mon, 13 Oct 2003, Jay Greenspan wrote: > How would you go about converting an HTML table to tab-delimited text. > assuming same number of columns for each row and that there will be > attributes within the table tags. 1) Slurp table into variable 2) split() on s 3) iterate over each line doing: 3.1) preg_match_all() on /]*>(.+)/U or something similar, making sure to use non-greedy capturing patterns 3.2) join() each capture item using \t as your delimiter 3.3) store the results in an array: $lines[] = join('\t', $matches) (or something like that) 4) save results to file 4.1) open file 4.2) write each array element as line, placing \n at end 4.3) close file Depending upon the frequency you do this, you may find this easier in a text editor that supports regex matching. Or not. -adam -- adam at trachtenberg.com author of o'reilly's php cookbook avoid the holiday rush, buy your copy today! From jonbaer at jonbaer.net Mon Oct 13 20:34:37 2003 From: jonbaer at jonbaer.net (jon baer) Date: Mon, 13 Oct 2003 20:34:37 -0400 Subject: [nycphp-talk] table to tab-delimit References: <86A28FAA-FDBE-11D7-ACD2-0003939BBBC2@trans-city.com> Message-ID: <004501c391ea$f3304eb0$8119fea9@thinkpad> i just recently had to do the same thing, i ended up lazily doing it in sed as such: $ grep -o ".*" file.html | sed "s/<\/td>/,/g" | sed "s/<[/]*td>//g" > file.csv - jon ----- Original Message ----- From: "Jay Greenspan" To: "NYPHP Talk" Sent: Monday, October 13, 2003 4:47 PM Subject: [nycphp-talk] table to tab-delimit > At this point I know I'm making a relatively easy task difficult. > > How would you go about converting an HTML table to tab-delimited text. > assuming same number of columns for each row and that there will be > attributes within the table tags. > > thanks > > -j > > _______________________________________________ > talk mailing list > talk at lists.nyphp.org > http://lists.nyphp.org/mailman/listinfo/talk > From danielc at analysisandsolutions.com Tue Oct 14 00:16:27 2003 From: danielc at analysisandsolutions.com (Analysis & Solutions) Date: Tue, 14 Oct 2003 00:16:27 -0400 Subject: [nycphp-talk] php in securityfocus 218 Message-ID: <20031014041627.GA1555@panix.com> Invision Power Board Insecure Permissions Vulnerability http://www.securityfocus.com/bid/8737 Multiple DCP-Portal SQL Injection Vulnerabilities http://www.securityfocus.com/bid/8739 Multiple Wordpress Blog.Header.PHP SQL Injection Vulnerabili... http://www.securityfocus.com/bid/8756 SquirrelMail CSS JavaScript Expression MSIE Script Code Inje... http://www.securityfocus.com/bid/8760 PHP-Nuke mailattach.php Remote File Upload Vulnerability http://www.securityfocus.com/bid/8764 EternalMart Multiple Remote File Include Vulnerabilities http://www.securityfocus.com/bid/8767 GuppY Cross-Site Scripting Vulnerability http://www.securityfocus.com/bid/8768 GuppY Remote File Access Vulnerability http://www.securityfocus.com/bid/8769 PHP Prayer Board SQL Injection Vulnerability http://www.securityfocus.com/bid/8774 Be safe out there... --Dan -- T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y data intensive web and database programming http://www.AnalysisAndSolutions.com/ 4015 7th Ave #4, Brooklyn NY 11232 v: 718-854-0335 f: 718-854-0409 From jonbaer at jonbaer.net Tue Oct 14 00:21:16 2003 From: jonbaer at jonbaer.net (jon baer) Date: Tue, 14 Oct 2003 00:21:16 -0400 Subject: [nycphp-talk] php in securityfocus 218 References: <20031014041627.GA1555@panix.com> Message-ID: <001a01c3920a$9cba7720$8119fea9@thinkpad> is it just me or these emails getting longer + longer by the week? ;-) - jon ----- Original Message ----- From: "Analysis & Solutions" To: "NYPHP Talk" Sent: Tuesday, October 14, 2003 12:16 AM Subject: [nycphp-talk] php in securityfocus 218 > Invision Power Board Insecure Permissions Vulnerability > http://www.securityfocus.com/bid/8737 > > Multiple DCP-Portal SQL Injection Vulnerabilities > http://www.securityfocus.com/bid/8739 > > Multiple Wordpress Blog.Header.PHP SQL Injection Vulnerabili... > http://www.securityfocus.com/bid/8756 > > SquirrelMail CSS JavaScript Expression MSIE Script Code Inje... > http://www.securityfocus.com/bid/8760 > > PHP-Nuke mailattach.php Remote File Upload Vulnerability > http://www.securityfocus.com/bid/8764 > > EternalMart Multiple Remote File Include Vulnerabilities > http://www.securityfocus.com/bid/8767 > > GuppY Cross-Site Scripting Vulnerability > http://www.securityfocus.com/bid/8768 > > GuppY Remote File Access Vulnerability > http://www.securityfocus.com/bid/8769 > > PHP Prayer Board SQL Injection Vulnerability > http://www.securityfocus.com/bid/8774 > > > Be safe out there... > > --Dan > > -- > T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y > data intensive web and database programming > http://www.AnalysisAndSolutions.com/ > 4015 7th Ave #4, Brooklyn NY 11232 v: 718-854-0335 f: 718-854-0409 > _______________________________________________ > talk mailing list > talk at lists.nyphp.org > http://lists.nyphp.org/mailman/listinfo/talk > From danielc at analysisandsolutions.com Tue Oct 14 00:35:29 2003 From: danielc at analysisandsolutions.com (Analysis & Solutions) Date: Tue, 14 Oct 2003 00:35:29 -0400 Subject: [nycphp-talk] php in securityfocus 218 In-Reply-To: <001a01c3920a$9cba7720$8119fea9@thinkpad> References: <20031014041627.GA1555@panix.com> <001a01c3920a$9cba7720$8119fea9@thinkpad> Message-ID: <20031014043529.GA2883@panix.com> Hi Jon: On Tue, Oct 14, 2003 at 12:21:16AM -0400, jon baer wrote: > is it just me or these emails getting longer + longer by the week? ;-) Or is it longer and longer each time someone replies without snipping out irrelevant portions of the prior message? --Dan -- FREE scripts that make web and database programming easier http://www.analysisandsolutions.com/software/ T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y 4015 7th Ave #4AJ, Brooklyn NY v: 718-854-0335 f: 718-854-0409 From kenneth at ylayali.net Tue Oct 14 03:01:20 2003 From: kenneth at ylayali.net (Kenneth Dombrowski) Date: Tue, 14 Oct 2003 03:01:20 -0400 Subject: [nycphp-talk] retro php Message-ID: <20031014070120.GB11848@ylayali.net> Hi, I'm new enough to PHP that I've always used $_SESSION-style superglobals with register_globals off & etc, but now I find myself trying to get a project to run on 4.0.6 At first the docs led me to the conclusion: No problem, I'll just change all those $_SESSION collections to $HTTP_SESSION_VARS, but the values I'm setting don't seem to be installing themselves into the session at all. The PHPSESSID out of $HTTP_COOKIE_VARS stays the same, but $HTTP_SESSION_VARS seemingly empties out on every page load. Any idea if it's some odd server config? The scant remaining docs about HTTP_SESSION_VARS make me feel like it should work pretty much the same way $_SESSION does on our 4.2.2 server.. where the code does work. I can't find anything specific to these deprecated globals.. Of course I am calling session_start() &, no. sadly, upgrading the server doesn't count as a solution, though I've been advocating it for some time. Is this a familiar problem? Thanks, Kenneth From shawn at shawnlawyer.com Tue Oct 14 03:35:39 2003 From: shawn at shawnlawyer.com (shawn at shawnlawyer.com) Date: Tue, 14 Oct 2003 00:35:39 -0700 (PDT) Subject: [nycphp-talk] retro php In-Reply-To: <20031014070120.GB11848@ylayali.net> References: <20031014070120.GB11848@ylayali.net> Message-ID: <1502.24.215.160.85.1066116939.squirrel@webmail.shawnlawyer.com> Hey Man, I'm not sure of the exact version it changed in, but you need to register the session vars. it's been so long so I don't remember the exact function name., but that should be it. have a good one Shawn Lawyer > Hi, > > I'm new enough to PHP that I've always used $_SESSION-style superglobals > with register_globals off & etc, but now I find myself trying to get a > project to run on 4.0.6 > > At first the docs led me to the conclusion: No problem, I'll just change > all those $_SESSION collections to $HTTP_SESSION_VARS, but the values > I'm setting don't seem to be installing themselves into the session at > all. The PHPSESSID out of $HTTP_COOKIE_VARS stays the same, but > $HTTP_SESSION_VARS seemingly empties out on every page load. > > Any idea if it's some odd server config? The scant remaining docs about > HTTP_SESSION_VARS make me feel like it should work pretty much the same > way $_SESSION does on our 4.2.2 server.. where the code does work. I > can't find anything specific to these deprecated globals.. > > Of course I am calling session_start() > > &, no. sadly, upgrading the server doesn't count as a solution, though > I've been advocating it for some time. > > Is this a familiar problem? > > Thanks, > Kenneth > > _______________________________________________ > talk mailing list > talk at lists.nyphp.org > http://lists.nyphp.org/mailman/listinfo/talk > > From kenneth at ylayali.net Tue Oct 14 03:53:44 2003 From: kenneth at ylayali.net (Kenneth Dombrowski) Date: Tue, 14 Oct 2003 03:53:44 -0400 Subject: [nycphp-talk] retro php In-Reply-To: <1502.24.215.160.85.1066116939.squirrel@webmail.shawnlawyer.com> References: <20031014070120.GB11848@ylayali.net> <1502.24.215.160.85.1066116939.squirrel@webmail.shawnlawyer.com> Message-ID: <20031014075344.GC11848@ylayali.net> On 03-10-14 00:35 -0700, shawn at shawnlawyer.com wrote: > Hey Man, > > I'm not sure of the exact version it changed in, but you need to register > the session vars. it's been so long so I don't remember the exact function > name., but that should be it. have a good one > > Shawn Lawyer > Thanks Shawn, I gave both: session_register($HTTP_SESSION_VARS); and, e.g., session_register($HTTP_SESSION_VARS['S_user_id']); a desperate try before writing to the list; neither has any result, which is one reason I was suspicious of lousy php.ini settings &/or buggy weirdness in this ancient version of PHP Thanks for the response though, Kenneth From hans at nyphp.org Tue Oct 14 08:38:50 2003 From: hans at nyphp.org (Hans Zaunere) Date: Tue, 14 Oct 2003 08:38:50 -0400 Subject: [nycphp-talk] php in securityfocus 218 In-Reply-To: <20031014043529.GA2883@panix.com> References: <20031014041627.GA1555@panix.com> <001a01c3920a$9cba7720$8119fea9@thinkpad> <20031014043529.GA2883@panix.com> Message-ID: <3F8BEE5A.8030703@nyphp.org> Analysis & Solutions wrote: > Hi Jon: > > On Tue, Oct 14, 2003 at 12:21:16AM -0400, jon baer wrote: > >>is it just me or these emails getting longer + longer by the week? ;-) > > Or is it longer and longer each time someone replies without snipping out > irrelevant portions of the prior message? I believe he was referring to the fact that there is an ever growing number of security alerts, and thus more security issues in PHP applications. This is not a good thing; regardless of email size. H From csnyder at chxo.com Tue Oct 14 08:47:29 2003 From: csnyder at chxo.com (Chris Snyder) Date: Tue, 14 Oct 2003 08:47:29 -0400 Subject: [nycphp-talk] php in securityfocus 218 In-Reply-To: <20031014041627.GA1555@panix.com> References: <20031014041627.GA1555@panix.com> Message-ID: <3F8BF061.1030609@chxo.com> Analysis & Solutions wrote: >PHP Prayer Board SQL Injection Vulnerability >http://www.securityfocus.com/bid/8774 > I put SQL into my prayers all the time, is this a bad thing? :-) In an attempt, um, to redeem this message, what *is* an SQL Injection Vulnerability? Is the religious use of addslashes() on any request variables used in a database query enough to prevent it? For example: $email = $_GET['email']; $safeemail = addslashes($email); $query = "SELECT * FROM supplicants WHERE email='$safeemail' "; Is this safe, or is my site at the mercy of a clever SQL injector? csnyder From danielc at analysisandsolutions.com Tue Oct 14 09:26:44 2003 From: danielc at analysisandsolutions.com (Analysis & Solutions) Date: Tue, 14 Oct 2003 09:26:44 -0400 Subject: [nycphp-talk] php in securityfocus 218 In-Reply-To: <3F8BF061.1030609@chxo.com> References: <20031014041627.GA1555@panix.com> <3F8BF061.1030609@chxo.com> Message-ID: <20031014132644.GA21200@panix.com> Hi Chris: On Tue, Oct 14, 2003 at 08:47:29AM -0400, Chris Snyder wrote: > $email = $_GET['email']; > $safeemail = addslashes($email); > $query = "SELECT * FROM supplicants WHERE email='$safeemail' "; > > Is this safe, or is my site at the mercy of a clever SQL injector? For the most part. To avoid all potential problems, it's a good idea to check that the data matches your expected format. For instance, if it's supposed to be a small integer, make sure it only contains numbers and is less that five characters long. This example prevents errors from overflowing and trying to put in non numeric characters. Under this regimen, addslashes() is only needed for strings that are allowed to contain SQL related characters. So, you wouldn't need addslashes(), say, for input you validated to either be a "Y" or an "N." Also, the step of converting $_GET['email'] to $email is superfluous. You could save some time and memory by putting $_GET['email'] in the addslashes() call. Enjoy, --Dan -- FREE scripts that make web and database programming easier http://www.analysisandsolutions.com/software/ T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y 4015 7th Ave #4AJ, Brooklyn NY v: 718-854-0335 f: 718-854-0409 From danielc at analysisandsolutions.com Tue Oct 14 09:30:30 2003 From: danielc at analysisandsolutions.com (Analysis & Solutions) Date: Tue, 14 Oct 2003 09:30:30 -0400 Subject: [nycphp-talk] retro php In-Reply-To: <20031014070120.GB11848@ylayali.net> References: <20031014070120.GB11848@ylayali.net> Message-ID: <20031014133030.GB21200@panix.com> Hi Kenneth: On Tue, Oct 14, 2003 at 03:01:20AM -0400, Kenneth Dombrowski wrote: > > I'm new enough to PHP that I've always used $_SESSION-style superglobals > with register_globals off & etc, but now I find myself trying to get a > project to run on 4.0.6 Why? Are you stuck on a server with a majorly bug ridden, outdated, version of PHP? OUCH. Time to change providers. > At first the docs led me to the conclusion: No problem, I'll just change > all those $_SESSION collections to $HTTP_SESSION_VARS, but the values Far simpler is to do this at the top of the script than to change all instances of your variables.: $_SESSION = $HTTP_SESSION_VARS; The rest of your questions were already answered. Enjoy, --Dan -- FREE scripts that make web and database programming easier http://www.analysisandsolutions.com/software/ T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y 4015 7th Ave #4AJ, Brooklyn NY v: 718-854-0335 f: 718-854-0409 From tgales at tgaconnect.com Tue Oct 14 09:42:19 2003 From: tgales at tgaconnect.com (Tim Gales) Date: Tue, 14 Oct 2003 09:42:19 -0400 Subject: [nycphp-talk] php in securityfocus 218 In-Reply-To: <3F8BF061.1030609@chxo.com> Message-ID: <002601c39258$fedf72e0$bf8d3818@oberon1> I am surprised that you are uncertain about this. It is clearly documented in the discussion at Security Focus: "an SQL Injection vulnerability can present itself due to a lack of sufficient sanitization performed on user-supplied data." You have to the 'lustrate' the data, preferably with a self-flagellation routine. (Maybe addlashess intead of addslashes) Tim G. -----Original Message----- From: talk-bounces at lists.nyphp.org [mailto:talk-bounces at lists.nyphp.org] On Behalf Of Chris Snyder Sent: Tuesday, October 14, 2003 8:47 AM To: NYPHP Talk Subject: Re: [nycphp-talk] php in securityfocus 218 ... Is this safe, or is my site at the mercy of a clever SQL injector? csnyder _______________________________________________ talk mailing list talk at lists.nyphp.org http://lists.nyphp.org/mailman/listinfo/talk From kenneth at ylayali.net Tue Oct 14 10:08:11 2003 From: kenneth at ylayali.net (Kenneth Dombrowski) Date: Tue, 14 Oct 2003 10:08:11 -0400 Subject: [nycphp-talk] retro php In-Reply-To: <20031014133030.GB21200@panix.com> References: <20031014070120.GB11848@ylayali.net> <20031014133030.GB21200@panix.com> Message-ID: <20031014140811.GD11848@ylayali.net> On 03-10-14 09:30 -0400, Analysis & Solutions wrote: > Hi Kenneth: > > On Tue, Oct 14, 2003 at 03:01:20AM -0400, Kenneth Dombrowski wrote: > > > > I'm new enough to PHP that I've always used $_SESSION-style superglobals > > with register_globals off & etc, but now I find myself trying to get a > > project to run on 4.0.6 > > Why? Are you stuck on a server with a majorly bug ridden, outdated, > version of PHP? OUCH. Time to change providers. > > > At first the docs led me to the conclusion: No problem, I'll just change > > all those $_SESSION collections to $HTTP_SESSION_VARS, but the values > > Far simpler is to do this at the top of the script than to change all > instances of your variables.: > > $_SESSION = $HTTP_SESSION_VARS; I wish I'd thought of that > The rest of your questions were already answered. > were they? I guess shawn wasn't talking about session_register, then? another hint, please? From hans at nyphp.org Tue Oct 14 10:18:03 2003 From: hans at nyphp.org (Hans Zaunere) Date: Tue, 14 Oct 2003 10:18:03 -0400 Subject: [nycphp-talk] php in securityfocus 218 In-Reply-To: <3F8BF061.1030609@chxo.com> References: <20031014041627.GA1555@panix.com> <3F8BF061.1030609@chxo.com> Message-ID: <3F8C059B.8010301@nyphp.org> Chris Snyder wrote: > Analysis & Solutions wrote: > >> PHP Prayer Board SQL Injection Vulnerability >> http://www.securityfocus.com/bid/8774 >> > I put SQL into my prayers all the time, is this a bad thing? :-) Thou shalt not *not* use mysql_real_escape_string() :) > In an attempt, um, to redeem this message, what *is* an SQL Injection > Vulnerability? Is the religious use of addslashes() on any request > variables used in a database query enough to prevent it? Basically, yes. There are a few flavors of SQL injection that I'm aware of, one more of a problem with MySQL than the other. 1) The most common and problematic isn't that common in PHP land, as far as I've seen. It involves generating SQL *on the client* either via Javascript or passing SQL directly through a GET/POST request. We all know this is crazy, but apparently others do not: http://www.nextgenss.com/papers/advanced_sql_injection.pdf 2) Another type is poisoning variables with complete SQL statements. The current MySQL API will only run one SQL statement at a time, or throw a parse error otherwise, and although I don't agree with this behavior, it does prevent a lot of abuses of this type of thing. 3) Lastly there is simply passing in chars that aren't supposed to be interpreted literally. A common example is someone submitting a form, whereby the backend code doesn't escape anything, and so using a '%' in any of the fields will dump the whole database. Or, even worse, is if this happens in a DELETE FROM statement. This is bad :) > For example: > > $email = $_GET['email']; > $safeemail = addslashes($email); > $query = "SELECT * FROM supplicants WHERE email='$safeemail' "; > > Is this safe, or is my site at the mercy of a clever SQL injector? This is essentially correct, although I'd recommend using mysql_escape_string(); and actually, mysql_real_escape_string() is even better. These are direct from the MySQL API and will always correctly escape strings The Right Way (ie, depending on locale, if MySQL's syntax/special chars/ change, etc). Honor thy PHP and MySQL. H From hans at nyphp.org Tue Oct 14 10:21:08 2003 From: hans at nyphp.org (Hans Zaunere) Date: Tue, 14 Oct 2003 10:21:08 -0400 Subject: [nycphp-talk] retro php In-Reply-To: <20031014140811.GD11848@ylayali.net> References: <20031014070120.GB11848@ylayali.net> <20031014133030.GB21200@panix.com> <20031014140811.GD11848@ylayali.net> Message-ID: <3F8C0654.1050202@nyphp.org> >>Far simpler is to do this at the top of the script than to change all >>instances of your variables.: >> >> $_SESSION = $HTTP_SESSION_VARS; I'd go with: $_SESSION = &$HTTP_SESSION_VARS; This way if you change something in one of them you won't get two distinct copies of the variable. H From hans at nyphp.org Tue Oct 14 10:24:26 2003 From: hans at nyphp.org (Hans Zaunere) Date: Tue, 14 Oct 2003 10:24:26 -0400 Subject: [nycphp-talk] Session object destruction failed In-Reply-To: <004901c39181$6196d730$6501a8c0@EZDSDELL> References: <004901c39181$6196d730$6501a8c0@EZDSDELL> Message-ID: <3F8C071A.10108@nyphp.org> Jeff Siegel wrote: > My error handler emails me when there is an error and this morning I > received a message that said "Session object destruction failed." Since > I've never received this message before (the site has been live for a > number of months) I'm not panicking over it. However, just wondering if > there is anything that I should look for in terms of the environment > that might cause this error. The site is running PHP ver. 4.1.2 and is > on a dedicated box. I don't think I've seen this explicitly, but it's probably not a major issue; especially if it's not happening on a continuing basis. The most probably cause is that a session was attempted to be destroyed, but either it was already destroyed somewhere else, garbage-collected just before, or never created for some reason. Looking at google/bugs.php.net there were a couple bugs about this at one time, but I don't think they remain an issue. H From danielc at analysisandsolutions.com Tue Oct 14 10:22:59 2003 From: danielc at analysisandsolutions.com (Analysis & Solutions) Date: Tue, 14 Oct 2003 10:22:59 -0400 Subject: [nycphp-talk] retro php In-Reply-To: <20031014140811.GD11848@ylayali.net> References: <20031014070120.GB11848@ylayali.net> <20031014133030.GB21200@panix.com> <20031014140811.GD11848@ylayali.net> Message-ID: <20031014142259.GA26943@panix.com> Hi Kenneth: On Tue, Oct 14, 2003 at 10:08:11AM -0400, Kenneth Dombrowski wrote: > On 03-10-14 09:30 -0400, Analysis & Solutions wrote: > > > The rest of your questions were already answered. > > > > were they? I guess shawn wasn't talking about session_register, then? > another hint, please? Oh, I quickly saw someone mention session_register(). I now see that was you. Are you sure session propogation is turned on in your php.ini file? Is it set to use cookies and/or URI rewriting? If it's set to cookies, is your browser accepting and sending the cookie? Also, http://php.net/session_register says: vvvvvvvvvv If you are using $_SESSION (or $HTTP_SESSION_VARS), do not use session_register(), session_is_registered(), and session_unregister(). ... snip ... You can also create a session variable by simply setting the appropriate member of the $_SESSION or $HTTP_SESSION_VARS (PHP < 4.1.0) array. ^^^^^^^^^^ Are you setting your information correctly using ONE of those methods? --Dan -- FREE scripts that make web and database programming easier http://www.analysisandsolutions.com/software/ T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y 4015 7th Ave #4AJ, Brooklyn NY v: 718-854-0335 f: 718-854-0409 From drydell at worldnet.att.net Tue Oct 14 10:37:29 2003 From: drydell at worldnet.att.net (David Rydell) Date: Tue, 14 Oct 2003 10:37:29 -0400 Subject: [nycphp-talk] retro php In-Reply-To: <20031014075344.GC11848@ylayali.net> Message-ID: I gave both: session_register($HTTP_SESSION_VARS); and, e.g., session_register($HTTP_SESSION_VARS['S_user_id']); the proper syntax is session_register('variable_name')... from the manual: The track_vars and register_globals configuration settings influence how the session variables get stored and restored. Note: As of PHP 4.0.3, track_vars is always turned on. If track_vars is enabled and register_globals is disabled, only members of the global associative array $HTTP_SESSION_VARS can be registered as session variables. The restored session variables will only be available in the array $HTTP_SESSION_VARS. Example 1. Registering a variable with track_vars enabled If register_globals is enabled, then all global variables can be registered as session variables and the session variables will be restored to corresponding global variables. Example 2. Registering a variable with register_globals enabled If both track_vars and register_globals are enabled, then the globals variables and the $HTTP_SESSION_VARS entries will reference the same value. --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.525 / Virus Database: 322 - Release Date: 10/9/2003 From shiflett at php.net Tue Oct 14 11:11:50 2003 From: shiflett at php.net (Chris Shiflett) Date: Tue, 14 Oct 2003 08:11:50 -0700 (PDT) Subject: [nycphp-talk] php in securityfocus 218 In-Reply-To: <3F8BF061.1030609@chxo.com> Message-ID: <20031014151150.39494.qmail@web14310.mail.yahoo.com> --- Chris Snyder wrote: > In an attempt, um, to redeem this message, what *is* an SQL > Injection Vulnerability? Is the religious use of addslashes() on > any request variables used in a database query enough to prevent > it? > > For example: > > $email = $_GET['email']; > $safeemail = addslashes($email); > $query = "SELECT * FROM supplicants WHERE email='$safeemail'"; > > Is this safe, or is my site at the mercy of a clever SQL injector? Tell me the URL, and you'll find out. ;-) Just kidding. I'm not the most creative guy out there, which is why I don't bother trying to outguess what people will try. I can't think of a specific attack that will bypass your filtering offhand, but that doesn't mean someone else can't. In fact, I would characterize this code as a security vulnerability (assuming addslashes is the only data filtering) even though I can't think of a specific example to exploit it. What I can do is tell you that it is practically assured that no valid email address can be used as an SQL injection attack, so if your data filtering validates the format you are expecting, this is much safer than only using addslashes. Hope that helps. Chris ===== My Blog http://shiflett.org/ HTTP Developer's Handbook http://httphandbook.org/ RAMP Training Courses http://www.nyphp.org/ramp From jsiegel1 at optonline.net Tue Oct 14 11:05:21 2003 From: jsiegel1 at optonline.net (Jeff Siegel) Date: Tue, 14 Oct 2003 11:05:21 -0400 Subject: [nycphp-talk] Session object destruction failed In-Reply-To: <3F8C071A.10108@nyphp.org> Message-ID: <003801c39264$964efe10$6501a8c0@EZDSDELL> The only bugs concerning this seemed to be related to PHP on IIS. Of course...I'll post again if it happens again. Jeff -----Original Message----- From: talk-bounces at lists.nyphp.org [mailto:talk-bounces at lists.nyphp.org] On Behalf Of Hans Zaunere Sent: Tuesday, October 14, 2003 9:24 AM To: NYPHP Talk Subject: Re: [nycphp-talk] Session object destruction failed Jeff Siegel wrote: > My error handler emails me when there is an error and this morning I > received a message that said "Session object destruction failed." Since > I've never received this message before (the site has been live for a > number of months) I'm not panicking over it. However, just wondering if > there is anything that I should look for in terms of the environment > that might cause this error. The site is running PHP ver. 4.1.2 and is > on a dedicated box. I don't think I've seen this explicitly, but it's probably not a major issue; especially if it's not happening on a continuing basis. The most probably cause is that a session was attempted to be destroyed, but either it was already destroyed somewhere else, garbage-collected just before, or never created for some reason. Looking at google/bugs.php.net there were a couple bugs about this at one time, but I don't think they remain an issue. H _______________________________________________ talk mailing list talk at lists.nyphp.org http://lists.nyphp.org/mailman/listinfo/talk From jonbaer at jonbaer.net Tue Oct 14 11:29:02 2003 From: jonbaer at jonbaer.net (jon baer) Date: Tue, 14 Oct 2003 11:29:02 -0400 Subject: [nycphp-talk] php in securityfocus 218 References: <20031014041627.GA1555@panix.com> <3F8BF061.1030609@chxo.com> Message-ID: <00da01c39267$e64600a0$8119fea9@thinkpad> > In an attempt, um, to redeem this message, what *is* an SQL Injection > Vulnerability? Is the religious use of addslashes() on any request i once read a paper that covered crazy recon hacking techniques and the one that involved SQL injection was pretty interesting, I think if I remember it was more pertaining to Perl but could be applied in anything. Basically it was case scenerio where the hacker was actually looking for the exact box the admin material was being hosted on (the SQL Server/MySQL) and he discovered that if he placed \ tags inside of an entry that he could trace back the IP request when the admin viewed results. (he already had a working password) ... from what I know, this is already common in spammers determining "good" hosts when they embed tagged images. - jon From kenneth at ylayali.net Tue Oct 14 11:42:22 2003 From: kenneth at ylayali.net (Kenneth Dombrowski) Date: Tue, 14 Oct 2003 11:42:22 -0400 Subject: [nycphp-talk] retro php In-Reply-To: <20031014142259.GA26943@panix.com> References: <20031014070120.GB11848@ylayali.net> <20031014133030.GB21200@panix.com> <20031014140811.GD11848@ylayali.net> <20031014142259.GA26943@panix.com> Message-ID: <20031014154222.GE11848@ylayali.net> on page 1, index.php $HTTP_SESSION_VARS['S_user_id'] = $rs['user_id']; $HTTP_SESSION_VARS['S_login_name'] = $rs['login']; $HTTP_SESSION_VARS['S_company_id'] = $rs['company_id']; $HTTP_SESSION_VARS['S_user_email'] = $rs['email']; & the include file menu item works my assigned issues
print_r($HTTP_SESSION_VARS) produces Array ( [S_user_id] => 33 [S_login_name] => kenneth [S_company_id] => 0 [S_user_email] => kenneth at ylayali.net ) follow that link above to issuelist, though and this always redirects me back to index.php: if (!$HTTP_SESSION_VARS['S_user_id'] > 0) { header ('Location: ' . $loginpage . '?log_er=s1'); exit; } I commented out the header & exit lines & sure enough, the print_r statement produces an empty Array(). Comparing PHPSESSID from $HTTP_COOKIE_VARS on each page shows they are the same I tried dozens of increasingly stupid things trying to figure out why early into the morning with no luck, it just has to be some simple little thing.. > Also, http://php.net/session_register says: > vvvvvvvvvv > If you are using $_SESSION (or $HTTP_SESSION_VARS), do not use > session_register(), session_is_registered(), and session_unregister(). > Actually, this is how I got involved with this. I began to notice extremely bizarre results on our 4.2.2 development server after I began using $_SESSION syntax while the existing code was using session_register. I converted everything over to superglobals & took out all the session_register, session_unregister & session_is_registered stuff & the pages began to display properly again. I wasn't 100% sure of the "or $HTTP_SESSION_VARS" part though, so thanks for clarifying that. from phpinfo: session Session Support enabled Directive Local Value Master Value session.auto_start Off Off session.cache_expire 180 180 session.cache_limiter nocache nocache session.cookie_domain no value no value session.cookie_lifetime 0 0 session.cookie_path / / session.cookie_secure Off Off session.entropy_file no value no value session.entropy_length 0 0 session.gc_maxlifetime 1440 1440 session.gc_probability 1 1 session.name PHPSESSID PHPSESSID session.referer_check no value no value session.save_handler files files session.save_path /tmp /tmp session.serialize_handler php php session.use_cookies On On Thanks again, Kenneth From kenneth at ylayali.net Tue Oct 14 11:50:35 2003 From: kenneth at ylayali.net (Kenneth Dombrowski) Date: Tue, 14 Oct 2003 11:50:35 -0400 Subject: [nycphp-talk] retro php In-Reply-To: References: <20031014075344.GC11848@ylayali.net> Message-ID: <20031014155035.GF11848@ylayali.net> On 03-10-14 10:37 -0400, David Rydell wrote: > the proper syntax is session_register('variable_name')... from the manual: yeah, I tried that one too, but see Dan's response & my reply to him > The track_vars and register_globals configuration settings influence how the > session variables get stored and restored. > > Note: As of PHP 4.0.3, track_vars is always turned on. > > If register_globals is enabled, then all global variables can be registered > as session variables and the session variables will be restored to > corresponding global variables. Example 2. Registering a variable with > register_globals enabled > If both track_vars and register_globals are enabled, then the globals > variables and the $HTTP_SESSION_VARS entries will reference the same value. register_globals is on here, so this seems to imply that either syntax should work. though, as Dan pointed out, you shouldn't mix them. From shiflett at php.net Tue Oct 14 12:09:02 2003 From: shiflett at php.net (Chris Shiflett) Date: Tue, 14 Oct 2003 09:09:02 -0700 (PDT) Subject: [nycphp-talk] php in securityfocus 218 In-Reply-To: <00da01c39267$e64600a0$8119fea9@thinkpad> Message-ID: <20031014160902.87284.qmail@web14311.mail.yahoo.com> --- jon baer wrote: > i once read a paper that covered crazy recon hacking techniques and > the one that involved SQL injection was pretty interesting, I think > if I remember it was more pertaining to Perl but could be applied in > anything. Basically it was case scenerio where the hacker was > actually looking for the exact box the admin material was being > hosted on (the SQL Server/MySQL) and he discovered that if he placed > tags inside of an entry that he could trace back the IP request > when the admin viewed results. This sounds similar to CSRF, a topic I have found particularly interesting. Imagine that the URL in an image tag causes the person requesting it to perform some action: There is an article in php|a this month (which should come out today) that has more information about this. You can also read the original "paper" at: http://www.tux.org/~peterw/csrf.txt Chris ===== My Blog http://shiflett.org/ HTTP Developer's Handbook http://httphandbook.org/ RAMP Training Courses http://www.nyphp.org/ramp From mjdewitt at alexcommgrp.com Tue Oct 14 13:16:00 2003 From: mjdewitt at alexcommgrp.com (DeWitt, Michael) Date: Tue, 14 Oct 2003 13:16:00 -0400 Subject: [nycphp-talk] Perl bumped by PHP in the Linux Journal Reader's Choice Awards Message-ID: I was so surprised by this year's results in the November issue of LJ. Here are the top three choices in the Favorite Programming Language category: 1. C++ 2. C 3. PHP Wow,PHP has come a long way! Mike From hans at nyphp.org Tue Oct 14 13:20:18 2003 From: hans at nyphp.org (Hans Zaunere) Date: Tue, 14 Oct 2003 13:20:18 -0400 Subject: [nycphp-talk] Perl bumped by PHP in the Linux Journal Reader's Choice Awards In-Reply-To: References: Message-ID: <3F8C3052.6000105@nyphp.org> DeWitt, Michael wrote: > I was so surprised by this year's results in the November issue of LJ. Here > are the top three choices in the Favorite Programming Language category: > > 1. C++ > 2. C > 3. PHP Wow, that is great news. If PHP can bump either C or C++ I'd cry. :) H From shiflett at php.net Tue Oct 14 13:24:36 2003 From: shiflett at php.net (Chris Shiflett) Date: Tue, 14 Oct 2003 10:24:36 -0700 (PDT) Subject: [nycphp-talk] Perl bumped by PHP in the Linux Journal Reader's Choice Awards In-Reply-To: Message-ID: <20031014172436.66704.qmail@web14310.mail.yahoo.com> --- "DeWitt, Michael" wrote: > I was so surprised by this year's results in the November issue of > LJ. Here are the top three choices in the Favorite Programming > Language category: > > 1. C++ > 2. C > 3. PHP I love PHP and all, but I find these results hard to believe. Perl still seems quite a bit more popular to me. And Java, which I can't stand, seems more popular than both PHP and Perl. Chris ===== My Blog http://shiflett.org/ HTTP Developer's Handbook http://httphandbook.org/ RAMP Training Courses http://www.nyphp.org/ramp From hans at nyphp.org Tue Oct 14 13:32:25 2003 From: hans at nyphp.org (Hans Zaunere) Date: Tue, 14 Oct 2003 13:32:25 -0400 Subject: [nycphp-talk] Perl bumped by PHP in the Linux Journal Reader's Choice Awards In-Reply-To: <20031014172436.66704.qmail@web14310.mail.yahoo.com> References: <20031014172436.66704.qmail@web14310.mail.yahoo.com> Message-ID: <3F8C3329.2090800@nyphp.org> Chris Shiflett wrote: > --- "DeWitt, Michael" wrote: > >>I was so surprised by this year's results in the November issue of >>LJ. Here are the top three choices in the Favorite Programming >>Language category: >> >>1. C++ >>2. C >>3. PHP > > > I love PHP and all, but I find these results hard to believe. Perl still seems > quite a bit more popular to me. And Java, which I can't stand, seems more > popular than both PHP and Perl. I was surprised to not see Java, as well. My only thought was that it's "Favorite Programming Language," rather than most popular, but then again it'd be vital to see how these are ranked because I think more people "love" C than C++, although C++ or some variant of is more common these days. H From tgales at tgaconnect.com Tue Oct 14 13:50:05 2003 From: tgales at tgaconnect.com (Tim Gales) Date: Tue, 14 Oct 2003 13:50:05 -0400 Subject: [nycphp-talk] Perl bumped by PHP in the Linux Journal Reader'sChoice Awards In-Reply-To: <3F8C3329.2090800@nyphp.org> Message-ID: <003f01c3927b$9a2bf2b0$bf8d3818@oberon1> Google search: java site:www.linuxjournal.com Returns: Results 1 - 10 of about 643. Google search: java site:www.linuxjournal.com Returns: Results 1 - 10 of about 16,300. On the surface it seems that articles naming PHP are 25 time more popular than articles naming java in Linux Journal An interesting statistic from a Linux World reader at http://www.linuxjournal.com/article.php?sid=4860 Re: Compiling Java with GCJ (Score: 0) by Anonymous on Wednesday, March 12, 2003 "Although Java isn't a popular choice for free projects [...]" Yeah, sure... Number of projects registered at Sourceforge, by technology: C (10368) C++ (9957) Java (8101) Perl (4413) PHP (6103) T. Gales & Associates Helping People Connect with Technology http://www.tgaconnect.com -----Original Message----- From: talk-bounces at lists.nyphp.org [mailto:talk-bounces at lists.nyphp.org] On Behalf Of Hans Zaunere Sent: Tuesday, October 14, 2003 1:32 PM To: NYPHP Talk Subject: Re: [nycphp-talk] Perl bumped by PHP in the Linux Journal Reader'sChoice Awards Chris Shiflett wrote: > --- "DeWitt, Michael" wrote: > >>I was so surprised by this year's results in the November issue of >>LJ. Here are the top three choices in the Favorite Programming >>Language category: >> >>1. C++ >>2. C >>3. PHP > > > I love PHP and all, but I find these results hard to believe. Perl still seems > quite a bit more popular to me. And Java, which I can't stand, seems more > popular than both PHP and Perl. I was surprised to not see Java, as well. My only thought was that it's "Favorite Programming Language," rather than most popular, but then again it'd be vital to see how these are ranked because I think more people "love" C than C++, although C++ or some variant of is more common these days. H _______________________________________________ talk mailing list talk at lists.nyphp.org http://lists.nyphp.org/mailman/listinfo/talk -------------- next part -------------- An HTML attachment was scrubbed... URL: From adam at trachtenberg.com Tue Oct 14 14:43:21 2003 From: adam at trachtenberg.com (Adam Maccabee Trachtenberg) Date: Tue, 14 Oct 2003 14:43:21 -0400 (EDT) Subject: [nycphp-talk] Perl bumped by PHP in the Linux Journal Reader's Choice Awards In-Reply-To: <20031014172436.66704.qmail@web14310.mail.yahoo.com> Message-ID: On Tue, 14 Oct 2003, Chris Shiflett wrote: > I love PHP and all, but I find these results hard to believe. Perl > still seems quite a bit more popular to me. And Java, which I can't > stand, seems more popular than both PHP and Perl. I just attended a presentation by Tim O'Reilly where he broke down computer books sales data by programming language. I don't remember the exact order, but I believe it went something like this: 1) Java 2) VB 3) JavaScript 4) PHP? (Maybe C# is 4 and PHP is 5) ... X) C, C++, C# ... Y) Perl PHP books outsell Perl books considerably. The Perl market is in the toilet compared to a few years ago, while PHP has gone up, up, up. Non-programming programming langauges, like VB and JS are more popular than most programmers expect. (Just as how Photoshop is the best selling computer book subject.) -adam -- adam at trachtenberg.com author of o'reilly's php cookbook avoid the holiday rush, buy your copy today! From shiflett at php.net Tue Oct 14 14:58:18 2003 From: shiflett at php.net (Chris Shiflett) Date: Tue, 14 Oct 2003 11:58:18 -0700 (PDT) Subject: [nycphp-talk] Perl bumped by PHP in the Linux Journal Reader's Choice Awards In-Reply-To: Message-ID: <20031014185818.97752.qmail@web14308.mail.yahoo.com> --- Adam Maccabee Trachtenberg wrote: > I just attended a presentation by Tim O'Reilly where he broke down > computer books sales data by programming language. > > I don't remember the exact order, but I believe it went something > like this: > > 1) Java > 2) VB > 3) JavaScript > 4) PHP? (Maybe C# is 4 and PHP is 5) > ... > X) C, C++, C# > ... > Y) Perl > > PHP books outsell Perl books considerably. The Perl market is in the > toilet compared to a few years ago, while PHP has gone up, up, > up. Non-programming programming langauges, like VB and JS are more > popular than most programmers expect. (Just as how Photoshop is the > best selling computer book subject.) I remember Nat saying something similar recently. It still doesn't explain this: http://www.oreilly.com/catalog/top25.html I see a couple of Perl books on there, and sometimes there are as many as four. However, I have only seen a PHP book make their top 25 once, and it was Rasmus's. Of course, if buyers had any sense, it would be PHP Cookbook. :-) But, I'm happy to hear that PHP is a growing book market. That means good things to come for people like us. Chris ===== My Blog http://shiflett.org/ HTTP Developer's Handbook http://httphandbook.org/ RAMP Training Courses http://www.nyphp.org/ramp From adam at trachtenberg.com Tue Oct 14 15:13:05 2003 From: adam at trachtenberg.com (Adam Maccabee Trachtenberg) Date: Tue, 14 Oct 2003 15:13:05 -0400 (EDT) Subject: [nycphp-talk] Perl bumped by PHP in the Linux Journal Reader's Choice Awards In-Reply-To: <20031014185818.97752.qmail@web14308.mail.yahoo.com> Message-ID: On Tue, 14 Oct 2003, Chris Shiflett wrote: > It still doesn't explain > this: > > http://www.oreilly.com/catalog/top25.html > > I see a couple of Perl books on there, and sometimes there are as many as four. > However, I have only seen a PHP book make their top 25 once, and it was > Rasmus's. Of course, if buyers had any sense, it would be PHP Cookbook. :-) > > But, I'm happy to hear that PHP is a growing book market. That means good > things to come for people like us. This logic assumes computer book sales are divided equally among titles and publishing houses. That is false. In *many* topics (all but the biggies, like Java and JS) *one* book sells the lion's share of all the copies. In Perl, it's Larry's book, so Programming Perl is really high on the O'Reilly Top 25. In PHP, it's Luke and Laura's book. So, Programming PHP and PHP Cookbook are lower down on the O'Reilly book list. But, I believe Luke and Laura far outsell Larry over all and if you sum the total number of Perl and PHP books, PHP wins. -adam PS: This doesn't account for all those years when Programming Perl was selling like gang busters and there were no PHP books. This is just w/r/t recent sales, like 2001 - 2003. -- adam at trachtenberg.com author of o'reilly's php cookbook avoid the holiday rush, buy your copy today! From kenneth at ylayali.net Tue Oct 14 16:33:23 2003 From: kenneth at ylayali.net (Kenneth Dombrowski) Date: Tue, 14 Oct 2003 16:33:23 -0400 Subject: [nycphp-talk] retro php In-Reply-To: <20031014154222.GE11848@ylayali.net> References: <20031014070120.GB11848@ylayali.net> <20031014133030.GB21200@panix.com> <20031014140811.GD11848@ylayali.net> <20031014142259.GA26943@panix.com> <20031014154222.GE11848@ylayali.net> Message-ID: <20031014203323.GK11848@ylayali.net> On 03-10-14 11:42 -0400, Kenneth Dombrowski wrote: > > on page 1, index.php > > $HTTP_SESSION_VARS['S_user_id'] = $rs['user_id']; > $HTTP_SESSION_VARS['S_login_name'] = $rs['login']; > $HTTP_SESSION_VARS['S_company_id'] = $rs['company_id']; > $HTTP_SESSION_VARS['S_user_email'] = $rs['email']; > about 16 hrs. later... "oh, i get it!" it's like when I try and assign stuff in bash like this: $NEWVAR='value' aside from the above, I was trying session_register('S_user_id'); $HTTP_SESSION_VARS['S_user_id'] = $something; or even session_register($HTTP_SESSION_VARS['S_user_id']) etc.. but what finally works is just (back where I started from) session_register('S_user_id'); $S_user_id = $something and later accessing it with $HTTP_SESSION_VARS['S_user_id'] though, after session_register, I'm not sure what the point of that would be with regiater_globals on.. unless it's to be didactic about where your variables are coming from.. which I like to be anyway. all of which seems to directly contradict the session_register page Dan quoted to me earlier: If you are using $_SESSION (or $HTTP_SESSION_VARS), do not use session_register(), session_is_registered(), and session_unregister(). ... snip ... You can also create a session variable by simply setting the appropriate member of the $_SESSION or $HTTP_SESSION_VARS (PHP < 4.1.0) array. & which *still* implies to me that the above should've worked (as it did on later versions). Maybe it really is just an obscure 4.0.6 bug, at least I had a history lesson, I guess. Regarding that quote of Dan's though, what initially prompted me to take out all of the register_globals & friends was rendering/garbled header problems when I began to mix them with $_SESSION syntax, which you can see the results of (on PHP 4.2.2/Apache 2/Red Hat 9, but also seen on the 4.0.6/Apache 1.3/Some Earlier Red Hat machine) here: http://dev.ylayali.net/~kenneth/images/superglobal_and_register_session.jpg I guess it remains to be seen if that behavior will come back as a result of mixing session_register() with $HTTP_SESSION_VARS Thanks again, Kenneth From soazine at pop.erols.com Tue Oct 14 17:32:58 2003 From: soazine at pop.erols.com (soazine at pop.erols.com) Date: Tue, 14 Oct 2003 17:32:58 -0400 Subject: [nycphp-talk] How to dynamically generate class methods based on db field values Message-ID: <157240-220031021421325870@M2W043.mail2web.com> I am having to be tasked with a rather painful task of updating an existing class by adding a dynamic amount of database field values; for each database field value there has to be a generated array inside the class plus a function "get method" to return it. I do not want to have to constantly type out: function getStuff() { return $this->stuff; } for every occurrence of stuff I find that is generated by the database SELECT call on the fields of as many as 20 different tables!! This is enormous and I would love a more dynamic, functional method to generate.. methods. Can someone give me an idea of how this can be done? Thanx Phil -------------------------------------------------------------------- mail2web - Check your email from the web at http://mail2web.com/ . From sklar at sklar.com Tue Oct 14 17:40:31 2003 From: sklar at sklar.com (David Sklar) Date: Tue, 14 Oct 2003 17:40:31 -0400 Subject: [nycphp-talk] How to dynamically generate class methods based on dbfield values In-Reply-To: <157240-220031021421325870@M2W043.mail2web.com> Message-ID: How about something like class Foo { $fields = array('bar' => 1, 'baz' => 1, 'quux' => 1); function get($field) { if ($this->fields[$field]) { return $this->$field; } } } David On Tuesday, October 14, 2003 5:33 PM, wrote: > dbfield values > > > I am having to be tasked with a rather painful task of updating an > existing class by adding a dynamic amount of database field values; > for each database field value there has to be a generated array > inside the class plus a function "get method" to return it. > > I do not want to have to constantly type out: > > function getStuff() { > return $this->stuff; > } > > for every occurrence of stuff I find that is generated by the database > SELECT call on the fields of as many as 20 different tables!! This is > enormous and I would love a more dynamic, functional method to > generate.. methods. > > Can someone give me an idea of how this can be done? > > Thanx > Phil > > -------------------------------------------------------------------- > mail2web - Check your email from the web at > http://mail2web.com/ . > > > _______________________________________________ > talk mailing list > talk at lists.nyphp.org > http://lists.nyphp.org/mailman/listinfo/talk From soazine at pop.erols.com Wed Oct 15 10:27:00 2003 From: soazine at pop.erols.com (soazine at pop.erols.com) Date: Wed, 15 Oct 2003 10:27:00 -0400 Subject: [nycphp-talk] Nonexistent class error called by included script that has the class - WTF? Message-ID: <281450-220031031514270367@M2W077.mail2web.com> Fatal error: Cannot instantiate non-existent class: dropdowngenerator in ../view_internship_applicant.html on line 123 viewinterns.php => requires html.inc which has DropdownGenerator class viewinterns.php => will instantiate a new showApplicant class viewinterns.php => will call upon the constructor to include the HTML file below viewinterns.php => then will include view_internship_applicant.html (which is not really HTML but PHP - long story) view_internship_applicant.html => will instantiate a new DropdownGenerator class with dynamic parameters depending on where you are in the "HTML" file Line 123: $htmlDropdown = new DropdownGenerator('birth_month', 'birth_day', 'birth_year', 2); Everything I research and understand tells me this should work, but I keep getting the nonexistent class error, and I should not get it, it's totally right there in the parent script thus included within the scope of the child script as well and thus should exist. Where did I go wrong now? Phil -------------------------------------------------------------------- mail2web - Check your email from the web at http://mail2web.com/ . From soazine at pop.erols.com Wed Oct 15 10:40:42 2003 From: soazine at pop.erols.com (soazine at pop.erols.com) Date: Wed, 15 Oct 2003 10:40:42 -0400 Subject: [nycphp-talk] How would I call a non-class outer function from within a class method? Message-ID: <191690-2200310315144042990@M2W082.mail2web.com> I'm sorry guys but this is a bad day for me. I tried researching this one and was totally stonewalled (see http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=calling+functions+ins ide+class+functions+php&btnG=Google+Search) I have a function "preSelect" inside a PHP script macros.inc. I have also got a DropdownGenerator class with methods inside a script html.inc. The methods in the DropdownGeneator class have to call the preSelect function from macros.inc for a proper return of values. How in the planet do I do that? Phil -------------------------------------------------------------------- mail2web - Check your email from the web at http://mail2web.com/ . From enunez at tiaa-cref.org Wed Oct 15 10:50:54 2003 From: enunez at tiaa-cref.org (Nunez, Eddy) Date: Wed, 15 Oct 2003 10:50:54 -0400 Subject: [nycphp-talk] How would I call a non-class outer function from within a class method? Message-ID: <7CE0EC1FC2D0D411910700508BE38D0F0A6D9D7E@msxnyusr01.msx.ops.tiaa-cref.org> Ever thought of simply including macros.inc inside html.inc? There's nothing in the php manual that says you can't do that. Or, if you don't feel that's very koser, on every page that the class DropdownGenerator class needs function(s) from macros.inc just do: include('macros.inc'); include('html.inc'); Regards, -Eddy -----Original Message----- From: soazine at pop.erols.com [mailto:soazine at pop.erols.com] Sent: Wednesday, October 15, 2003 10:41 AM To: talk at lists.nyphp.org Subject: [nycphp-talk] How would I call a non-class outer function from within a class method? I'm sorry guys but this is a bad day for me. I tried researching this one and was totally stonewalled (see http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=calling+functions+ins ide+class+functions+php&btnG=Google+Search) I have a function "preSelect" inside a PHP script macros.inc. I have also got a DropdownGenerator class with methods inside a script html.inc. The methods in the DropdownGeneator class have to call the preSelect function from macros.inc for a proper return of values. How in the planet do I do that? Phil -------------------------------------------------------------------- mail2web - Check your email from the web at http://mail2web.com/ . _______________________________________________ talk mailing list talk at lists.nyphp.org http://lists.nyphp.org/mailman/listinfo/talk ************************************************************** This message, including any attachments, contains confidential information intended for a specific individual and purpose, and is protected by law. If you are not the intended recipient, please contact sender immediately by reply e-mail and destroy all copies. You are hereby notified that any disclosure, copying, or distribution of this message, or the taking of any action based on it, is strictly prohibited. TIAA-CREF ************************************************************** From bill at ilovett.com Wed Oct 15 10:59:02 2003 From: bill at ilovett.com (Bill Lovett) Date: Wed, 15 Oct 2003 10:59:02 -0400 Subject: [nycphp-talk] PHP and Instant Messenger -- was: time tracking apps ... In-Reply-To: <3F86EFB6.8090508@chxo.com> References: <007201c38f4f$31bc53c0$afab54a2@thinkpad> <3F86EFB6.8090508@chxo.com> Message-ID: <20031015145902.GA20843@unicron.ilovett.com> On Fri, Oct 10, 2003 at 01:43:18PM -0400, Chris Snyder wrote: > I read this and imagined a chat bot that listens for InstantMessages > from you, so you can tell it when you start and stop working on various > projects. It would generate an invoice with a PayPal link on request. I'm in the early stages of a project just like that. It's going to be a Jabber bot written in Python that will collect timesheet information from you and store it in a database. Then there will be a companion php application to let you run reports and such from a web browser. If anyone has ideas for features (like this Paypal invoice thing, for instance), feel free to send them my way. This is a side project of mine, so it's flexible. -Bill Lovett From soazine at pop.erols.com Wed Oct 15 11:06:26 2003 From: soazine at pop.erols.com (soazine at pop.erols.com) Date: Wed, 15 Oct 2003 11:06:26 -0400 Subject: [nycphp-talk] How would I call a non-class outer function fromwithin a class method? Message-ID: <191690-220031031515626262@M2W038.mail2web.com> I did just that. On top of viewinterns.php I have include("../macros.inc") and include("../html.inc"); Phil Original Message: ----------------- From: Nunez, Eddy enunez at tiaa-cref.org Date: Wed, 15 Oct 2003 10:50:54 -0400 To: talk at lists.nyphp.org Subject: RE: [nycphp-talk] How would I call a non-class outer function fromwithin a class method? Ever thought of simply including macros.inc inside html.inc? There's nothing in the php manual that says you can't do that. Or, if you don't feel that's very koser, on every page that the class DropdownGenerator class needs function(s) from macros.inc just do: include('macros.inc'); include('html.inc'); Regards, -Eddy -----Original Message----- From: soazine at pop.erols.com [mailto:soazine at pop.erols.com] Sent: Wednesday, October 15, 2003 10:41 AM To: talk at lists.nyphp.org Subject: [nycphp-talk] How would I call a non-class outer function from within a class method? I'm sorry guys but this is a bad day for me. I tried researching this one and was totally stonewalled (see http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=calling+functions+ins ide+class+functions+php&btnG=Google+Search) I have a function "preSelect" inside a PHP script macros.inc. I have also got a DropdownGenerator class with methods inside a script html.inc. The methods in the DropdownGeneator class have to call the preSelect function from macros.inc for a proper return of values. How in the planet do I do that? Phil -------------------------------------------------------------------- mail2web - Check your email from the web at http://mail2web.com/ . _______________________________________________ talk mailing list talk at lists.nyphp.org http://lists.nyphp.org/mailman/listinfo/talk ************************************************************** This message, including any attachments, contains confidential information intended for a specific individual and purpose, and is protected by law. If you are not the intended recipient, please contact sender immediately by reply e-mail and destroy all copies. You are hereby notified that any disclosure, copying, or distribution of this message, or the taking of any action based on it, is strictly prohibited. TIAA-CREF ************************************************************** _______________________________________________ talk mailing list talk at lists.nyphp.org http://lists.nyphp.org/mailman/listinfo/talk -------------------------------------------------------------------- mail2web - Check your email from the web at http://mail2web.com/ . From jonbaer at jonbaer.net Wed Oct 15 11:31:43 2003 From: jonbaer at jonbaer.net (jon baer) Date: Wed, 15 Oct 2003 11:31:43 -0400 Subject: [nycphp-talk] PHP and Instant Messenger -- was: time tracking apps... References: <007201c38f4f$31bc53c0$afab54a2@thinkpad><3F86EFB6.8090508@chxo.com> <20031015145902.GA20843@unicron.ilovett.com> Message-ID: <011601c39331$703778b0$8119fea9@thinkpad> > I'm in the early stages of a project just like that. It's going to be a > Jabber bot written in Python that will collect timesheet information Im just wondering (I don't know Python that well) but is there a reason on why the bot itself could not be done in PHP as well? I noticed a few people do write tools which require both Python + PHP but could never figure out why ... is it just what u are comfortable with or is there another reason? - jon From bill at ilovett.com Wed Oct 15 12:38:11 2003 From: bill at ilovett.com (Bill Lovett) Date: Wed, 15 Oct 2003 12:38:11 -0400 Subject: [nycphp-talk] PHP and Instant Messenger -- was: time tracking apps... In-Reply-To: <011601c39331$703778b0$8119fea9@thinkpad> References: <20031015145902.GA20843@unicron.ilovett.com> <011601c39331$703778b0$8119fea9@thinkpad> Message-ID: <20031015163811.GA21042@unicron.ilovett.com> On Wed, Oct 15, 2003 at 11:31:43AM -0400, jon baer wrote: > > I'm in the early stages of a project just like that. It's going to be a > > Jabber bot written in Python that will collect timesheet information > > Im just wondering (I don't know Python that well) but is there a reason on > why the bot itself could not be done in PHP as well? I noticed a few people > do write tools which require both Python + PHP but could never figure out > why ... is it just what u are comfortable with or is there another reason? I'm more comfortable with PHP, but Python seemed a better option in this case because I had already done some Jabber-related experimentation with it. Now that I think about it, there's really no reason why CLI wouldn't be an option. It's mostly laziness on my part-- I never got rolling completely with CLI. From soazine at pop.erols.com Wed Oct 15 14:06:20 2003 From: soazine at pop.erols.com (soazine at pop.erols.com) Date: Wed, 15 Oct 2003 14:06:20 -0400 Subject: [nycphp-talk] Pt III: Variables, functions, classes, methods, confused! Message-ID: <265000-220031031518620258@M2W041.mail2web.com> class MyClass { var $monthVar; function MyClass($monthVar = '') { $this->monthVar = $monthVar; ... } ... function myFunction() { global ${$this->monthVar}; ... } } I have a variable called $graduation_month that I am putting into the class as $myClass = new MyClass('graduation_month'); and then I would have the variable name's value in myFunction, right? Basically, I don't.. I don't know what I did wrong. Phil -------------------------------------------------------------------- mail2web - Check your email from the web at http://mail2web.com/ . From henry at beewh.com Wed Oct 15 13:14:17 2003 From: henry at beewh.com (Henry Ponce) Date: Wed, 15 Oct 2003 14:14:17 -0300 Subject: [nycphp-talk] Pt III: Variables, functions, classes, methods, confused! In-Reply-To: <265000-220031031518620258@M2W041.mail2web.com> References: <265000-220031031518620258@M2W041.mail2web.com> Message-ID: <200310151414.17404.henry@beewh.com> class MyClass { var $monthVar; function MyClass($monthVar){ $this->monthVar = $monthVar; } function myFunction() { echo $this->monthVar; } } Then you can do this: > I have a variable called $graduation_month that I am putting into the class > as $myClass = new MyClass('graduation_month'); and then I would have the > variable name's value in myFunction, right? -- An. Henry Ponce Linux Registered User # 303567 NY From drydell at worldnet.att.net Wed Oct 15 14:19:23 2003 From: drydell at worldnet.att.net (David Rydell) Date: Wed, 15 Oct 2003 14:19:23 -0400 Subject: [nycphp-talk] Pt III: Variables, functions, classes, methods, confused! In-Reply-To: <265000-220031031518620258@M2W041.mail2web.com> Message-ID: if $myClass = new MyClass('graduation_month'), then you'd end up with: function myFunction() { global $graduation_month ... } what you want is: function myFunction() { ... use $this->monthVar ... } } --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.525 / Virus Database: 322 - Release Date: 10/9/2003 From hans at nyphp.org Wed Oct 15 14:25:06 2003 From: hans at nyphp.org (Hans Zaunere) Date: Wed, 15 Oct 2003 14:25:06 -0400 Subject: [nycphp-talk] PHP and Instant Messenger -- was: time tracking apps... In-Reply-To: <20031015163811.GA21042@unicron.ilovett.com> References: <20031015145902.GA20843@unicron.ilovett.com> <011601c39331$703778b0$8119fea9@thinkpad> <20031015163811.GA21042@unicron.ilovett.com> Message-ID: <3F8D9102.4090202@nyphp.org> Bill Lovett wrote: > On Wed, Oct 15, 2003 at 11:31:43AM -0400, jon baer wrote: > >>>I'm in the early stages of a project just like that. It's going to be a >>>Jabber bot written in Python that will collect timesheet information >> >>Im just wondering (I don't know Python that well) but is there a reason on >>why the bot itself could not be done in PHP as well? I noticed a few people >>do write tools which require both Python + PHP but could never figure out >>why ... is it just what u are comfortable with or is there another reason? > > I'm more comfortable with PHP, but Python seemed a better option in this > case because I had already done some Jabber-related experimentation > with it. Now that I think about it, there's really no reason why CLI > wouldn't be an option. It's mostly laziness on my part-- I never got > rolling completely with CLI. I'm not sure how closely Python supports Jabber, but PHP seems to have a nice run as well: http://www.google.com/search?q=php+jabber And using PHP CLI is a snap; heck, it might even overtake Perl/Bash (it did for me :) H From thegeek at thecolorgeek.com Wed Oct 15 15:00:38 2003 From: thegeek at thecolorgeek.com (The Geek) Date: Wed, 15 Oct 2003 15:00:38 -0400 Subject: [nycphp-talk] Freelance PHP Development needed In-Reply-To: <3F8D9102.4090202@nyphp.org> Message-ID: Looking for a freelance PHP developer to execute LAMP project specifications. Will be working in concert with graphic designer. Goal to redesign site and move toward E-commerce site. A couple of meetings may be required in New Jersey, but otherwise you'd be working from your home/office. Site will have at least 200 products and desriptions. Initial goal is redesign with long term goal toward E-commerce. Required Skills: : PHP : MySQL SQL programming :E-commerce webapplication development send resume, current project links, references and rates. Please do not respond to this list contact me directly at address below. Paul G colorsync at comcast.net From hans at nyphp.org Wed Oct 15 15:13:27 2003 From: hans at nyphp.org (Hans Zaunere) Date: Wed, 15 Oct 2003 15:13:27 -0400 Subject: [nycphp-talk] Freelance PHP Development needed In-Reply-To: References: Message-ID: <3F8D9C57.7040005@nyphp.org> Paul, > Please do not respond to this list contact me directly at address below. > > Paul G > colorsync at comcast.net Please also post job opportunities to NYPHP-Jobs, http://nyphp.org/lists There are many on that list who are not on this list. Thanks and best of luck on the project. Hans From jonbaer at jonbaer.net Wed Oct 15 21:12:41 2003 From: jonbaer at jonbaer.net (jon baer) Date: Wed, 15 Oct 2003 21:12:41 -0400 Subject: [nycphp-talk] Best host for oscommerce package? Message-ID: <004601c39382$99beb670$8119fea9@thinkpad> greetings ... i have prepared a website for my wife using oscommerce package (w/ just paypal @ the moment) + looking for a good host for it, something that would allow for open tunneling of mysql for the admin tool (anyone know why hosts *dont* allow ssh tunnelling? makes no sense), anyone make a recommendation? thanks. - jon pgp key: http://www.jonbaer.net/jonbaer.asc fingerprint: F438 A47E C45E 8B27 F68C 1F9B 41DB DB8B 9A0C AF47 From dmintz at panix.com Wed Oct 15 23:30:32 2003 From: dmintz at panix.com (David Mintz) Date: Wed, 15 Oct 2003 23:30:32 -0400 (EDT) Subject: [nycphp-talk] Best host for oscommerce package? In-Reply-To: <004601c39382$99beb670$8119fea9@thinkpad> References: <004601c39382$99beb670$8119fea9@thinkpad> Message-ID: pair Networks might provide what you're looking for: http://pair.com/ HTH On Wed, 15 Oct 2003, jon baer wrote: > i have prepared a website for my wife using oscommerce package (w/ just > paypal @ the moment) + looking for a good host for it, something that would > allow for open tunneling of mysql for the admin tool (anyone know why hosts > *dont* allow ssh tunnelling? makes no sense), anyone make a recommendation? --- David Mintz http://davidmintz.org/ Email: See http://dmintzweb.com/whitelist.php first! "Y d?le p'abajo" Tito Rojas From jayeshsh at ceruleansky.com Thu Oct 16 16:09:27 2003 From: jayeshsh at ceruleansky.com (Jayesh Sheth) Date: Thu, 16 Oct 2003 16:09:27 -0400 Subject: [nycphp-talk] Re: Best host for oscommerce package? Message-ID: <3F8EFAF7.7020105@ceruleansky.com> Hello Jon, You might consider Dreamhost - http://www.dreamhost.com . They are a good LAMP host, and I use them. Best Regards, - Jay From dan at mx2pro.com Thu Oct 16 18:19:54 2003 From: dan at mx2pro.com (Dan Horning) Date: Thu, 16 Oct 2003 18:19:54 -0400 Subject: [nycphp-talk] Re: Best host for oscommerce package? In-Reply-To: <3F8EFAF7.7020105@ceruleansky.com> Message-ID: <20031016222000.0008BA85EE@virtu.nyphp.org> Ok time to have a shameless self plug http://www.mx2pro.com/ We do corporate hosting for all levels of service. Rates for ecommerce range from $25.00 a month and up Send me specs and I'll detail out the price spec Dan Horning - President - MX2 Productions Technical Systems Administration Media from concept to execution. 1-866-284-3150 (Toll-Free) http://www.mx2pro.com/ > -----Original Message----- > From: talk-bounces at lists.nyphp.org > [mailto:talk-bounces at lists.nyphp.org] On Behalf Of Jayesh Sheth > Sent: Thursday, October 16, 2003 4:09 PM > To: talk at lists.nyphp.org > Subject: [nycphp-talk] Re: Best host for oscommerce package? > > Hello Jon, > > You might consider Dreamhost - http://www.dreamhost.com . They are a > good LAMP host, and I use them. > > Best Regards, > > - Jay > > > _______________________________________________ > talk mailing list > talk at lists.nyphp.org > http://lists.nyphp.org/mailman/listinfo/talk > From jonbaer at jonbaer.net Thu Oct 16 02:16:45 2003 From: jonbaer at jonbaer.net (jon baer) Date: Thu, 16 Oct 2003 02:16:45 -0400 Subject: [nycphp-talk] Best host for oscommerce package? References: <004601c39382$99beb670$8119fea9@thinkpad> Message-ID: <002d01c393ad$13ac9a90$8119fea9@thinkpad> do you have an oscommerce package setup w/ them? - jon ----- Original Message ----- From: "David Mintz" To: "NYPHP Talk" Sent: Wednesday, October 15, 2003 11:30 PM Subject: Re: [nycphp-talk] Best host for oscommerce package? pair Networks might provide what you're looking for: http://pair.com/ From dan at mx2pro.com Fri Oct 17 10:41:51 2003 From: dan at mx2pro.com (Dan Horning) Date: Fri, 17 Oct 2003 10:41:51 -0400 Subject: [nycphp-talk] Best host for oscommerce package? In-Reply-To: <002d01c393ad$13ac9a90$8119fea9@thinkpad> Message-ID: <20031017144157.E5FC9A85EF@virtu.nyphp.org> > -----Original Message----- > On Behalf Of jon baer > do you have an oscommerce package setup w/ them? > - jon > > ----- Original Message ----- > From: "David Mintz" > pair Networks might provide what you're looking for: http://pair.com/ Oscommerce is pretty simple plain and easy... It's really only the bandwidth side of things you'll want to prepare for But for most sites... It won't ever matter. So what's the plan .. Big site .. Little site, Onsite CC processing .. Offsite?? (this might be a deciding factors for ya as the package you get will have to allow you to add secure certs. Otherwise .. It's just, will they give you the space you need, we already know pair Is very very very reliable. Dan Horning - President - MX2 Productions Technical Systems Administration Media from concept to execution. 1-866-284-3150 (Toll-Free) http://www.mx2pro.com/ From jeffknight at mac.com Fri Oct 17 10:52:24 2003 From: jeffknight at mac.com (PUTAMARE) Date: Fri, 17 Oct 2003 10:52:24 -0400 Subject: [nycphp-talk] Best host for oscommerce package? In-Reply-To: <20031017144157.E5FC9A85EF@virtu.nyphp.org> Message-ID: <84DFABD3-00B1-11D8-80DA-000393B9FB36@mac.com> This is the kind of conversation you two might want to have with everyone that cares, i.e. off list. On Friday, October 17, 2003, at 10:41 AM, Dan Horning wrote: >> -----Original Message----- >> On Behalf Of jon baer >> do you have an oscommerce package setup w/ them? >> - jon >> >> ----- Original Message ----- >> From: "David Mintz" >> pair Networks might provide what you're looking for: http://pair.com/ > > Oscommerce is pretty simple plain and easy... > It's really only the bandwidth side of things you'll want to prepare > for > But for most sites... It won't ever matter. > > So what's the plan .. Big site .. Little site, > Onsite CC processing .. Offsite?? (this might > be a deciding factors for ya as the package > you get will have to allow you to add secure > certs. Otherwise .. It's just, will they give > you the space you need, we already know pair > Is very very very reliable. > > > Dan Horning - President - MX2 Productions > Technical Systems Administration > Media from concept to execution. > 1-866-284-3150 (Toll-Free) > http://www.mx2pro.com/ > > _______________________________________________ > talk mailing list > talk at lists.nyphp.org > http://lists.nyphp.org/mailman/listinfo/talk > > Jeff Knight jeff at lushmedia.com 212/213-6558 x 203 LUSH media 110 W 40th St #1502 New York, NY 10018 From brian at preston-campbell.com Fri Oct 17 10:54:11 2003 From: brian at preston-campbell.com (Preston-Campbell) Date: Fri, 17 Oct 2003 10:54:11 -0400 Subject: [nycphp-talk] Best host for oscommerce package? In-Reply-To: <84DFABD3-00B1-11D8-80DA-000393B9FB36@mac.com> References: <84DFABD3-00B1-11D8-80DA-000393B9FB36@mac.com> Message-ID: <200310171054.11709.brian@preston-campbell.com> You're the list monitor? I for one, although have not participated in this thread, but am also interested since I am working on an OSCommerce site as I write this. Try delete for those items that do not interest you. On Friday 17 October 2003 10:52 am, PUTAMARE wrote: > This is the kind of conversation you two might want to have with > everyone that cares, i.e. off list. > > On Friday, October 17, 2003, at 10:41 AM, Dan Horning wrote: > >> -----Original Message----- > >> On Behalf Of jon baer > >> do you have an oscommerce package setup w/ them? > >> - jon > >> > >> ----- Original Message ----- > >> From: "David Mintz" > >> pair Networks might provide what you're looking for: http://pair.com/ > > > > Oscommerce is pretty simple plain and easy... > > It's really only the bandwidth side of things you'll want to prepare > > for > > But for most sites... It won't ever matter. > > > > So what's the plan .. Big site .. Little site, > > Onsite CC processing .. Offsite?? (this might > > be a deciding factors for ya as the package > > you get will have to allow you to add secure > > certs. Otherwise .. It's just, will they give > > you the space you need, we already know pair > > Is very very very reliable. > > > > > > Dan Horning - President - MX2 Productions > > Technical Systems Administration > > Media from concept to execution. > > 1-866-284-3150 (Toll-Free) > > http://www.mx2pro.com/ > > > > _______________________________________________ > > talk mailing list > > talk at lists.nyphp.org > > http://lists.nyphp.org/mailman/listinfo/talk > > Jeff Knight > jeff at lushmedia.com > 212/213-6558 x 203 > LUSH media > 110 W 40th St #1502 > New York, NY 10018 > > _______________________________________________ > talk mailing list > talk at lists.nyphp.org > http://lists.nyphp.org/mailman/listinfo/talk From crisscott at netzero.com Fri Oct 17 11:06:44 2003 From: crisscott at netzero.com (Scott Mattocks) Date: Fri, 17 Oct 2003 11:06:44 -0400 Subject: [nycphp-talk] Best host for oscommerce package? In-Reply-To: <84DFABD3-00B1-11D8-80DA-000393B9FB36@mac.com> References: <84DFABD3-00B1-11D8-80DA-000393B9FB36@mac.com> Message-ID: <3F900584.8080504@netzero.com> It is replies like this that make people hesitant to post questions on this list. I don't think that this qualifies as a "gentle nudge." PUTAMARE wrote: > This is the kind of conversation you two might want to have with > everyone that cares, i.e. off list. > > On Friday, October 17, 2003, at 10:41 AM, Dan Horning wrote: > >>> -----Original Message----- >>> On Behalf Of jon baer >>> do you have an oscommerce package setup w/ them? >>> - jon >>> >>> ----- Original Message ----- >>> From: "David Mintz" >>> pair Networks might provide what you're looking for: http://pair.com/ >> >> >> Oscommerce is pretty simple plain and easy... >> It's really only the bandwidth side of things you'll want to prepare for >> But for most sites... It won't ever matter. >> >> So what's the plan .. Big site .. Little site, >> Onsite CC processing .. Offsite?? (this might >> be a deciding factors for ya as the package >> you get will have to allow you to add secure >> certs. Otherwise .. It's just, will they give >> you the space you need, we already know pair >> Is very very very reliable. >> >> >> Dan Horning - President - MX2 Productions >> Technical Systems Administration >> Media from concept to execution. >> 1-866-284-3150 (Toll-Free) >> http://www.mx2pro.com/ >> >> _______________________________________________ >> talk mailing list >> talk at lists.nyphp.org >> http://lists.nyphp.org/mailman/listinfo/talk >> >> > Jeff Knight > jeff at lushmedia.com > 212/213-6558 x 203 > LUSH media > 110 W 40th St #1502 > New York, NY 10018 > > _______________________________________________ > talk mailing list > talk at lists.nyphp.org > http://lists.nyphp.org/mailman/listinfo/talk > > From csnyder at chxo.com Fri Oct 17 11:06:07 2003 From: csnyder at chxo.com (Chris Snyder) Date: Fri, 17 Oct 2003 11:06:07 -0400 Subject: [nycphp-talk] Best host for oscommerce package? In-Reply-To: <200310171054.11709.brian@preston-campbell.com> References: <84DFABD3-00B1-11D8-80DA-000393B9FB36@mac.com> <200310171054.11709.brian@preston-campbell.com> Message-ID: <20031017150607.GA76004@berylium.psydeshow.org> Happy Friday everyone! Pining for command, aka unsub-from-thread... csnyder Preston-Campbell wrote: >Try delete for those items that do not interest you. > >On Friday 17 October 2003 10:52 am, PUTAMARE wrote: > >>This is the kind of conversation you two might want to have off list. >> >>On Friday, October 17, 2003, at 10:41 AM, Dan Horning wrote: >> >>>>-----Original Message----- >>>>On Behalf Of jon baer >>>>do you have an oscommerce package setup w/ them? >>>>- jon > From brian at preston-campbell.com Fri Oct 17 11:10:23 2003 From: brian at preston-campbell.com (Preston-Campbell) Date: Fri, 17 Oct 2003 11:10:23 -0400 Subject: [nycphp-talk] Best host for oscommerce package? In-Reply-To: <20031017150607.GA76004@berylium.psydeshow.org> References: <84DFABD3-00B1-11D8-80DA-000393B9FB36@mac.com> <200310171054.11709.brian@preston-campbell.com> <20031017150607.GA76004@berylium.psydeshow.org> Message-ID: <200310171110.23044.brian@preston-campbell.com> This is my new sig Try delete for those items that do not interest you.(tm) If only it applied to more things in life... On Friday 17 October 2003 11:06 am, Chris Snyder wrote: > Happy Friday everyone! > Pining for command, aka unsub-from-thread... > > csnyder > > Preston-Campbell wrote: > >Try delete for those items that do not interest you. > > > >On Friday 17 October 2003 10:52 am, PUTAMARE wrote: > >>This is the kind of conversation you two might want to have off list. > >> > >>On Friday, October 17, 2003, at 10:41 AM, Dan Horning wrote: > >>>>-----Original Message----- > >>>>On Behalf Of jon baer > >>>>do you have an oscommerce package setup w/ them? > >>>>- jon > > _______________________________________________ > talk mailing list > talk at lists.nyphp.org > http://lists.nyphp.org/mailman/listinfo/talk From nestorflorez at earthlink.net Fri Oct 17 12:11:21 2003 From: nestorflorez at earthlink.net (Nestor Florez) Date: Fri, 17 Oct 2003 09:11:21 -0700 (GMT-07:00) Subject: [nycphp-talk] accessing phpmyadmin as different users Message-ID: <31602098.1066407081853.JavaMail.root@grover.psp.pas.earthlink.net> I am trying to access phpmyadmin as diferent users by having a login webpage that ask for the userid and password and then passing it to index.php. In the config.inc.php I change the code to look like this: $cfg['Servers'][$i]['user'] = $_GET['userid']; $cfg['Servers'][$i]['password'] = $_GET['pwd']; But when I try this I get an error: ======================================================== Error MySQL said: Access denied for user: 'ODBC at localhost' (Using password: NO) ======================================================== If I change the code to : ========================================= $cfg['Servers'][$i]['user'] = 'view'; $cfg['Servers'][$i]['password'] = 'view'; ========================================= It works. This is the same userid and pwd I am passing from my login page Any ideas? This tool is great but it would much easier if we could set it up to allow for users to login and according to their user and pwd they would have access to different DB's and tables according to the permissions that were granted to them.. Thanks, Nestor :-) From danielc at analysisandsolutions.com Fri Oct 17 12:38:09 2003 From: danielc at analysisandsolutions.com (Analysis & Solutions) Date: Fri, 17 Oct 2003 12:38:09 -0400 Subject: [nycphp-talk] accessing phpmyadmin as different users In-Reply-To: <31602098.1066407081853.JavaMail.root@grover.psp.pas.earthlink.net> References: <31602098.1066407081853.JavaMail.root@grover.psp.pas.earthlink.net> Message-ID: <20031017163808.GA6382@panix.com> Hi Nestor: On Fri, Oct 17, 2003 at 09:11:21AM -0700, Nestor Florez wrote: > > $cfg['Servers'][$i]['user'] = $_GET['userid']; > $cfg['Servers'][$i]['password'] = $_GET['pwd']; > > But when I try this I get an error: > Access denied for user: 'ODBC at localhost' (Using password: NO) So, it sounds like the information you suppliied in $_GET isn't getting there. > If I change the code to : > $cfg['Servers'][$i]['user'] = 'view'; > $cfg['Servers'][$i]['password'] = 'view'; So, to confirm my theory you can put "view" and "view" into the form you created. Bet you'll get the same error message. Do you really mean $_POST? Regardless, you need to alter your code to obtain the user input from the right place and naturally. Enjoy, --Dan -- FREE scripts that make web and database programming easier http://www.analysisandsolutions.com/software/ T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y 4015 7th Ave #4AJ, Brooklyn NY v: 718-854-0335 f: 718-854-0409 From stephen at musgrave.org Fri Oct 17 12:38:44 2003 From: stephen at musgrave.org (Stephen Musgrave) Date: Fri, 17 Oct 2003 12:38:44 -0400 Subject: [nycphp-talk] simple shopping cart Message-ID: I need a simple shopping cart solution for a client. The user will be able to browse a catalog, add to cart (with quantity) view the cart and then "submit" the cart. On submit, an email will be sent the client and they will fulfill the order and process the payment manually. This is really just a glorified cookie tracker.. anybody have a recommendation. Thanks in advance. Stephen Musgrave // stephen at musgrave.org // http://musgrave.org // 718-486-6514 From nestorflorez at earthlink.net Fri Oct 17 13:13:45 2003 From: nestorflorez at earthlink.net (Nestor Florez) Date: Fri, 17 Oct 2003 10:13:45 -0700 (PDT) Subject: [nycphp-talk] accessing phpmyadmin as different users Message-ID: <4080131.1066410825314.JavaMail.root@grover.psp.pas.earthlink.net> I tried it with $_GET and $_POST and with either of them I am able to print the information in the variables. But it fails Nestor :-) -----Original Message----- From: Analysis & Solutions Sent: Oct 17, 2003 9:38 AM To: NYPHP Talk Subject: Re: [nycphp-talk] accessing phpmyadmin as different users Hi Nestor: On Fri, Oct 17, 2003 at 09:11:21AM -0700, Nestor Florez wrote: > > $cfg['Servers'][$i]['user'] = $_GET['userid']; > $cfg['Servers'][$i]['password'] = $_GET['pwd']; > > But when I try this I get an error: > Access denied for user: 'ODBC at localhost' (Using password: NO) So, it sounds like the information you suppliied in $_GET isn't getting there. > If I change the code to : > $cfg['Servers'][$i]['user'] = 'view'; > $cfg['Servers'][$i]['password'] = 'view'; So, to confirm my theory you can put "view" and "view" into the form you created. Bet you'll get the same error message. Do you really mean $_POST? Regardless, you need to alter your code to obtain the user input from the right place and naturally. Enjoy, --Dan -- FREE scripts that make web and database programming easier http://www.analysisandsolutions.com/software/ T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y 4015 7th Ave #4AJ, Brooklyn NY v: 718-854-0335 f: 718-854-0409 _______________________________________________ talk mailing list talk at lists.nyphp.org http://lists.nyphp.org/mailman/listinfo/talk From joshmccormack at travelersdiary.com Fri Oct 17 17:24:59 2003 From: joshmccormack at travelersdiary.com (Josh McCormack) Date: Fri, 17 Oct 2003 17:24:59 -0400 Subject: [nycphp-talk] accessing phpmyadmin as different users In-Reply-To: <4080131.1066410825314.JavaMail.root@grover.psp.pas.earthlink.net> References: <4080131.1066410825314.JavaMail.root@grover.psp.pas.earthlink.net> Message-ID: <3F905E2B.9070101@travelersdiary.com> I'd continue with your thought of hardcoding the username and password. Hard code everything to verify that you're putting in the right variables, etc. Use print statements and error logs to see exactly what you're passing. Josh Nestor Florez wrote: > I tried it with $_GET and $_POST and with either of them I am able to print the information in the > variables. > > But it fails > > Nestor :-) > > -----Original Message----- > From: Analysis & Solutions > Sent: Oct 17, 2003 9:38 AM > To: NYPHP Talk > Subject: Re: [nycphp-talk] accessing phpmyadmin as different users > > Hi Nestor: > > On Fri, Oct 17, 2003 at 09:11:21AM -0700, Nestor Florez wrote: > >>$cfg['Servers'][$i]['user'] = $_GET['userid']; >>$cfg['Servers'][$i]['password'] = $_GET['pwd']; >> >>But when I try this I get an error: >>Access denied for user: 'ODBC at localhost' (Using password: NO) > > > So, it sounds like the information you suppliied in $_GET isn't getting > there. > > > >>If I change the code to : >>$cfg['Servers'][$i]['user'] = 'view'; >>$cfg['Servers'][$i]['password'] = 'view'; > > > So, to confirm my theory you can put "view" and "view" into the form you > created. Bet you'll get the same error message. > > Do you really mean $_POST? > > Regardless, you need to alter your code to obtain the user input from the > right place and naturally. > > Enjoy, > > --Dan > From dan at mx2pro.com Fri Oct 17 13:40:08 2003 From: dan at mx2pro.com (Dan Horning) Date: Fri, 17 Oct 2003 13:40:08 -0400 Subject: [nycphp-talk] simple shopping cart In-Reply-To: Message-ID: <20031017174012.016BEA85EE@virtu.nyphp.org> I'm always stuck on the osCommerce end .. But not applicable here I'd suggest looking up http://php.resourceindex.com/ for the latest versions of standalone software And then if all else fails .. OSC :-) Dan Horning - President - MX2 Productions Technical Systems Administration Media from concept to execution. 1-866-284-3150 (Toll-Free) http://www.mx2pro.com/ > -----Original Message----- > From: talk-bounces at lists.nyphp.org > [mailto:talk-bounces at lists.nyphp.org] On Behalf Of Stephen Musgrave > Sent: Friday, October 17, 2003 12:39 PM > To: nyPHP - Talk Talk > Subject: [nycphp-talk] simple shopping cart > > > I need a simple shopping cart solution for a client. The > user will be able > to browse a catalog, add to cart (with quantity) view the > cart and then > "submit" the cart. On submit, an email will be sent the > client and they > will fulfill the order and process the payment manually. > This is really > just a glorified cookie tracker.. anybody have a recommendation. > > Thanks in advance. > > > Stephen Musgrave > > // stephen at musgrave.org > // http://musgrave.org > // 718-486-6514 > > _______________________________________________ > talk mailing list > talk at lists.nyphp.org > http://lists.nyphp.org/mailman/listinfo/talk > From danielc at analysisandsolutions.com Fri Oct 17 13:44:41 2003 From: danielc at analysisandsolutions.com (Analysis & Solutions) Date: Fri, 17 Oct 2003 13:44:41 -0400 Subject: [nycphp-talk] accessing phpmyadmin as different users In-Reply-To: <4080131.1066410825314.JavaMail.root@grover.psp.pas.earthlink.net> References: <4080131.1066410825314.JavaMail.root@grover.psp.pas.earthlink.net> Message-ID: <20031017174441.GA12903@panix.com> Hi Nestor: > I tried it with $_GET and $_POST and with either of them I am able to > print the information in the > variables. > > But it fails Before I get too far, I thought phpMyAdmin has it's own login page. Why are you making another? Anyway, you need to learn how to do some debugging, step by step. You said you made a login page. Go to the script that login form gets submitted to. Put in echos for the variables you're submitting. Did your input get through? If not, there's your problem. But, if so, go to the next step. Now, you need to pass that information from there to the index.php, right? How are you passing it between the pages? Check in index.php that the information you supplied is getting there. If it's not, why not? If it is, then are you putting it in the right place to be accepted by the system? I hope you now get the idea of how to debug... think through your system, step by step, create tests that checking things at each step of the process. --Dan [... snipping old content, what a concept...] -- FREE scripts that make web and database programming easier http://www.analysisandsolutions.com/software/ T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y 4015 7th Ave #4AJ, Brooklyn NY v: 718-854-0335 f: 718-854-0409 From dan at mx2pro.com Fri Oct 17 14:01:34 2003 From: dan at mx2pro.com (Dan Horning) Date: Fri, 17 Oct 2003 14:01:34 -0400 Subject: [nycphp-talk] accessing phpmyadmin as different users In-Reply-To: <20031017174441.GA12903@panix.com> Message-ID: <20031017180139.132A3A85EE@virtu.nyphp.org> Lets find out something Are you trying to pass http passwords to it? If so just change your auth_type to 'http' then you will use the http type login .. Otherwise .. I have no idea what you're trying to do .. As you could pass the login and PW in a URL or in a form just like the one on the login page phpMyAdmin uses. I'm not sure if this all helps .. So a plan of usage might allow me to be more direct. --------------{ EXAMPLE }--------------------------------- On my servers I have a staff area with phpmyadmin located Inside it. The auth_type is set to 'http' and so therefore Since to get to the staff area requres a password.. So Also does the [phpmyadmin) and each staff has their login Which I've programmed in using htpasswd ---------------------------------------------------------- $cfg['Servers'][$i]['auth_type'] = 'config'; // Authentication method (config, http or cookie based)? $cfg['Servers'][$i]['user'] = 'root'; // MySQL user $cfg['Servers'][$i]['password'] = ''; // MySQL password (only needed // with 'config' auth_type) Dan Horning - President - MX2 Productions Technical Systems Administration Media from concept to execution. 1-866-284-3150 (Toll-Free) http://www.mx2pro.com/ > -----Original Message----- > From: talk-bounces at lists.nyphp.org > [mailto:talk-bounces at lists.nyphp.org] On Behalf Of Analysis & > Solutions > Sent: Friday, October 17, 2003 1:45 PM > To: NYPHP Talk > Subject: Re: [nycphp-talk] accessing phpmyadmin as different users > > Hi Nestor: > > > I tried it with $_GET and $_POST and with either of them I > am able to > > print the information in the > > variables. > > > > But it fails > > Before I get too far, I thought phpMyAdmin has it's own login > page. Why > are you making another? > > Anyway, you need to learn how to do some debugging, step by step. > > You said you made a login page. Go to the script that login > form gets > submitted to. Put in echos for the variables you're > submitting. Did your > input get through? If not, there's your problem. But, if > so, go to the > next step. > > Now, you need to pass that information from there to the > index.php, right? > How are you passing it between the pages? Check in index.php > that the > information you supplied is getting there. If it's not, why > not? If it > is, then are you putting it in the right place to be accepted by the > system? > > I hope you now get the idea of how to debug... think through > your system, > step by step, create tests that checking things at each step of the > process. > > --Dan > > [... snipping old content, what a concept...] > > -- > FREE scripts that make web and database programming easier > http://www.analysisandsolutions.com/software/ > T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y > 4015 7th Ave #4AJ, Brooklyn NY v: 718-854-0335 f: 718-854-0409 > _______________________________________________ > talk mailing list > talk at lists.nyphp.org > http://lists.nyphp.org/mailman/listinfo/talk > From tgales at tgaconnect.com Fri Oct 17 14:37:31 2003 From: tgales at tgaconnect.com (Tim Gales) Date: Fri, 17 Oct 2003 14:37:31 -0400 Subject: [nycphp-talk] accessing phpmyadmin as different users In-Reply-To: <31602098.1066407081853.JavaMail.root@grover.psp.pas.earthlink.net> Message-ID: <000501c394dd$ba183de0$bf8d3818@oberon1> Nestor, If I understand you -- you want to let different users access mySQL through phpAdmin. What throws me is when you say it would be nice if different users could have different access based on their login. Consider the following: In the user table you have something like this: Host User Password Select_priv Insert... Delete... ---- ---- -------- ----------- --------- --------- localhost root md5_password Y Y Y www.ur.com you md5_password y Y N and in the database table you have: Host Db User Select_priv Insert_priv ---- --- ----- ----------- ----------- www.ur.com data you Y N The above would allow 'you' to login to mySQL database from www.ur.com and select and insert -- but not delete. Even though 'you' can log in with insert privileges 'you' won't be able to insert into the 'data' database. The security system works on a combination of user and host as detailed in the mySQL manual. If you look at the 'tables_priv' and the 'columns_priv' tables in the 'mysql' database you will see that there are opportunities to get pretty fancy with who's allowed to do what. I have to admit I have never used phpadmin except as a root user with total privileges. But I find it hard to believe that phpadmin operates outside the regular mySQL security framework. I doubt if phpadmin circumvents or constricts the general security features of mySQL. This means you should be able to put your own 'happy face' on phpadmin -- and you shouldn't have to post variables to it from a form. T. Gales & Associates Helping People Connect with Technology http://www.tgaconnect.com -----Original Message----- From: talk-bounces at lists.nyphp.org [mailto:talk-bounces at lists.nyphp.org] On Behalf Of Nestor Florez Sent: Friday, October 17, 2003 12:11 PM To: NYPHP Talk Subject: [nycphp-talk] accessing phpmyadmin as different users I am trying to access phpmyadmin as diferent users by having a login webpage that ask for the userid and password and then passing it to index.php. In the config.inc.php I change the code to look like this: $cfg['Servers'][$i]['user'] = $_GET['userid']; $cfg['Servers'][$i]['password'] = $_GET['pwd']; But when I try this I get an error: ======================================================== Error MySQL said: Access denied for user: 'ODBC at localhost' (Using password: NO) ======================================================== If I change the code to : ========================================= $cfg['Servers'][$i]['user'] = 'view'; $cfg['Servers'][$i]['password'] = 'view'; ========================================= It works. This is the same userid and pwd I am passing from my login page Any ideas? This tool is great but it would much easier if we could set it up to allow for users to login and according to their user and pwd they would have access to different DB's and tables according to the permissions that were granted to them.. Thanks, Nestor :-) _______________________________________________ talk mailing list talk at lists.nyphp.org http://lists.nyphp.org/mailman/listinfo/talk From hans at nyphp.org Fri Oct 17 14:52:34 2003 From: hans at nyphp.org (Hans Zaunere) Date: Fri, 17 Oct 2003 14:52:34 -0400 Subject: [nycphp-talk] accessing phpmyadmin as different users In-Reply-To: <31602098.1066407081853.JavaMail.root@grover.psp.pas.earthlink.net> References: <31602098.1066407081853.JavaMail.root@grover.psp.pas.earthlink.net> Message-ID: <3F903A72.509@nyphp.org> Nestor Florez wrote: > I am trying to access phpmyadmin as diferent users by having a login webpage > that ask for the userid and password and then passing it to index.php. In the > config.inc.php I change the code to look like this: > > $cfg['Servers'][$i]['user'] = $_GET['userid']; > $cfg['Servers'][$i]['password'] = $_GET['pwd']; > > But when I try this I get an error: > ======================================================== > Error > > MySQL said: > > Access denied for user: 'ODBC at localhost' (Using password: NO) > ======================================================== > > If I change the code to : > ========================================= > $cfg['Servers'][$i]['user'] = 'view'; > $cfg['Servers'][$i]['password'] = 'view'; > ========================================= > > It works. This is the same userid and pwd I am passing from my login page > > Any ideas? Ehh, things aren't be passed around properly. > This tool is great but it would much easier if we could set it up to allow for users to login > and according to their user and pwd they would have access to different DB's and tables > according to the permissions that were granted to them.. phpMyAdmin just got better :) http://www.phpmyadmin.net/documentation/#setup (look for 'Using authentication modes:' header) http://www.phpmyadmin.net/documentation/#config (look for controluser and auth_type config settings) http://www.phpmyadmin.net/documentation/#faqmultiuser HTH, H From nestorflorez at earthlink.net Fri Oct 17 15:07:09 2003 From: nestorflorez at earthlink.net (Nestor Florez) Date: Fri, 17 Oct 2003 12:07:09 -0700 (GMT-07:00) Subject: [nycphp-talk] accessing phpmyadmin as different users Message-ID: <32714588.1066417629127.JavaMail.root@grover.psp.pas.earthlink.net> I way pass these steps you mentioned. I can handle the debugging, because it is the same way I do it everytime I program in PHP or Perl. PHPmyAdmin does not have a loging page as of version 2.3.3. Basically you add the user and pwd into the config.inc.php file in a hash array: ------------- $cfg['Servers'][$i]['user'] = 'user'; // MySQL user $cfg['Servers'][$i]['password'] = 'pwd'; // MySQL password --------------- BUT WHEN I put in variables in the hash array it fails: $cfg['Servers'][$i]['user'] = $user; // MySQL user $cfg['Servers'][$i]['password'] = $pwd; // MySQL password YES, the variable do have the information that I want to pass. Thanks, Nestor :-) -----Original Message----- From: Analysis & Solutions Sent: Oct 17, 2003 10:44 AM To: NYPHP Talk Subject: Re: [nycphp-talk] accessing phpmyadmin as different users Hi Nestor: > I tried it with $_GET and $_POST and with either of them I am able to > print the information in the > variables. > > But it fails Before I get too far, I thought phpMyAdmin has it's own login page. Why are you making another? Anyway, you need to learn how to do some debugging, step by step. You said you made a login page. Go to the script that login form gets submitted to. Put in echos for the variables you're submitting. Did your input get through? If not, there's your problem. But, if so, go to the next step. Now, you need to pass that information from there to the index.php, right? How are you passing it between the pages? Check in index.php that the information you supplied is getting there. If it's not, why not? If it is, then are you putting it in the right place to be accepted by the system? I hope you now get the idea of how to debug... think through your system, step by step, create tests that checking things at each step of the process. --Dan [... snipping old content, what a concept...] -- From nestorflorez at earthlink.net Fri Oct 17 15:14:57 2003 From: nestorflorez at earthlink.net (Nestor Florez) Date: Fri, 17 Oct 2003 12:14:57 -0700 (GMT-07:00) Subject: [nycphp-talk] accessing phpmyadmin as different users Message-ID: <12314369.1066418097835.JavaMail.root@grover.psp.pas.earthlink.net> Hans, Thanks for your info. Maybe what I need to do is to installed the latest phpmyadmin, because I am using 2.3.3 and this version does not have a login page, you just go directly into web form that allows you to be view databases and tables according to the values in the has: $cfg['Servers'][$i]['user'] = 'user'; // MySQL user $cfg['Servers'][$i]['password'] = 'pwd'; // MySQL password Thanks again, Nestor :-) -----Original Message----- From: Hans Zaunere Sent: Oct 17, 2003 11:52 AM To: NYPHP Talk Subject: Re: [nycphp-talk] accessing phpmyadmin as different users Nestor Florez wrote: > I am trying to access phpmyadmin as diferent users by having a login webpage > that ask for the userid and password and then passing it to index.php. In the > config.inc.php I change the code to look like this: > > $cfg['Servers'][$i]['user'] = $_GET['userid']; > $cfg['Servers'][$i]['password'] = $_GET['pwd']; > > But when I try this I get an error: > ======================================================== > Error > > MySQL said: > > Access denied for user: 'ODBC at localhost' (Using password: NO) > ======================================================== > > If I change the code to : > ========================================= > $cfg['Servers'][$i]['user'] = 'view'; > $cfg['Servers'][$i]['password'] = 'view'; > ========================================= > > It works. This is the same userid and pwd I am passing from my login page > > Any ideas? Ehh, things aren't be passed around properly. > This tool is great but it would much easier if we could set it up to allow for users to login > and according to their user and pwd they would have access to different DB's and tables > according to the permissions that were granted to them.. phpMyAdmin just got better :) http://www.phpmyadmin.net/documentation/#setup (look for 'Using authentication modes:' header) http://www.phpmyadmin.net/documentation/#config (look for controluser and auth_type config settings) http://www.phpmyadmin.net/documentation/#faqmultiuser HTH, H _______________________________________________ talk mailing list talk at lists.nyphp.org http://lists.nyphp.org/mailman/listinfo/talk From hans at nyphp.org Fri Oct 17 15:17:00 2003 From: hans at nyphp.org (Hans Zaunere) Date: Fri, 17 Oct 2003 15:17:00 -0400 Subject: [nycphp-talk] accessing phpmyadmin as different users In-Reply-To: <32714588.1066417629127.JavaMail.root@grover.psp.pas.earthlink.net> References: <32714588.1066417629127.JavaMail.root@grover.psp.pas.earthlink.net> Message-ID: <3F90402C.10903@nyphp.org> Nestor Florez wrote: > I way pass these steps you mentioned. > > I can handle the debugging, because it is the same way I do it > everytime I program in PHP or Perl. > > PHPmyAdmin does not have a loging page as of version 2.3.3. Ahh, I blurred out what version you were dealing with :) Just as an FYI, though, you should take care using older versions, especially with newer versions of MySQL. I've seen old versions of phpmyadmin do fun things, even with old versions of MySQL. > Basically you add the user and pwd into the config.inc.php file > in a hash array: > ------------- > $cfg['Servers'][$i]['user'] = 'user'; // MySQL user > $cfg['Servers'][$i]['password'] = 'pwd'; // MySQL password > --------------- > > BUT WHEN I put in variables in the hash array it fails: > $cfg['Servers'][$i]['user'] = $user; // MySQL user > $cfg['Servers'][$i]['password'] = $pwd; // MySQL password > > YES, the variable do have the information that I want to pass. You're probably having name collisions, or worse, register_global problems. Try using variable names that aren't so common. $cfg['Servers'][$i]['user'] = $yankees_user; // MySQL user $cfg['Servers'][$i]['password'] = $yankees_pwd; // MySQL password Of course those names might cause problems too :) H From nestorflorez at earthlink.net Fri Oct 17 15:18:49 2003 From: nestorflorez at earthlink.net (Nestor Florez) Date: Fri, 17 Oct 2003 12:18:49 -0700 (GMT-07:00) Subject: [nycphp-talk] accessing phpmyadmin as different users Message-ID: <9968967.1066418329757.JavaMail.root@grover.psp.pas.earthlink.net> Tim, Thanks for the summary on Mysql, I am aware of how the 'user' and the 'db' table work. I think I just need to upgrade, but I hate leaving an issue unresolved............@#$^&* I feel like the thing is beating me and I do not like to give up :-) Thanks again to all!!!!!! -----Original Message----- From: Tim Gales Sent: Oct 17, 2003 11:37 AM To: 'Nestor Florez' , 'NYPHP Talk' Subject: RE: [nycphp-talk] accessing phpmyadmin as different users Nestor, If I understand you -- you want to let different users access mySQL through phpAdmin. What throws me is when you say it would be nice if different users could have different access based on their login. Consider the following: In the user table you have something like this: Host User Password Select_priv Insert... Delete... ---- ---- -------- ----------- --------- --------- localhost root md5_password Y Y Y www.ur.com you md5_password y Y N and in the database table you have: Host Db User Select_priv Insert_priv ---- --- ----- ----------- ----------- www.ur.com data you Y N The above would allow 'you' to login to mySQL database from www.ur.com and select and insert -- but not delete. Even though 'you' can log in with insert privileges 'you' won't be able to insert into the 'data' database. The security system works on a combination of user and host as detailed in the mySQL manual. If you look at the 'tables_priv' and the 'columns_priv' tables in the 'mysql' database you will see that there are opportunities to get pretty fancy with who's allowed to do what. I have to admit I have never used phpadmin except as a root user with total privileges. But I find it hard to believe that phpadmin operates outside the regular mySQL security framework. I doubt if phpadmin circumvents or constricts the general security features of mySQL. This means you should be able to put your own 'happy face' on phpadmin -- and you shouldn't have to post variables to it from a form. T. Gales & Associates Helping People Connect with Technology http://www.tgaconnect.com -----Original Message----- From: talk-bounces at lists.nyphp.org [mailto:talk-bounces at lists.nyphp.org] On Behalf Of Nestor Florez Sent: Friday, October 17, 2003 12:11 PM To: NYPHP Talk Subject: [nycphp-talk] accessing phpmyadmin as different users I am trying to access phpmyadmin as diferent users by having a login webpage that ask for the userid and password and then passing it to index.php. In the config.inc.php I change the code to look like this: $cfg['Servers'][$i]['user'] = $_GET['userid']; $cfg['Servers'][$i]['password'] = $_GET['pwd']; But when I try this I get an error: ======================================================== Error MySQL said: Access denied for user: 'ODBC at localhost' (Using password: NO) ======================================================== If I change the code to : ========================================= $cfg['Servers'][$i]['user'] = 'view'; $cfg['Servers'][$i]['password'] = 'view'; ========================================= It works. This is the same userid and pwd I am passing from my login page Any ideas? This tool is great but it would much easier if we could set it up to allow for users to login and according to their user and pwd they would have access to different DB's and tables according to the permissions that were granted to them.. Thanks, Nestor :-) _______________________________________________ talk mailing list talk at lists.nyphp.org http://lists.nyphp.org/mailman/listinfo/talk From nestorflorez at earthlink.net Fri Oct 17 15:22:12 2003 From: nestorflorez at earthlink.net (Nestor Florez) Date: Fri, 17 Oct 2003 12:22:12 -0700 (GMT-07:00) Subject: [nycphp-talk] accessing phpmyadmin as different users Message-ID: <1822362.1066418532923.JavaMail.root@grover.psp.pas.earthlink.net> Hans, I actually was using $nestor_user and $nestor_pwd to avoid collision and I did a grep on this, before I used them to avoid collisions Thanks again, Nestor :-) -----Original Message----- From: Hans Zaunere Sent: Oct 17, 2003 12:17 PM To: NYPHP Talk Subject: Re: [nycphp-talk] accessing phpmyadmin as different users Nestor Florez wrote: > I way pass these steps you mentioned. > > I can handle the debugging, because it is the same way I do it > everytime I program in PHP or Perl. > > PHPmyAdmin does not have a loging page as of version 2.3.3. Ahh, I blurred out what version you were dealing with :) Just as an FYI, though, you should take care using older versions, especially with newer versions of MySQL. I've seen old versions of phpmyadmin do fun things, even with old versions of MySQL. > Basically you add the user and pwd into the config.inc.php file > in a hash array: > ------------- > $cfg['Servers'][$i]['user'] = 'user'; // MySQL user > $cfg['Servers'][$i]['password'] = 'pwd'; // MySQL password > --------------- > > BUT WHEN I put in variables in the hash array it fails: > $cfg['Servers'][$i]['user'] = $user; // MySQL user > $cfg['Servers'][$i]['password'] = $pwd; // MySQL password > > YES, the variable do have the information that I want to pass. You're probably having name collisions, or worse, register_global problems. Try using variable names that aren't so common. $cfg['Servers'][$i]['user'] = $yankees_user; // MySQL user $cfg['Servers'][$i]['password'] = $yankees_pwd; // MySQL password Of course those names might cause problems too :) H _______________________________________________ talk mailing list talk at lists.nyphp.org http://lists.nyphp.org/mailman/listinfo/talk From jonbaer at jonbaer.net Fri Oct 17 11:34:17 2003 From: jonbaer at jonbaer.net (jon baer) Date: Fri, 17 Oct 2003 11:34:17 -0400 Subject: [nycphp-talk] Best host for oscommerce package? References: <84DFABD3-00B1-11D8-80DA-000393B9FB36@mac.com> <3F900584.8080504@netzero.com> Message-ID: <00a701c394c4$20e49ce0$8119fea9@thinkpad> seriously, I don't think my descriptive subject on the matter could have been put any more clearly ... Ive made inquires to people/places on this list in which I did not hear anything back, thus why I came back to the list ... I figured there would be a few would have *not* experienced setting up the package on a host somewhere + were only making educated guesses, which is OK + i do appreciate, but I refuse to beleive im the only one on the planet that can't afford a co-lo for a project + have to use a good host for an e-com project. Im still researching + thanks to everyone who made recommendations ... to others im sorry for taking up ur precious bandwidth. - jon ----- Original Message ----- From: "Scott Mattocks" To: "NYPHP Talk" Sent: Friday, October 17, 2003 11:06 AM Subject: Re: [nycphp-talk] Best host for oscommerce package? > It is replies like this that make people hesitant to post questions on > this list. I don't think that this qualifies as a "gentle nudge." > > PUTAMARE wrote: From danielc at analysisandsolutions.com Fri Oct 17 15:34:02 2003 From: danielc at analysisandsolutions.com (Analysis & Solutions) Date: Fri, 17 Oct 2003 15:34:02 -0400 Subject: [nycphp-talk] accessing phpmyadmin as different users In-Reply-To: <32714588.1066417629127.JavaMail.root@grover.psp.pas.earthlink.net> References: <32714588.1066417629127.JavaMail.root@grover.psp.pas.earthlink.net> Message-ID: <20031017193401.GA6709@panix.com> Hi Nestor: On Fri, Oct 17, 2003 at 12:07:09PM -0700, Nestor Florez wrote: > > BUT WHEN I put in variables in the hash array it fails: > $cfg['Servers'][$i]['user'] = $user; // MySQL user > $cfg['Servers'][$i]['password'] = $pwd; // MySQL password > > YES, the variable do have the information that I want to pass. So, what happens if you go to a command line and try to log in with the information you provided in the variables $user and $pwd. If you don't get in, you need to issue the "flush privileges" command to the MySQL server from the command line interface. Also, in another email, you mention the fact that you're using an older version of the program. Not good. There are security vulnerabilities in them. Upgrade now. You'll solve your problem of trying to hack your own login page AND tighten security. --Dan ... what's so hard about deleting unnecessary text? ... -- FREE scripts that make web and database programming easier http://www.analysisandsolutions.com/software/ T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y 4015 7th Ave #4AJ, Brooklyn NY v: 718-854-0335 f: 718-854-0409 From hans at nyphp.org Fri Oct 17 15:52:09 2003 From: hans at nyphp.org (Hans Zaunere) Date: Fri, 17 Oct 2003 15:52:09 -0400 Subject: [nycphp-talk] List postings WAS: Best host for oscommerce package? In-Reply-To: <200310171110.23044.brian@preston-campbell.com> References: <84DFABD3-00B1-11D8-80DA-000393B9FB36@mac.com> <200310171054.11709.brian@preston-campbell.com> <20031017150607.GA76004@berylium.psydeshow.org> <200310171110.23044.brian@preston-campbell.com> Message-ID: <3F904869.9060005@nyphp.org> Not to rekindle a thread that has died gracefully, or painfully depending on your viewpoint, but I think it raises some important points. Preston-Campbell wrote: > This is my new sig > > Try delete for those items that do not interest you.(tm) > > If only it applied to more things in life... > > On Friday 17 October 2003 11:06 am, Chris Snyder wrote: > >>Happy Friday everyone! >>Pining for command, aka unsub-from-thread... For those that missed our prior dev meeting, we're going to be working on a mailing list system that will enable people to unsubscribe from particular threads and resubscribe to them at a later point. It will also have an interactive archive, ie forum, so people will be able to have essentially the same flexibility and functionality of forums and mailing lists, and new features realized by the combination of the two, including an interface of their choice. >>Preston-Campbell wrote: >> >>>Try delete for those items that do not interest you. >>> >>>On Friday 17 October 2003 10:52 am, PUTAMARE wrote: >>> >>>>This is the kind of conversation you two might want to have off list. Until technology solves all of our problems, however, simply deleting messages is something some of us may take for granted. We've received feedback from NYPHP-Talk subscribers, both past and present, that the list can have heavy traffic. While email filtering can alleviate much of this, some email clients, providers or users don't provide/utilize it, and there's still reason for concise, complete and well-formed postings. Perhaps it was more a shove than a nudge, or perhaps the messages began to get a bit back-and-forth. Whatever the case, people should not hesitate to ask questions on the list, nor at the same time be afraid to rebut. And, for those with suggestions on making the lists more useful or to help draft some guidelines, swing over to NYPHP-Dev at http://nyphp.org/lists NYPHP-Dev, where deleting is a way of life :) H From nestorflorez at earthlink.net Fri Oct 17 16:19:06 2003 From: nestorflorez at earthlink.net (Nestor Florez) Date: Fri, 17 Oct 2003 13:19:06 -0700 (GMT-07:00) Subject: [nycphp-talk] accessing phpmyadmin as different users Message-ID: <16013678.1066421946441.JavaMail.root@grover.psp.pas.earthlink.net> Dan, Yes, It looks like the only recurse now is to upgrade. The FLUSH was done a long time ago when the database and the users were created. The idea came from basically having different users and I wanted to allow them to view the data over the web using thier existing database user and password. Yes I think I will upgrade after the weekend :-) Thanks again, Nestor :-) -----Original Message----- From: Analysis & Solutions Sent: Oct 17, 2003 12:34 PM To: NYPHP Talk Subject: Re: [nycphp-talk] accessing phpmyadmin as different users Hi Nestor: On Fri, Oct 17, 2003 at 12:07:09PM -0700, Nestor Florez wrote: > > BUT WHEN I put in variables in the hash array it fails: > $cfg['Servers'][$i]['user'] = $user; // MySQL user > $cfg['Servers'][$i]['password'] = $pwd; // MySQL password > > YES, the variable do have the information that I want to pass. So, what happens if you go to a command line and try to log in with the information you provided in the variables $user and $pwd. If you don't get in, you need to issue the "flush privileges" command to the MySQL server from the command line interface. Also, in another email, you mention the fact that you're using an older version of the program. Not good. There are security vulnerabilities in them. Upgrade now. You'll solve your problem of trying to hack your own login page AND tighten security. --Dan ... what's so hard about deleting unnecessary text? ... -- FREE scripts that make web and database programming easier http://www.analysisandsolutions.com/software/ T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y 4015 7th Ave #4AJ, Brooklyn NY v: 718-854-0335 f: 718-854-0409 _______________________________________________ talk mailing list talk at lists.nyphp.org http://lists.nyphp.org/mailman/listinfo/talk From nestorflorez at earthlink.net Fri Oct 17 16:40:28 2003 From: nestorflorez at earthlink.net (Nestor Florez) Date: Fri, 17 Oct 2003 13:40:28 -0700 (GMT-07:00) Subject: [nycphp-talk] Re:accessing phpmyadmin as different users Message-ID: <25424113.1066423228984.JavaMail.root@grover.psp.pas.earthlink.net> OK guys, It is working, but not via my logging page. I new it was something simple but am glad is fix or would have had a bad weekend. A couple of people mentioned authorization type 'http' I tried it and VOILA! It was a lot easier than I expected. I will not upgrade.......yet! Thanks a lot to all. Nestor :-) From danielc at analysisandsolutions.com Fri Oct 17 16:56:36 2003 From: danielc at analysisandsolutions.com (Analysis & Solutions) Date: Fri, 17 Oct 2003 16:56:36 -0400 Subject: [nycphp-talk] Re:accessing phpmyadmin as different users In-Reply-To: <25424113.1066423228984.JavaMail.root@grover.psp.pas.earthlink.net> References: <25424113.1066423228984.JavaMail.root@grover.psp.pas.earthlink.net> Message-ID: <20031017205635.GA26497@panix.com> Hi: On Fri, Oct 17, 2003 at 01:40:28PM -0700, Nestor Florez wrote: > > I will not upgrade.......yet! Cool. Can I have an account on your system so I can exploit your vulnerabilities? http://www.securityfocus.com/bid/7962 http://www.securityfocus.com/bid/7963 http://www.securityfocus.com/bid/7964 http://www.securityfocus.com/bid/7965 Well, if you won't be letting me, at least you're letting the rest of the people on your system. Enjoy, --Dan -- FREE scripts that make web and database programming easier http://www.analysisandsolutions.com/software/ T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y 4015 7th Ave #4AJ, Brooklyn NY v: 718-854-0335 f: 718-854-0409 From nestorflorez at earthlink.net Fri Oct 17 17:32:30 2003 From: nestorflorez at earthlink.net (Nestor Florez) Date: Fri, 17 Oct 2003 14:32:30 -0700 (GMT-07:00) Subject: [nycphp-talk] Re:accessing phpmyadmin as different users Message-ID: <10001431.1066426350955.JavaMail.root@skeeter.psp.pas.earthlink.net> DAn, WE are in an intranet behind a firewall, but I see what you are saying :-{ In your list I did not see phpmyadmin version 2.3.3 at all. Is that because is not vulnerable or because it never became an offcial release? Thanks, Nestor :-) -----Original Message----- From: Analysis & Solutions Sent: Oct 17, 2003 1:56 PM To: NYPHP Talk Subject: Re: [nycphp-talk] Re:accessing phpmyadmin as different users Hi: On Fri, Oct 17, 2003 at 01:40:28PM -0700, Nestor Florez wrote: > > I will not upgrade.......yet! Cool. Can I have an account on your system so I can exploit your vulnerabilities? http://www.securityfocus.com/bid/7962 http://www.securityfocus.com/bid/7963 http://www.securityfocus.com/bid/7964 http://www.securityfocus.com/bid/7965 Well, if you won't be letting me, at least you're letting the rest of the people on your system. Enjoy, --Dan -- FREE scripts that make web and database programming easier http://www.analysisandsolutions.com/software/ T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y 4015 7th Ave #4AJ, Brooklyn NY v: 718-854-0335 f: 718-854-0409 _______________________________________________ talk mailing list talk at lists.nyphp.org http://lists.nyphp.org/mailman/listinfo/talk From dan at mx2pro.com Fri Oct 17 17:37:19 2003 From: dan at mx2pro.com (Dan Horning) Date: Fri, 17 Oct 2003 17:37:19 -0400 Subject: [nycphp-talk] Re:accessing phpmyadmin as different users In-Reply-To: <10001431.1066426350955.JavaMail.root@skeeter.psp.pas.earthlink.net> Message-ID: <20031017213724.7A25CA85EC@virtu.nyphp.org> If you look at the solution for each of his links .. > WE are in an intranet behind a firewall, but I see what you > are saying :-{ > > In your list I did not see phpmyadmin version 2.3.3 at all. > Cool. Can I have an account on your system so I can exploit your > vulnerabilities? > > http://www.securityfocus.com/bid/7962 > http://www.securityfocus.com/bid/7963 > http://www.securityfocus.com/bid/7964 > http://www.securityfocus.com/bid/7965 > > Well, if you won't be letting me, at least you're letting the rest of > the people on your system. They are allfixed with the current version Dan Horning - President - MX2 Productions Technical Systems Administration Media from concept to execution. 1-866-284-3150 (Toll-Free) http://www.mx2pro.com/ From hans at nyphp.org Sat Oct 18 14:58:16 2003 From: hans at nyphp.org (Hans Zaunere) Date: Sat, 18 Oct 2003 14:58:16 -0400 Subject: [nycphp-talk] GNOME Developes Summit and PHP-GTK? Message-ID: <3F918D48.9020108@nyphp.org> I just wanted to pass this event on (attached), and am also curious about people's use of php-gtk. Since GTK is part of the GNOME project, has anyone used php-gtk significantly? Hans -------------- next part -------------- An embedded message was scrubbed... From: Jim Gleason Subject: [nylug-announce] [nylug-talk] [nylxs-announce] GNOME Developes Summit Scheduled for November 22-24, 2003 (fwd) Date: Fri, 17 Oct 2003 14:08:03 -0400 (EDT) Size: 3764 URL: From lists at ny-tech.net Sat Oct 18 17:31:25 2003 From: lists at ny-tech.net (Nasir Zubair) Date: Sat, 18 Oct 2003 17:31:25 -0400 Subject: [nycphp-talk] GNOME Developes Summit and PHP-GTK? In-Reply-To: <3F918D48.9020108@nyphp.org> Message-ID: <001701c395bf$30760940$6401a8c0@main> I used GTK for a bit. First of all, it was pain to configure on Windows. However, a bit later, I didn't feel the need of using PHP as a desktop application language and gave it up for .Net. I'm learning C# these days. Nasir -----Original Message----- From: Hans Zaunere [mailto:hans at nyphp.org] Sent: Saturday, October 18, 2003 2:58 PM To: NYPHP Talk Subject: [nycphp-talk] GNOME Developes Summit and PHP-GTK? I just wanted to pass this event on (attached), and am also curious about people's use of php-gtk. Since GTK is part of the GNOME project, has anyone used php-gtk significantly? Hans From nsr81 at ny-tech.net Sat Oct 18 17:31:47 2003 From: nsr81 at ny-tech.net (Nasir Zubair) Date: Sat, 18 Oct 2003 17:31:47 -0400 Subject: [nycphp-talk] Session woes Message-ID: <001801c395bf$3dad3700$6401a8c0@main> Hi all, I am working on a project that uses Sessions (only) for tracking logged in users. Everything works in IE and most netscape/mozilla browsers. However, my client uses AOL, and he is having problems logging in. Some times he can login, other times he can't. He also reported that he get "kicked off", i.e. session is gone without explicitly logging out. Any ideas how to track and fix that problem? Also, after trying pretty much everything, I was thinking about utilizing PEAR_Auth, but I'm not sure how Pear_Auth handles passwords and whether it will work with my existing system or not. Thanks for your help :) Nasir From shiflett at php.net Sat Oct 18 19:08:01 2003 From: shiflett at php.net (Chris Shiflett) Date: Sat, 18 Oct 2003 16:08:01 -0700 (PDT) Subject: [nycphp-talk] Session woes In-Reply-To: <001801c395bf$3dad3700$6401a8c0@main> Message-ID: <20031018230801.80503.qmail@web14307.mail.yahoo.com> --- Nasir Zubair wrote: > However, my client uses AOL, and he is having problems logging in. > Some times he can login, other times he can't. He also reported that > he get "kicked off", i.e. session is gone without explicitly logging > out. Any ideas how to track and fix that problem? I recommend lots and lots of logging. This situation also demonstrates why I think a PHP debugger is no substitute for good logging. Sometimes your users are going to run into problems that you can't reproduce, and this can make things very challenging. Use your own session functions, and you can track exactly what data is being read, stored, etc. With good logging within your application as well, you should be able to track a specific user's experience as he/she interacts with your application. Hope that helps. Chris ===== My Blog http://shiflett.org/ HTTP Developer's Handbook http://httphandbook.org/ RAMP Training Courses http://www.nyphp.org/ramp From danielc at analysisandsolutions.com Sat Oct 18 19:11:45 2003 From: danielc at analysisandsolutions.com (Analysis & Solutions) Date: Sat, 18 Oct 2003 19:11:45 -0400 Subject: [nycphp-talk] Session woes In-Reply-To: <001801c395bf$3dad3700$6401a8c0@main> References: <001801c395bf$3dad3700$6401a8c0@main> Message-ID: <20031018231145.GA29801@panix.com> Howdy Nasir: On Sat, Oct 18, 2003 at 05:31:47PM -0400, Nasir Zubair wrote: > > I am working on a project that uses Sessions (only) for tracking logged in > users. Everything works in IE and most netscape/mozilla browsers. However, Are you using cookies to pass the session ID? I strongly suggest using URI based session ID's, just for reasons like this. You can check out my Simple Session Solution class: http://www.analysisandsolutions.com/software/session-simple/ > my client uses AOL, and he is having problems logging in. Some times he can > login, other times he can't. He also reported that he get "kicked off", i.e. > session is gone without explicitly logging out. Are you using IP addresses for session authentication anywhere? AOL's system seems to have users browsing via a proxy which can change IP's along the way. Enjoy, --Dan -- FREE scripts that make web and database programming easier http://www.analysisandsolutions.com/software/ T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y 4015 7th Ave #4AJ, Brooklyn NY v: 718-854-0335 f: 718-854-0409 From lists at ny-tech.net Sat Oct 18 19:55:27 2003 From: lists at ny-tech.net (Nasir Zubair) Date: Sat, 18 Oct 2003 19:55:27 -0400 Subject: [nycphp-talk] Session woes In-Reply-To: <20031018231145.GA29801@panix.com> Message-ID: <000201c395d3$4faa6130$6401a8c0@main> Hi, > Are you using cookies to pass the session ID? I strongly suggest using > URI based session ID's, just for reasons like this. You can check out my > Simple Session Solution class: > http://www.analysisandsolutions.com/software/session-simple/ PHPSESSID is passed through the URL, since I'm working between three subdomains ( xyz.domain.com ) and the main doamin itself. I tried cookies, but failed terribly LOL. It is passed as http://www.domain.com/file.php?PHPSESSID={sid} {sid} = session id. I'll take a look at your code and see if I can update my code. > Are you using IP addresses for session authentication anywhere? AOL's > system seems to have users browsing via a proxy which can change IP's > along the way. The very reason I didn't use IP addresses in any of my authentication procedures. I just store userid, usergroup and a couple of other things in $_SESSION. - Nasir From soazine at erols.com Sat Oct 18 20:07:11 2003 From: soazine at erols.com (Phil Powell) Date: Sat, 18 Oct 2003 20:07:11 -0400 Subject: [nycphp-talk] Problem trying to convert HTML to Word/Excel/Etc. Message-ID: <006101c395d4$f26693c0$5c096444@philofsoa> Based on the information I read in www.php.net on the header command I wrote a dummy test script to try to convert the contents of $stuff to MS Word downloadable format: http://www.php.net/header Code: $stuff = 'stuffHello World'; header("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); // Date in the past header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT"); // always modified header("Cache-Control: no-store, no-cache, must-revalidate"); // HTTP/1.1 header("Cache-Control: post-check=0, pre-check=0", false); header("Pragma: no-cache"); // HTTP/1.0 header("Content-type: application/msword; filename=stuff.doc"); //header("Content-Disposition: attachment; filename=stuff.doc"); echo $stuff; However, upon attempting to run this script I ran into the following error in IE: Internet Explorer could not open this script: test.php (note: I am trying to change it to be "stuff.doc"). Nothing ever showed up. test.php (the code you see) is in a Linux environment in a folder protected by .htaccess. In NS 7.0 it produces no errors but it tries to save the downloaded file as "test.php" and not "stuff.doc". I am unsure how to do this in PHP although I can do it in TCL and have done it that way before, that, however, is not an option here. Please help, I'm stuck at the very beginning of attempting customized simple reporting. Thanx Phil -------------- next part -------------- An HTML attachment was scrubbed... URL: From jonbaer at jonbaer.net Fri Oct 17 15:13:36 2003 From: jonbaer at jonbaer.net (jon baer) Date: Fri, 17 Oct 2003 15:13:36 -0400 Subject: [nycphp-talk] accessing phpmyadmin as different users References: <31602098.1066407081853.JavaMail.root@grover.psp.pas.earthlink.net> Message-ID: <011d01c394e2$c474bb10$8119fea9@thinkpad> > config.inc.php I change the code to look like this: > > $cfg['Servers'][$i]['user'] = $_GET['userid']; > $cfg['Servers'][$i]['password'] = $_GET['pwd']; you don't really want to do this because there is no tracking for the variable $i (in other words if you are including this file it will change all of user/pass of every login if its included) ... if on the other hand you are doing it individually you need to match up the corressponding database w/ the correct user name/pass by the first reference ($i) .. $cfg['Servers'][2]['user'] = $_GET['userid'], etc im not sure if you looked closely @ the config file but you can have as many configurations as you want, in mine i have 8 ... you can add a user/pass to the form (custom) + do what you are looking to do but need to make sure to pass a Server variable ...(which is $cfg['Server']). - jon From jonbaer at jonbaer.net Fri Oct 17 16:11:36 2003 From: jonbaer at jonbaer.net (jon baer) Date: Fri, 17 Oct 2003 16:11:36 -0400 Subject: [nycphp-talk] PHP vs. Java scalability ... Message-ID: <004501c394ea$deafff00$8119fea9@thinkpad> just read this interesting article ... http://www.onjava.com/pub/a/onjava/2003/10/15/php_scalability.html -snip- PHP scales. There, I said it. The word on the street is that "Java scales and PHP doesn't." The word on the street is wrong, and PHP needs someone to stand up and tell the truth: that it does scale. -snip- - jon pgp key: http://www.jonbaer.net/jonbaer.asc fingerprint: F438 A47E C45E 8B27 F68C 1F9B 41DB DB8B 9A0C AF47 From lists at ny-tech.net Sun Oct 19 00:52:21 2003 From: lists at ny-tech.net (Nasir Zubair) Date: Sun, 19 Oct 2003 00:52:21 -0400 Subject: [nycphp-talk] PHP vs. Java scalability ... In-Reply-To: <004501c394ea$deafff00$8119fea9@thinkpad> Message-ID: <000001c395fc$c9a86760$6401a8c0@main> And I thought that mud slinging only happened between Microsoft and non-Microsoft folks. LOL -----Original Message----- From: jon baer [mailto:jonbaer at jonbaer.net] Sent: Friday, October 17, 2003 4:12 PM To: talk at lists.nyphp.org Subject: [nycphp-talk] PHP vs. Java scalability ... just read this interesting article ... http://www.onjava.com/pub/a/onjava/2003/10/15/php_scalability.html -snip- PHP scales. There, I said it. The word on the street is that "Java scales and PHP doesn't." The word on the street is wrong, and PHP needs someone to stand up and tell the truth: that it does scale. -snip- - jon pgp key: http://www.jonbaer.net/jonbaer.asc fingerprint: F438 A47E C45E 8B27 F68C 1F9B 41DB DB8B 9A0C AF47 _______________________________________________ talk mailing list talk at lists.nyphp.org http://lists.nyphp.org/mailman/listinfo/talk From shiflett at php.net Sun Oct 19 01:37:53 2003 From: shiflett at php.net (Chris Shiflett) Date: Sat, 18 Oct 2003 22:37:53 -0700 (PDT) Subject: [nycphp-talk] PHP vs. Java scalability ... In-Reply-To: <004501c394ea$deafff00$8119fea9@thinkpad> Message-ID: <20031019053753.14223.qmail@web14306.mail.yahoo.com> --- jon baer wrote: > http://www.onjava.com/pub/a/onjava/2003/10/15/php_scalability.html Interesting article. I also found it funny that there are actually more clueless people posting comments at the bottom than one can find on Slashdot. Amazing. :-) Chris ===== My Blog http://shiflett.org/ HTTP Developer's Handbook http://httphandbook.org/ RAMP Training Courses http://www.nyphp.org/ramp From jonbaer at jonbaer.net Sat Oct 18 10:11:52 2003 From: jonbaer at jonbaer.net (jon baer) Date: Sat, 18 Oct 2003 10:11:52 -0400 Subject: [nycphp-talk] Vote for phpMyAdmin Message-ID: <003901c39581$c8454ad0$8119fea9@thinkpad> http://www.oreillynet.com/contest/comdex/ -snip- O'Reilly is working with COMDEX to organize an Open Source Innovation Area on the COMDEX Exhibit Floor. We've nominated 21 projects and we'd like you to help us select the six projects we'll send to COMDEX. The winning projects will be recognized by COMDEX and we'll invite a leader from the project to come to COMDEX and run demos on the show floor. This will give Open Source projects an opportunity to go where only commercial software vendors have gone before. -snip- pgp key: http://www.jonbaer.net/jonbaer.asc fingerprint: F438 A47E C45E 8B27 F68C 1F9B 41DB DB8B 9A0C AF47 From lists at ny-tech.net Sun Oct 19 06:36:07 2003 From: lists at ny-tech.net (Nasir Zubair) Date: Sun, 19 Oct 2003 06:36:07 -0400 Subject: [nycphp-talk] Vote for phpMyAdmin In-Reply-To: <003901c39581$c8454ad0$8119fea9@thinkpad> Message-ID: <000701c3962c$cf4e2bc0$6401a8c0@main> I chose phpMyAdmin and SpamAssassin. :-) - Nasir From shiflett at php.net Sun Oct 19 13:01:34 2003 From: shiflett at php.net (Chris Shiflett) Date: Sun, 19 Oct 2003 10:01:34 -0700 (PDT) Subject: [nycphp-talk] Vote for phpMyAdmin In-Reply-To: <003901c39581$c8454ad0$8119fea9@thinkpad> Message-ID: <20031019170134.70861.qmail@web14310.mail.yahoo.com> --- jon baer wrote: > http://www.oreillynet.com/contest/comdex/ It's hard to vote for something like phpMyAdmin in a list like that. There are some pretty major projects there (Subversion, Zope, etc.). Or, maybe it's just that I'm more impressed with tools that help people like us solve problems more easily than I am with our solutions to those problems. Chris ===== My Blog http://shiflett.org/ HTTP Developer's Handbook http://httphandbook.org/ RAMP Training Courses http://www.nyphp.org/ramp From lists at ny-tech.net Sun Oct 19 14:53:29 2003 From: lists at ny-tech.net (Nasir Zubair) Date: Sun, 19 Oct 2003 14:53:29 -0400 Subject: [nycphp-talk] Session woes In-Reply-To: <20031018231145.GA29801@panix.com> Message-ID: <000001c39672$4a95b830$6401a8c0@main> I would just like to thank Dan for providing session-simple source code. After going over it, I realized quite a few quirks in my session handling routines. It was either to recode the whole thing or use session_simple. I opted to drop in the session_simple code with only modification of the session name, which I had set to "PHPSESSID", as opposed to Dan's "SessionID". It worked beautifully and didn't break my existing authentication routines (login/logout/accesslevel checking). - Nasir From jsiegel1 at optonline.net Mon Oct 20 07:07:36 2003 From: jsiegel1 at optonline.net (Jeff Siegel) Date: Mon, 20 Oct 2003 07:07:36 -0400 Subject: [nycphp-talk] Microsoft faces open-source revolt Message-ID: <002c01c396fa$5e708a50$6401a8c0@EZDSDELL> See: http://www.canoe.ca/CNEWS/TechNews/2003/10/19/230715-ap.html Jeff Siegel From hans at nyphp.org Mon Oct 20 07:18:25 2003 From: hans at nyphp.org (Hans Zaunere) Date: Mon, 20 Oct 2003 07:18:25 -0400 Subject: [nycphp-talk] Vote for phpMyAdmin In-Reply-To: <003901c39581$c8454ad0$8119fea9@thinkpad> References: <003901c39581$c8454ad0$8119fea9@thinkpad> Message-ID: <3F93C481.1000409@nyphp.org> jon baer wrote: > http://www.oreillynet.com/contest/comdex/ > > -snip- > O'Reilly is working with COMDEX to organize an Open Source Innovation Area > on the COMDEX Exhibit Floor. We've nominated 21 projects and we'd like you > to help us select the six projects we'll send to COMDEX. The winning > projects will be recognized by COMDEX and we'll invite a leader from the > project to come to COMDEX and run demos on the show floor. This will give > Open Source projects an opportunity to go where only commercial software > vendors have gone before. > -snip- Eek, I'm a little shocked to see some of the canidates. Nevertheless, phpMyAdmin has gotten my vote. BTW, I've been meaning to rewrite NoCatAuth in PHP. H From hans at nyphp.org Mon Oct 20 07:20:57 2003 From: hans at nyphp.org (Hans Zaunere) Date: Mon, 20 Oct 2003 07:20:57 -0400 Subject: [nycphp-talk] GNOME Developes Summit and PHP-GTK? In-Reply-To: <001701c395bf$30760940$6401a8c0@main> References: <001701c395bf$30760940$6401a8c0@main> Message-ID: <3F93C519.8090407@nyphp.org> Nasir Zubair wrote: > I used GTK for a bit. First of all, it was pain to configure on Windows. > However, a bit later, I didn't feel the need of using PHP as a desktop > application language and gave it up for .Net. I'm learning C# these days. Yeah, developing outside of the MFC on Windows is kinda of, well, like using a *NIX based system for a desktop :) That said, the only place I've really heard of php-gtk used is on the Linux desktop. H From hans at nyphp.org Mon Oct 20 07:35:25 2003 From: hans at nyphp.org (Hans Zaunere) Date: Mon, 20 Oct 2003 07:35:25 -0400 Subject: [nycphp-talk] PHP vs. Java scalability ... In-Reply-To: <004501c394ea$deafff00$8119fea9@thinkpad> References: <004501c394ea$deafff00$8119fea9@thinkpad> Message-ID: <3F93C87D.8080702@nyphp.org> jon baer wrote: > just read this interesting article ... > > http://www.onjava.com/pub/a/onjava/2003/10/15/php_scalability.html > > -snip- > PHP scales. There, I said it. The word on the street is that "Java scales > and PHP doesn't." The word on the street is wrong, and PHP needs someone to > stand up and tell the truth: that it does scale. > -snip- I could have done without as much my-tier, your-tier, pattern and anti-pattern blah blah, but it was nice to see a fairly objective look at PHP from a Java house. H From soazine at pop.erols.com Mon Oct 20 09:43:48 2003 From: soazine at pop.erols.com (soazine at pop.erols.com) Date: Mon, 20 Oct 2003 09:43:48 -0400 Subject: [nycphp-talk] trouble using ob_start(), ob_end_clean() and header() combination Message-ID: <244640-2200310120134348859@M2W033.mail2web.com> I traced the problem to what I believe is when I use the included content library script into the viewinterns.php page. This script will repeatedly instantiate a DateGroupHTMLGenerator class because I have to constantly produce these HTML form element fields with different names throughout my page. Here is the code I use to reproduce it everytime: $val) $gradArray = $gradArray + array($val => $$val); array_push($gradArray, 2); // ADD TEXT FIELD SIZE $dateGroup =& new DateGroupHTMLGenerator($gradArray, 1, 0, 1); echo $dateGroup->getMonthDropdown() . $dateGroup->getDayDropdown() . $dateGroup->getYearText(); ?> This is one of the dategroup HTML content snippets throughout the library. There are several of them since the form is rather large and requires an enormous amount of data including several month/day/year groupings, all having different names (see the foreach() loop for more clarification on naming convention, etc.). At the end of this library script I do the following: I zero-out the object. Upon review, however, I am convinced that somehow a latent object or a latent buffer is still floating around. Here is the code to DateGroupHTMLGenerator constructor method: // CONSTRUCTOR function DateGroupHTMLGenerator($classPropertyArray, $hasMonth = 1, $hasDay = 1, $hasYear = 1) { global $REQUEST_URI; foreach(array('month', 'day', 'year') as $key => $val) $this->{'has' . ucfirst($val)} = ${'has' . ucfirst($val)}; $this->propertyArray = $classPropertyArray; // CONVERT THE INPUT PARAMETER ARRAY INTO A 2-DIM ENUMERATIVE ARRAY TO PRESERVE KEYS AND VALS AND HAVE ENUMERATION FOR SWITCH $enumKeyValArray = array(); foreach($this->propertyArray as $key => $val) array_push($enumKeyValArray, array($key, $val)); // GET THE VALUE OF THE LAST ELEMENT OF THE INPUT PARAMETER ARRAY WHICH WILL BE THE TEXT FIELD LENGTH $textFieldLengthArray = array_values(array_reverse($this->propertyArray)); $textFieldLength = $textFieldLengthArray[0]; $this->htmlArray = array(); $monthArray = array('01' => 'January', '02' => 'February', '03' => 'March', '04' => 'April', '05' => 'May', '06' => 'June', '07' => 'July', '08' => 'August', '09' => 'September', '10' => 'October', '11' => 'November', '12' => 'December' ); for ($i = 0; $i < sizeof($enumKeyValArray); $i++) { $html = ''; switch ($i) { case '2': // TEXT FIELD SLOT IN INPUT ARRAY PARAMETER if ($this->hasYear) { if ($textFieldLength == 2) $html = '20'; $html .= ''; } break; case '3': // SIZE OF TEXT FIELD - NOTHING NEEDS TO BE DONE // DO NOTHING break; case '0': // MONTH DROPDOWN if ($this->hasMonth) { $html = ''; } break; case '1': // DAY DROPDOWN if ($this->hasDay) { $html = ''; } break; default: // THIS WILL BE EXPANDED FOR FUTURE IMPLEMENTATION OF DATEGROUP, FOR NOW IF ANYTHING ELSE IS FOUND DO NOTHING // DO NOTHING break; } $this->htmlArray[$i] = $html; } } I have certain fields surrounded by ob_start() and ob_end_clean() because the function those commands surround does an 'echo' (required). So to prevent it from going to stdout that is why I have ob_start() and ob_end_clean() around them. However, when the user submits the form generated by the library using this class object, it will instantiate a saveData class object that saves everything (no headers produced mind you) and then does a redirect header() command. Whenever anyone does that they get this specific warning: Warning: Cannot add header information - headers already sent by (output started at /var/www/html/development/phillip/libdev/html.inc:160) in /var/www/html/development/phillip/admin/viewinterns.php on line 659 Mind you, the saveData class in viewinterns.php does NOT instantiate anything in html.inc, much less a DateGroupHTMLGenerator class instance, which is exactly what this warning is pointing to (the line 160 in html.inc is the end of the entire html.inc, classes and all). I'm totally stumped. If I replace "header()" with client-side redirection it works but is EXTREMELY slow (avg download time 20 - 30 seconds per page), so it's not an option. I do not know what to do at this point so I really need help. Thanks Phil -------------------------------------------------------------------- mail2web - Check your email from the web at http://mail2web.com/ . From shiflett at php.net Mon Oct 20 12:00:29 2003 From: shiflett at php.net (Chris Shiflett) Date: Mon, 20 Oct 2003 09:00:29 -0700 (PDT) Subject: What Is Scalability? Was: [nycphp-talk] PHP vs. Java scalability ... In-Reply-To: <3F93C87D.8080702@nyphp.org> Message-ID: <20031020160029.11004.qmail@web14301.mail.yahoo.com> --- Hans Zaunere wrote: > I could have done without as much my-tier, your-tier, pattern and > anti-pattern blah blah, but it was nice to see a fairly objective > look at PHP from a Java house. I was interested in seeing how mangled the definition of scalability has become. I spoke a bit about this on my blog, and I have sparked discussions about it on php-general and use.perl. So, we may as well discuss it here also. How do you define scalability? What does it mean? Chris ===== My Blog http://shiflett.org/ HTTP Developer's Handbook http://httphandbook.org/ RAMP Training Courses http://www.nyphp.org/ramp From hans at nyphp.org Mon Oct 20 13:49:36 2003 From: hans at nyphp.org (Hans Zaunere) Date: Mon, 20 Oct 2003 13:49:36 -0400 Subject: What Is Scalability? Was: [nycphp-talk] PHP vs. Java scalability ... In-Reply-To: <20031020160029.11004.qmail@web14301.mail.yahoo.com> References: <20031020160029.11004.qmail@web14301.mail.yahoo.com> Message-ID: <3F942030.7090701@nyphp.org> Chris Shiflett wrote: > --- Hans Zaunere wrote: > >>I could have done without as much my-tier, your-tier, pattern and >>anti-pattern blah blah, but it was nice to see a fairly objective >>look at PHP from a Java house. > > > I was interested in seeing how mangled the definition of scalability has > become. I spoke a bit about this on my blog, and I have sparked discussions > about it on php-general and use.perl. > > So, we may as well discuss it here also. How do you define scalability? What > does it mean? http://www.gartner.com/DisplayDocument?doc_cd=95856 I'm going with multidimensional scalability :) All joking aside, scalability holds different meanings in different contexts - are we talking hardware, software, or the architecture of how the system as a whole was designed (or lack thereof). In general, without getting into various flavors and types, scalability is suitability to task and the ability to accommodate future requirements. Sure, a big piece of this is performance - what happens when your traffic increases by some factor of 10 - but there are other issues to deal with. What if you need to "scale" functionality; what if you need to change/outsource development; what happens if a particular server/network goes offline? Each of these are given their own buzzwords, but they all reflect one key fundamental aspect: the architecture of the system as a whole. Some languages, or platforms as they've become, have some sugar builtin to address these issues, but they still remain less of a remedy versus good design and planning. Let's take two kings of "scalability" - Oracle and J2EE. Why are they generally accepted as being so scalable, outside of the marketing muscle behind them? Is Oracle lightweight and agile? Is J2EE and it's core language Java highly tuned for performance? No. They divide functionality up and suggest, almost force, you to build on an architecture that provides the ability to be distributed across machines, networks, development groups, etc. PHP doesn't have this foundation in a predigested form as other languages/platforms attest, but there is certainly no reason it can't be implemented. And furthermore, implemented with greater success by avoiding mistakes the big guns have made. Then again, maybe most of it is a mistake. >> http://www.onjava.com/pub/a/onjava/2003/10/15/php_scalability.html I got a nice laugh, and then was inclined to take the remainder of the article more seriously, after reading this: "Within the Java community, the standard J2EE topology is anything but clear." There's no cure all, and no such thing as a free lunch. H From tgales at tgaconnect.com Mon Oct 20 14:03:09 2003 From: tgales at tgaconnect.com (Tim Gales) Date: Mon, 20 Oct 2003 14:03:09 -0400 Subject: What Is Scalability? Was: [nycphp-talk] PHP vs. Java scalability ... In-Reply-To: <20031020160029.11004.qmail@web14301.mail.yahoo.com> Message-ID: <000601c39734$6ee4d550$bf8d3818@oberon1> Well it definitely has to do with the 'size of the problem' and maybe 'bang for the buck' also. It's more than just the number of (concurrent) users -- it's also the amount of data and the work performed on the data. A schema for a database might be okay for queries against 8-10 thousand items but have response problems at say 80-100 thousand items. Ultimately you have to have some measure of throughput and I guess 'transactions per second' is about the best. Then you need a 'rate of change' measurement like to go from 200 tps to 500 tps using technology 'A' costs an additional 3 cents per transaction. Technology 'B' will cost you 4 1/2 cents to do the same. But when you 'scale up', the move from 500 to 1000 tps technology 'A' has an incremental cost of 2 1/2 cents whereas technology 'B' has an incremental cost of only 1 1/2 cents. So if you make a chart of tps / cost per transaction at the start technology 'A' is less expensive, but as time and the number of transactions move on and up, technology 'B' is cheaper because it 'scales'. Anyway the idea that PHP doesn't scale is ridiculous. "www.php.net serves almost 2M hits (mostly PHP-generated pages) per day from a single PII-350..." at http://www.phpbuilder.com/mail/php3-list/200003/4480.php T. Gales & Associates Helping People Connect with Technology http://www.tgaconnect.com -----Original Message----- From: talk-bounces at lists.nyphp.org [mailto:talk-bounces at lists.nyphp.org] On Behalf Of Chris Shiflett Sent: Monday, October 20, 2003 12:00 PM To: NYPHP Talk Subject: What Is Scalability? Was: [nycphp-talk] PHP vs. Java scalability ... ... So, we may as well discuss it here also. How do you define scalability? What does it mean? Chris .. From shawn at shawnlawyer.com Mon Oct 20 15:06:34 2003 From: shawn at shawnlawyer.com (shawn at shawnlawyer.com) Date: Mon, 20 Oct 2003 12:06:34 -0700 (PDT) Subject: [nycphp-talk] Simillar to paypal In-Reply-To: <000601c39734$6ee4d550$bf8d3818@oberon1> References: <20031020160029.11004.qmail@web14301.mail.yahoo.com> <000601c39734$6ee4d550$bf8d3818@oberon1> Message-ID: <4179.24.215.160.176.1066676794.squirrel@webmail.shawnlawyer.com> yo, I have a client that won't get a regular merchant account so I suggested using paypal for handling the purchases on there site. The only problem is they want a transparent layer when the sales are finalized. Does anyone know of a service similar to the paypal services but allows for transparency on the payment layer. shawn lawyer www.shawnlawyer.com From soazine at pop.erols.com Mon Oct 20 15:08:33 2003 From: soazine at pop.erols.com (soazine at pop.erols.com) Date: Mon, 20 Oct 2003 15:08:33 -0400 Subject: [nycphp-talk] problem with mysql select query with unusual criteria Message-ID: <293580-220031012019833622@M2W089.mail2web.com> Here is the scope of what I need to do; want: enrollment_year allowed (even if null) all of ica criteria: 1) join ica and i 2) ica.intern_id = 821 3) either (q.partner_name = 'ECSU' and joins with permissions according to your intern_id AND ica.has_ecsu_essay = 'Y') OR (ica.has_ecsu_essay != 'Y' AND there is NO row in permissions with partner_id where q.partner_id = 'ECSU' according to 821) This is what I've done so far and it fails: SELECT distinct i.enrollment_year, IF (p.intern_id = i.id AND p.intern_id = '821' AND p.partner_name = q.partner_name AND upper(q.partner_name) = 'ECSU' AND upper(ica.has_ecsu_essay) = 'Y'), '1', '0' AS allowed, ica.* FROM interns i, intern_complete_application ica, permissions p, partners q WHERE ica.intern_id = i.id AND ica.intern_id = '821' AND upper(ica.has_ref_letter_1) = 'Y' AND upper(ica.has_ref_letter_2) = 'Y' AND upper(ica.has_transcript) = 'Y' I get syntax errors on this query, and every other combination gives me syntax errors or wrong data. I have been trying for 2 days to get this query and it's either that or I write this horrifically bloated PHP method to do the same thing (it works but it takes about 15 seconds to execute the whole thing): function isCompletedIntern($internID) { // BOOLEAN "METHOD" global $dbHost,$dbPort,$dbUser,$dbPwd,$dbName; $db = new dbConnection($dbHost,$dbPort,$dbUser,$dbPwd,$dbName); $dbconnection = $db->connect(); $isCompleted = 1; $query = 'SELECT * FROM intern_complete_application WHERE intern_id = \'' . $internID . '\''; $queryInfo = new mySqlQuery($query, $dbconnection); $result = $queryInfo->getResult(); if (get_object_vars($result[0])) { foreach (array('has_ref_letter_1', 'has_ref_letter_2', 'has_transcript', 'has_grad_enrollment', 'has_ecsu_essay') as $key => $val) { $arrayKeyName = $this->dbNameToArrayName($val); ${$arrayKeyName} = $result[0]->$val; } $result = null; } $query = 'SELECT partner_id, upper(partner_name) as name FROM partners ' . 'WHERE upper(partner_name) = \'ECSU\' OR upper(partner_name) = \'GRAD\''; $queryInfo =& new mySqlQuery($query, $dbconnection); $result =& $queryInfo->getResult(); for ($i = 0; $i < sizeof($result); $i++) { switch ($result[$i]->name) { case 'ECSU': $ecsuID = $result[$i]->partner_id; break; case 'GRAD': $gradID = $result[$i]->partner_id; break; default: // DO NOTHING break; } } // CHECK FOR ALL THREE REQUIRED CHECKBOXES TO MAP TO intern_complete_application TO BE MARKED 'Y' foreach(array('hasRefLetter1', 'hasRefLetter2', 'hasTranscript') as $key => $val) { if (strcmp(strtolower($$val), 'y') != 0) $isCompleted = 0; } /*-------------------------------------------------------------------------- -------------------------------- If they are an ECSU permitted intern and their required 1-page essay is not yet marked 'checked' in intern_complete_application they are not yet completed ---------------------------------------------------------------------------- -------------------------------*/ if ($isCompleted) { $query = 'SELECT allowed FROM permissions WHERE intern_id = \'' . $internID . '\' ' . ' AND partner_id = \'' . $ecsuID . '\''; $queryInfo =& new mySqlQuery($query, $dbconnection); $result =& $queryInfo->getResult(); if (strcmp(strtolower($hasEcsuEssay), 'y') != 0 && get_object_vars($result[0])) { if ($result[0]->allowed) $isCompleted = 0; } } //---END OF ECSU REQUIREMENT BLOCK----------------------------------------------------------------------- --- /*-------------------------------------------------------------------------- -------------------------------- If they are a grad student (be sure to check in grads table as well as permissions through LEFT JOIN statements) and they have not submitted their proof-of-enrollment form, that mark in intern_complete_ application will also be not marked 'Y' and thus they are not yet completed ---------------------------------------------------------------------------- -------------------------------*/ if ($isCompleted) { $query = 'SELECT id FROM interns WHERE id = \'' . $internID . '\' ' . ' AND enrollment_year IN ' . $this->graduateCompletionFieldsSQL; $queryInfo =& new mySqlQuery($query, $dbconnection); $result =& $queryInfo->getResult(); if (strcmp(strtolower($hasGradEnrollment), 'y') != 0 && get_object_vars($result[0])) $isCompleted = 0; } //---END OF GRAD REQUIREMENT BLOCK----------------------------------------------------------------------- --- $db->close(); $result = null; $queryInfo = null; return $isCompleted; } I'm sorry to ask so many questions, guys. It's evident I am not a good coder. Phil -------------------------------------------------------------------- mail2web - Check your email from the web at http://mail2web.com/ . From lists at ny-tech.net Mon Oct 20 15:17:01 2003 From: lists at ny-tech.net (Nasir Zubair) Date: Mon, 20 Oct 2003 15:17:01 -0400 Subject: [nycphp-talk] Simillar to paypal In-Reply-To: <4179.24.215.160.176.1066676794.squirrel@webmail.shawnlawyer.com> Message-ID: <000701c3973e$bec342a0$6401a8c0@main> Take a look at www.paysystems.com or www.2checkout.com they are's completely transparent but are more 'profrssional', if you will. 2checkout.com let's your customize the headers and footers for the payment pages, which makes it easier to integerate the payment pages into your site. There are others, like ibill.com, worldpay.com, etc. However, I have not had any experience with them so can't say much. Hope that helps. - Nasir -----Original Message----- From: shawn at shawnlawyer.com [mailto:shawn at shawnlawyer.com] Sent: Monday, October 20, 2003 3:07 PM To: NYPHP Talk Subject: [nycphp-talk] Simillar to paypal yo, I have a client that won't get a regular merchant account so I suggested using paypal for handling the purchases on there site. The only problem is they want a transparent layer when the sales are finalized. Does anyone know of a service similar to the paypal services but allows for transparency on the payment layer. shawn lawyer www.shawnlawyer.com From adam at trachtenberg.com Mon Oct 20 15:37:37 2003 From: adam at trachtenberg.com (Adam Maccabee Trachtenberg) Date: Mon, 20 Oct 2003 15:37:37 -0400 (EDT) Subject: [nycphp-talk] problem with mysql select query with unusual criteria In-Reply-To: <293580-220031012019833622@M2W089.mail2web.com> Message-ID: On Mon, 20 Oct 2003, soazine at pop.erols.com wrote: > SELECT distinct i.enrollment_year, > IF (p.intern_id = i.id AND p.intern_id = '821' AND p.partner_name = > q.partner_name AND upper(q.partner_name) = 'ECSU' AND > upper(ica.has_ecsu_essay) = 'Y'), '1', '0' AS allowed, > ica.* > FROM interns i, intern_complete_application ica, permissions p, partners q > WHERE ica.intern_id = i.id > AND ica.intern_id = '821' > AND upper(ica.has_ref_letter_1) = 'Y' > AND upper(ica.has_ref_letter_2) = 'Y' > AND upper(ica.has_transcript) = 'Y' > > I get syntax errors on this query, and every other combination gives me > syntax errors or wrong data. I have been trying for 2 days to get this > query and it's either that or I write this horrifically bloated PHP method > to do the same thing (it works but it takes about 15 seconds to execute the > whole thing): Are you sure that's the correct place to put the ()s w/r/t the IF? I would look that up on mysql.com. -adam -- adam at trachtenberg.com author of o'reilly's php cookbook avoid the holiday rush, buy your copy today! From soazine at pop.erols.com Mon Oct 20 15:46:23 2003 From: soazine at pop.erols.com (soazine at pop.erols.com) Date: Mon, 20 Oct 2003 15:46:23 -0400 Subject: [nycphp-talk] problem with mysql select query with unusual criteria Message-ID: <168270-2200310120194623765@M2W088.mail2web.com> actually I rewrote the query to be a bit more clear.. Ok I finally figured out the query I want to write, here is the Oracle version of the query: select i.enrollment_year, (select p.allowed from permissions p, partners q, intern_complete_application a where p.intern_id = a.intern_id and p.intern_id = 821 and p.partner_id = q.partner_id and upper(q.partner_name) = 'ECSU' and upper(a.has_ecsu_essay) = 'Y') as allowed, ica.* from interns i, intern_complate_application ica where i.intern_id = ica.intern_id and i.intern_id = 821; I hope that clears things up a bit. Phil Original Message: ----------------- From: Adam Maccabee Trachtenberg adam at trachtenberg.com Date: Mon, 20 Oct 2003 15:37:37 -0400 (EDT) To: soazine at erols.com, talk at lists.nyphp.org Subject: Re: [nycphp-talk] problem with mysql select query with unusual criteria On Mon, 20 Oct 2003, soazine at pop.erols.com wrote: > SELECT distinct i.enrollment_year, > IF (p.intern_id = i.id AND p.intern_id = '821' AND p.partner_name = > q.partner_name AND upper(q.partner_name) = 'ECSU' AND > upper(ica.has_ecsu_essay) = 'Y'), '1', '0' AS allowed, > ica.* > FROM interns i, intern_complete_application ica, permissions p, partners q > WHERE ica.intern_id = i.id > AND ica.intern_id = '821' > AND upper(ica.has_ref_letter_1) = 'Y' > AND upper(ica.has_ref_letter_2) = 'Y' > AND upper(ica.has_transcript) = 'Y' > > I get syntax errors on this query, and every other combination gives me > syntax errors or wrong data. I have been trying for 2 days to get this > query and it's either that or I write this horrifically bloated PHP method > to do the same thing (it works but it takes about 15 seconds to execute the > whole thing): Are you sure that's the correct place to put the ()s w/r/t the IF? I would look that up on mysql.com. -adam -- adam at trachtenberg.com author of o'reilly's php cookbook avoid the holiday rush, buy your copy today! -------------------------------------------------------------------- mail2web - Check your email from the web at http://mail2web.com/ . From shiflett at php.net Mon Oct 20 16:37:06 2003 From: shiflett at php.net (Chris Shiflett) Date: Mon, 20 Oct 2003 13:37:06 -0700 (PDT) Subject: [nycphp-talk] problem with mysql select query with unusual criteria In-Reply-To: <168270-2200310120194623765@M2W088.mail2web.com> Message-ID: <20031020203706.86147.qmail@web14302.mail.yahoo.com> --- "soazine at pop.erols.com" wrote: > Ok I finally figured out the query I want to write, here is the > Oracle version of the query: It seems like you should either use Oracle or learn MySQL. Using this list as some sort of primitive Oracle2MySQL converter isn't very wise. Chris ===== My Blog http://shiflett.org/ HTTP Developer's Handbook http://httphandbook.org/ RAMP Training Courses http://www.nyphp.org/ramp From danielc at analysisandsolutions.com Mon Oct 20 17:22:48 2003 From: danielc at analysisandsolutions.com (Analysis & Solutions) Date: Mon, 20 Oct 2003 17:22:48 -0400 Subject: [nycphp-talk] problem with mysql select query with unusual criteria In-Reply-To: <293580-220031012019833622@M2W089.mail2web.com> References: <293580-220031012019833622@M2W089.mail2web.com> Message-ID: <20031020212248.GA21078@panix.com> On Mon, Oct 20, 2003 at 03:08:33PM -0400, soazine at pop.erols.com wrote: > want: I want to be a programmer, but I'm not great at figuring things out, so, rather than figure out that there are other things in the world that I _am_ good at and doing them, I'd rather bang my head against a wall and try to get someone to help me do my work for me. > criteria: For free. > This is what I've done so far and it fails: Get error messages, but haven't really thought about what they say nor do have I read the manual about the section of the query that failed. So, I asked a PHP list about how to write a MySQL query because I couldn't figure out that a MySQL list would be the right place to consult. :/ --Dan -- FREE scripts that make web and database programming easier http://www.analysisandsolutions.com/software/ T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y 4015 7th Ave #4AJ, Brooklyn NY v: 718-854-0335 f: 718-854-0409 From danielc at analysisandsolutions.com Mon Oct 20 20:00:07 2003 From: danielc at analysisandsolutions.com (Analysis & Solutions) Date: Mon, 20 Oct 2003 20:00:07 -0400 Subject: [nycphp-talk] SecurityFocus Newsletter #219 blah blah Message-ID: <20031021000007.GA22414@panix.com> Gallery index.php Remote File Include Vulnerability http://www.securityfocus.com/bid/8814 Multiple myPHPCalendar File Include Vulnerabilities http://www.securityfocus.com/bid/8820 Be safe out there, --Dan -- FREE scripts that make web and database programming easier http://www.analysisandsolutions.com/software/ T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y 4015 7th Ave #4AJ, Brooklyn NY v: 718-854-0335 f: 718-854-0409 From tgales at tgaconnect.com Mon Oct 20 20:44:17 2003 From: tgales at tgaconnect.com (Tim Gales) Date: Mon, 20 Oct 2003 20:44:17 -0400 Subject: [nycphp-talk] php in securityfocus 218 In-Reply-To: <3F8BF061.1030609@chxo.com> Message-ID: <001501c3976c$75704520$bf8d3818@oberon1> Chris, If you're still interested in stuff about SQL injections -- here's a link for you: http://freshmeat.net/projects/sql_inject/?topic_id=914 Pardon my other post on this -- I thought you were joking when you suggested you were afraid that you might be vulnerable from sql masquerading as an e-mail address. T. Gales & Associates Helping People Connect with Technology http://www.tgaconnect.com -----Original Message----- From: talk-bounces at lists.nyphp.org [mailto:talk-bounces at lists.nyphp.org] On Behalf Of Chris Snyder Sent: Tuesday, October 14, 2003 8:47 AM To: NYPHP Talk Subject: Re: [nycphp-talk] php in securityfocus 218 Analysis & Solutions wrote: >PHP Prayer Board SQL Injection Vulnerability >http://www.securityfocus.com/bid/8774 > I put SQL into my prayers all the time, is this a bad thing? :-) In an attempt, um, to redeem this message, what *is* an SQL Injection Vulnerability? Is the religious use of addslashes() on any request variables used in a database query enough to prevent it? For example: $email = $_GET['email']; $safeemail = addslashes($email); $query = "SELECT * FROM supplicants WHERE email='$safeemail' "; Is this safe, or is my site at the mercy of a clever SQL injector? csnyder _______________________________________________ talk mailing list talk at lists.nyphp.org http://lists.nyphp.org/mailman/listinfo/talk From delta at rochester.rr.com Mon Oct 20 22:35:58 2003 From: delta at rochester.rr.com (deedee) Date: Mon, 20 Oct 2003 22:35:58 -0400 Subject: [nycphp-talk] Vote References: <003901c39581$c8454ad0$8119fea9@thinkpad> Message-ID: <010801c3977c$0f3e5cf0$fc00fe0a@KEITZWS2> i would vote for myphpadmin ... basically because i've used it the most. but i also have used squirrelmail, kde, open office, xmms and mplayer. with recent withdrawls from cnn streaming video i am sooooooo thankful for my discovery of xmms & mplayer....(cnn web support told me to use window media player on my linux box .... uh!?! no!) i think at a comdex show the video and music playing booth is definately going to be the best choice... and will draw a big crowd of all ages. so in the last possible moment....... i vote for xmms. ----- Original Message ----- From: "jon baer" To: Sent: Saturday, October 18, 2003 10:11 AM Subject: [nycphp-talk] Vote for phpMyAdmin > http://www.oreillynet.com/contest/comdex/ > > -snip- > O'Reilly is working with COMDEX to organize an Open Source Innovation Area > on the COMDEX Exhibit Floor. We've nominated 21 projects and we'd like you > to help us select the six projects we'll send to COMDEX. The winning > projects will be recognized by COMDEX and we'll invite a leader from the > project to come to COMDEX and run demos on the show floor. This will give > Open Source projects an opportunity to go where only commercial software > vendors have gone before. > -snip- > > pgp key: http://www.jonbaer.net/jonbaer.asc > fingerprint: F438 A47E C45E 8B27 F68C 1F9B 41DB DB8B 9A0C AF47 > > _______________________________________________ > talk mailing list > talk at lists.nyphp.org > http://lists.nyphp.org/mailman/listinfo/talk > From jonbaer at jonbaer.net Mon Oct 20 23:32:44 2003 From: jonbaer at jonbaer.net (jon baer) Date: Mon, 20 Oct 2003 23:32:44 -0400 Subject: [nycphp-talk] w/ PHP 4/5 ... Message-ID: <001801c39783$fe1f4d00$8119fea9@thinkpad> dumb question, but for a while i had been trying to setup virtual hosting w/ php4 + php5 running and figured the easiest route was starting httpd with -DPHP4 or -DPHP5, how is everyone else setting it up? i find apache pretty flexible this way + use it all the time like this + figured that one could elimate php.ini altogether if they wanted to (using php_value foo "bar") ... or is that incorrect? thanks. - jon pgp key: http://www.jonbaer.net/jonbaer.asc fingerprint: F438 A47E C45E 8B27 F68C 1F9B 41DB DB8B 9A0C AF47 From jonbaer at jonbaer.net Tue Oct 21 00:03:24 2003 From: jonbaer at jonbaer.net (jon baer) Date: Tue, 21 Oct 2003 00:03:24 -0400 Subject: [nycphp-talk] Amazon<->PHP upload Message-ID: <003b01c39788$4d30b510$8119fea9@thinkpad> im in the process of uploading a crapload of books onto amazon (http://www.jonbaer.net/books) + would like to build a simple easy app in php to upload data into my account ... (typically just ISBN, condition, price), are the free web services limited in this manner ... i could not tell if it was even possible to jump right into my account like that ... can anyone provide insight? - jon pgp key: http://www.jonbaer.net/jonbaer.asc fingerprint: F438 A47E C45E 8B27 F68C 1F9B 41DB DB8B 9A0C AF47 From csnyder at chxo.com Tue Oct 21 09:14:30 2003 From: csnyder at chxo.com (Chris Snyder) Date: Tue, 21 Oct 2003 09:14:30 -0400 Subject: [nycphp-talk] php in securityfocus 218 In-Reply-To: <001501c3976c$75704520$bf8d3818@oberon1> References: <001501c3976c$75704520$bf8d3818@oberon1> Message-ID: <3F953136.60101@chxo.com> That looks like a handy class, thanks Tim. I was only half-joking -- more trying to shine a flashlight on the issue. SQL injection vulnerabilities seem to be a problem in a lot of open source applications, and probably an even bigger problem in the scripts that we never see. My understanding was (with MySql anyway) that you only needed to be careful with stray quotes, so that an attacker would have no way to rewrite your query. I never really considered the possibility of overflows or attack by value of the wrong type, because in my experience those conditions were either handled gracefully or generated an error and I was lazy. So we can kill this thread, is it safe to say that three best practices here are: 1) always check user input to make sure it's the type and size of data that you expect 2) use mysql_real_escape_string() if possible, or addslashes() to escape any quotes in the data 3) always encapsulate field values in quotes in your queries csnyder Tim Gales wrote: >Chris, > >If you're still interested in stuff about SQL injections -- >here's a link for you: > >http://freshmeat.net/projects/sql_inject/?topic_id=914 > >Pardon my other post on this -- I thought you were joking >when you suggested you were afraid that you might be >vulnerable from sql masquerading as an e-mail address. > > > From dmintz at panix.com Tue Oct 21 09:43:00 2003 From: dmintz at panix.com (David Mintz) Date: Tue, 21 Oct 2003 09:43:00 -0400 (EDT) Subject: [nycphp-talk] php in securityfocus 218 In-Reply-To: <3F953136.60101@chxo.com> References: <001501c3976c$75704520$bf8d3818@oberon1> <3F953136.60101@chxo.com> Message-ID: On Tue, 21 Oct 2003, Chris Snyder wrote: > > So we can kill this thread, is it safe to say that three best practices > here are: > > 1) always check user input to make sure it's the type and size of data > that you expect > 2) use mysql_real_escape_string() if possible, or addslashes() to escape > any quotes in the data Will the PEAR DB's quote($value) do as well, do ya think? Also, if you use PEAR's prepare("select * from foo where bla = ?") and execute($sth,array('Gack')), you get quoting/escaping automatically, right? > 3) always encapsulate field values in quotes in your queries > Yeah, I've read somewhere that it never hurts to quote even numeric field value types. That's standard rather than MySQL-specific, no? --- David Mintz http://davidmintz.org/ Email: See http://dmintzweb.com/whitelist.php first! "Anybody else got a problem with Webistics?" Sopranos 24:17 From delta at rochester.rr.com Tue Oct 21 22:47:16 2003 From: delta at rochester.rr.com (deedee) Date: Tue, 21 Oct 2003 22:47:16 -0400 Subject: [nycphp-talk] virtual host;review posts? References: <001801c39783$fe1f4d00$8119fea9@thinkpad> Message-ID: <005001c39846$ce048040$fc00fe0a@KEITZWS2> please dont take offense Jon but we just discussed the setup of virtual host about 2 weeks ago... we recently had more than 18 posts on how to set up virtual host including links to apache website http://httpd.apache.org/docs-2.0/vhosts/ and our own http://phundamental.nyphp.org (check the nytalk archives around oct 6 through oct 8). a general question to our fearless leaders of NYPHP, i am wondering how anyone can be sure to thoroughly search the 'archives' before asking questions in this nyphp-talk. the only reason i even know the virtual host discussion occurred is because i was involved with the discussion thread... but i am just as likely to ask a question about a topic that was discussed in detail in the past or in another nyphp resources. so i hope you find your answers Jon in the resources above. i was hoping to hear from Jeff Siegel about his success story of setting up virtual hosting. ;) regards, deedee ----- Original Message ----- From: "jon baer" To: Sent: Monday, October 20, 2003 11:32 PM Subject: [nycphp-talk] w/ PHP 4/5 ... > dumb question, but for a while i had been trying to setup virtual hosting w/ > php4 + php5 running and figured the easiest route was starting httpd > with -DPHP4 or -DPHP5, how is everyone else setting it up? > > i find apache pretty flexible this way + use it all the time like this + > figured that one could elimate php.ini altogether if they wanted to (using > php_value foo "bar") ... or is that incorrect? > > thanks. > > - jon > > pgp key: http://www.jonbaer.net/jonbaer.asc > fingerprint: F438 A47E C45E 8B27 F68C 1F9B 41DB DB8B 9A0C AF47 > > _______________________________________________ > talk mailing list > talk at lists.nyphp.org > http://lists.nyphp.org/mailman/listinfo/talk > From shiflett at php.net Tue Oct 21 22:57:11 2003 From: shiflett at php.net (Chris Shiflett) Date: Tue, 21 Oct 2003 19:57:11 -0700 (PDT) Subject: [nycphp-talk] virtual host;review posts? In-Reply-To: <005001c39846$ce048040$fc00fe0a@KEITZWS2> Message-ID: <20031022025711.76439.qmail@web14311.mail.yahoo.com> --- deedee wrote: > a general question to our fearless leaders of NYPHP, i am wondering > how anyone can be sure to thoroughly search the 'archives' before > asking questions in this nyphp-talk. I'm not a leader of NYPHP, but I don't think this has been much of a problem yet for this list. It doesn't have so much traffic that repeated questions are terribly annoying. In fact, I don't really mind repeated questions much, especially when there are new answers given. I think this condition is much worse on lists like php-general, because it is less likely to hear a new answer to someone asking why $foo isn't defined (when register_globals is disabled). I've never actually searched our archives, but I know we have some. Maybe someone should suggest that php|a include our lists in their mailing list archive search tool. Chris ===== My Blog http://shiflett.org/ HTTP Developer's Handbook http://httphandbook.org/ RAMP Training Courses http://www.nyphp.org/ramp From dmintz at panix.com Wed Oct 22 00:02:01 2003 From: dmintz at panix.com (David Mintz) Date: Wed, 22 Oct 2003 00:02:01 -0400 (EDT) Subject: [nycphp-talk] virtual host;review posts? In-Reply-To: <005001c39846$ce048040$fc00fe0a@KEITZWS2> References: <001801c39783$fe1f4d00$8119fea9@thinkpad> <005001c39846$ce048040$fc00fe0a@KEITZWS2> Message-ID: On Tue, 21 Oct 2003, deedee wrote: > please dont take offense Jon but we just discussed the setup of virtual host > about 2 weeks ago... we recently had more than 18 posts on how to set up > virtual host including links to apache website > http://httpd.apache.org/docs-2.0/vhosts/ and our own > http://phundamental.nyphp.org (check the nytalk archives around oct 6 > through oct 8). I thought he was talking specifically about running PHP 4 and PHP 5 at the same time, which I don't think we talked about. Or did we? (Did I review the archives? No, sorry. Too busy watching the World Series. (-: ) --- David Mintz http://davidmintz.org/ Email: See http://dmintzweb.com/whitelist.php first! "Anybody else got a problem with Webistics?" Sopranos 24:17 From tgales at tgaconnect.com Wed Oct 22 00:56:11 2003 From: tgales at tgaconnect.com (Tim Gales) Date: Wed, 22 Oct 2003 00:56:11 -0400 Subject: [nycphp-talk] virtual host;review posts? In-Reply-To: <005001c39846$ce048040$fc00fe0a@KEITZWS2> Message-ID: <001001c39858$d081b010$bf8d3818@oberon1> Deedee wrote: ... how anyone can be sure to thoroughly search the 'archives' before asking... There is a horizontal menu that has a search button which will present a search form. You can click the radio button for lists.nyphp.org to search the mailing lists. As a test I entered "virtual host setup" in the form. In the fifth item returned I noticed: [nycphp-talk] Need virtual host Apache help ... ... Max Jon Baer wrote: > Im trying to setup my laptop to host 5 different PHP-based sites for dev > purposes and getting lost on how to setup Virtual hosting so ... lists.nyphp.org/pipermail/talk/2003-May/003682.html I didn't really poke around but it would seem that Jon Baer was already participating in that thread about virtual hosting (or one very nearly like it). It would probably be a good idea to have that navigation menu available while reading the mailing list archives... It is awkward to have to travel back through a browser history to make another search... Note -- I am answering this just to be of assistance. I am not a leader at NYPHP (or anywhere else for that matter) and as for being fearless -- I am just guilty of rushing into discussions where I shouldn't tread. T. Gales & Associates Helping People Connect with Technology http://www.tgaconnect.com From jsiegel1 at optonline.net Wed Oct 22 04:31:28 2003 From: jsiegel1 at optonline.net (Jeff Siegel) Date: Wed, 22 Oct 2003 04:31:28 -0400 Subject: [nycphp-talk] virtual host;review posts? In-Reply-To: <005001c39846$ce048040$fc00fe0a@KEITZWS2> Message-ID: <003401c39876$e37d52f0$6401a8c0@EZDSDELL> Did I miss a "virtual hosting" question? ;) You *can* Google the NYPHP site...http://www.nyphp.org/google.php to see if a particular issue has been discussed. And as for my success story, well, virtual hosting works fine for me. Keep in mind, though, different situations may not be covered in that article, e.g., if you need SSL, since the hosting as described there is name-based...not IP based. Jeff Siegel P.S. I'm not a "leader" but just fairly involved with the group. -----Original Message----- From: talk-bounces at lists.nyphp.org [mailto:talk-bounces at lists.nyphp.org] On Behalf Of deedee Sent: Tuesday, October 21, 2003 9:47 PM To: NYPHP Talk Subject: [nycphp-talk] virtual host;review posts? please dont take offense Jon but we just discussed the setup of virtual host about 2 weeks ago... we recently had more than 18 posts on how to set up virtual host including links to apache website http://httpd.apache.org/docs-2.0/vhosts/ and our own http://phundamental.nyphp.org (check the nytalk archives around oct 6 through oct 8). a general question to our fearless leaders of NYPHP, i am wondering how anyone can be sure to thoroughly search the 'archives' before asking questions in this nyphp-talk. the only reason i even know the virtual host discussion occurred is because i was involved with the discussion thread... but i am just as likely to ask a question about a topic that was discussed in detail in the past or in another nyphp resources. so i hope you find your answers Jon in the resources above. i was hoping to hear from Jeff Siegel about his success story of setting up virtual hosting. ;) regards, deedee ----- Original Message ----- From: "jon baer" To: Sent: Monday, October 20, 2003 11:32 PM Subject: [nycphp-talk] w/ PHP 4/5 ... > dumb question, but for a while i had been trying to setup virtual hosting w/ > php4 + php5 running and figured the easiest route was starting httpd > with -DPHP4 or -DPHP5, how is everyone else setting it up? > > i find apache pretty flexible this way + use it all the time like this + > figured that one could elimate php.ini altogether if they wanted to (using > php_value foo "bar") ... or is that incorrect? > > thanks. > > - jon > > pgp key: http://www.jonbaer.net/jonbaer.asc > fingerprint: F438 A47E C45E 8B27 F68C 1F9B 41DB DB8B 9A0C AF47 > > _______________________________________________ > talk mailing list > talk at lists.nyphp.org > http://lists.nyphp.org/mailman/listinfo/talk > _______________________________________________ talk mailing list talk at lists.nyphp.org http://lists.nyphp.org/mailman/listinfo/talk From hans at nyphp.org Wed Oct 22 08:41:16 2003 From: hans at nyphp.org (Hans Zaunere) Date: Wed, 22 Oct 2003 08:41:16 -0400 Subject: [nycphp-talk] virtual host;review posts? In-Reply-To: <005001c39846$ce048040$fc00fe0a@KEITZWS2> References: <001801c39783$fe1f4d00$8119fea9@thinkpad> <005001c39846$ce048040$fc00fe0a@KEITZWS2> Message-ID: <3F967AEC.6030707@nyphp.org> > please dont take offense Jon but we just discussed the setup of virtual host > about 2 weeks ago... we recently had more than 18 posts on how to set up > virtual host including links to apache website > http://httpd.apache.org/docs-2.0/vhosts/ and our own > http://phundamental.nyphp.org (check the nytalk archives around oct 6 > through oct 8). > > a general question to our fearless leaders of NYPHP, i am wondering how > anyone can be sure to thoroughly search the 'archives' before asking > questions in this nyphp-talk. the only reason i even know the virtual host > discussion occurred is because i was involved with the discussion thread... > but i am just as likely to ask a question about a topic that was discussed > in detail in the past or in another nyphp resources. As others have mentioned, a google is probably the best best right now (http://nyphp.org/google.php or click Search from the main menu across the top of nyphp.org). It works good (I actually used it the other day to find something) but the only downside is there's at least a several week lag between crawls. We're working on doing a new mailing list with tons of goodies, but until then the google search will probably be the way to go. Unless of course someone wants to hack up Mailman, let me know :) All this said, I'm not sure Jon's post concerned vhosts that much... see followup. H From hans at nyphp.org Wed Oct 22 08:47:10 2003 From: hans at nyphp.org (Hans Zaunere) Date: Wed, 22 Oct 2003 08:47:10 -0400 Subject: [nycphp-talk] w/ PHP 4/5 ... In-Reply-To: <001801c39783$fe1f4d00$8119fea9@thinkpad> References: <001801c39783$fe1f4d00$8119fea9@thinkpad> Message-ID: <3F967C4E.1030102@nyphp.org> jon baer wrote: > dumb question, but for a while i had been trying to setup virtual hosting w/ > php4 + php5 running and figured the easiest route was starting httpd > with -DPHP4 or -DPHP5, how is everyone else setting it up? Admittently I haven't played with php5 yet, but this is how I would have done it. > i find apache pretty flexible this way + use it all the time like this + > figured that one could elimate php.ini altogether if they wanted to (using > php_value foo "bar") ... or is that incorrect? Using the SetEnv, SetEnvIf, IfDefine and other tricks is great - I use them to setup application configuration in PHP (who needs a big application xml file any way :) and in combination with and it's fantastic. You can use many of the php.ini directives in this manner and it's hugely powerful, but not all, and you may run into some restrictions in regards to security. That said, Jon, I think it'd make for a great article/demo on setting PHP through httpd.conf only (or as much as possible and what just can't bet set). H From hans at nyphp.org Wed Oct 22 11:47:17 2003 From: hans at nyphp.org (Hans Zaunere) Date: Wed, 22 Oct 2003 11:47:17 -0400 Subject: [nycphp-talk] php in securityfocus 218 In-Reply-To: References: <001501c3976c$75704520$bf8d3818@oberon1> <3F953136.60101@chxo.com> Message-ID: <3F96A685.2070501@nyphp.org> David Mintz wrote: > On Tue, 21 Oct 2003, Chris Snyder wrote: > > >> >>So we can kill this thread, is it safe to say that three best practices >>here are: >> >>1) always check user input to make sure it's the type and size of data >>that you expect Agreed. Although, you can eat up a lot of time/code/performance checking incoming data. People deal with this in various ways and with varying levels of paranoia, but I've always liked the 'if bad data only effects that user's data, then that's his problem.' It's also good to know where to validate the data, ie as it's coming from the outside world (browser), being passed around within your logic, or finally getting committed into a data base. I've always like the first one. Being conscious of this allows you to realize the difference between validating data as you should, ie from untrusted, external sources, and validating data within your application, ie programming mistakes. Kind of the the hard shell, soft chewy center model. >>2) use mysql_real_escape_string() if possible, or addslashes() to escape >>any quotes in the data > > Will the PEAR DB's quote($value) do as well, do ya think? > > Also, if you use PEAR's prepare("select * from foo where bla = ?") and > execute($sth,array('Gack')), you get quoting/escaping automatically, > right? PEAR should handle all this, regardless of the database itself. That's the beauty of a DB abstraction, but... do you trust it? :) >>3) always encapsulate field values in quotes in your queries >> > > Yeah, I've read somewhere that it never hurts to quote even numeric field > value types. That's standard rather than MySQL-specific, no? Yeah, in fact Oracle will often curse you if you don't use single quotes everywhere (not that Oracle uses SQL standards). That said, and this could probably be viewed as a bad habit, when working with mysql: $somenumber = (int) $inputnumber; mysql_query("SELECT * FROM somedb.sometable WHERE numcol=$somenumber", $MYDB); Quick, secure, and dirty, H From tgales at tgaconnect.com Wed Oct 22 14:28:02 2003 From: tgales at tgaconnect.com (Tim Gales) Date: Wed, 22 Oct 2003 14:28:02 -0400 Subject: [nycphp-talk] SQL Standards (there are so many to choose from) Message-ID: <003a01c398ca$3a88de90$bf8d3818@oberon1> Hans Zaunere wrote: >> Yeah, I've read somewhere that it never hurts to quote even numeric >> field value types. That's standard rather than MySQL-specific, no? (from David Mintz) >Yeah, in fact Oracle will often curse you if you don't use single quotes everywhere (not that >Oracle uses SQL standards). That said, and this could probably be viewed as a bad habit, when working with mySQL. SQL standards - which standard? SQL-99 SQL:2003 ISO/ IEC (working draft) 9075-2:2003 (E) ISO/ IEC JTC 1/ SC 32/WG 3 SQL92 Entry Level or maybe SQL:1999 Core Level This is a pet peeve of mine, but I will throw it out here anyway, I wish people would say: "Do you think this SQL syntax is 'portable' to Sybase (or some other DBMS) " instead of saying "is this SQL 'standard' ". Because that is what (I think) they mean. As for standards -- they are voted on by committee members who are oftentimes placed on the committees by big vendors like Oracle in order to steer the standard towards what they (the big vendors) have already developed. That way the vendors can advertise that they are fully compliant with a certain standard. I don't really hold much hope to ever really 'get my arms around' SQL standard syntax - I will settle for being able to use MySQL to get some things done. I realize its sort of 'sour grapes' - thumbing my nose at standards because I can't understand them. But for me even the name 'MySQL' holds a certain charm - it is "my sql" verses say Larry Ellison's sql. Notwithstanding the above, I still like to read about SQL standards and relational database developments in general. I found an article at http://www.dbazine.com/gulutzan3.html written by Peter Gulutzan, who co-wrote the book "SQL-99 Complete, Really" and now works for MySQL AB in their quest to become 'standard'. Maybe this will be of some interest to readers of this list. T. Gales & Associates Helping People Connect with Technology http://www.tgaconnect.com -------------- next part -------------- An HTML attachment was scrubbed... URL: From crisscott at netzero.com Wed Oct 22 16:33:33 2003 From: crisscott at netzero.com (Scott Mattocks) Date: Wed, 22 Oct 2003 16:33:33 -0400 Subject: [nycphp-talk] Smarty syntax: for(...) Message-ID: <3F96E99D.2080306@netzero.com> Hello, I am working with Smarty templates but I am having trouble trying to do what I want with them. I want to print a block of code a specific number of times sort of like I would do with a for() loop in PHP. I am not using values from an array so I can't use section or foreach loops. I can't find in the documentation how to turn something like this into Smarty code: for($i = 0; $i < max_iters; ++$i) { echo $i . "
"; } Does anyone have any suggestions? Thanks Scott Mattocks From csnyder at chxo.com Wed Oct 22 17:14:57 2003 From: csnyder at chxo.com (Chris Snyder) Date: Wed, 22 Oct 2003 17:14:57 -0400 Subject: [nycphp-talk] Smarty syntax: for(...) In-Reply-To: <3F96E99D.2080306@netzero.com> References: <3F96E99D.2080306@netzero.com> Message-ID: <3F96F351.2000308@chxo.com> As a hack you could make an array with the number of elements needed, and use that to loop in the template. Sounds ugly, I know, but you could do it in your PHP code before you go to display the template, using something like: $loop = array(); for ( $i = 0; $i < max_iters; $i++ ){ $loop[$i] = $i; } There's probably a more graceful way to do it, but then, there are more graceful ways to template than Smarty, as we learned at last month's meeting. ;-) csnyder Scott Mattocks wrote: > Hello, > > I am working with Smarty templates but I am having trouble trying to > do what I want with them. I want to print a block of code a specific > number of times sort of like I would do with a for() loop in PHP. I > am not using values from an array so I can't use section or foreach > loops. I can't find in the documentation how to turn something like > this into Smarty code: > > for($i = 0; $i < max_iters; ++$i) { > echo $i . "
"; > } > > Does anyone have any suggestions? > > Thanks > Scott Mattocks > > _______________________________________________ > talk mailing list > talk at lists.nyphp.org > http://lists.nyphp.org/mailman/listinfo/talk From jonbaer at jonbaer.net Wed Oct 22 16:55:33 2003 From: jonbaer at jonbaer.net (jon baer) Date: Wed, 22 Oct 2003 16:55:33 -0400 Subject: [nycphp-talk] Smarty syntax: for(...) References: <3F96E99D.2080306@netzero.com> Message-ID: <001d01c398de$d61073f0$6700a8c0@thinkpad> did u try to cycle? http://smarty.php.net/manual/en/language.function.cycle.php - jon ----- Original Message ----- From: "Scott Mattocks" To: "NYPHP Talk" Sent: Wednesday, October 22, 2003 4:33 PM Subject: [nycphp-talk] Smarty syntax: for(...) > Hello, > > I am working with Smarty templates but I am having trouble trying to do > what I want with them. I want to print a block of code a specific > number of times sort of like I would do with a for() loop in PHP. I am > not using values from an array so I can't use section or foreach loops. > I can't find in the documentation how to turn something like this into > Smarty code: > > for($i = 0; $i < max_iters; ++$i) { > echo $i . "
"; > } > > Does anyone have any suggestions? > > Thanks > Scott Mattocks > > _______________________________________________ > talk mailing list > talk at lists.nyphp.org > http://lists.nyphp.org/mailman/listinfo/talk > From crisscott at netzero.com Wed Oct 22 17:23:21 2003 From: crisscott at netzero.com (Scott Mattocks) Date: Wed, 22 Oct 2003 17:23:21 -0400 Subject: [nycphp-talk] Smarty syntax: for(...) In-Reply-To: <001d01c398de$d61073f0$6700a8c0@thinkpad> References: <3F96E99D.2080306@netzero.com> <001d01c398de$d61073f0$6700a8c0@thinkpad> Message-ID: <3F96F549.6010406@netzero.com> Cycle loops is used to alternate or cycle through an array of values. It isn't a looping structure. It will just return the next element in the array when called and then go back to the begining. I need a loop that doesn't require an array for control. Even a while() structure would work but I can't seem to find that either. Scott Mattocks jon baer wrote: > did u try to cycle? > > http://smarty.php.net/manual/en/language.function.cycle.php > > - jon > > ----- Original Message ----- > From: "Scott Mattocks" > To: "NYPHP Talk" > Sent: Wednesday, October 22, 2003 4:33 PM > Subject: [nycphp-talk] Smarty syntax: for(...) > > > >>Hello, >> >>I am working with Smarty templates but I am having trouble trying to do >>what I want with them. I want to print a block of code a specific >>number of times sort of like I would do with a for() loop in PHP. I am >>not using values from an array so I can't use section or foreach loops. >> I can't find in the documentation how to turn something like this into >>Smarty code: >> >>for($i = 0; $i < max_iters; ++$i) { >> echo $i . "
"; >>} >> >>Does anyone have any suggestions? >> >>Thanks >>Scott Mattocks >> >>_______________________________________________ >>talk mailing list >>talk at lists.nyphp.org >>http://lists.nyphp.org/mailman/listinfo/talk >> > > > _______________________________________________ > talk mailing list > talk at lists.nyphp.org > http://lists.nyphp.org/mailman/listinfo/talk > > From crisscott at netzero.com Wed Oct 22 17:34:12 2003 From: crisscott at netzero.com (Scott Mattocks) Date: Wed, 22 Oct 2003 17:34:12 -0400 Subject: [nycphp-talk] Smarty syntax: for(...) In-Reply-To: <3F96F351.2000308@chxo.com> References: <3F96E99D.2080306@netzero.com> <3F96F351.2000308@chxo.com> Message-ID: <3F96F7D4.4000201@netzero.com> I thought about doing that but I want to avoid any unnecessary work in my PHP if I can. I know that I could also just include PHP code in my template but I was hoping for something more elegant than that. It just baffles me that Smarty doesn't have a plain old looping structure that isn't tied to an array. Scott Mattocks Chris Snyder wrote: > As a hack you could make an array with the number of elements needed, > and use that to loop in the template. > Sounds ugly, I know, but you could do it in your PHP code before you go > to display the template, using something like: > > $loop = array(); > for ( $i = 0; $i < max_iters; $i++ ){ > $loop[$i] = $i; > } > > There's probably a more graceful way to do it, but then, there are more > graceful ways to template than Smarty, as we learned at last month's > meeting. ;-) > > csnyder > > Scott Mattocks wrote: > >> Hello, >> >> I am working with Smarty templates but I am having trouble trying to >> do what I want with them. I want to print a block of code a specific >> number of times sort of like I would do with a for() loop in PHP. I >> am not using values from an array so I can't use section or foreach >> loops. I can't find in the documentation how to turn something like >> this into Smarty code: >> >> for($i = 0; $i < max_iters; ++$i) { >> echo $i . "
"; >> } >> >> Does anyone have any suggestions? >> >> Thanks >> Scott Mattocks >> >> _______________________________________________ >> talk mailing list >> talk at lists.nyphp.org >> http://lists.nyphp.org/mailman/listinfo/talk > > > > _______________________________________________ > talk mailing list > talk at lists.nyphp.org > http://lists.nyphp.org/mailman/listinfo/talk > > From bw at megabit.net Wed Oct 22 17:44:38 2003 From: bw at megabit.net (Birgit Wolter) Date: Wed, 22 Oct 2003 23:44:38 +0200 Subject: [nycphp-talk] Smarty syntax: for(...) In-Reply-To: <3F96E99D.2080306@netzero.com> References: <3F96E99D.2080306@netzero.com> Message-ID: <14319315253.20031022234438@megabit.net> Hello Scott, try this: It will loops from 0 - 49. It's not in the documentation. I found it in a forum, but can't remember where. But it works just fine with me. Birgit > Hello, > I am working with Smarty templates but I am having trouble trying to do > what I want with them. I want to print a block of code a specific > number of times sort of like I would do with a for() loop in PHP. I am > not using values from an array so I can't use section or foreach loops. > I can't find in the documentation how to turn something like this into > Smarty code: > for($i = 0; $i < max_iters; ++$i) { > echo $i . "
"; > } > Does anyone have any suggestions? > Thanks > Scott Mattocks > _______________________________________________ > talk mailing list > talk at lists.nyphp.org > http://lists.nyphp.org/mailman/listinfo/talk From csnyder at chxo.com Wed Oct 22 17:45:58 2003 From: csnyder at chxo.com (Chris Snyder) Date: Wed, 22 Oct 2003 17:45:58 -0400 Subject: [nycphp-talk] Smarty syntax: for(...) In-Reply-To: <3F96F7D4.4000201@netzero.com> References: <3F96E99D.2080306@netzero.com> <3F96F351.2000308@chxo.com> <3F96F7D4.4000201@netzero.com> Message-ID: <3F96FA96.4050004@chxo.com> It is a little baffling considering all of the other functionality packed in there. I guess for loops definitely cross the line into application logic. In light of the overhead that Smarty imposes on your scripts, you might want to rethink the notion of avoiding unnecessary work in PHP-- after all, anything that you are asking Smarty to do is eventually being done by PHP anyway. Just because you can do something in the template, like logic or iteration, doesn't mean that you should. Take a look at the "compiled" code that Smarty is generating to see what I mean. csnyder Scott Mattocks wrote: > I thought about doing that but I want to avoid any unnecessary work in > my PHP if I can. I know that I could also just include PHP code in my > template but I was hoping for something more elegant than that. It > just baffles me that Smarty doesn't have a plain old looping structure > that isn't tied to an array. > > Scott Mattocks > > Chris Snyder wrote: > >> As a hack you could make an array with the number of elements needed, >> and use that to loop in the template. >> Sounds ugly, I know, but you could do it in your PHP code before you >> go to display the template, using something like: >> >> $loop = array(); >> for ( $i = 0; $i < max_iters; $i++ ){ >> $loop[$i] = $i; >> } >> >> There's probably a more graceful way to do it, but then, there are >> more graceful ways to template than Smarty, as we learned at last >> month's meeting. ;-) >> >> csnyder >> >> Scott Mattocks wrote: >> >>> Hello, >>> >>> I am working with Smarty templates but I am having trouble trying to >>> do what I want with them. I want to print a block of code a >>> specific number of times sort of like I would do with a for() loop >>> in PHP. I am not using values from an array so I can't use section >>> or foreach loops. I can't find in the documentation how to turn >>> something like this into Smarty code: >>> >>> for($i = 0; $i < max_iters; ++$i) { >>> echo $i . "
"; >>> } >>> >>> Does anyone have any suggestions? >>> >>> Thanks >>> Scott Mattocks >>> >>> _______________________________________________ >>> talk mailing list >>> talk at lists.nyphp.org >>> http://lists.nyphp.org/mailman/listinfo/talk >> >> >> >> >> _______________________________________________ >> talk mailing list >> talk at lists.nyphp.org >> http://lists.nyphp.org/mailman/listinfo/talk >> >> > > _______________________________________________ > talk mailing list > talk at lists.nyphp.org > http://lists.nyphp.org/mailman/listinfo/talk From jonbaer at jonbaer.net Wed Oct 22 17:39:07 2003 From: jonbaer at jonbaer.net (jon baer) Date: Wed, 22 Oct 2003 17:39:07 -0400 Subject: [nycphp-talk] Smarty syntax: for(...) References: <3F96E99D.2080306@netzero.com><001d01c398de$d61073f0$6700a8c0@thinkpad> <3F96F549.6010406@netzero.com> Message-ID: <003d01c398e4$ec2ea070$6700a8c0@thinkpad> hmm i could have sworn cycle was an outside tag that let you go straight through a set without skipping like what a for would give you ... well either way you can always get away with {php}{/php} or {counter} maybe. - jon ----- Original Message ----- From: "Scott Mattocks" To: "NYPHP Talk" Sent: Wednesday, October 22, 2003 5:23 PM Subject: Re: [nycphp-talk] Smarty syntax: for(...) > Cycle loops is used to alternate or cycle through an array of values. > It isn't a looping structure. It will just return the next element in > the array when called and then go back to the begining. I need a loop > that doesn't require an array for control. Even a while() structure > would work but I can't seem to find that either. > > Scott Mattocks > > jon baer wrote: > > > did u try to cycle? > > > > http://smarty.php.net/manual/en/language.function.cycle.php > > > > - jon > > > > ----- Original Message ----- > > From: "Scott Mattocks" > > To: "NYPHP Talk" > > Sent: Wednesday, October 22, 2003 4:33 PM > > Subject: [nycphp-talk] Smarty syntax: for(...) > > > > > > > >>Hello, > >> > >>I am working with Smarty templates but I am having trouble trying to do > >>what I want with them. I want to print a block of code a specific > >>number of times sort of like I would do with a for() loop in PHP. I am > >>not using values from an array so I can't use section or foreach loops. > >> I can't find in the documentation how to turn something like this into > >>Smarty code: > >> > >>for($i = 0; $i < max_iters; ++$i) { > >> echo $i . "
"; > >>} > >> > >>Does anyone have any suggestions? > >> > >>Thanks > >>Scott Mattocks > >> > >>_______________________________________________ > >>talk mailing list > >>talk at lists.nyphp.org > >>http://lists.nyphp.org/mailman/listinfo/talk > >> > > > > > > _______________________________________________ > > talk mailing list > > talk at lists.nyphp.org > > http://lists.nyphp.org/mailman/listinfo/talk > > > > > > _______________________________________________ > talk mailing list > talk at lists.nyphp.org > http://lists.nyphp.org/mailman/listinfo/talk > From jonbaer at jonbaer.net Wed Oct 22 17:43:43 2003 From: jonbaer at jonbaer.net (jon baer) Date: Wed, 22 Oct 2003 17:43:43 -0400 Subject: [nycphp-talk] Smarty syntax: for(...) References: <3F96E99D.2080306@netzero.com> <14319315253.20031022234438@megabit.net> Message-ID: <005f01c398e5$90b1f3e0$6700a8c0@thinkpad> learn something new everyday :-) thank you, just confirmed it ... {section name=test loop=30} # {counter}
{/section} - jon ----- Original Message ----- From: "Birgit Wolter" To: "NYPHP Talk" Sent: Wednesday, October 22, 2003 5:44 PM Subject: Re: [nycphp-talk] Smarty syntax: for(...) > Hello Scott, > try this: > > > > It will loops from 0 - 49. > It's not in the documentation. I found it in a forum, but can't > remember where. But it works just fine with me. > Birgit > > > Hello, > > > I am working with Smarty templates but I am having trouble trying to do > > what I want with them. I want to print a block of code a specific > > number of times sort of like I would do with a for() loop in PHP. I am > > not using values from an array so I can't use section or foreach loops. > > I can't find in the documentation how to turn something like this into > > Smarty code: > > > for($i = 0; $i < max_iters; ++$i) { > > echo $i . "
"; > > } > > > Does anyone have any suggestions? > > > Thanks > > Scott Mattocks > > > _______________________________________________ > > talk mailing list > > talk at lists.nyphp.org > > http://lists.nyphp.org/mailman/listinfo/talk > > > _______________________________________________ > talk mailing list > talk at lists.nyphp.org > http://lists.nyphp.org/mailman/listinfo/talk > From crisscott at netzero.com Wed Oct 22 18:11:47 2003 From: crisscott at netzero.com (Scott Mattocks) Date: Wed, 22 Oct 2003 18:11:47 -0400 Subject: [nycphp-talk] Smarty syntax: for(...) In-Reply-To: <14319315253.20031022234438@megabit.net> References: <3F96E99D.2080306@netzero.com> <14319315253.20031022234438@megabit.net> Message-ID: <3F9700A3.6020403@netzero.com> Thanks! That is exactly what I wanted. I wish that they had documented it though. Birgit Wolter wrote: > Hello Scott, > try this: > > > > It will loops from 0 - 49. > It's not in the documentation. I found it in a forum, but can't > remember where. But it works just fine with me. > Birgit > > >>Hello, > > >>I am working with Smarty templates but I am having trouble trying to do >>what I want with them. I want to print a block of code a specific >>number of times sort of like I would do with a for() loop in PHP. I am >>not using values from an array so I can't use section or foreach loops. >> I can't find in the documentation how to turn something like this into >>Smarty code: > > >>for($i = 0; $i < max_iters; ++$i) { >> echo $i . "
"; >>} > > >>Does anyone have any suggestions? > > >>Thanks >>Scott Mattocks > > >>_______________________________________________ >>talk mailing list >>talk at lists.nyphp.org >>http://lists.nyphp.org/mailman/listinfo/talk > > > > _______________________________________________ > talk mailing list > talk at lists.nyphp.org > http://lists.nyphp.org/mailman/listinfo/talk > > From jonbaer at jonbaer.net Wed Oct 22 23:19:07 2003 From: jonbaer at jonbaer.net (jon baer) Date: Wed, 22 Oct 2003 23:19:07 -0400 Subject: [nycphp-talk] MySQL sync tool ... Message-ID: <000801c39914$6bd89ea0$6400a8c0@thinkpad> came across a pretty cool tool called sqlyog (needed to local <-> remote sync) - are there any others? ... http://www.webyog.com/sqlyog/scrnshot.html -features- a.. MySQL 4.1 compatible a.. very fast retrieval of data a.. ODBC Import with option to import data through query a.. data sycnhronization tool a.. schedule various jobs a.. schema synchronization tool a.. update result returned from query a.. manage foreign key relationships a.. fully InnoDB compliant a.. view your results in GRID / TEXT mode a.. fast client side sorting and filtering a.. execute ( very large ) SQL-scripts as batch files a.. execute multiple queries returning more than 1000s of rows per resultset. Its very efficient in memory a.. very compact binary a.. written entirely in C/C++/Win32 APIs using native MySQL C APIs. No wrapper classes used a.. connection manager a.. excel like grid interface to create/alter tables a.. excel like grid interface to edit data with support for Enum/Set a.. create/drop databases a.. manage indexes a.. comprehensive security manager. Control access to databases/tables/columns a.. reorder columns of table a.. copy database between two MySQL hosts a.. drop all tables of a database with a single click a.. edit BLOBs with Bitmap/GIF/JPEG-Support a.. export table-structure and data into SQL-scripts a.. export/import data in/from CSV files a.. export database schema in HTML a.. log all queries for a session a.. profile queries a.. syntax-highlighting a.. save resultset in CSV, HTML and XML a.. save your commonly used SQL scripts in a personal folder with a click of mouse a.. is very keyboard friendly. You can work with 99% features of SQLyog with keyboard. a.. view and kill other user-processes a.. view advanced table-properties, such as Type, Comment, Key_Length and so on a.. a list of server-variables e.g processlist, status, variables etc a.. copy your result as CSV in clipboard a.. copy tables to new table-names a.. change table-types to ISAM, MYISAM, MERGE, HEAP, InnoDB, BDB a.. flush Host/Logs/Privileges/Tables a.. do table-diagnostics (check, optimize, repair, analyze) pgp key: http://www.jonbaer.net/jonbaer.asc fingerprint: F438 A47E C45E 8B27 F68C 1F9B 41DB DB8B 9A0C AF47 From jonbaer at jonbaer.net Thu Oct 23 02:14:56 2003 From: jonbaer at jonbaer.net (jon baer) Date: Thu, 23 Oct 2003 02:14:56 -0400 Subject: [nycphp-talk] w/ PHP 4/5 ... References: <001801c39783$fe1f4d00$8119fea9@thinkpad> <3F967C4E.1030102@nyphp.org> Message-ID: <007101c3992c$fb348600$6400a8c0@thinkpad> Hans wrote: it's hugely powerful, but not all, and you may run into some restrictions in regards to security. That said, Jon, I think it'd make for a great article/demo on setting PHP through httpd.conf only (or as much as possible and what just can't bet set). This is true, ive noticed a few variables pertaining to safe_mode are protected but one of the more easy ideas pertain to auto includes + db setups: /usr/sbin/httpd -DEV ServerAdmin foo at foo.com DocumentRoot "/var/dev/www" ServerName dev # php stuff php_value auto_append_file "/var/dev/dev.inc" phpe_value error_reporting "E_ALL" should probably go into the virtual host phundamental setups or something. my original problem with the 2 php's was the setup for taking php4ts.dll's into effect (since they seem to only look for the single one in the window path) ... - jon From tgales at tgaconnect.com Thu Oct 23 06:05:50 2003 From: tgales at tgaconnect.com (Tim Gales) Date: Thu, 23 Oct 2003 06:05:50 -0400 Subject: [nycphp-talk] MySQL sync tool ... In-Reply-To: <000801c39914$6bd89ea0$6400a8c0@thinkpad> Message-ID: <000b01c3994d$40f70d50$bf8d3818@oberon1> Jon, Here is something which might interest you: "... DBDesigner 4 offers the ability to connect to a MySQL server and to create and synchronize a database with the designed model" The online online docs are at: http://www.fabforce.net/dbdesigner4/doc/index.html It can reverse engineer a database and store the schema as xml. It has an import menu for Erwin 4.1 xml (which I didn't try) It can generate an html report It has a query designer which can generate php (4.X.X) pages with forms and views. It is open source ( GPL ) It is optimized for use with MySQL but can be used with ODBC (didn't try the odbc) I tried it on a MySQL data with about fifty tables with maybe a hundred attributes -- It seemed pretty quick (I wasn't benchmarking it) I didn't execute the php pages but they looked okay on the surface. T. Gales & Associates Helping People Connect with Technology http://www.tgaconnect.com -----Original Message----- From: talk-bounces at lists.nyphp.org [mailto:talk-bounces at lists.nyphp.org] On Behalf Of jon baer Sent: Wednesday, October 22, 2003 11:19 PM To: talk at lists.nyphp.org Subject: [nycphp-talk] MySQL sync tool ... came across a pretty cool tool called sqlyog (needed to local <-> remote sync) - are there any others? ... http://www.webyog.com/sqlyog/scrnshot.html - From hans at nyphp.org Thu Oct 23 08:30:37 2003 From: hans at nyphp.org (Hans Zaunere) Date: Thu, 23 Oct 2003 08:30:37 -0400 Subject: [nycphp-talk] w/ PHP 4/5 ... In-Reply-To: <007101c3992c$fb348600$6400a8c0@thinkpad> References: <001801c39783$fe1f4d00$8119fea9@thinkpad> <3F967C4E.1030102@nyphp.org> <007101c3992c$fb348600$6400a8c0@thinkpad> Message-ID: <3F97C9ED.7050305@nyphp.org> jon baer wrote: > Hans wrote: > it's hugely powerful, but not all, and you may run into some restrictions in > regards to security. That said, Jon, I think it'd make for a great > article/demo on setting PHP through httpd.conf only (or as much as possible > and what just can't bet set). > > This is true, ive noticed a few variables pertaining to safe_mode are > protected but one of the more easy ideas pertain to auto includes + db > setups: > > /usr/sbin/httpd -DEV > > > > ServerAdmin foo at foo.com > DocumentRoot "/var/dev/www" > ServerName dev > # php stuff > php_value auto_append_file "/var/dev/dev.inc" > phpe_value error_reporting "E_ALL" > > Flexibility like this isn't often used, and I think people forget just how powerful Apache can be. It's a bit ironic, just to rant a bit here, how people feel the need for an xml-based application configuration file, akin to JSP/CF, when in fact Apache's own conf file is 95% there or more. > should probably go into the virtual host phundamental setups or something. > my original problem with the 2 php's was the setup for taking php4ts.dll's > into effect (since they seem to only look for the single one in the window > path) ... The PHundamentals guys have been kicking around an Advanced PHundamentals, and I think this is a great starter topic for that, when it comes together. H From mwithington at PLMresearch.com Thu Oct 23 08:41:55 2003 From: mwithington at PLMresearch.com (Mark Withington) Date: Thu, 23 Oct 2003 08:41:55 -0400 Subject: [nycphp-talk] MySQL sync tool ... Message-ID: <1F3CD8DDFB6A9B4C9B8DD06E4A7DE3587CFA53@network.PLMresearch.com> Under the heading of MySQL snyc... Anyone have a 'best practices' primer they can recommend? I've got two disparate databases (one MySQL) that I'd like to 'sync' on a nightly basis. In fact, the other database will simply feed the MySQL one with out reciprocation from MySQL. Really _don't_ want to have to upload the entire database, but rather incremental changes. Thoughts? -------------------------- Mark L. Withington PLMresearch "eBusiness for the Midsize Enterprise" PO Box 1354 Plymouth, MA 02362 o: 800-310-3992 f: 508-746-4973 v: 508-746-2383 m: 508-801-0181 http://www.PLMresearch.com Netscape/AOL/MSN IM: PLMresearch mwithington at plmresearch.com Public Key: http://www.PLMresearch.com/html/MLW_public_key.asc Calendar: http://www.plmresearch.com/calendar.php -----Original Message----- From: talk-bounces at lists.nyphp.org [mailto:talk-bounces at lists.nyphp.org]On Behalf Of jon baer Sent: Wednesday, October 22, 2003 11:19 PM To: talk at lists.nyphp.org Subject: [nycphp-talk] MySQL sync tool ... came across a pretty cool tool called sqlyog (needed to local <-> remote sync) - are there any others? ... http://www.webyog.com/sqlyog/scrnshot.html -features- a.. MySQL 4.1 compatible a.. very fast retrieval of data a.. ODBC Import with option to import data through query a.. data sycnhronization tool a.. schedule various jobs a.. schema synchronization tool a.. update result returned from query a.. manage foreign key relationships a.. fully InnoDB compliant a.. view your results in GRID / TEXT mode a.. fast client side sorting and filtering a.. execute ( very large ) SQL-scripts as batch files a.. execute multiple queries returning more than 1000s of rows per resultset. Its very efficient in memory a.. very compact binary a.. written entirely in C/C++/Win32 APIs using native MySQL C APIs. No wrapper classes used a.. connection manager a.. excel like grid interface to create/alter tables a.. excel like grid interface to edit data with support for Enum/Set a.. create/drop databases a.. manage indexes a.. comprehensive security manager. Control access to databases/tables/columns a.. reorder columns of table a.. copy database between two MySQL hosts a.. drop all tables of a database with a single click a.. edit BLOBs with Bitmap/GIF/JPEG-Support a.. export table-structure and data into SQL-scripts a.. export/import data in/from CSV files a.. export database schema in HTML a.. log all queries for a session a.. profile queries a.. syntax-highlighting a.. save resultset in CSV, HTML and XML a.. save your commonly used SQL scripts in a personal folder with a click of mouse a.. is very keyboard friendly. You can work with 99% features of SQLyog with keyboard. a.. view and kill other user-processes a.. view advanced table-properties, such as Type, Comment, Key_Length and so on a.. a list of server-variables e.g processlist, status, variables etc a.. copy your result as CSV in clipboard a.. copy tables to new table-names a.. change table-types to ISAM, MYISAM, MERGE, HEAP, InnoDB, BDB a.. flush Host/Logs/Privileges/Tables a.. do table-diagnostics (check, optimize, repair, analyze) pgp key: http://www.jonbaer.net/jonbaer.asc fingerprint: F438 A47E C45E 8B27 F68C 1F9B 41DB DB8B 9A0C AF47 _______________________________________________ talk mailing list talk at lists.nyphp.org http://lists.nyphp.org/mailman/listinfo/talk From keith.richardson at thompsonhealth.com Thu Oct 23 08:52:40 2003 From: keith.richardson at thompsonhealth.com (Keith Richardson) Date: Thu, 23 Oct 2003 08:52:40 -0400 Subject: [nycphp-talk] MySQL sync tool ... In-Reply-To: <4A34D0947B38AF4D8629DA86655D590662D37E@ffth-exc01.thompsonhealth.org> Message-ID: <4A34D0947B38AF4D8629DA86655D5906C0EE@ffth-exc01.thompsonhealth.org> I would think to either to create a changelog, and then only sync the changes (like the keys/tables of what needs to be added/deleted), or do the changes in both databases at once, just that would be so slow :/ Keith Richardson Thompson Health Information Systems keith.richardson at thompsonhealth.com -----Original Message----- From: Mark Withington [mailto:mwithington at PLMresearch.com] Sent: Thursday, October 23, 2003 8:42 AM To: 'NYPHP Talk' Subject: RE: [nycphp-talk] MySQL sync tool ... Under the heading of MySQL snyc... Anyone have a 'best practices' primer they can recommend? I've got two disparate databases (one MySQL) that I'd like to 'sync' on a nightly basis. In fact, the other database will simply feed the MySQL one with out reciprocation from MySQL. Really _don't_ want to have to upload the entire database, but rather incremental changes. Thoughts? -------------------------- Mark L. Withington PLMresearch "eBusiness for the Midsize Enterprise" PO Box 1354 Plymouth, MA 02362 o: 800-310-3992 f: 508-746-4973 v: 508-746-2383 m: 508-801-0181 http://www.PLMresearch.com Netscape/AOL/MSN IM: PLMresearch mwithington at plmresearch.com Public Key: http://www.PLMresearch.com/html/MLW_public_key.asc Calendar: http://www.plmresearch.com/calendar.php -----Original Message----- From: talk-bounces at lists.nyphp.org [mailto:talk-bounces at lists.nyphp.org]On Behalf Of jon baer Sent: Wednesday, October 22, 2003 11:19 PM To: talk at lists.nyphp.org Subject: [nycphp-talk] MySQL sync tool ... came across a pretty cool tool called sqlyog (needed to local <-> remote sync) - are there any others? ... http://www.webyog.com/sqlyog/scrnshot.html -features- a.. MySQL 4.1 compatible a.. very fast retrieval of data a.. ODBC Import with option to import data through query a.. data sycnhronization tool a.. schedule various jobs a.. schema synchronization tool a.. update result returned from query a.. manage foreign key relationships a.. fully InnoDB compliant a.. view your results in GRID / TEXT mode a.. fast client side sorting and filtering a.. execute ( very large ) SQL-scripts as batch files a.. execute multiple queries returning more than 1000s of rows per resultset. Its very efficient in memory a.. very compact binary a.. written entirely in C/C++/Win32 APIs using native MySQL C APIs. No wrapper classes used a.. connection manager a.. excel like grid interface to create/alter tables a.. excel like grid interface to edit data with support for Enum/Set a.. create/drop databases a.. manage indexes a.. comprehensive security manager. Control access to databases/tables/columns a.. reorder columns of table a.. copy database between two MySQL hosts a.. drop all tables of a database with a single click a.. edit BLOBs with Bitmap/GIF/JPEG-Support a.. export table-structure and data into SQL-scripts a.. export/import data in/from CSV files a.. export database schema in HTML a.. log all queries for a session a.. profile queries a.. syntax-highlighting a.. save resultset in CSV, HTML and XML a.. save your commonly used SQL scripts in a personal folder with a click of mouse a.. is very keyboard friendly. You can work with 99% features of SQLyog with keyboard. a.. view and kill other user-processes a.. view advanced table-properties, such as Type, Comment, Key_Length and so on a.. a list of server-variables e.g processlist, status, variables etc a.. copy your result as CSV in clipboard a.. copy tables to new table-names a.. change table-types to ISAM, MYISAM, MERGE, HEAP, InnoDB, BDB a.. flush Host/Logs/Privileges/Tables a.. do table-diagnostics (check, optimize, repair, analyze) pgp key: http://www.jonbaer.net/jonbaer.asc fingerprint: F438 A47E C45E 8B27 F68C 1F9B 41DB DB8B 9A0C AF47 _______________________________________________ talk mailing list talk at lists.nyphp.org http://lists.nyphp.org/mailman/listinfo/talk _______________________________________________ talk mailing list talk at lists.nyphp.org http://lists.nyphp.org/mailman/listinfo/talk From tgales at tgaconnect.com Thu Oct 23 09:54:42 2003 From: tgales at tgaconnect.com (Tim Gales) Date: Thu, 23 Oct 2003 09:54:42 -0400 Subject: [nycphp-talk] MySQL sync tool ... In-Reply-To: <1F3CD8DDFB6A9B4C9B8DD06E4A7DE3587CFA53@network.PLMresearch.com> Message-ID: <000e01c3996d$37aaeee0$bf8d3818@oberon1> Ideveloper network has some information about data replication (as opposed to database synchronization) at the following: http://www.idevelopernetwork.com/manual/Page0337.htm Maybe its not 'best practices' but it will give some background on the issue. T. Gales & Associates Helping People Connect with Technology http://www.tgaconnect.com -----Original Message----- From: talk-bounces at lists.nyphp.org [mailto:talk-bounces at lists.nyphp.org] On Behalf Of Mark Withington Sent: Thursday, October 23, 2003 8:42 AM To: 'NYPHP Talk' Subject: RE: [nycphp-talk] MySQL sync tool ... Under the heading of MySQL snyc... Anyone have a 'best practices' primer they can recommend? ... From tgales at tgaconnect.com Thu Oct 23 10:08:28 2003 From: tgales at tgaconnect.com (Tim Gales) Date: Thu, 23 Oct 2003 10:08:28 -0400 Subject: [nycphp-talk] MySQL sync tool ... In-Reply-To: <1F3CD8DDFB6A9B4C9B8DD06E4A7DE3587CFA53@network.PLMresearch.com> Message-ID: <000f01c3996f$22986c60$bf8d3818@oberon1> Whoops missed the 'disparate' part (sorry) Anyway hope the "info" is interesting. T. Gales & Associates Helping People Connect with Technology http://www.tgaconnect.com -----Original Message----- From: talk-bounces at lists.nyphp.org [mailto:talk-bounces at lists.nyphp.org] On Behalf Of Mark Withington Sent: Thursday, October 23, 2003 8:42 AM To: 'NYPHP Talk' Subject: RE: [nycphp-talk] MySQL sync tool ... Under the heading of MySQL snyc... From mwithington at PLMresearch.com Thu Oct 23 10:17:00 2003 From: mwithington at PLMresearch.com (Mark Withington) Date: Thu, 23 Oct 2003 10:17:00 -0400 Subject: [nycphp-talk] MySQL sync tool ... Message-ID: <1F3CD8DDFB6A9B4C9B8DD06E4A7DE3587CFA64@network.PLMresearch.com> Thank Tim, A port in any storm... ;-) Really appreciate your input and follow up. Mark -------------------------- Mark L. Withington PLMresearch "eBusiness for the Midsize Enterprise" PO Box 1354 Plymouth, MA 02362 o: 800-310-3992 f: 508-746-4973 v: 508-746-2383 m: 508-801-0181 http://www.PLMresearch.com Netscape/AOL/MSN IM: PLMresearch mwithington at plmresearch.com Public Key: http://www.PLMresearch.com/html/MLW_public_key.asc Calendar: http://www.plmresearch.com/calendar.php -----Original Message----- From: talk-bounces at lists.nyphp.org [mailto:talk-bounces at lists.nyphp.org]On Behalf Of Tim Gales Sent: Thursday, October 23, 2003 10:08 AM To: 'NYPHP Talk' Subject: RE: [nycphp-talk] MySQL sync tool ... Whoops missed the 'disparate' part (sorry) Anyway hope the "info" is interesting. T. Gales & Associates Helping People Connect with Technology http://www.tgaconnect.com -----Original Message----- From: talk-bounces at lists.nyphp.org [mailto:talk-bounces at lists.nyphp.org] On Behalf Of Mark Withington Sent: Thursday, October 23, 2003 8:42 AM To: 'NYPHP Talk' Subject: RE: [nycphp-talk] MySQL sync tool ... Under the heading of MySQL snyc... _______________________________________________ talk mailing list talk at lists.nyphp.org http://lists.nyphp.org/mailman/listinfo/talk From jonbaer at jonbaer.net Thu Oct 23 10:04:05 2003 From: jonbaer at jonbaer.net (jon baer) Date: Thu, 23 Oct 2003 10:04:05 -0400 Subject: [nycphp-talk] MySQL sync tool ... References: <4A34D0947B38AF4D8629DA86655D5906C0EE@ffth-exc01.thompsonhealth.org> Message-ID: <006201c3996e$85908880$6400a8c0@thinkpad> this would actually be kinda difficult I would think unless your data was specific to use time/date stamping that ran in parallel because mysql only uses actually a single file to keep tabs on a database. I did some packet analysis on what the SQLyog tool did initially, which seemed to match row for row and then MD5 of the columns to analyze changes, which makes sense. if you data was stamped (maybe a best practice) then you can poll one result and update another. - jon ----- Original Message ----- From: "Keith Richardson" To: "'NYPHP Talk'" Sent: Thursday, October 23, 2003 8:52 AM Subject: RE: [nycphp-talk] MySQL sync tool ... > I would think to either to create a changelog, and then only sync the > changes (like the keys/tables of what needs to be added/deleted), or do the > changes in both databases at once, just that would be so slow :/ > Keith Richardson > Thompson Health Information Systems > keith.richardson at thompsonhealth.com > From danielc at analysisandsolutions.com Thu Oct 23 12:16:23 2003 From: danielc at analysisandsolutions.com (Analysis & Solutions) Date: Thu, 23 Oct 2003 12:16:23 -0400 Subject: [nycphp-talk] SQL Standards (there are so many to choose from) In-Reply-To: <003a01c398ca$3a88de90$bf8d3818@oberon1> References: <003a01c398ca$3a88de90$bf8d3818@oberon1> Message-ID: <20031023161622.GA18590@panix.com> Hi Folks: On Wed, Oct 22, 2003 at 02:28:02PM -0400, Tim Gales wrote: > Hans Zaunere wrote: > > >Yeah, in fact Oracle will often curse you if you don't use > >single quotes everywhere Hans, can you please talk more about that? Like, for example, is it going to bitch about not using single quotes around a numeric literal you're inserting into an integer colunn? Or are you saying that it wants you to use single quotes rather than double quotes? > found an article at http://www.dbazine.com/gulutzan3.html > written by Peter Gulutzan, who co-wrote the book "SQL-99 > Complete, Really" Excellent link! Does anyone HAVE that book? I'm interested in purchasing it, but I'd like to see it before hand, especially since it runs ~$70 list. I called three Barnes and Noble's, including the textbook one, and they don't have it. Thanks, --Dan -- FREE scripts that make web and database programming easier http://www.analysisandsolutions.com/software/ T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y 4015 7th Ave #4AJ, Brooklyn NY v: 718-854-0335 f: 718-854-0409 From hans at nyphp.org Thu Oct 23 12:33:24 2003 From: hans at nyphp.org (Hans Zaunere) Date: Thu, 23 Oct 2003 12:33:24 -0400 Subject: [nycphp-talk] SQL Standards (there are so many to choose from) In-Reply-To: <20031023161622.GA18590@panix.com> References: <003a01c398ca$3a88de90$bf8d3818@oberon1> <20031023161622.GA18590@panix.com> Message-ID: <3F9802D4.6040407@nyphp.org> Analysis & Solutions wrote: > Hi Folks: > > On Wed, Oct 22, 2003 at 02:28:02PM -0400, Tim Gales wrote: > >>Hans Zaunere wrote: >> >> >>>Yeah, in fact Oracle will often curse you if you don't use >>>single quotes everywhere > > > Hans, can you please talk more about that? Like, for example, is it going > to bitch about not using single quotes around a numeric literal you're > inserting into an integer colunn? Or are you saying that it wants you to > use single quotes rather than double quotes? If it's a numeric column, and a numeric value, it'll let you get away without using any quotes, for instance: somenumber=12345 But if it's a column of type string, date/time, etc, you'll need single quotes to avoid the "invalid number" error. And double quotes are just a no no. >>found an article at http://www.dbazine.com/gulutzan3.html >>written by Peter Gulutzan, who co-wrote the book "SQL-99 >>Complete, Really" > > > Excellent link! Yeah, that is one for the bookmarks. > Does anyone HAVE that book? I'm interested in purchasing it, but I'd > like to see it before hand, especially since it runs ~$70 list. I called > three Barnes and Noble's, including the textbook one, and they don't have > it. I've had good luck with Amazon's used books: http://www.amazon.com/exec/obidos/ASIN/0879305681/qid%3D1027710751/sr%3D1-1/ref%3Dsr%5F1%5F1/103-4200861-4283003 Or, they have it for $50. H From jlacey at att.net Thu Oct 23 12:37:41 2003 From: jlacey at att.net (John Lacey) Date: Thu, 23 Oct 2003 10:37:41 -0600 Subject: [nycphp-talk] SQL Standards (there are so many to choose from) In-Reply-To: <20031023161622.GA18590@panix.com> References: <003a01c398ca$3a88de90$bf8d3818@oberon1> <20031023161622.GA18590@panix.com> Message-ID: <3F9803D5.2090004@att.net> Analysis & Solutions wrote: >Does anyone HAVE that book? I'm interested in purchasing it, but I'd >like to see it before hand, especially since it runs ~$70 list. I called >three Barnes and Noble's, including the textbook one, and they don't have >it. > > > > It can be yours sight unseen at this site for $12.47 (ugly link, eh?) http://www.amazon.com/exec/obidos/tg/stores/offering/list/-/0879305681/all/ref=dp_pb_a/103-2676055-3425447 John From danielc at analysisandsolutions.com Thu Oct 23 12:44:36 2003 From: danielc at analysisandsolutions.com (Analysis & Solutions) Date: Thu, 23 Oct 2003 12:44:36 -0400 Subject: [nycphp-talk] SQL Standards (there are so many to choose from) In-Reply-To: <3F9803D5.2090004@att.net> <3F9802D4.6040407@nyphp.org> References: <003a01c398ca$3a88de90$bf8d3818@oberon1> <20031023161622.GA18590@panix.com> <3F9803D5.2090004@att.net> <003a01c398ca$3a88de90$bf8d3818@oberon1> <20031023161622.GA18590@panix.com> <3F9802D4.6040407@nyphp.org> Message-ID: <20031023164436.GA20056@panix.com> Heya: On Thu, Oct 23, 2003 at 12:33:24PM -0400, Hans Zaunere wrote: > > If it's a numeric column, and a numeric value, it'll let you get away > without using any quotes, for instance: > > But if it's a column of type string, date/time, etc, you'll need single > quotes to avoid the "invalid number" error. And double quotes are just a > no no. Exactly what I thought. Thanks for the clarification. > >>written by Peter Gulutzan, who co-wrote the book "SQL-99 > >>Complete, Really" > > >Does anyone HAVE that book? > > I've had good luck with Amazon's used books: > Or, they have it for $50. Yeah, I noticed, on both counts, thanks for making sure, though. Thing is, I'd like to have it _NOW_ god damn it! :) Also, I would like to see if it's really what I want. Enjoy, --Dan -- FREE scripts that make web and database programming easier http://www.analysisandsolutions.com/software/ T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y 4015 7th Ave #4AJ, Brooklyn NY v: 718-854-0335 f: 718-854-0409 From jsiegel1 at optonline.net Thu Oct 23 17:27:42 2003 From: jsiegel1 at optonline.net (Jeff Siegel) Date: Thu, 23 Oct 2003 17:27:42 -0400 Subject: [nycphp-talk] AOL, sessions Message-ID: <003801c399ac$7e5db180$6401a8c0@EZDSDELL> Here's the situation. On my client's website, a user fills out several forms. Values get passed from form to form. Before the final submission of all of the data, it all gets "cleansed" by a number of data validation routines. All this is working fine. After submitting all of the data, it all gets dumped into session variables (i.e., the post variables get dumped into the session variables) and the "Thank You" page takes the session vars and performs various functions. Again, all of this is working correctly. When going from the final page to the "Thank You" I use the following: header("Location:$http://{$_SERVER['HTTP_HOST']}/used_auto_parts_request /used_auto_parts_request_thanks.php?code=" . session_id()); The "Thank You" page grabs the session ID and then performs its stuff. This works quite nicely *UNLESS*, it seems, someone is using AOL and it's built-in browser. Not every AOL user has a problem but some do. It's not obvious how to even troubleshoot this (of course...I don't have AOL so it's hard to test it). The only info I could get was that the user has AOL 7.0 which should have IE 5.5. Any clues/hints are greatly appreciated. Is something being overlooked? Jeff Siegel From stephen at musgrave.org Thu Oct 23 17:38:37 2003 From: stephen at musgrave.org (Stephen Musgrave) Date: Thu, 23 Oct 2003 17:38:37 -0400 Subject: [nycphp-talk] send header before end of script? Message-ID: I have a bulk email script that sends emails to about 1000 recipients. The script has sleeps in it that cause it to run for about 2 hours after the user initiates it. Due to the nature of request/response, the user will not get a confirmation message until 2 hours later. I have set ignore_user_abort and I would like to send the a confirmation screen to the user that tells them that, "the process has been started and it will be completed in 2 hours." But from what I can tell, sending the header redirect to the confirmation page aborts the execution of the script. Sounds like a chicken before the egg thing. Any solutions? Stephen Musgrave // stephen at musgrave.org // http://musgrave.org From hans at nyphp.org Thu Oct 23 19:13:22 2003 From: hans at nyphp.org (Hans Zaunere) Date: Thu, 23 Oct 2003 19:13:22 -0400 Subject: [nycphp-talk] AOL, sessions In-Reply-To: <003801c399ac$7e5db180$6401a8c0@EZDSDELL> References: <003801c399ac$7e5db180$6401a8c0@EZDSDELL> Message-ID: <3F986092.2000107@nyphp.org> Jeff Siegel wrote: > Here's the situation. On my client's website, a user fills out several > forms. Values get passed from form to form. Before the final submission > of all of the data, it all gets "cleansed" by a number of data > validation routines. All this is working fine. After submitting all of > the data, it all gets dumped into session variables (i.e., the post > variables get dumped into the session variables) and the "Thank You" > page takes the session vars and performs various functions. Again, all > of this is working correctly. > When going from the final page to the "Thank You" I use the following: > > header("Location:$http://{$_SERVER['HTTP_HOST']}/used_auto_parts_request > /used_auto_parts_request_thanks.php?code=" . session_id()); > > The "Thank You" page grabs the session ID and then performs its stuff. > > This works quite nicely *UNLESS*, it seems, someone is using AOL and > it's built-in browser. Not every AOL user has a problem but some do. > It's not obvious how to even troubleshoot this (of course...I don't have > AOL so it's hard to test it). The only info I could get was that the > user has AOL 7.0 which should have IE 5.5. > > Any clues/hints are greatly appreciated. Is something being overlooked? I frankly have no idea except the obvious, and a troubleshooting tip: -- that's a space right before the http:// instead of a $ right? -- maybe something like: trigger_error("{$_SERVER['HTTP_HOST']} => '.session_id()); assuming you're logging to a file; just to see that the crucial info is being generated properly. Also I know AOL uses proxy servers up the waazoo; perhaps they are incorrectly caching pages, and the redirect isn't getting through properly? H From hans at nyphp.org Thu Oct 23 19:21:29 2003 From: hans at nyphp.org (Hans Zaunere) Date: Thu, 23 Oct 2003 19:21:29 -0400 Subject: [nycphp-talk] send header before end of script? In-Reply-To: References: Message-ID: <3F986279.3070702@nyphp.org> Stephen Musgrave wrote: > I have a bulk email script that sends emails to about 1000 recipients. The > script has sleeps in it that cause it to run for about 2 hours after the > user initiates it. Due to the nature of request/response, the user will not > get a confirmation message until 2 hours later. I have set > ignore_user_abort and I would like to send the a confirmation screen to the > user that tells them that, "the process has been started and it will be > completed in 2 hours." But from what I can tell, sending the header > redirect to the confirmation page aborts the execution of the script. > Sounds like a chicken before the egg thing. Any solutions? I'm assuming you're using PHP as an Apache module, in which case you need to fork so that the mailing script is independant of Apache. Otherwise, they share file descriptors and you'll run into problems. I'm going to be finalizing a php component for this type of thing, but in general it might go something like: [ in a script that is used in apache ] $saddresses = serialize($addresses); $mpp = popen('/usr/local/bin/mailer.php > /dev/null 2>&1','w'); fwrite($mpp,$saddresses); pclose($mpp); [ in a command line script ] $saddresses = file_get_contents('/dev/stdin'); $pid = pcntl_fork(); if( $pid ) exit(1); posix_setsid(); $pid = pcntl_fork(); if( $pid ) exit(1); $addresses = unserialize($saddresses); H From danielc at analysisandsolutions.com Thu Oct 23 20:28:25 2003 From: danielc at analysisandsolutions.com (Analysis & Solutions) Date: Thu, 23 Oct 2003 20:28:25 -0400 Subject: [nycphp-talk] send header before end of script? In-Reply-To: References: Message-ID: <20031024002825.GA20177@panix.com> Stephen: On Thu, Oct 23, 2003 at 05:38:37PM -0400, Stephen Musgrave wrote: > ignore_user_abort and I would like to send the a confirmation screen to the > user that tells them that, "the process has been started and it will be > completed in 2 hours." But from what I can tell, sending the header > redirect to the confirmation page aborts the execution of the script. The simple way is to send them to a confirmation page. Just print out the confirmation on the original page when the process is done. You can use the output buffering functions to get the initial "be patient" message. You can also use it to spit out a list of emails sent along the way, if you like. Then, when it's completed, echo that fact out to the browser. --Dan -- FREE scripts that make web and database programming easier http://www.analysisandsolutions.com/software/ T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y 4015 7th Ave #4AJ, Brooklyn NY v: 718-854-0335 f: 718-854-0409 From danielc at analysisandsolutions.com Thu Oct 23 20:32:33 2003 From: danielc at analysisandsolutions.com (Analysis & Solutions) Date: Thu, 23 Oct 2003 20:32:33 -0400 Subject: [nycphp-talk] AOL, sessions In-Reply-To: <003801c399ac$7e5db180$6401a8c0@EZDSDELL> References: <003801c399ac$7e5db180$6401a8c0@EZDSDELL> Message-ID: <20031024003233.GB20177@panix.com> Hi Jeff: On Thu, Oct 23, 2003 at 05:27:42PM -0400, Jeff Siegel wrote: > When going from the final page to the "Thank You" I use the following: > > header("Location:$http://{$_SERVER['HTTP_HOST']}/used_auto_parts_request > /used_auto_parts_request_thanks.php?code=" . session_id()); > > The "Thank You" page grabs the session ID and then performs its stuff. > > This works quite nicely *UNLESS*, it seems, someone is using AOL and > it's built-in browser. AOL's a pain, that's for sure. It really blows when the big players ignore standards and come up with proprietary kluges. Anyway, the simple way is to send it between scripts using post rather than sessions. See you, --Dan -- FREE scripts that make web and database programming easier http://www.analysisandsolutions.com/software/ T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y 4015 7th Ave #4AJ, Brooklyn NY v: 718-854-0335 f: 718-854-0409 From jsiegel1 at optonline.net Thu Oct 23 20:58:27 2003 From: jsiegel1 at optonline.net (Jeff Siegel) Date: Thu, 23 Oct 2003 20:58:27 -0400 Subject: [nycphp-talk] AOL, sessions In-Reply-To: <3F986092.2000107@nyphp.org> Message-ID: <005201c399c9$ef1f2da0$6401a8c0@EZDSDELL> That was actually a dollar sign in front of http and that code comes from my local server and not the live server. I rechecked the code on the live server (at least that particular line) to make sure there's a space in front of the http. So...I'll just take a "wait and see" attitude...that is, wait and see if anyone complains again. Jeff -----Original Message----- From: talk-bounces at lists.nyphp.org [mailto:talk-bounces at lists.nyphp.org] On Behalf Of Hans Zaunere Sent: Thursday, October 23, 2003 6:13 PM To: NYPHP Talk Subject: Re: [nycphp-talk] AOL, sessions Jeff Siegel wrote: > Here's the situation. On my client's website, a user fills out several > forms. Values get passed from form to form. Before the final submission > of all of the data, it all gets "cleansed" by a number of data > validation routines. All this is working fine. After submitting all of > the data, it all gets dumped into session variables (i.e., the post > variables get dumped into the session variables) and the "Thank You" > page takes the session vars and performs various functions. Again, all > of this is working correctly. > When going from the final page to the "Thank You" I use the following: > > header("Location:$http://{$_SERVER['HTTP_HOST']}/used_auto_parts_request > /used_auto_parts_request_thanks.php?code=" . session_id()); > > The "Thank You" page grabs the session ID and then performs its stuff. > > This works quite nicely *UNLESS*, it seems, someone is using AOL and > it's built-in browser. Not every AOL user has a problem but some do. > It's not obvious how to even troubleshoot this (of course...I don't have > AOL so it's hard to test it). The only info I could get was that the > user has AOL 7.0 which should have IE 5.5. > > Any clues/hints are greatly appreciated. Is something being overlooked? I frankly have no idea except the obvious, and a troubleshooting tip: -- that's a space right before the http:// instead of a $ right? -- maybe something like: trigger_error("{$_SERVER['HTTP_HOST']} => '.session_id()); assuming you're logging to a file; just to see that the crucial info is being generated properly. Also I know AOL uses proxy servers up the waazoo; perhaps they are incorrectly caching pages, and the redirect isn't getting through properly? H _______________________________________________ talk mailing list talk at lists.nyphp.org http://lists.nyphp.org/mailman/listinfo/talk From shiflett at php.net Thu Oct 23 21:46:41 2003 From: shiflett at php.net (Chris Shiflett) Date: Thu, 23 Oct 2003 18:46:41 -0700 (PDT) Subject: [nycphp-talk] AOL, sessions In-Reply-To: <20031024003233.GB20177@panix.com> Message-ID: <20031024014641.92247.qmail@web14303.mail.yahoo.com> --- Analysis & Solutions wrote: > AOL's a pain, that's for sure. It really blows when the big players > ignore standards and come up with proprietary kluges. I know AOL can create a challenge because of the things they do at the TCP/IP layer, but are there things they do at the HTTP layer that violates standards? I'd like to know about these things (maybe you can make a Web page for reference), and I bet others would as well. Chris ===== My Blog http://shiflett.org/ HTTP Developer's Handbook http://httphandbook.org/ RAMP Training Courses http://www.nyphp.org/ramp From danielc at analysisandsolutions.com Fri Oct 24 00:09:35 2003 From: danielc at analysisandsolutions.com (Analysis & Solutions) Date: Fri, 24 Oct 2003 00:09:35 -0400 Subject: [nycphp-talk] AOL, sessions In-Reply-To: <20031024014641.92247.qmail@web14303.mail.yahoo.com> References: <20031024003233.GB20177@panix.com> <20031024014641.92247.qmail@web14303.mail.yahoo.com> Message-ID: <20031024040934.GA12456@panix.com> Hey Chris: On Thu, Oct 23, 2003 at 06:46:41PM -0700, Chris Shiflett wrote: > > but are there things they do at the HTTP layer that violates standards? I don't know what's going on, I just know they're a pain. You're right. A web page completely breaking down what's up over there would be great. --Dan -- FREE scripts that make web and database programming easier http://www.analysisandsolutions.com/software/ T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y 4015 7th Ave #4AJ, Brooklyn NY v: 718-854-0335 f: 718-854-0409 From jsiegel1 at optonline.net Fri Oct 24 04:27:47 2003 From: jsiegel1 at optonline.net (Jeff Siegel) Date: Fri, 24 Oct 2003 04:27:47 -0400 Subject: [nycphp-talk] AOL, sessions In-Reply-To: <20031024040934.GA12456@panix.com> Message-ID: <001f01c39a08$b4aedb40$6401a8c0@EZDSDELL> This may not be all the "dirt" you need (or maybe it is?) but...take a look at http://webmaster.info.aol.com Jeff -----Original Message----- From: talk-bounces at lists.nyphp.org [mailto:talk-bounces at lists.nyphp.org] On Behalf Of Analysis & Solutions Sent: Thursday, October 23, 2003 11:10 PM To: shiflett at php.net; NYPHP Talk Subject: Re: [nycphp-talk] AOL, sessions Hey Chris: On Thu, Oct 23, 2003 at 06:46:41PM -0700, Chris Shiflett wrote: > > but are there things they do at the HTTP layer that violates standards? I don't know what's going on, I just know they're a pain. You're right. A web page completely breaking down what's up over there would be great. --Dan -- FREE scripts that make web and database programming easier http://www.analysisandsolutions.com/software/ T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y 4015 7th Ave #4AJ, Brooklyn NY v: 718-854-0335 f: 718-854-0409 _______________________________________________ talk mailing list talk at lists.nyphp.org http://lists.nyphp.org/mailman/listinfo/talk From jsiegel1 at optonline.net Fri Oct 24 04:27:47 2003 From: jsiegel1 at optonline.net (Jeff Siegel) Date: Fri, 24 Oct 2003 04:27:47 -0400 Subject: [nycphp-talk] AOL, sessions In-Reply-To: <20031024003233.GB20177@panix.com> Message-ID: <002101c39a08$b531edf0$6401a8c0@EZDSDELL> Too far down the road and too many reasons why that can't be done. Jeff -----Original Message----- From: talk-bounces at lists.nyphp.org [mailto:talk-bounces at lists.nyphp.org] On Behalf Of Analysis & Solutions Sent: Thursday, October 23, 2003 7:33 PM To: NYPHP Talk Subject: Re: [nycphp-talk] AOL, sessions Hi Jeff: On Thu, Oct 23, 2003 at 05:27:42PM -0400, Jeff Siegel wrote: > When going from the final page to the "Thank You" I use the following: > > header("Location:$http://{$_SERVER['HTTP_HOST']}/used_auto_parts_request > /used_auto_parts_request_thanks.php?code=" . session_id()); > > The "Thank You" page grabs the session ID and then performs its stuff. > > This works quite nicely *UNLESS*, it seems, someone is using AOL and > it's built-in browser. AOL's a pain, that's for sure. It really blows when the big players ignore standards and come up with proprietary kluges. Anyway, the simple way is to send it between scripts using post rather than sessions. See you, --Dan -- FREE scripts that make web and database programming easier http://www.analysisandsolutions.com/software/ T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y 4015 7th Ave #4AJ, Brooklyn NY v: 718-854-0335 f: 718-854-0409 _______________________________________________ talk mailing list talk at lists.nyphp.org http://lists.nyphp.org/mailman/listinfo/talk From hans at nyphp.org Fri Oct 24 10:10:44 2003 From: hans at nyphp.org (Hans Zaunere) Date: Fri, 24 Oct 2003 10:10:44 -0400 Subject: [nycphp-talk] AOL, sessions In-Reply-To: <001f01c39a08$b4aedb40$6401a8c0@EZDSDELL> References: <001f01c39a08$b4aedb40$6401a8c0@EZDSDELL> Message-ID: <3F9932E4.3060002@nyphp.org> Jeff Siegel wrote: > This may not be all the "dirt" you need (or maybe it is?) but...take a > look at http://webmaster.info.aol.com For all the heat AOL takes, I have to give them some credit for the aforementioned site - they obviously realize that their network and technical patterns effect people greatly. I've found the site to be a resource, for not only dealing with AOL, but also as a window into the world's largest network. That said, I haven't seen anything that would solve your problem Jeff, except perhaps proxy/caching issues :) H From dkrook at hotmail.com Fri Oct 24 10:44:17 2003 From: dkrook at hotmail.com (D C Krook) Date: Fri, 24 Oct 2003 09:44:17 -0500 Subject: [nycphp-talk] AOL, sessions Message-ID: >The only info I could get was that the >user has AOL 7.0 which should have IE 5.5. Jeff, As a side note here, AOL on the PC uses whatever version of IE that exists on the user's computer, so you can't really tie an AOL version to an IE version. On the Mac, however, the browser comes with the client so you can tie the AOL version to the browser version. Up until very recently this was IE 4.5 (this may still be the case on OS 9). On versions for OS X it's a newer version of Mozilla/Gecko. -Dan _________________________________________________________________ Protect your PC - get McAfee.com VirusScan Online http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963 From jsiegel1 at optonline.net Fri Oct 24 11:49:52 2003 From: jsiegel1 at optonline.net (Jeff Siegel) Date: Fri, 24 Oct 2003 11:49:52 -0400 Subject: [nycphp-talk] AOL, sessions In-Reply-To: Message-ID: <000801c39a46$795b7150$6401a8c0@EZDSDELL> Thank's for pointing that out concerning the ver of IE on the PC. Jeff -----Original Message----- From: talk-bounces at lists.nyphp.org [mailto:talk-bounces at lists.nyphp.org] On Behalf Of D C Krook Sent: Friday, October 24, 2003 9:44 AM To: talk at lists.nyphp.org Subject: Re: [nycphp-talk] AOL, sessions >The only info I could get was that the >user has AOL 7.0 which should have IE 5.5. Jeff, As a side note here, AOL on the PC uses whatever version of IE that exists on the user's computer, so you can't really tie an AOL version to an IE version. On the Mac, however, the browser comes with the client so you can tie the AOL version to the browser version. Up until very recently this was IE 4.5 (this may still be the case on OS 9). On versions for OS X it's a newer version of Mozilla/Gecko. -Dan _________________________________________________________________ Protect your PC - get McAfee.com VirusScan Online http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963 _______________________________________________ talk mailing list talk at lists.nyphp.org http://lists.nyphp.org/mailman/listinfo/talk From agfische at email.smith.edu Fri Oct 24 12:20:52 2003 From: agfische at email.smith.edu (Aaron Fischer) Date: Fri, 24 Oct 2003 12:20:52 -0400 Subject: [nycphp-talk] accessing $_SESSION elements Message-ID: <09B074D7-063E-11D8-8A2B-0003930D07F2@email.smith.edu> Hi all, I'm trying to avoid a bunch of if/then statements by looping through $_SESSION. I hit a roadblock that I can't seem to get around. Here is a simple piece of code which I think gets to the heart of the problem: $begin=1; if(isset($_SESSION['$begin_fair_name'])) { echo "success"; } Of course, this works: if(isset($_SESSION['$1_fair_name'])) { echo "success"; } BUT, I have between 1 and 10 fair_name fields (i.e. 1_fair_name, 2_fair_name) coming from the form. It would be much more efficient if I can loop through and perform operations as opposed to a bunch of if/then statements referring to specific fair_name fields. Obviously the problem is with using a variable inside the array and I haven't been able to figure out how to work around it. Trying to keep it brief here, but please let me know if further details would be helpful. I would appreciate any tips or suggestions. Thanks! -Aaron From crisscott at netzero.com Fri Oct 24 12:26:11 2003 From: crisscott at netzero.com (Scott Mattocks) Date: Fri, 24 Oct 2003 12:26:11 -0400 Subject: [nycphp-talk] accessing $_SESSION elements In-Reply-To: <09B074D7-063E-11D8-8A2B-0003930D07F2@email.smith.edu> References: <09B074D7-063E-11D8-8A2B-0003930D07F2@email.smith.edu> Message-ID: <3F9952A3.1000008@netzero.com> Aaron Fischer wrote: > $begin=1; > if(isset($_SESSION['$begin_fair_name'])) > { > echo "success"; > } Try: $begin=1; if(isset($_SESSION[$begin . '_fair_name'])) { echo "success"; } Scott Mattocks From hans at nyphp.org Fri Oct 24 12:29:25 2003 From: hans at nyphp.org (Hans Zaunere) Date: Fri, 24 Oct 2003 12:29:25 -0400 Subject: [nycphp-talk] accessing $_SESSION elements In-Reply-To: <09B074D7-063E-11D8-8A2B-0003930D07F2@email.smith.edu> References: <09B074D7-063E-11D8-8A2B-0003930D07F2@email.smith.edu> Message-ID: <3F995365.9050202@nyphp.org> Aaron Fischer wrote: > Hi all, > > I'm trying to avoid a bunch of if/then statements by looping through > $_SESSION. I hit a roadblock that I can't seem to get around. Here is > a simple piece of code which I think gets to the heart of the problem: > > $begin=1; > if(isset($_SESSION['$begin_fair_name'])) > { > echo "success"; > } You need to isolate 'begin' as a variable; the above is looking for a variable named $begin_fair_name; that is, if there were double quotes around it. One way to do this: $begin=1; if(isset($_SESSION["{$begin}_fair_name"])) { echo 'success'; } > Of course, this works: > if(isset($_SESSION['$1_fair_name'])) > { > echo "success"; > } But for the wrong reasons. > BUT, I have between 1 and 10 fair_name fields (i.e. 1_fair_name, > 2_fair_name) coming from the form. It would be much more efficient if I > can loop through and perform operations as opposed to a bunch of if/then > statements referring to specific fair_name fields. Obviously the > problem is with using a variable inside the array and I haven't been > able to figure out how to work around it. for( $i = 0; $i < 10; ++$i ) { if( isset($_SESSION["{$i}_fair_name"]) ) echo 'success'; } There are other ways to do it, too, for instance: isset($_SESSION[$i.'_fair_name']) H From bpang at bpang.com Fri Oct 24 12:33:00 2003 From: bpang at bpang.com (Brian Pang) Date: Fri, 24 Oct 2003 12:33:00 -0400 Subject: [nycphp-talk] accessing $_SESSION elements Message-ID: for ($i = 1; $i <= 10; $i++) { if (isset($_SESSION[$i.'_fair_name'])) { echo ("success"); } } I think that'll work or this $_SESSION[${$i.'_fair_name'}] check the manual under "variable variables" > Hi all, > > I'm trying to avoid a bunch of if/then statements by looping through > $_SESSION. I hit a roadblock that I can't seem to get around. Here is > a simple piece of code which I think gets to the heart of the problem: > > $begin=1; > if(isset($_SESSION['$begin_fair_name'])) > { > echo "success"; > } > > Of course, this works: > if(isset($_SESSION['$1_fair_name'])) > { > echo "success"; > } > > BUT, I have between 1 and 10 fair_name fields (i.e. 1_fair_name, > 2_fair_name) coming from the form. It would be much more efficient if > I can loop through and perform operations as opposed to a bunch of > if/then statements referring to specific fair_name fields. Obviously > the problem is with using a variable inside the array and I haven't > been able to figure out how to work around it. > > Trying to keep it brief here, but please let me know if further details > would be helpful. I would appreciate any tips or suggestions. > > Thanks! > > -Aaron > > _______________________________________________ > talk mailing list > talk at lists.nyphp.org > http://lists.nyphp.org/mailman/listinfo/talk > > From nyphp at enobrev.com Fri Oct 24 12:33:22 2003 From: nyphp at enobrev.com (Mark Armendariz) Date: Fri, 24 Oct 2003 12:33:22 -0400 Subject: [nycphp-talk] accessing $_SESSION elements In-Reply-To: <09B074D7-063E-11D8-8A2B-0003930D07F2@email.smith.edu> Message-ID: What about using an array as your session variable, and loop through the array: foreach($_SESSION['fair_name'] as $val) { echo $val . ': success'; } Mark -----Original Message----- From: talk-bounces at lists.nyphp.org [mailto:talk-bounces at lists.nyphp.org] On Behalf Of Aaron Fischer Sent: Friday, October 24, 2003 12:21 PM To: NYPHP Talk Subject: [nycphp-talk] accessing $_SESSION elements Hi all, I'm trying to avoid a bunch of if/then statements by looping through $_SESSION. I hit a roadblock that I can't seem to get around. Here is a simple piece of code which I think gets to the heart of the problem: $begin=1; if(isset($_SESSION['$begin_fair_name'])) { echo "success"; } Of course, this works: if(isset($_SESSION['$1_fair_name'])) { echo "success"; } BUT, I have between 1 and 10 fair_name fields (i.e. 1_fair_name, 2_fair_name) coming from the form. It would be much more efficient if I can loop through and perform operations as opposed to a bunch of if/then statements referring to specific fair_name fields. Obviously the problem is with using a variable inside the array and I haven't been able to figure out how to work around it. Trying to keep it brief here, but please let me know if further details would be helpful. I would appreciate any tips or suggestions. Thanks! -Aaron _______________________________________________ talk mailing list talk at lists.nyphp.org http://lists.nyphp.org/mailman/listinfo/talk From agfische at email.smith.edu Fri Oct 24 12:34:04 2003 From: agfische at email.smith.edu (Aaron Fischer) Date: Fri, 24 Oct 2003 12:34:04 -0400 Subject: [nycphp-talk] accessing $_SESSION elements In-Reply-To: <3F9952A3.1000008@netzero.com> Message-ID: Thanks, that works! I swear I tried concatenation. Urgh. :-) -Aaron On Friday, October 24, 2003, at 12:26 pm, Scott Mattocks wrote: > > > Aaron Fischer wrote: > >> $begin=1; >> if(isset($_SESSION['$begin_fair_name'])) >> { >> echo "success"; >> } > > Try: > $begin=1; > if(isset($_SESSION[$begin . '_fair_name'])) > { > echo "success"; > } > > Scott Mattocks > > _______________________________________________ > talk mailing list > talk at lists.nyphp.org > http://lists.nyphp.org/mailman/listinfo/talk From bpang at bpang.com Fri Oct 24 12:36:14 2003 From: bpang at bpang.com (Brian Pang) Date: Fri, 24 Oct 2003 12:36:14 -0400 Subject: [nycphp-talk] accessing $_SESSION elements Message-ID: you almost did you needed to either have the _SESSION var in double quotes to force parsing or use explicit concat with period (.). > Thanks, that works! I swear I tried concatenation. Urgh. :-) > > -Aaron > > On Friday, October 24, 2003, at 12:26 pm, Scott Mattocks wrote: > > > > > > > Aaron Fischer wrote: > > > >> $begin=1; > >> if(isset($_SESSION['$begin_fair_name'])) > >> { > >> echo "success"; > >> } > > > > Try: > > $begin=1; > > if(isset($_SESSION[$begin . '_fair_name'])) > > { > > echo "success"; > > } > > > > Scott Mattocks > > > > _______________________________________________ > > talk mailing list > > talk at lists.nyphp.org > > http://lists.nyphp.org/mailman/listinfo/talk > > _______________________________________________ > talk mailing list > talk at lists.nyphp.org > http://lists.nyphp.org/mailman/listinfo/talk > > From agfische at email.smith.edu Fri Oct 24 12:37:52 2003 From: agfische at email.smith.edu (Aaron Fischer) Date: Fri, 24 Oct 2003 12:37:52 -0400 Subject: [nycphp-talk] accessing $_SESSION elements In-Reply-To: Message-ID: <6959EFFE-0640-11D8-8A2B-0003930D07F2@email.smith.edu> Thanks everyone! Cheers! -Aaron From agfische at email.smith.edu Fri Oct 24 12:41:53 2003 From: agfische at email.smith.edu (Aaron Fischer) Date: Fri, 24 Oct 2003 12:41:53 -0400 Subject: [nycphp-talk] accessing $_SESSION elements In-Reply-To: Message-ID: Ah, I see. That's helpful. Sometimes I am getting things to work but there is still a gap in my knowledge of exactly how things are working and being interpreted behind the scenes. On a very basic, newbie level I might add! On Friday, October 24, 2003, at 12:36 pm, Brian Pang wrote: > you almost did > you needed to either have the _SESSION var in double quotes to force > parsing or use explicit concat with period (.). From jim at cultzero.com Fri Oct 24 13:32:43 2003 From: jim at cultzero.com (Jim Smith) Date: Fri, 24 Oct 2003 13:32:43 -0400 (EDT) Subject: [nycphp-talk] AOL, sessions In-Reply-To: <003801c399ac$7e5db180$6401a8c0@EZDSDELL> Message-ID: I experiened a problem with AOL and sessions on a projet that I was working a year ago. I narrowed down that the problem was associated with the fact that AOL users IP address can change within a session. I wound up creating my own session handler. A better work around probably exists... On Thu, 23 Oct 2003, Jeff Siegel wrote: > Here's the situation. On my client's website, a user fills out several > forms. Values get passed from form to form. Before the final submission > of all of the data, it all gets "cleansed" by a number of data > validation routines. All this is working fine. After submitting all of > the data, it all gets dumped into session variables (i.e., the post > variables get dumped into the session variables) and the "Thank You" > page takes the session vars and performs various functions. Again, all > of this is working correctly. > When going from the final page to the "Thank You" I use the following: > > header("Location:$http://{$_SERVER['HTTP_HOST']}/used_auto_parts_request > /used_auto_parts_request_thanks.php?code=" . session_id()); > > The "Thank You" page grabs the session ID and then performs its stuff. > > This works quite nicely *UNLESS*, it seems, someone is using AOL and > it's built-in browser. Not every AOL user has a problem but some do. > It's not obvious how to even troubleshoot this (of course...I don't have > AOL so it's hard to test it). The only info I could get was that the > user has AOL 7.0 which should have IE 5.5. > > Any clues/hints are greatly appreciated. Is something being overlooked? > > Jeff Siegel > > _______________________________________________ > talk mailing list > talk at lists.nyphp.org > http://lists.nyphp.org/mailman/listinfo/talk > From shiflett at php.net Fri Oct 24 15:06:34 2003 From: shiflett at php.net (Chris Shiflett) Date: Fri, 24 Oct 2003 12:06:34 -0700 (PDT) Subject: [nycphp-talk] AOL, sessions In-Reply-To: Message-ID: <20031024190634.96083.qmail@web14303.mail.yahoo.com> --- Jim Smith wrote: > I experiened a problem with AOL and sessions on a projet that I was > working a year ago. I narrowed down that the problem was associated > with the fact that AOL users IP address can change within a session. > I wound up creating my own session handler. A better work around > probably exists... Why was it necessary to create your own session handler? There is nothing inherent in PHP sessions that depends on anything at the TCP/IP layer; that would be foolish. Note that this isn't the fault of AOL or an example of them violating standards. HTTP is the protocol for Web traffic, and as long as that part is right, the transport is independent. Now, if AOL violated some TCP/IP layer specification, it would be a networking error, but still not really a Web-related one. The only problem comes from the fact that PHP makes available to the developer some information from the TCP/IP layer, such as the remote address, and this information is misused in some Web applications. AOL can't be held accountable for that. Chris ===== My Blog http://shiflett.org/ HTTP Developer's Handbook http://httphandbook.org/ RAMP Training Courses http://www.nyphp.org/ramp From southwell at dneba.com Fri Oct 24 15:22:33 2003 From: southwell at dneba.com (Michael Southwell) Date: Fri, 24 Oct 2003 15:22:33 -0400 Subject: [nycphp-talk] accessing $_SESSION elements In-Reply-To: <09B074D7-063E-11D8-8A2B-0003930D07F2@email.smith.edu> Message-ID: <5.1.0.14.2.20031024152121.00b466a8@mail.optonline.net> At 12:20 PM 10/24/2003, you wrote: >Hi all, > >I'm trying to avoid a bunch of if/then statements by looping through >$_SESSION. I hit a roadblock that I can't seem to get around. Here is a >simple piece of code which I think gets to the heart of the problem: > >$begin=1; >if(isset($_SESSION['$begin_fair_name'])) >{ > echo "success"; >} Aside from all the explicit advice you've gotten about how to handle this, make sure that "isset" is actually the test you want. Check PHundamentals #2 at http://phundamentals.nyphp.org to see (or remember) just how complicated this might be. >Of course, this works: >if(isset($_SESSION['$1_fair_name'])) >{ > echo "success"; >} > >BUT, I have between 1 and 10 fair_name fields (i.e. 1_fair_name, >2_fair_name) coming from the form. It would be much more efficient if I >can loop through and perform operations as opposed to a bunch of if/then >statements referring to specific fair_name fields. Obviously the problem >is with using a variable inside the array and I haven't been able to >figure out how to work around it. > >Trying to keep it brief here, but please let me know if further details >would be helpful. I would appreciate any tips or suggestions. > >Thanks! > >-Aaron > >_______________________________________________ >talk mailing list >talk at lists.nyphp.org >http://lists.nyphp.org/mailman/listinfo/talk Michael G. Southwell ================================= DNEBA Enterprises 81 South Road Bloomingdale, NJ 07403-1419 973/492-7873 (voice and fax) southwell at dneba.com http://www.dneba.com ====================================================== From jsiegel1 at optonline.net Fri Oct 24 15:24:23 2003 From: jsiegel1 at optonline.net (Jeff Siegel) Date: Fri, 24 Oct 2003 15:24:23 -0400 Subject: [nycphp-talk] AOL, sessions In-Reply-To: Message-ID: <003c01c39a64$6e876540$6401a8c0@EZDSDELL> Ouch! I'd hate to start putting in my own session handler at this stage of the game. I sure hope there's a better way. Jeff -----Original Message----- From: talk-bounces at lists.nyphp.org [mailto:talk-bounces at lists.nyphp.org] On Behalf Of Jim Smith Sent: Friday, October 24, 2003 12:33 PM To: NYPHP Talk Subject: Re: [nycphp-talk] AOL, sessions I experiened a problem with AOL and sessions on a projet that I was working a year ago. I narrowed down that the problem was associated with the fact that AOL users IP address can change within a session. I wound up creating my own session handler. A better work around probably exists... On Thu, 23 Oct 2003, Jeff Siegel wrote: > Here's the situation. On my client's website, a user fills out several > forms. Values get passed from form to form. Before the final submission > of all of the data, it all gets "cleansed" by a number of data > validation routines. All this is working fine. After submitting all of > the data, it all gets dumped into session variables (i.e., the post > variables get dumped into the session variables) and the "Thank You" > page takes the session vars and performs various functions. Again, all > of this is working correctly. > When going from the final page to the "Thank You" I use the following: > > header("Location:$http://{$_SERVER['HTTP_HOST']}/used_auto_parts_request > /used_auto_parts_request_thanks.php?code=" . session_id()); > > The "Thank You" page grabs the session ID and then performs its stuff. > > This works quite nicely *UNLESS*, it seems, someone is using AOL and > it's built-in browser. Not every AOL user has a problem but some do. > It's not obvious how to even troubleshoot this (of course...I don't have > AOL so it's hard to test it). The only info I could get was that the > user has AOL 7.0 which should have IE 5.5. > > Any clues/hints are greatly appreciated. Is something being overlooked? > > Jeff Siegel > > _______________________________________________ > talk mailing list > talk at lists.nyphp.org > http://lists.nyphp.org/mailman/listinfo/talk > _______________________________________________ talk mailing list talk at lists.nyphp.org http://lists.nyphp.org/mailman/listinfo/talk From agfische at email.smith.edu Fri Oct 24 15:24:58 2003 From: agfische at email.smith.edu (Aaron Fischer) Date: Fri, 24 Oct 2003 15:24:58 -0400 Subject: [nycphp-talk] accessing $_SESSION elements In-Reply-To: <5.1.0.14.2.20031024152121.00b466a8@mail.optonline.net> Message-ID: I believe I'm aware of the implications but I'll check that phundamentals link out. Thanks! On Friday, October 24, 2003, at 03:22 pm, Michael Southwell wrote: > Aside from all the explicit advice you've gotten about how to handle > this, make sure that "isset" is actually the test you want. Check > PHundamentals #2 at http://phundamentals.nyphp.org to see (or > remember) just how complicated this might be. From agfische at email.smith.edu Fri Oct 24 17:07:03 2003 From: agfische at email.smith.edu (Aaron Fischer) Date: Fri, 24 Oct 2003 17:07:03 -0400 Subject: [nycphp-talk] accessing $_SESSION elements In-Reply-To: <5.1.0.14.2.20031024152121.00b466a8@mail.optonline.net> Message-ID: <045B130A-0666-11D8-BE1B-0003930D07F2@email.smith.edu> Hmm, good reading. However, the second line on the phundamentals article says "The focus here will be on determining whether the variable contains something;" Since my form is dynamically generated, the first thing I am trying to do is determine if the array element even exists. For example, if the user chooses to enter 4 fairs, 5_fair_name will not exist. So, first I was checking it's existence using isset, and then if it does I can perform operations on it. Does that sounds like I'm on the right track or are there better ways for me to check for the array element's existence? On Friday, October 24, 2003, at 03:22 pm, Michael Southwell wrote: > Aside from all the explicit advice you've gotten about how to handle > this, make sure that "isset" is actually the test you want. Check > PHundamentals #2 at http://phundamentals.nyphp.org to see (or > remember) just how complicated this might be. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: text/enriched Size: 997 bytes Desc: not available URL: From dmintz at panix.com Fri Oct 24 17:46:35 2003 From: dmintz at panix.com (David Mintz) Date: Fri, 24 Oct 2003 17:46:35 -0400 (EDT) Subject: [nycphp-talk] send header before end of script? In-Reply-To: <20031024002825.GA20177@panix.com> References: <20031024002825.GA20177@panix.com> Message-ID: On Thu, 23 Oct 2003, Analysis & Solutions wrote: > Stephen: > > On Thu, Oct 23, 2003 at 05:38:37PM -0400, Stephen Musgrave wrote: > > > ignore_user_abort and I would like to send the a confirmation screen to the > > user that tells them that, "the process has been started and it will be > > completed in 2 hours." But from what I can tell, sending the header > > redirect to the confirmation page aborts the execution of the script. > > The simple way is to send them to a confirmation page. Just print out the > confirmation on the original page when the process is done. You can use > the output buffering functions to get the initial "be patient" message. > You can also use it to spit out a list of emails sent along the way, if > you like. Then, when it's completed, echo that fact out to the browser. I'd love to see a little tutorial or something on How To Do That. I've tried it playing around with output buffer functions and I encountered that familiar phenomenon know as "it doesn't work" (This, in a shared server situation where there are some php.ini things I can't set) I did buy Shiflett's book (wow, can't wait for the movie to come out!) and it seems you can do cool tricks at the protocol level with the "Transfer-Encoding: chunked" header, spitting out chunks as you go along (although I've yet to try it), but I wonder how one does it in "pure" PHP with the buffering functions. As chance would have it, my scenario is similar to Stephen's -- I'm sending a message to a bunch of addresses. No more that about 150 or so for now but it would be nice if this script could (...dare I use the S-word?) scale up well, and this technique of outputting the page as the process goes along would help.. --- David Mintz http://davidmintz.org/ Email: See http://dmintzweb.com/whitelist.php first! "Anybody else got a problem with Webistics?" Sopranos 24:17 From rob at nyc.yamaha.com Fri Oct 24 17:57:58 2003 From: rob at nyc.yamaha.com (Robert Redcay) Date: Fri, 24 Oct 2003 17:57:58 -0400 Subject: [nycphp-talk] accessing $_SESSION elements In-Reply-To: <045B130A-0666-11D8-BE1B-0003930D07F2@email.smith.edu> References: <045B130A-0666-11D8-BE1B-0003930D07F2@email.smith.edu> Message-ID: <3F99A066.50905@nyc.yamaha.com> Aaron, It seems like what you really want is an array of data. If you have your form submit the individual fairs as elements of an array ($fairs), you'll find php's array functions very helpful when determining what indeces are set. It seems that your prepending an integer to the string 'fair_name' is just a poor man's array which makes your looping tests akward. Best, Robert Redcay Aaron Fischer wrote: > Hmm, good reading. However, the second line on the phundamentals > article says "The focus here will be on determining whether the > variable contains something;" > > Since my form is dynamically generated, the first thing I am trying to > do is determine if the array element even exists. For example, if the > user chooses to enter 4 fairs, 5_fair_name will not exist. So, first I > was checking it's existence using isset, and then if it does I can > perform operations on it. > > Does that sounds like I'm on the right track or are there better ways > for me to check for the array element's existence? > > > On Friday, October 24, 2003, at 03:22 pm, Michael Southwell wrote: > > Aside from all the explicit advice you've gotten about how to > handle this, make sure that "isset" is actually the test you want. > Check PHundamentals #2 at _http://phundamentals.nyphp.org_ to see > (or remember) just how complicated this might be. > >------------------------------------------------------------------------ > >_______________________________________________ >talk mailing list >talk at lists.nyphp.org >http://lists.nyphp.org/mailman/listinfo/talk > > From agfische at email.smith.edu Fri Oct 24 18:40:15 2003 From: agfische at email.smith.edu (Aaron Fischer) Date: Fri, 24 Oct 2003 18:40:15 -0400 Subject: [nycphp-talk] accessing $_SESSION elements In-Reply-To: <3F99A066.50905@nyc.yamaha.com> Message-ID: <098928CA-0673-11D8-BE1B-0003930D07F2@email.smith.edu> Hi Robert, I do have an array of data, let me backtrack to explain: In the first form a user enters name, etc. and how many fairs they want to enter. On post, a loop iterates set number of times which is equal to the number of fairs they have chosen. On each iteration, the loop spits out the html form fields that enables the user to enter each fair, i.e. 1_fair_name, 1_fair_location, 1_fair_date, 2_fair_name, 2_fair_location, 2_fair_date, etc. The 1, 2, 3, etc. distinguish each fair. If I was creating a static html form I would be naming the fields with the same convention. Here I am just using php to create the fields. I did this to make the interface more appealing, so the user doesn't have to wade through a long form with all of the fields for 10 different fairs if they only want to enter 1. Then on submit I am looping the set number of times again and testing to see if the array elements are empty. If any element is empty I will reload the form with appropriate error messages. On typing this I realize that I don't need to test to see if array elements are there. I know what is there, based on the number of fairs they have chosen, which is stored as an array element as well. I just want to test to see if said fair elements are empty. I have been reading through the array functions but hadn't found a good way to say "Does array key "foo" exist? and if it does, is it empty?". I could very well be blind at this point. -Aaron On Friday, October 24, 2003, at 05:57 pm, Robert Redcay wrote: > Aaron, > It seems like what you really want is an array of data. If you have > your form submit the individual fairs as elements of an array > ($fairs), you'll find php's array functions very helpful when > determining what indeces are set. It seems that your prepending an > integer to the string 'fair_name' is just a poor man's array which > makes your looping tests akward. > > Best, > Robert Redcay From nyphp at enobrev.com Fri Oct 24 19:00:13 2003 From: nyphp at enobrev.com (Mark Armendariz) Date: Fri, 24 Oct 2003 19:00:13 -0400 Subject: [nycphp-talk] accessing $_SESSION elements In-Reply-To: <098928CA-0673-11D8-BE1B-0003930D07F2@email.smith.edu> Message-ID: Well, you could do it like: Form input names: fair_name[] fair_location[] fair_date[] Then on the processor, the array size will be the size of passed vars. So if they only fill out 3 sets, the array will actaully be 3 large. Hence, no checking for empties. The empties aren't passed (not sure if that's http or php, but empties don't get passed). Then you can loop through and continue: foreach($_POST['fair_name'] as $index => $value) { echo 'Fair ' . ($index + 1) . '
'; echo 'name: ' . $_POST['fair_name'][$index] . '
'; echo 'location: ' . $_POST['fair_location'][$index] . '
'; echo 'date: ' . $_POST['fair_date'][$index] . '
'; } If you need the indices to be specific numbers, (Ie starting at 1 instead of zero) you can set the form inut names as fair_name[1], fair_name[2], etc. Mark -----Original Message----- From: talk-bounces at lists.nyphp.org [mailto:talk-bounces at lists.nyphp.org] On Behalf Of Aaron Fischer Sent: Friday, October 24, 2003 6:40 PM To: NYPHP Talk Subject: Re: [nycphp-talk] accessing $_SESSION elements Hi Robert, I do have an array of data, let me backtrack to explain: In the first form a user enters name, etc. and how many fairs they want to enter. On post, a loop iterates set number of times which is equal to the number of fairs they have chosen. On each iteration, the loop spits out the html form fields that enables the user to enter each fair, i.e. 1_fair_name, 1_fair_location, 1_fair_date, 2_fair_name, 2_fair_location, 2_fair_date, etc. The 1, 2, 3, etc. distinguish each fair. If I was creating a static html form I would be naming the fields with the same convention. Here I am just using php to create the fields. I did this to make the interface more appealing, so the user doesn't have to wade through a long form with all of the fields for 10 different fairs if they only want to enter 1. Then on submit I am looping the set number of times again and testing to see if the array elements are empty. If any element is empty I will reload the form with appropriate error messages. On typing this I realize that I don't need to test to see if array elements are there. I know what is there, based on the number of fairs they have chosen, which is stored as an array element as well. I just want to test to see if said fair elements are empty. I have been reading through the array functions but hadn't found a good way to say "Does array key "foo" exist? and if it does, is it empty?". I could very well be blind at this point. -Aaron On Friday, October 24, 2003, at 05:57 pm, Robert Redcay wrote: > Aaron, > It seems like what you really want is an array of data. If you have > your form submit the individual fairs as elements of an array > ($fairs), you'll find php's array functions very helpful when > determining what indeces are set. It seems that your prepending an > integer to the string 'fair_name' is just a poor man's array which > makes your looping tests akward. > > Best, > Robert Redcay _______________________________________________ talk mailing list talk at lists.nyphp.org http://lists.nyphp.org/mailman/listinfo/talk From shiflett at php.net Fri Oct 24 19:07:41 2003 From: shiflett at php.net (Chris Shiflett) Date: Fri, 24 Oct 2003 16:07:41 -0700 (PDT) Subject: [nycphp-talk] send header before end of script? In-Reply-To: Message-ID: <20031024230741.26753.qmail@web14309.mail.yahoo.com> --- David Mintz wrote: > I did buy Shiflett's book (wow, can't wait for the movie to come > out!) and it seems you can do cool tricks at the protocol level > with the "Transfer-Encoding: chunked" header, spitting out chunks > as you go along (although I've yet to try it), but I wonder how one > does it in "pure" PHP with the buffering functions. I hope you enjoy the book. :-) There is an example on page 173 that shows how to perform chunked transfers with PHP, and you can try it out from this page (it's flush.phps): http://shiflett.org/books/http-developers-handbook/code The flush() function is a tough one to debug when it doesn't work. Basically, anything that buffers output can potentially cause problems. This includes the Web server and the browser (IE, notably) in addition to things like ob_start(). If you try my example from my Web site, and it doesn't work, it's definitely your browser that is doing the buffering. There are some tricks to get around this with IE, such as sending at least 256 bytes of whitespace before any other output. My example doesn't include this trick. If the example on my Web site does work, then your browser definitely handles the chunked transfer correctly. If you use output buffering within PHP, you'll have to flush that and then also flush() to send a new chunk. Hope that helps. Chris ===== My Blog http://shiflett.org/ HTTP Developer's Handbook http://httphandbook.org/ RAMP Training Courses http://www.nyphp.org/ramp From rob at nyc.yamaha.com Fri Oct 24 19:22:07 2003 From: rob at nyc.yamaha.com (Robert Redcay) Date: Fri, 24 Oct 2003 19:22:07 -0400 Subject: [nycphp-talk] accessing $_SESSION elements In-Reply-To: <098928CA-0673-11D8-BE1B-0003930D07F2@email.smith.edu> References: <098928CA-0673-11D8-BE1B-0003930D07F2@email.smith.edu> Message-ID: <3F99B41F.2010701@nyc.yamaha.com> Aaron, I still think that arrays would do it. See my comments inline, and also play with code snidbit at the bottom of my post. Aaron Fischer wrote: > Hi Robert, > > I do have an array of data, let me backtrack to explain: > In the first form a user enters name, etc. and how many fairs they > want to enter. > On post, a loop iterates set number of times which is equal to the > number of fairs they have chosen. > On each iteration, the loop spits out the html form fields that > enables the user to enter each fair, i.e. 1_fair_name, > 1_fair_location, 1_fair_date, 2_fair_name, 2_fair_location, > 2_fair_date, etc. The 1, 2, 3, etc. distinguish each fair. If I was > creating a static html form I would be naming the fields with the same > convention. Here I am just using php to create the fields. See code below. > I did this to make the interface more appealing, so the user doesn't > have to wade through a long form with all of the fields for 10 > different fairs if they only want to enter 1. makes sense. > > Then on submit I am looping the set number of times again and testing > to see if the array elements are empty. If any element is empty I > will reload the form with appropriate error messages. now you just need foreach() > On typing this I realize that I don't need to test to see if array > elements are there. I know what is there, based on the number of > fairs they have chosen, which is stored as an array element as well. > I just want to test to see if said fair elements are empty. exactly, which is what Micheal was trying to get you to realize in his post which pointed you to the phundamentals page. > I have been reading through the array functions but hadn't found a > good way to say "Does array key "foo" exist? and if it does, is it > empty?". I could very well be blind at this point. In general, to answer the question "does a variable exist, and if it does, is it empty," all one needs is a call to the empty() function. In your case, you need an additional call to the function array_key_exists(), but again, in this case you know the key exists, the only question is is it empty? /* -------- example code --------- */ \n"; print_r ($_POST['fairs']); echo "\n"; } ?>
Fair 1: name:
Fair 1: location:
Fair 2: name:
Fair 2: loc:

/* ------- -------- */ Hope this helps, Robert Redcay From agfische at email.smith.edu Fri Oct 24 19:57:09 2003 From: agfische at email.smith.edu (Aaron Fischer) Date: Fri, 24 Oct 2003 19:57:09 -0400 Subject: [nycphp-talk] accessing $_SESSION elements In-Reply-To: <3F99B41F.2010701@nyc.yamaha.com> Message-ID: > Aaron, I still think that arrays would do it. See my comments inline, > and also play with code snidbit at the bottom of my post. Urgh, brain fuzzy, must get food... but I think I am seeing what you are getting at. >
> > Fair 1: name:
> Fair 1: location:
> Fair 2: name:
> Fair 2: loc:
> >
> >
> So in this example are you setting an array inside of an array? From what I am seeing there is a fairs array that would hold a "1" array and a "2" array. These "1" and "2" arrays would hold the key => values of name, loc, date, etc. -A From dmintz at panix.com Sat Oct 25 14:32:38 2003 From: dmintz at panix.com (David Mintz) Date: Sat, 25 Oct 2003 14:32:38 -0400 (EDT) Subject: [nycphp-talk] chunked xfer (was Re: send header before end...) In-Reply-To: <20031024230741.26753.qmail@web14309.mail.yahoo.com> References: <20031024230741.26753.qmail@web14309.mail.yahoo.com> Message-ID: On Fri, 24 Oct 2003, Chris Shiflett wrote: > --- David Mintz wrote: > > I did buy Shiflett's book (wow, can't wait for the movie to come > > out!) and it seems you can do cool tricks at the protocol level > > with the "Transfer-Encoding: chunked" header, > I hope you enjoy the book. :-) I'm tellin ya, it's a winner. Just add a couple car chases and some sex... Seriously, it's good -- for more than just deterring other airline passengers from trying to converse with you. > There is an example on page 173 that shows how to perform chunked transfers > with PHP, and you can try it out from this page (it's flush.phps): Ah yes, it's been here mentioned before, hasn't it. btw, it works fine with Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.2.1) Gecko/20030225 Thanks for the tips and the code to play with. --- David Mintz http://davidmintz.org/ Email: See http://dmintzweb.com/whitelist.php first! "Anybody else got a problem with Webistics?" Sopranos 24:17 From suzerain at suzerain.com Sun Oct 26 05:55:41 2003 From: suzerain at suzerain.com (Marc Antony Vose) Date: Sun, 26 Oct 2003 05:55:41 -0500 Subject: [nycphp-talk] TAR and permissions In-Reply-To: <3F9932E4.3060002@nyphp.org> References: <001f01c39a08$b4aedb40$6401a8c0@EZDSDELL> <3F9932E4.3060002@nyphp.org> Message-ID: Hi there: I've written a simple script that's moving files from a staging server location to the live server area (virtual servers on the same Linux box). I'm doing it by creating a TAR file from specified files in the staging area, copying the TAR file over to the live area, and extracting it. My problem is that all files coming out of the archive are having the user and group 'apache' assigned to them. Is it possible to accomplish this without altering the user/group information? (The script is being run from a Web interface...PHP scripts are being parsed by the PHP Apache module, not the CGI version.) Cheers, -- Marc Antony Vose http://www.suzerain.com/ When a man is generally detested, or when he is generally beloved, closer examination is necessary. -- K'ung-Tzu From jsiegel1 at optonline.net Sun Oct 26 08:47:27 2003 From: jsiegel1 at optonline.net (Jeff Siegel) Date: Sun, 26 Oct 2003 08:47:27 -0500 Subject: [nycphp-talk] SPAM and how it is impacting email usage Message-ID: <000a01c39bc7$b18311a0$6401a8c0@EZDSDELL> See: http://www.pewinternet.org/reports/pdfs/PIP_Spam_Report.pdf Jeff Siegel From tgales at tgaconnect.com Sun Oct 26 09:00:41 2003 From: tgales at tgaconnect.com (Tim Gales) Date: Sun, 26 Oct 2003 09:00:41 -0500 Subject: [nycphp-talk] TAR and permissions In-Reply-To: Message-ID: <000001c39bc9$8acd0690$bf8d3818@oberon1> Marc, I am sorry I can't help you. After I read your post, though, something didn't seem right. I thought I could remember something about tar preserves the ownership of files -- Unless you tell it not to (with --owner=user option) So I searched the web for my own benefit ("tar file ownership") I found the following: ... Package: tar Version: 1.11.8 Revision: 1 The session below demonstrates a NASTY bug in tar. Tar does not restore ownership of files. I tried -p, --preserve, --same-owner, etc., and nothing worked. I verified that my passwd file was alright. The clincher was when I ftp'ed the latest slackware tar from a friend's machine and tried it. Slackware's tar worked just fine... At http://lists.debian.org/debian-devel/1996/debian-devel-19960 1/msg00411.html Now I am not suggesting that this is the answer to you situation. I am pretty sure its something a lot simpler. But as you can see in the correspondence above it was very specific about the Version of the software. That reminded me of the fact that it is always a good idea to mention the release version Of the software you are discussing. Hope you find your answer(soon). Regards, Tim G. T. Gales & Associates Helping People Connect with Technology http://www.tgaconnect.com -----Original Message----- From: talk-bounces at lists.nyphp.org [mailto:talk-bounces at lists.nyphp.org] On Behalf Of Marc Antony Vose Sent: Sunday, October 26, 2003 5:56 AM To: NYPHP Talk Subject: [nycphp-talk] TAR and permissions Hi there: I've written a simple script that's moving files from a staging server location to the live server area (virtual servers on the same Linux box). I'm doing it by creating a TAR file from specified files in the staging area, copying the TAR file over to the live area, and extracting it. My problem is that all files coming out of the archive are having the user and group 'apache' assigned to them. Is it possible to accomplish this without altering the user/group information? (The script is being run from a Web interface...PHP scripts are being parsed by the PHP Apache module, not the CGI version.) Cheers, -- Marc Antony Vose http://www.suzerain.com/ When a man is generally detested, or when he is generally beloved, closer examination is necessary. -- K'ung-Tzu _______________________________________________ talk mailing list talk at lists.nyphp.org http://lists.nyphp.org/mailman/listinfo/talk From hans at nyphp.org Sun Oct 26 10:15:49 2003 From: hans at nyphp.org (Hans Zaunere) Date: Sun, 26 Oct 2003 10:15:49 -0500 Subject: [nycphp-talk] TAR and permissions In-Reply-To: References: <001f01c39a08$b4aedb40$6401a8c0@EZDSDELL> <3F9932E4.3060002@nyphp.org> Message-ID: <3F9BE525.1070105@nyphp.org> Marc Antony Vose wrote: > Hi there: > > I've written a simple script that's moving files from a staging server > location to the live server area (virtual servers on the same Linux box). > > I'm doing it by creating a TAR file from specified files in the staging > area, copying the TAR file over to the live area, and extracting it. > > My problem is that all files coming out of the archive are having the > user and group 'apache' assigned to them. Is it possible to accomplish > this without altering the user/group information? The file ownership becomes that of the user making the write to the disk. --preserve or --same-owner may help, but as time points out it's problematic at best. You could also consider using cp -pr which works pretty well, or good old chown :) > (The script is being run from a Web interface...PHP scripts are being > parsed by the PHP Apache module, not the CGI version.) As a heads up, doing filesystem operations, especially when involving multiple users, can get sticky. It's always worked best to execute some out of apache process to do the filesystem operations; PHP CLI works great! :) H From cahoyos at us.ibm.com Sun Oct 26 18:20:44 2003 From: cahoyos at us.ibm.com (Carlos A Hoyos) Date: Mon, 27 Oct 2003 09:20:44 +1000 Subject: [nycphp-talk] TAR and permissions In-Reply-To: Message-ID: I replicate from stage to live with a a script that uses rsync to move the files. With rsync you will be able to replicate only the files that have changed, and also preserve ownership. It's also faster and can securely copy between servers. Carlos Marc Antony Vose n.com> cc: Sent by: Subject: [nycphp-talk] TAR and permissions talk-bounces at list s.nyphp.org 10/26/2003 09:55 PM Please respond to NYPHP Talk Hi there: I've written a simple script that's moving files from a staging server location to the live server area (virtual servers on the same Linux box). I'm doing it by creating a TAR file from specified files in the staging area, copying the TAR file over to the live area, and extracting it. My problem is that all files coming out of the archive are having the user and group 'apache' assigned to them. Is it possible to accomplish this without altering the user/group information? (The script is being run from a Web interface...PHP scripts are being parsed by the PHP Apache module, not the CGI version.) Cheers, -- Marc Antony Vose http://www.suzerain.com/ When a man is generally detested, or when he is generally beloved, closer examination is necessary. -- K'ung-Tzu _______________________________________________ talk mailing list talk at lists.nyphp.org http://lists.nyphp.org/mailman/listinfo/talk From shiflett at php.net Sun Oct 26 23:04:20 2003 From: shiflett at php.net (Chris Shiflett) Date: Sun, 26 Oct 2003 20:04:20 -0800 (PST) Subject: [nycphp-talk] TAR and permissions In-Reply-To: Message-ID: <20031027040420.33664.qmail@web14308.mail.yahoo.com> --- Carlos A Hoyos wrote: > I replicate from stage to live with a a script that uses rsync to > move the files. rsync is good. Another alternative is CVS, which is my preference. Chris ===== My Blog http://shiflett.org/ HTTP Developer's Handbook http://httphandbook.org/ RAMP Training Courses http://www.nyphp.org/ramp From shawn at shawnlawyer.com Mon Oct 27 01:12:38 2003 From: shawn at shawnlawyer.com (Shawn Lawyer) Date: Mon, 27 Oct 2003 01:12:38 -0500 Subject: [nycphp-talk] SPAM tank References: <000a01c39bc7$b18311a0$6401a8c0@EZDSDELL> Message-ID: <001001c39c51$530a16c0$1ea0d718@Della> As is known, I hate Spam. About two years ago I came up with a simple way to eliminate Spam. I stopped collecting all traditional email and directed anyone who desired to contacted me to visit the contact section of my website. Here they were instructed to either login or apply for right to contact me electronically. This was a solution worked for fundamental purposes, stopping all Spam. This under developed method for handling *email* didn't really take that long to manage, having to review applicants and read mail. The difficulties were not being able to receive acceptable automated lists such as NYPHP, and emergency emails from non approved clients. Needless to say, I started collecting my email again. I feel though, through wide scale participation, all the hassle can be eliminated. It would require a WS type architecture for the mailing lists and a completely new standard for email retrieval and sending, but is certainly possible. Anyone up for a project? Heh. Another idea: In the 70's and early 80's kids would pull the emergency brake at rush hour on the subways of Manhattan. It had become a major problem. Then one day a most of the people riding in a car, beat the crap out a guys who pulled the emergency brake for no reason. Since that day no one falsely pulls the emergency brake. Point being, these emails could be tracked and managed if there were mass motivation. moo Shawn Lawyer See: http://www.pewinternet.org/reports/pdfs/PIP_Spam_Report.pdf From danielc at analysisandsolutions.com Mon Oct 27 01:36:43 2003 From: danielc at analysisandsolutions.com (Analysis & Solutions) Date: Mon, 27 Oct 2003 01:36:43 -0500 Subject: [nycphp-talk] SPAM tank In-Reply-To: <001001c39c51$530a16c0$1ea0d718@Della> References: <000a01c39bc7$b18311a0$6401a8c0@EZDSDELL> <001001c39c51$530a16c0$1ea0d718@Della> Message-ID: <20031027063643.GA27454@panix.com> Heya: Sorry for the off topic response... On Mon, Oct 27, 2003 at 01:12:38AM -0500, Shawn Lawyer wrote: > > In the 70's and early 80's kids would pull the emergency brake at rush hour > on the subways of Manhattan. It had become a major problem. Then one day a > most of the people riding in a car, beat the crap out a guys who pulled the > emergency brake for no reason. Cord pulling was a problem on the Lexington Ave line. The reason most people pulled the cords was to create a distraction, making it easy to pick pockets. > Since that day no one falsely pulls the emergency brake. Not exactly. The Transit Authority implemented my suggestion to place alarmed covers over the pull cords. Thus, people can't anonymously pull the emergency brakes any more. --Dan -- FREE scripts that make web and database programming easier http://www.analysisandsolutions.com/software/ T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y 4015 7th Ave #4AJ, Brooklyn NY v: 718-854-0335 f: 718-854-0409 From smanes at magpie.com Mon Oct 27 07:26:47 2003 From: smanes at magpie.com (Steve Manes) Date: Mon, 27 Oct 2003 07:26:47 -0500 Subject: [nycphp-talk] SPAM tank In-Reply-To: <001001c39c51$530a16c0$1ea0d718@Della> References: <000a01c39bc7$b18311a0$6401a8c0@EZDSDELL> <001001c39c51$530a16c0$1ea0d718@Della> Message-ID: <3F9D0F07.8020909@magpie.com> Shawn Lawyer wrote: > About two years ago I came up with a simple way to eliminate Spam. I stopped > collecting all traditional email and directed anyone who desired to > contacted me to visit the contact section of my website. Here they were > instructed to either login or apply for right to contact me electronically. > This was a solution worked for fundamental purposes, stopping all Spam. > ... > > Needless to say, I started collecting my email again. I feel though, through > wide scale participation, all the hassle can be eliminated. It would require > a WS type architecture for the mailing lists and a completely new standard > for email retrieval and sending, but is certainly possible. Anyone up for a > project? Heh. This is basically the whitelist approach taken by ISPs like Earthlink. It's also available as off the rack software, TMDA (http://tmda.net/). It's fine for casual email use where email isn't a critical path for the end user. But there are inherent problems with it, for instance how do you deal with machine generated email like double-opt confirmations, notifications of ecommerce purchases, warnings like domain name expiration notices and of course bounce mail from mailer daemons telling you that your intended recipient doesn't exist? For all practical purposes you can't preauthorize these sending addresses. Another problem exists when you have two users with whitelists trying to contact each other. In a badly designed system you could have an endless loop as the two whitelists fired off confirmation messages to each other. Otherwise, one side is waiting for the other to do something before either party knows that a communication attempt has been made. In the end, you need to queue those unauthorized contacts somewhere and inspect them periodically for "good" mail, but that's essentially what you do with a procmail or bayesian spam filter. In the end, you still have to visit that "spam" folder to make sure that no "good" fish got caught in the net. From amanda at deanrocks.com Mon Oct 27 12:00:49 2003 From: amanda at deanrocks.com (amanda at deanrocks.com) Date: Mon, 27 Oct 2003 11:00:49 -0600 (CST) Subject: [nycphp-talk] (no subject) Message-ID: <3736.64.222.177.187.1067274049.squirrel@www.deanrocks.com> talk at lists.nyphp.org. From amanda at deanrocks.com Mon Oct 27 12:03:22 2003 From: amanda at deanrocks.com (amanda at deanrocks.com) Date: Mon, 27 Oct 2003 11:03:22 -0600 (CST) Subject: [nycphp-talk] Please Help with a Howard Dean Website! In-Reply-To: <20031027170003.219D6A85FE@virtu.nyphp.org> References: <20031027170003.219D6A85FE@virtu.nyphp.org> Message-ID: <3739.64.222.177.187.1067274202.squirrel@www.deanrocks.com> Dear PHP Developers! Any Howard Dean supporters out there?? I?m trying to develop my website, DEANROCKS.COM and need help! My programmer and graphic designer are both too busy to help me any further and I am looking for people who may be interested in joining the DeanRocks.com team. We started the site back in June with a packaged program written in Cold Fusion that drove the site. The functionality and speed of the program was amazing, however, there was little room for design. We?ve now started from scratch and would like to use PHP and a MY SQL database to create our new site with more flexibility. My idea behind this site is to create the first online database of Howard Dean?s endorsements nationally. We want to seek endorsements from various bands, celebrities and political figures nationwide and display them for public viewing. This will revolutionize the power of endorsements as a political tool, because we will be able to create a nationwide, documented network of support that will literally rock the nation. There are many things I would like to change about the site and a team with fresh energy could certainly make this really happen fairly easily. These are things that we need to work on: -A login system- to capture people?s information and connect members with each other (I really like the login system on this site!) -A new message board- ours is horrible! -A download section- with fun graphic and music downloads, hopefully musicians who?ve endorsed Dean will make a few songs available for free to members -A blog with threads- so people can respond to our posts -A marketing strategy- to get our site out there to more people and on major search engines -YOUR IDEAS- This site models the collective nature of the Dean Campaign itself, bring on your ideas and make them happen! I have no web experience and basically need people to do all of the technical aspects. Please let me know if you or anyone you know may be interested in helping DeanRocks take off, it will have such an incredible impact on the campaign if we can get it together! Thanks for your time and I hope someone out there can help! Sincerely, Amanda Mattoon www.deanrocks.com From hans at nyphp.org Mon Oct 27 12:27:52 2003 From: hans at nyphp.org (Hans Zaunere) Date: Mon, 27 Oct 2003 12:27:52 -0500 Subject: [nycphp-talk] SPAM tank In-Reply-To: <001001c39c51$530a16c0$1ea0d718@Della> References: <000a01c39bc7$b18311a0$6401a8c0@EZDSDELL> <001001c39c51$530a16c0$1ea0d718@Della> Message-ID: <3F9D5598.5070408@nyphp.org> Shawn Lawyer wrote: > As is known, I hate Spam. > > About two years ago I came up with a simple way to eliminate Spam. I stopped > collecting all traditional email and directed anyone who desired to > contacted me to visit the contact section of my website. Here they were > instructed to either login or apply for right to contact me electronically. > This was a solution worked for fundamental purposes, stopping all Spam. > > This under developed method for handling *email* didn't really take that > long to manage, having to review applicants and read mail. The difficulties > were not being able to receive acceptable automated lists such as NYPHP, and > emergency emails from non approved clients. > > Needless to say, I started collecting my email again. I feel though, through > wide scale participation, all the hassle can be eliminated. It would require > a WS type architecture for the mailing lists and a completely new standard > for email retrieval and sending, but is certainly possible. Anyone up for a > project? Heh. Sounds like it'd be a nice addition for mega-mailing list nyphp has planned. Hope you can make it to the meeting tomorrow and we can chat. H From bpang at bpang.com Mon Oct 27 12:30:06 2003 From: bpang at bpang.com (Brian Pang) Date: Mon, 27 Oct 2003 12:30:06 -0500 Subject: [nycphp-talk] LAMP File Sharing Message-ID: hey, they stole our acronym http://www.cnn.com/2003/TECH/ptech/10/27/file.swapping.ap/index.html From jeffknight at mac.com Mon Oct 27 12:33:54 2003 From: jeffknight at mac.com (PUTAMARE) Date: Mon, 27 Oct 2003 12:33:54 -0500 Subject: [nycphp-talk] LAMP File Sharing In-Reply-To: Message-ID: On Monday, October 27, 2003, at 12:30 PM, Brian Pang wrote: > hey, they stole our acronym > We don't need the "L" anyway. FreeBSD, Mac OS X, and Windows: AMP is all about power. Jeff Knight jeff not junkmail at lushmedia.com 212/213-6558 x 203 LUSH media 110 W 40th St #1502 New York, NY 10018 From shiflett at php.net Mon Oct 27 12:36:21 2003 From: shiflett at php.net (Chris Shiflett) Date: Mon, 27 Oct 2003 09:36:21 -0800 (PST) Subject: [nycphp-talk] LAMP File Sharing In-Reply-To: Message-ID: <20031027173621.99254.qmail@web14303.mail.yahoo.com> --- Brian Pang wrote: > hey, they stole our acronym > > http://www.cnn.com/2003/TECH/ptech/10/27/file.swapping.ap/index.html Interesting article. I think it is O'Reilly who came up with the LAMP acronym (I'm not positive), and you think that since these guys are from MIT, they would be "in the know" about the real LAMP. Guess not. :-) Chris ===== My Blog http://shiflett.org/ HTTP Developer's Handbook http://httphandbook.org/ RAMP Training Courses http://www.nyphp.org/ramp From shiflett at php.net Mon Oct 27 12:40:32 2003 From: shiflett at php.net (Chris Shiflett) Date: Mon, 27 Oct 2003 09:40:32 -0800 (PST) Subject: [nycphp-talk] LAMP File Sharing In-Reply-To: Message-ID: <20031027174032.72155.qmail@web14307.mail.yahoo.com> --- PUTAMARE wrote: > [snip] Windows: AMP is all about power. :-D Chris ===== My Blog http://shiflett.org/ HTTP Developer's Handbook http://httphandbook.org/ RAMP Training Courses http://www.nyphp.org/ramp From dkrook at hotmail.com Mon Oct 27 12:45:46 2003 From: dkrook at hotmail.com (D C Krook) Date: Mon, 27 Oct 2003 12:45:46 -0500 Subject: [nycphp-talk] LAMP File Sharing Message-ID: >We don't need the "L" anyway. FreeBSD, Mac OS X, and Windows: AMP is all about power. Speaking of, can anyone help me out with a better acronym for my current setup? Tomcat, Apache, MySQL, PHP on Solaris? :) _________________________________________________________________ STOP MORE SPAM with the new MSN 8 and get 2 months FREE* http://join.msn.com/?page=features/junkmail From dmintz at davidmintz.org Mon Oct 27 12:48:01 2003 From: dmintz at davidmintz.org (David Mintz) Date: Mon, 27 Oct 2003 12:48:01 -0500 (EST) Subject: [nycphp-talk] trivium: what's exif stand for? Message-ID: just curious -- Extract.. Image... File... ?? --- David Mintz http://davidmintz.org/ Email: See http://dmintzweb.com/whitelist.php first! "Anybody else got a problem with Webistics?" Sopranos 24:17 From nyphp at websapp.com Mon Oct 27 12:49:09 2003 From: nyphp at websapp.com (Daniel Kushner) Date: Mon, 27 Oct 2003 12:49:09 -0500 Subject: [nycphp-talk] LAMP File Sharing In-Reply-To: Message-ID: SPAM[T] > -----Original Message----- > From: talk-bounces at lists.nyphp.org > [mailto:talk-bounces at lists.nyphp.org]On Behalf Of D C Krook > Sent: Monday, October 27, 2003 12:46 PM > To: talk at lists.nyphp.org > Subject: Re: [nycphp-talk] LAMP File Sharing > > > >We don't need the "L" anyway. FreeBSD, Mac OS X, and Windows: AMP is > all about power. > > Speaking of, can anyone help me out with a better acronym for my current > setup? > > Tomcat, Apache, MySQL, PHP on Solaris? > > :) > > _________________________________________________________________ > STOP MORE SPAM with the new MSN 8 and get 2 months FREE* > http://join.msn.com/?page=features/junkmail > > _______________________________________________ > talk mailing list > talk at lists.nyphp.org > http://lists.nyphp.org/mailman/listinfo/talk > From shiflett at php.net Mon Oct 27 12:48:44 2003 From: shiflett at php.net (Chris Shiflett) Date: Mon, 27 Oct 2003 09:48:44 -0800 (PST) Subject: [nycphp-talk] LAMP File Sharing In-Reply-To: Message-ID: <20031027174844.67539.qmail@web14308.mail.yahoo.com> --- D C Krook wrote: > Speaking of, can anyone help me out with a better acronym for my > current setup? > > Tomcat, Apache, MySQL, PHP on Solaris? Tampons? :-) Chris ===== My Blog http://shiflett.org/ HTTP Developer's Handbook http://httphandbook.org/ RAMP Training Courses http://www.nyphp.org/ramp From jeffknight at mac.com Mon Oct 27 12:52:49 2003 From: jeffknight at mac.com (PUTAMARE) Date: Mon, 27 Oct 2003 12:52:49 -0500 Subject: [nycphp-talk] trivium: what's exif stand for? In-Reply-To: Message-ID: <613E5DC4-08A6-11D8-9379-000393B9FB36@mac.com> Find out at Tuesday nights meeting! (Exchangeable Image File Format) On Monday, October 27, 2003, at 12:48 PM, David Mintz wrote: > > just curious -- Extract.. Image... File... ?? > > --- > David Mintz > http://davidmintz.org/ > Email: See http://dmintzweb.com/whitelist.php first! > > "Anybody else got a problem with Webistics?" > > Sopranos 24:17 > _______________________________________________ > talk mailing list > talk at lists.nyphp.org > http://lists.nyphp.org/mailman/listinfo/talk > > Jeff Knight jeff not junkmail at lushmedia.com 212/213-6558 x 203 LUSH media 110 W 40th St #1502 New York, NY 10018 From nestorflorez at earthlink.net Mon Oct 27 13:38:25 2003 From: nestorflorez at earthlink.net (Nestor) Date: Mon, 27 Oct 2003 10:38:25 -0800 Subject: [nycphp-talk] LAMP File Sharing In-Reply-To: Message-ID: STAMP :-) -----Original Message----- From: talk-bounces at lists.nyphp.org [mailto:talk-bounces at lists.nyphp.org]On Behalf Of D C Krook Sent: Monday, October 27, 2003 9:46 AM To: talk at lists.nyphp.org Subject: Re: [nycphp-talk] LAMP File Sharing >We don't need the "L" anyway. FreeBSD, Mac OS X, and Windows: AMP is all about power. Speaking of, can anyone help me out with a better acronym for my current setup? Tomcat, Apache, MySQL, PHP on Solaris? :) _________________________________________________________________ STOP MORE SPAM with the new MSN 8 and get 2 months FREE* http://join.msn.com/?page=features/junkmail _______________________________________________ talk mailing list talk at lists.nyphp.org http://lists.nyphp.org/mailman/listinfo/talk --- Incoming mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.532 / Virus Database: 326 - Release Date: 10/27/2003 --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.532 / Virus Database: 326 - Release Date: 10/27/2003 From jlacey at att.net Mon Oct 27 13:32:54 2003 From: jlacey at att.net (John Lacey) Date: Mon, 27 Oct 2003 11:32:54 -0700 Subject: [nycphp-talk] LAMP File Sharing In-Reply-To: <20031027173621.99254.qmail@web14303.mail.yahoo.com> References: <20031027173621.99254.qmail@web14303.mail.yahoo.com> Message-ID: <3F9D64D6.2080501@att.net> Chris Shiflett wrote: >Interesting article. I think it is O'Reilly who came up with the LAMP acronym >(I'm not positive), and you think that since these guys are from MIT, they >would be "in the know" about the real LAMP. Guess not. :-) > > > I believe the "LAMP" acronym originated in Europe.. Germany? In doing some research for a "LAMP" certification, for a course series that I was teaching, at least that's what I found. Of course, 50 years from now the historical revisionists will say "Oh, that really originated in ...[insert newsworthy-place-here] :) John From soazine at pop.erols.com Mon Oct 27 14:35:32 2003 From: soazine at pop.erols.com (soazine at pop.erols.com) Date: Mon, 27 Oct 2003 14:35:32 -0500 Subject: [nycphp-talk] class method name exists, class property exists, calling method fails Message-ID: <184670-2200310127193532944@M2W074.mail2web.com> I have a class object I am calling in another class: class Stuff { var $myObj; function Stuff($myObj) { $this->myObj = $myObj; } function doStuff() { print_r(get_class_methods($this->myObj)); print_r("

"); print_r($this->myObj->name . "

"); print_r($this->myObj->getName() . "

"); } } The first "print_r" works just fine and shows a "getName" method in the array of methods for object $this->myObj. The second "print_r" works just fine and shows the property value that was set in a prior $whateverObjName->setName('Whatever'); the value comes up as "Whatever". BUT the third print_r throws a nasty error "Member function called on a non-object". What happened? How did it turn from being a legitimate object to a NON-object in one line? Could someone with some class experience point me in the right direction as far as using "getter" functions of one object inside another object function? Confused. Thanx Phil -------------------------------------------------------------------- mail2web - Check your email from the web at http://mail2web.com/ . From soazine at pop.erols.com Mon Oct 27 14:45:24 2003 From: soazine at pop.erols.com (soazine at pop.erols.com) Date: Mon, 27 Oct 2003 14:45:24 -0500 Subject: [nycphp-talk] addition to method/property/class problem Message-ID: <157240-2200310127194524740@M2W057.mail2web.com> PHP version 4.1 in Linux Red Hat 9 with Apache ??? name = ''; $this->arrayMandatoryAmountType = ''; // DEFAULT TO NULL $this->validArrayErr = $emptyErr; // DEFAULT TO SAME ERROR MSG AS EMPTY ERR MSG $this->assocIndex = 0; // DEFAULT TO 0 WILL BE USED AS INDEX KEY FOR CONVERTING ERR ARRAY (IF INDICATED) TO ASSOCIATIVE $this->erroredArrayAssocIndexArray = array(); return true; } function getErroredArrayAssocIndex($key) { return $this->erroredArrayAssocIndexArray[$key]; } function getEmptyErr() { if ($this->getIsAssoc()) return $this->emptyErr . '~IsAssoc~' . str_replace('~', '~', $this->getErroredArrayAssocIndex($this->name)); return $this->emptyErr; } function getIsAssoc() { return $this->isAssoc; } function getMandatory() { return $this->mandatory; } function getMaxLength() { return $this->maxLength; } function getMaxLengthErr() { if ($this->getIsAssoc()) return $this->emptyErr . '~IsAssoc~' . str_replace('~', '~', $this->getErroredArrayAssocIndex($this->name)); return $this->maxLengthErr; } function getMinLength() { return $this->minLength; } function getMinLengthErr() { if ($this->getIsAssoc()) return $this->emptyErr . '~IsAssoc~' . str_replace('~', '~', $this->getErroredArrayAssocIndex($this->name)); return $this->minLengthErr; } function getName() { return $this->name; } function getPattern() { return $this->pattern; } function getPatternErr() { if ($this->getIsAssoc()) return $this->emptyErr . '~IsAssoc~' . str_replace('~', '~', $this->getErroredArrayAssocIndex($this->name)); return $this->patternErr; } function getValidArray() { return $this->arrayMandatoryAmountType; } function getValidArrayErr() { if ($this->getIsAssoc()) return $this->emptyErr . '~IsAssoc~' . str_replace('~', '~', $this->getErroredArrayAssocIndex($this->name)); return $this->validArrayErr; } function setErroredArrayAssocIndex($arrayName, $assocIndex) { $this->erroredArrayAssocIndexArray = $this->erroredArrayAssocIndexArray + array($arrayName => $assocIndex); } function setIsAssoc($isAssoc) { $this->isAssoc = $isAssoc; } function setMandatory($mandatory,$emptyErr) { $this->mandatory = $mandatory; $this->emptyErr = $emptyErr; } function setMaxLength($maxLength,$maxLengthErr) { $this->maxLength = $maxLength; $this->maxLengthErr = $maxLengthErr; } function setMinLength($minLength,$minLengthErr) { $this->minLength = $minLength; $this->minLengthErr = $minLengthErr; } function setName($name) { $this->name = $name; } function setPattern($pattern,$patternErr) { $this->pattern = $pattern; $this->patternErr = $patternErr; } function setValidArray($arrayMandatoryAmountType,$validArrayErr) { $this->arrayMandatoryAmountType = $arrayMandatoryAmountType; $this->validArrayErr = $validArrayErr; } } class FormValidator { var $validator, $errors, $isValid; var $post, $errorMsgObjArray, $dateFormfieldsArray; function FormValidator($post, $errorMsgObjArray, $dateFormFieldsArray = array()) { $this->validator = null; $this->errors = array(); $this->isValid = true; $this->post = $post; $this->errorMsgObjArray = $errorMsgObjArray; $this->dateFormFieldsArray = $dateFormFieldsArray; } function getErrorArray() { return $this->errors; } function isValid() { foreach ($this->errorMsgObjArray as $key => $val) { $name = $val->name; print_r($name . "

"); } return $this->isValid; } } ?> -------------------------------------------------------------------- mail2web - Check your email from the web at http://mail2web.com/ . From jim at cultzero.com Mon Oct 27 17:53:56 2003 From: jim at cultzero.com (Jim Smith) Date: Mon, 27 Oct 2003 17:53:56 -0500 (EST) Subject: [nycphp-talk] Passing Arrays Message-ID: With PERL, if passing two arrays to a subroutine the arrays should be passed as references to ensure their integrity. Should this also be applied with PHP? From danielc at analysisandsolutions.com Tue Oct 28 09:50:26 2003 From: danielc at analysisandsolutions.com (Analysis & Solutions) Date: Tue, 28 Oct 2003 09:50:26 -0500 Subject: [nycphp-talk] Passing Arrays In-Reply-To: References: Message-ID: <20031028145026.GA4826@panix.com> Hi Jim: On Mon, Oct 27, 2003 at 05:53:56PM -0500, Jim Smith wrote: > With PERL, if passing two arrays to a subroutine the arrays should be > passed as references to ensure their integrity. > > Should this also be applied with PHP? Just curious, are you delcaring the function with arguments, or are you grabbing them via func_get_args()? Either way, I don't believe you HAVE to. Are you changing data in either of those arrays inside the function? If so, then passing by reference is more efficient. Lata, --Dan -- FREE scripts that make web and database programming easier http://www.analysisandsolutions.com/software/ T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y 4015 7th Ave #4AJ, Brooklyn NY v: 718-854-0335 f: 718-854-0409 From dmintz at davidmintz.org Tue Oct 28 12:33:47 2003 From: dmintz at davidmintz.org (David Mintz) Date: Tue, 28 Oct 2003 12:33:47 -0500 (EST) Subject: [nycphp-talk] Passing Arrays In-Reply-To: <20031028145026.GA4826@panix.com> References: <20031028145026.GA4826@panix.com> Message-ID: On Tue, 28 Oct 2003, Analysis & Solutions wrote: > Hi Jim: > > On Mon, Oct 27, 2003 at 05:53:56PM -0500, Jim Smith wrote: > > With PERL, if passing two arrays to a subroutine the arrays should be > > passed as references to ensure their integrity. > > Oh, you mean so they don't get flattened into a single list. > > Should this also be applied with PHP? > > Just curious, are you delcaring the function with arguments, or are you > grabbing them via func_get_args()? > > Either way, I don't believe you HAVE to. > > Are you changing data in either of those arrays inside the function? If > so, then passing by reference is more efficient. > Is it not so that PHP -- I'm gonna try to say this intelligibly -- doesn't actually copy data that is passed-by-value unless and until you change it inside the function? So pass-by-reference isn't necessary unless it's what you really mean. Stated differently, passing by reference just for the sake of saving memory doesn't save memory. True? --- David Mintz http://davidmintz.org/ Email: See http://dmintzweb.com/whitelist.php first! "Anybody else got a problem with Webistics?" Sopranos 24:17 From dmintz at davidmintz.org Tue Oct 28 12:35:09 2003 From: dmintz at davidmintz.org (David Mintz) Date: Tue, 28 Oct 2003 12:35:09 -0500 (EST) Subject: [nycphp-talk] class method name exists, class property exists, calling method fails In-Reply-To: <184670-2200310127193532944@M2W074.mail2web.com> References: <184670-2200310127193532944@M2W074.mail2web.com> Message-ID: On Mon, 27 Oct 2003, soazine at pop.erols.com wrote: > I have a class object I am calling in another class: You have to assign it by reference. --- David Mintz http://davidmintz.org/ Email: See http://dmintzweb.com/whitelist.php first! "Anybody else got a problem with Webistics?" Sopranos 24:17 From rob at nyc.yamaha.com Tue Oct 28 13:13:35 2003 From: rob at nyc.yamaha.com (Robert Redcay) Date: Tue, 28 Oct 2003 13:13:35 -0500 Subject: [nycphp-talk] Passing Arrays In-Reply-To: References: <20031028145026.GA4826@panix.com> Message-ID: <3F9EB1CF.6020005@nyc.yamaha.com> David Mintz wrote: >Is it not so that PHP -- I'm gonna try to say this intelligibly -- >doesn't actually copy data that is passed-by-value unless and until you >change it inside the function? So pass-by-reference isn't necessary unless >it's what you really mean. Stated differently, passing by reference just >for the sake of saving memory doesn't save memory. True? > > David, This is the impression that I was under as well. What I'm worried about is passing objects. Are they not copied until they are changed inside the function? Thanks, Rob Redcay From soazine at pop.erols.com Tue Oct 28 13:24:35 2003 From: soazine at pop.erols.com (soazine at pop.erols.com) Date: Tue, 28 Oct 2003 13:24:35 -0500 Subject: [nycphp-talk] class method name exists, class property exists, calling method fails Message-ID: <191690-2200310228182435605@M2W058.mail2web.com> I believe I am doing the reference assignment: $var =& new MyClass; The identical code still fails on one site and works on two others.. the site it fails is Red Hat 9, Apache 1.3 and PHP 4.1.3. The others range from PHP 4.0.3 to PHP 4.1.2 Phil Original Message: ----------------- From: David Mintz dmintz at davidmintz.org Date: Tue, 28 Oct 2003 12:35:09 -0500 (EST) To: soazine at erols.com, talk at lists.nyphp.org Subject: Re: [nycphp-talk] class method name exists, class property exists,calling method fails On Mon, 27 Oct 2003, soazine at pop.erols.com wrote: > I have a class object I am calling in another class: You have to assign it by reference. --- David Mintz http://davidmintz.org/ Email: See http://dmintzweb.com/whitelist.php first! "Anybody else got a problem with Webistics?" Sopranos 24:17 -------------------------------------------------------------------- mail2web - Check your email from the web at http://mail2web.com/ . From jonbaer at jonbaer.net Tue Oct 28 13:44:12 2003 From: jonbaer at jonbaer.net (jon baer) Date: Tue, 28 Oct 2003 13:44:12 -0500 Subject: [nycphp-talk] Determing custom object types ... Message-ID: <001901c39d83$7cfba8d0$6400a8c0@thinkpad> i am kinda stuck on what exact method to use ... it involves a plug-in like related class in which i need to determine if the object is actually that type of object ... i had been thinking is_scalar($obj) would be ok but is there a better way to compare? what would be a better way to accomplish this would be to use something that can actually compare (as example): $myObj = new MyObject(); if (is_object($myObj, gettype($myObj))) { ... } this wont get an exact type (should return "object") ... but basically i want to know if you can do something like this ficticious method to determine object equality. (coming from java where everything is an object to begin with). - jon pgp key: http://www.jonbaer.net/jonbaer.asc fingerprint: F438 A47E C45E 8B27 F68C 1F9B 41DB DB8B 9A0C AF47 From dmintz at davidmintz.org Tue Oct 28 13:48:42 2003 From: dmintz at davidmintz.org (David Mintz) Date: Tue, 28 Oct 2003 13:48:42 -0500 (EST) Subject: [nycphp-talk] Passing Arrays In-Reply-To: <3F9EB1CF.6020005@nyc.yamaha.com> References: <20031028145026.GA4826@panix.com> <3F9EB1CF.6020005@nyc.yamaha.com> Message-ID: On Tue, 28 Oct 2003, Robert Redcay wrote: > > > David Mintz wrote: > > >Is it not so that PHP -- I'm gonna try to say this intelligibly -- > >doesn't actually copy data that is passed-by-value unless and until you > >change it inside the function? So pass-by-reference isn't necessary unless > >it's what you really mean. Stated differently, passing by reference just > >for the sake of saving memory doesn't save memory. True? > > > > > David, > This is the impression that I was under as well. > What I'm worried about is passing objects. Are they not copied until > they are changed inside the function? I would imagine so but you ought to ask a guru (-: In any case, if you want forward-compatibility with PHP 5, you should not count on objects being passed/assigned by value automatically. --- David Mintz http://davidmintz.org/ Email: See http://dmintzweb.com/whitelist.php first! "Anybody else got a problem with Webistics?" Sopranos 24:17 From andrew at digitalpulp.com Tue Oct 28 14:10:33 2003 From: andrew at digitalpulp.com (Andrew Yochum) Date: Tue, 28 Oct 2003 14:10:33 -0500 Subject: [nycphp-talk] Determing custom object types ... In-Reply-To: <001901c39d83$7cfba8d0$6400a8c0@thinkpad> References: <001901c39d83$7cfba8d0$6400a8c0@thinkpad> Message-ID: <20031028191026.GB7036@thighmaster.digitalpulp.com> On Tue, Oct 28, 2003 at 01:44:12PM -0500, jon baer wrote: > $myObj = new MyObject(); > if (is_object($myObj, gettype($myObj))) { > ... > } > > this wont get an exact type (should return "object") ... but basically i > want to know if you can do something like this ficticious method to > determine object equality. (coming from java where everything is an object > to begin with). Try: $myObj = new MyObject(); if (is_a($myObj,'myobject')) { ... } There are also the other class/object functions that may help such as get_class, method_exists and is_subclass_of. See: http://www.php.net/manual/en/ref.classobj.php HTH, Andrew -- Andrew Yochum Digital Pulp, Inc. 212.679.0676x255 andrew at digitalpulp.com From hans at nyphp.org Tue Oct 28 14:28:21 2003 From: hans at nyphp.org (Hans Zaunere) Date: Tue, 28 Oct 2003 14:28:21 -0500 Subject: [nycphp-talk] Passing Arrays In-Reply-To: References: <20031028145026.GA4826@panix.com> Message-ID: <3F9EC355.7040302@nyphp.org> David Mintz wrote: > On Tue, 28 Oct 2003, Analysis & Solutions wrote: > > >>Hi Jim: >> >>On Mon, Oct 27, 2003 at 05:53:56PM -0500, Jim Smith wrote: >> >>>With PERL, if passing two arrays to a subroutine the arrays should be >>>passed as references to ensure their integrity. I'm not sure what 'integrity' means exactly in this case. >>>Should this also be applied with PHP? So I'm going to answer "no" here. If integrity means "not copying the data the array contains" then you don't need to use the ampsersand (which is actually an alias, not a reference). See caveat below. >>Just curious, are you delcaring the function with arguments, or are you >>grabbing them via func_get_args()? >> >>Either way, I don't believe you HAVE to. >> >>Are you changing data in either of those arrays inside the function? If >>so, then passing by reference is more efficient. > > Is it not so that PHP -- I'm gonna try to say this intelligibly -- > doesn't actually copy data that is passed-by-value unless and until you > change it inside the function? So pass-by-reference isn't necessary unless > it's what you really mean. Stated differently, passing by reference just > for the sake of saving memory doesn't save memory. True? PHP uses "copy-on-write." When you pass a variable into a function, the function gets a reference to the variable, and the contents are not copied. They are, however, copied if you decide to write/change that variable in any way within the function. If you want to avoid this "copying-on-write", ie. want to change the variable that is outside the scope of the function, you need to use an alias by specifying an ampersand in the function's prototype. This *does not* apply to objects - they are copied all over the place, which is why PHP 5 will be a big improvement for those heavy OO developers out there. H From jonbaer at jonbaer.net Tue Oct 28 14:30:50 2003 From: jonbaer at jonbaer.net (jon baer) Date: Tue, 28 Oct 2003 14:30:50 -0500 Subject: [nycphp-talk] Determing custom object types ... References: <001901c39d83$7cfba8d0$6400a8c0@thinkpad> <20031028191026.GB7036@thighmaster.digitalpulp.com> Message-ID: <000501c39d89$feca0a40$6400a8c0@thinkpad> exactly what i needed ... thank you ... - jon > Try: > $myObj = new MyObject(); > if (is_a($myObj,'myobject')) { From hans at nyphp.org Tue Oct 28 14:52:05 2003 From: hans at nyphp.org (Hans Zaunere) Date: Tue, 28 Oct 2003 14:52:05 -0500 Subject: [nycphp-talk] addition to method/property/class problem In-Reply-To: <157240-2200310127194524740@M2W057.mail2web.com> References: <157240-2200310127194524740@M2W057.mail2web.com> Message-ID: <3F9EC8E5.2040004@nyphp.org> Phil, soazine at pop.erols.com wrote: > PHP version 4.1 in Linux Red Hat 9 with Apache ??? > > class ErrorMsgCollection { [snip] When there is a lot of code to display, please include it as an attachment, or include a link that lists the code. Having it inline in the mail message makes it difficult to read and understand the code. If anyone would use it, we can setup a code post webpage so that it can easily be referred to and syntax highlighted. Thanks, Hans From gw.nyphp at gwprogramming.com Tue Oct 28 15:08:37 2003 From: gw.nyphp at gwprogramming.com (George Webb) Date: Tue, 28 Oct 2003 15:08:37 -0500 Subject: [nycphp-talk] Passing Arrays Message-ID: <20031028150837.I3468@vtbear.com> Hi all. Just another too sense: In case it's not already obvious, PHP doesn't "flatten" multiple arrays into a single array in a function argument list. E.g. you can send three different arrays to a function and they will each remain independent. Regarding passing references versus values for arguments, I recall hearing from an expert at last year's PHPCON (West) that passing references (instead of values) doesn't really save memory. (David Mintz began saying this already....) I believe this is because PHP's internal copying of an array is so efficient. However, I would assume that this is only true for arrays that are not "huge"... if you want to pass a "huge" array to a function, I believe it would be better to pass a reference instead of the regular way. What constitutes "huge" is probably hard to determine exactly. I would guess maybe an array larger than a megabyte or so. Also, you can conveniently specify pass-by-reference in either the call to the function or in the function's declaration. Best, George. George Webb gw.nyphp at gwprogramming.com From bpang at bpang.com Wed Oct 29 09:32:37 2003 From: bpang at bpang.com (Brian Pang) Date: Wed, 29 Oct 2003 09:32:37 -0500 Subject: [nycphp-talk] Fw: Delivery failure to pjmatthews@gotojml.com Message-ID: Am I the only one getting these bounces from "ancient" posts to the list? grrr ------------- Forwarded message follows ------------- Delivery was attempted, but failed because: 550 No Acceptable Recipients [snipped] From alexander_chan at yahoo.com Wed Oct 29 09:58:18 2003 From: alexander_chan at yahoo.com (Alexander Chan) Date: Wed, 29 Oct 2003 06:58:18 -0800 (PST) Subject: [nycphp-talk] last nights presentation Message-ID: <20031029145818.3434.qmail@web11605.mail.yahoo.com> hi, i would like to know if there are links to last nights presentation. alex From dkrook at hotmail.com Wed Oct 29 09:59:49 2003 From: dkrook at hotmail.com (D C Krook) Date: Wed, 29 Oct 2003 09:59:49 -0500 Subject: [nycphp-talk] Posted code with source highlighting. (was: addition to method...) Message-ID: >If anyone would use it, we can setup a code post webpage so that it [code >with problems] >can easily be referred to and syntax highlighted. I think this is a great idea. If possible it would also be nice to see line numbers and attach annotations as well. I stop short of volunteering to build it myself, but this would be a great resource and reduce the file sizes of messages passed around on the list. :) -Dan _________________________________________________________________ Add photos to your e-mail with MSN 8. Get 2 months FREE*. http://join.msn.com/?page=features/featuredemail From dkrook at hotmail.com Wed Oct 29 10:09:50 2003 From: dkrook at hotmail.com (D C Krook) Date: Wed, 29 Oct 2003 10:09:50 -0500 Subject: [nycphp-talk] last nights presentation Message-ID: http://putamare.net/GDintro/ >i would like to know if there are links to last nights >presentation. _________________________________________________________________ Help STOP SPAM with the new MSN 8 and get 2 months FREE* http://join.msn.com/?page=features/junkmail From tgales at tgaconnect.com Wed Oct 29 10:19:07 2003 From: tgales at tgaconnect.com (Tim Gales) Date: Wed, 29 Oct 2003 10:19:07 -0500 Subject: [nycphp-talk] Posted code with source highlighting. (was: additionto method...) In-Reply-To: Message-ID: <000501c39e2f$ff3af010$bf8d3818@oberon1> In the meantime, couldn't a person post code on the bulletin board (forum) And refer to it via a link T. Gales & Associates Helping People Connect with Technology http://www.tgaconnect.com -----Original Message----- From: talk-bounces at lists.nyphp.org [mailto:talk-bounces at lists.nyphp.org] On Behalf Of D C Krook Sent: Wednesday, October 29, 2003 10:00 AM To: talk at lists.nyphp.org Subject: [nycphp-talk] Posted code with source highlighting. (was: additionto method...) >If anyone would use it, we can setup a code post webpage so that it >[code >with problems] >can easily be referred to and syntax highlighted. I think this is a great idea. If possible it would also be nice to see line numbers and attach annotations as well. I stop short of volunteering to build it myself, but this would be a great resource and reduce the file sizes of messages passed around on the list. :) -Dan ____________________________________________________________ _____ Add photos to your e-mail with MSN 8. Get 2 months FREE*. http://join.msn.com/?page=features/featuredemail _______________________________________________ talk mailing list talk at lists.nyphp.org http://lists.nyphp.org/mailman/listinfo/talk From mjdewitt at alexcommgrp.com Wed Oct 29 10:18:51 2003 From: mjdewitt at alexcommgrp.com (DeWitt, Michael) Date: Wed, 29 Oct 2003 10:18:51 -0500 Subject: [nycphp-talk] last night's presentation Message-ID: I really enjoyed both Andrew and Jeff's presentations last night. But I was totally blown away by Jeff's presentation in that he, in essence, created online documention of the GD functions through working examples. His work is the best resource for GD I have seen. Mike From andrew at digitalpulp.com Wed Oct 29 10:57:37 2003 From: andrew at digitalpulp.com (Andrew Yochum) Date: Wed, 29 Oct 2003 10:57:37 -0500 Subject: [nycphp-talk] last nights presentation In-Reply-To: <20031029145818.3434.qmail@web11605.mail.yahoo.com> References: <20031029145818.3434.qmail@web11605.mail.yahoo.com> Message-ID: <20031029155729.GJ7036@thighmaster.digitalpulp.com> http://idlinguser.com/phptal/ On Wed, Oct 29, 2003 at 06:58:18AM -0800, Alexander Chan wrote: > hi, > > i would like to know if there are links to last nights > presentation. > > alex > _______________________________________________ > talk mailing list > talk at lists.nyphp.org > http://lists.nyphp.org/mailman/listinfo/talk -- Andrew Yochum Digital Pulp, Inc. 212.679.0676x255 andrew at digitalpulp.com From jsiegel1 at optonline.net Wed Oct 29 11:18:37 2003 From: jsiegel1 at optonline.net (Jeff Siegel) Date: Wed, 29 Oct 2003 11:18:37 -0500 Subject: [nycphp-talk] Fw: Delivery failure to pjmatthews@gotojml.com In-Reply-To: Message-ID: <000e01c39e38$4f1b6b20$6401a8c0@EZDSDELL> Nope. Got about 15 of them this morning. Jeff Siegel -----Original Message----- From: talk-bounces at lists.nyphp.org [mailto:talk-bounces at lists.nyphp.org] On Behalf Of Brian Pang Sent: Wednesday, October 29, 2003 9:33 AM To: talk at lists.nyphp.org Subject: [nycphp-talk] Fw: Delivery failure to pjmatthews at gotojml.com Am I the only one getting these bounces from "ancient" posts to the list? grrr ------------- Forwarded message follows ------------- Delivery was attempted, but failed because: 550 No Acceptable Recipients [snipped] _______________________________________________ talk mailing list talk at lists.nyphp.org http://lists.nyphp.org/mailman/listinfo/talk From jeffknight at mac.com Wed Oct 29 11:32:04 2003 From: jeffknight at mac.com (PUTAMARE) Date: Wed, 29 Oct 2003 11:32:04 -0500 Subject: [nycphp-talk] last nights presentation In-Reply-To: Message-ID: <6DFB8460-0A2D-11D8-9F4C-000393B9FB36@mac.com> On Wednesday, October 29, 2003, at 10:09 AM, D C Krook wrote: > http://putamare.net/GDintro/ It won't be there long. As soon as hans upgrades the libraries on nyphp.org, it will be in the presentations section. Jeff Knight jeff not junkmail at lushmedia.com 212/213-6558 x 203 LUSH media 110 W 40th St #1502 New York, NY 10018 From dmintz at davidmintz.org Wed Oct 29 11:44:55 2003 From: dmintz at davidmintz.org (David Mintz) Date: Wed, 29 Oct 2003 11:44:55 -0500 (EST) Subject: [nycphp-talk] Posted code with source highlighting. (was: addition to method...) In-Reply-To: References: Message-ID: Hmm, this sounds like something yours truly might be qualified to help out with. On Wed, 29 Oct 2003, D C Krook wrote: > >If anyone would use it, we can setup a code post webpage so that it [code > >with problems] > >can easily be referred to and syntax highlighted. > > I think this is a great idea. If possible it would also be nice to see line > numbers and attach annotations as well. > > I stop short of volunteering to build it myself, but this would be a great > resource and reduce the file sizes of messages passed around on the list. > :) > --- David Mintz http://davidmintz.org/ Email: See http://dmintzweb.com/whitelist.php first! "Anybody else got a problem with Webistics?" Sopranos 24:17 From agfische at email.smith.edu Wed Oct 29 11:47:47 2003 From: agfische at email.smith.edu (Aaron Fischer) Date: Wed, 29 Oct 2003 11:47:47 -0500 Subject: [nycphp-talk] Fw: Delivery failure to pjmatthews@gotojml.com In-Reply-To: <000e01c39e38$4f1b6b20$6401a8c0@EZDSDELL> Message-ID: I'm getting all of them as well. -A On Wednesday, October 29, 2003, at 11:18 AM, Jeff Siegel wrote: > Am I the only one getting these bounces from "ancient" posts to the > list? > grrr From danielc at analysisandsolutions.com Wed Oct 29 13:11:46 2003 From: danielc at analysisandsolutions.com (Analysis & Solutions) Date: Wed, 29 Oct 2003 13:11:46 -0500 Subject: [nycphp-talk] Fw: Delivery failure to pjmatthews@gotojml.com In-Reply-To: References: Message-ID: <20031029181146.GA28447@panix.com> Hi Brian: On Wed, Oct 29, 2003 at 09:32:37AM -0500, Brian Pang wrote: > Am I the only one getting these bounces from "ancient" posts to the list? I'm not anymore. I put a rule in my mail filters to send them to /dev/null I love procmail! --Dan -- FREE scripts that make web and database programming easier http://www.analysisandsolutions.com/software/ T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y 4015 7th Ave #4AJ, Brooklyn NY v: 718-854-0335 f: 718-854-0409 From evan.heller at alum.rpi.edu Wed Oct 29 14:18:55 2003 From: evan.heller at alum.rpi.edu (Evan Heller) Date: Wed, 29 Oct 2003 14:18:55 -0500 Subject: [nycphp-talk] php evite? Message-ID: <002f01c39e51$7fcbfb40$6501a8c0@palacenew> Is there any php evite like software out there? I'm curious about setting up my own evite system. -Evan From cmerlo at ncc.edu Wed Oct 29 14:31:32 2003 From: cmerlo at ncc.edu (Christopher R. Merlo) Date: Wed, 29 Oct 2003 14:31:32 -0500 Subject: [nycphp-talk] php evite? In-Reply-To: <002f01c39e51$7fcbfb40$6501a8c0@palacenew> References: <002f01c39e51$7fcbfb40$6501a8c0@palacenew> Message-ID: <20031029193132.GA5727@ncc.edu> On 2003-10-29 14:18 -0500, Evan Heller wrote: > Is there any php evite like software out there? I'm curious about > setting up my own evite system. Do what I usually do: write it anyway. If the tool already exists, then you've provided (more) competition. If it doesn't already exist, then you've filled a gap. Either way, it's a chance for you to work on your problem-solving and coding skills, on a project that you're motivated to finish. Motivation doesn't come knocking every day. Sometimes you want to code, but you can't think of any problems to solve. This, however, sounds like a cool problem to solve. -- cmerlo at ncc.edu http://turing.matcmp.ncc.edu/~cmerlo Smoking is one of the leading causes of statistics. - Fletcher Knebel -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 232 bytes Desc: not available URL: From soazine at pop.erols.com Wed Oct 29 15:36:03 2003 From: soazine at pop.erols.com (soazine at pop.erols.com) Date: Wed, 29 Oct 2003 15:36:03 -0500 Subject: [nycphp-talk] Posted on NYPHP Forum (also problem with forum) Message-ID: <119420-2200310329203636@M2W047.mail2web.com> To save you all the agony of a huge block of code I posted it here: http://forums.nyphp.org/index.php?act=ST&f=2&t=42 I also noticed that the date on the forums is incorrect for Daylight Standard; it lists my post time as 4:33pm instead of 3:33pm. Phil -------------------------------------------------------------------- mail2web - Check your email from the web at http://mail2web.com/ . From danielc at analysisandsolutions.com Wed Oct 29 18:23:47 2003 From: danielc at analysisandsolutions.com (Analysis & Solutions) Date: Wed, 29 Oct 2003 18:23:47 -0500 Subject: [nycphp-talk] you know what from you know where... Message-ID: <20031029232346.GA8407@panix.com> PHP stuff from SecurityFocus Newsletter #220 GoldLink Cookie SQL Injection Vulnerability http://www.securityfocus.com/bid/8847 PHP-Nuke Search Field Path Disclosure Vulnerability http://www.securityfocus.com/bid/8848 Geeklog Forgot Password SQL Injection Vulnerability http://www.securityfocus.com/bid/8849 Bytehoard File Disclosure Vulnerability http://www.securityfocus.com/bid/8850 CPCommerce Functions Remote File Include Vulnerability http://www.securityfocus.com/bid/8851 DeskPro Multiple SQL Injection Vulnerabilities http://www.securityfocus.com/bid/8856 Enjoy, --Dan -- FREE scripts that make web and database programming easier http://www.analysisandsolutions.com/software/ T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y 4015 7th Ave #4AJ, Brooklyn NY v: 718-854-0335 f: 718-854-0409 From myersm at optonline.net Wed Oct 29 23:24:14 2003 From: myersm at optonline.net (Michael Myers) Date: Wed, 29 Oct 2003 23:24:14 -0500 Subject: [nycphp-talk] Handling MySQL result sets Message-ID: As a newbie, I find it a little surprising that the mysql_fetch_() functions don't have a variant where any row of a result set is directly accessible via an associative array. I am sure many users encounter query results where some column is guaranteed to have a unique value (eg. primary key), and could be used as a key in a PHP array of arrays. Instead, one must always proceed through the query result row-by-row. There are so many different array capabilities in PHP, I wonder if I'm taking a reasonable course or if I haven't overlooked something. I have two MySQL result sets to handle when rendering a web page. One contains a set of Topics, each with one or more identifiers that point to relevant information. The other result set contains the information for each identifier. I render the page according the alphabetical order of the topics. I dealt that within the SQL query. In order to directly access the data for each identifier and speed things up, I built an index where the key is the identifier and the value is the row number in the result object. It seemed less memory intensive to create a simple index rather than create a "keyed" version of the result object. (It also wasn't clear if I could directly modify the result object while looping through it). Here's a snippet of my approach: // get the record of information for each identifier (pmid). $sql = 'SELECT pmid, doi, pii, pst, volume, issue, page, source, title, authors, affiliation FROM articles WHERE pmid IN ' . $pmid_set . 'ORDER BY pmid DESC'; $refs = mysql_db_query("autolit", $sql); // pmid is a unique identifier to a record of information $pmid_index = array(); $cnt = mysql_numrows($refs); for ($i = 0; $i < $cnt; $i++) { mysql_data_seek($refs, $i); $row = mysql_fetch_row($refs); $curr_pmid = $row['pmid']; $pmid_index[$curr_pmid] = $i; } reset($refs); // now, while looping through the rows of the Topics result set... $topic_name = $row['name']; $pmid = $row['pmid']; // use the index to find details for current pmid mysql_data_seek($refs, $pmid_index[$pmid]); $details = mysql_fetch_row($refs); $source = $details['source']; $title = $details['title']; $authors = $details['authors']; etc... From csnyder at chxo.com Wed Oct 29 23:40:14 2003 From: csnyder at chxo.com (Chris Snyder) Date: Wed, 29 Oct 2003 23:40:14 -0500 Subject: [nycphp-talk] Handling MySQL result sets In-Reply-To: References: Message-ID: <3FA0962E.40707@chxo.com> It's easier than you think-- here's how I'd do it: $query = "SELECT * FROM articles WHERE blah blah blah ORDER BY pmid DESC'; $result = mysql_query($query); if ( !$result ) { exit( "Database error on query: $query -- ".mysql_error() ); } $records = array(); while ( $array = mysql_fetch_assoc($result) ){ $records[$array['pmid']] = $array; } And that's it -- that will give you an array $records, which is an array of associative arrays matching the records in the result set, keyed on pmid. Arguably, it's still not as simple as $array = db_fetch_result_set($query); -- but then, there's nothing stopping you from writing that function and using it throughout your code. csnyder Michael Myers wrote: > > As a newbie, I find it a little surprising that the mysql_fetch_() > functions don't have a variant where any row of a result set is > directly accessible via an associative array. > > I am sure many users encounter query results where some column is > guaranteed to have a unique value (eg. primary key), and could be used > as a key in a PHP array of arrays. Instead, one must always proceed > through the query result row-by-row. > > There are so many different array capabilities in PHP, I wonder if I'm > taking a reasonable course or if I haven't overlooked something. I > have two MySQL result sets to handle when rendering a web page. One > contains a set of Topics, each with one or more identifiers that point > to relevant information. The other result set contains the information > for each identifier. > > I render the page according the alphabetical order of the topics. I > dealt that within the SQL query. In order to directly access the data > for each identifier and speed things up, I built an index where the > key is the identifier and the value is the row number in the result > object. It seemed less memory intensive to create a simple index > rather than create a "keyed" version of the result object. (It also > wasn't clear if I could directly modify the result object while > looping through it). > > Here's a snippet of my approach: > > // get the record of information for each identifier (pmid). > $sql = 'SELECT pmid, doi, pii, pst, volume, issue, page, source, > title, authors, affiliation > FROM articles > WHERE pmid IN ' . $pmid_set . 'ORDER BY pmid DESC'; > > $refs = mysql_db_query("autolit", $sql); > > // pmid is a unique identifier to a record of information > $pmid_index = array(); > $cnt = mysql_numrows($refs); > for ($i = 0; $i < $cnt; $i++) { > mysql_data_seek($refs, $i); > $row = mysql_fetch_row($refs); > $curr_pmid = $row['pmid']; > $pmid_index[$curr_pmid] = $i; > } > reset($refs); > > // now, while looping through the rows of the Topics result set... > > $topic_name = $row['name']; > $pmid = $row['pmid']; > > // use the index to find details for current pmid > mysql_data_seek($refs, $pmid_index[$pmid]); > $details = mysql_fetch_row($refs); > > $source = $details['source']; > $title = $details['title']; > $authors = $details['authors']; > etc... > > _______________________________________________ > talk mailing list > talk at lists.nyphp.org > http://lists.nyphp.org/mailman/listinfo/talk From bpang at bpang.com Wed Oct 29 23:50:08 2003 From: bpang at bpang.com (Brian Pang) Date: Wed, 29 Oct 2003 23:50:08 -0500 Subject: [nycphp-talk] regarding mySQL (was: Handling MySQL result sets) Message-ID: anyone in favor of nyphp also having a mysql, or just sql or databases in general for that matter, mailing list ala front-end, jobs, etc? I've stopped myself short a few times over the last week of posting questions here (obviously, it would be OT), but have really wanted to as this is and has been one of the most helpful programming communities I've ever seen. ??? From myersm at optonline.net Wed Oct 29 23:54:45 2003 From: myersm at optonline.net (Michael Myers) Date: Wed, 29 Oct 2003 23:54:45 -0500 Subject: [nycphp-talk] Handling MySQL result sets In-Reply-To: <3FA0962E.40707@chxo.com> Message-ID: <2ED27793-0A95-11D8-9744-0050E4A02242@optonline.net> On Wednesday, October 29, 2003, at 11:40 PM, Chris Snyder wrote: > $records = array(); > while ( $array = mysql_fetch_assoc($result) ){ > $records[$array['pmid']] = $array; > } Yikes! I *did* miss the obvious. I was making it harder than necessary when I tried to build the keyed array: $details = array(); $the_keys = array('doi', 'pii', 'pst', 'volume', 'issue', 'page', 'source', 'title', 'authors', 'affiliation'); while ($row = mysql_fetch_array($refs)) { $details['pmid'] = array(); foreach ($the_keys as $key) { array_push($details['pmid'], $key => $row[$key]); } } Thanks for the tip. --mpm From csnyder at chxo.com Thu Oct 30 00:13:48 2003 From: csnyder at chxo.com (Chris Snyder) Date: Thu, 30 Oct 2003 00:13:48 -0500 Subject: [nycphp-talk] regarding mySQL (was: Handling MySQL result sets) In-Reply-To: References: Message-ID: <3FA09E0C.1070100@chxo.com> Brian Pang wrote: >I've stopped myself short a few times over the last week of posting >questions here > > No way, man, bring it on -- just keep it brief, keep it smart, and don't forget to answer questions as well as ask them. SQL is at the heart of what most of us do with PHP, after all. csnyder From adam at trachtenberg.com Thu Oct 30 01:14:53 2003 From: adam at trachtenberg.com (Adam Maccabee Trachtenberg) Date: Thu, 30 Oct 2003 01:14:53 -0500 (EST) Subject: [nycphp-talk] Handling MySQL result sets In-Reply-To: References: Message-ID: On Wed, 29 Oct 2003, Michael Myers wrote: > I have two MySQL result sets to handle when rendering a web > page. One contains a set of Topics, each with one or more > identifiers that point to relevant information. The other result set > contains the information for each identifier. > I render the page according the alphabetical order of the topics. I > dealt that within the SQL query. In order to directly access the data > for each identifier and speed things up, I built an index where the key > is the identifier and the value is the row number in the result object. The "best" solution is probably for you to do some sort of SQL JOIN here. This will condense the two result sets into one. Or am I misunderstanding what's going on here? I guess it depends upon the size of your keyed information and how (un)common it is. -adam -- adam at trachtenberg.com author of o'reilly's php cookbook avoid the holiday rush, buy your copy today! From myersm at optonline.net Thu Oct 30 06:18:54 2003 From: myersm at optonline.net (Michael Myers) Date: Thu, 30 Oct 2003 06:18:54 -0500 Subject: [nycphp-talk] Handling MySQL result sets In-Reply-To: Message-ID: On Thursday, October 30, 2003, at 01:14 AM, Adam Maccabee Trachtenberg wrote: > The "best" solution is probably for you to do some sort of SQL JOIN > here. This will condense the two result sets into one. Or am I > misunderstanding what's going on here? I guess it depends upon the > size of your keyed information and how (un)common it is. Yes, in principle that would be best. It also seems best to minimize the total number of SQL queries when generating a page. But I didn't take this approach because it would lead to some redundancy. The "topics" are not mutually exclusive, so there are often identifiers shared between them. (the topics are queries to a search engine, and the identifiers are result pointers; some queries generate overlapping hits). Size of the data structure might also be an issue, but I'm so new to MySQL and PHP I don't have an empirical sense of how fast it can be. I'm anxious to get this first project working! --mpm From hans at nyphp.org Thu Oct 30 08:40:29 2003 From: hans at nyphp.org (Hans Zaunere) Date: Thu, 30 Oct 2003 08:40:29 -0500 Subject: [nycphp-talk] regarding mySQL (was: Handling MySQL result sets) In-Reply-To: References: Message-ID: <3FA114CD.6030304@nyphp.org> Brian Pang wrote: > anyone in favor of nyphp also having a mysql, or just sql or databases > in general for that matter, mailing list ala front-end, jobs, etc? I think we've considered this type of thing and the concensus was to keep it all on one list. Forums are of course available at http://forums.nyphp.org and are divided up a little more. > I've stopped myself short a few times over the last week of posting > questions here (obviously, it would be OT), but have really wanted to as > this is and has been one of the most helpful programming communities > I've ever seen. By all means, ask away. For one, SQL isn't off-topic, and even if it was, well formed and complete questions are the most important factor. Mr. Myers' post shows what a concise, organized and generally well asked question can do. H From nyphp at websapp.com Thu Oct 30 09:46:53 2003 From: nyphp at websapp.com (Daniel Kushner) Date: Thu, 30 Oct 2003 09:46:53 -0500 Subject: [nycphp-talk] Food for Thought (Microsoft @ PHPCon) Message-ID: http://blogs.gotdotnet.com/bgold/PermaLink.aspx/8176f336-8b28-40f1-82ee-ff00 e0c5c1d0 --Daniel From sklar at sklar.com Thu Oct 30 10:09:56 2003 From: sklar at sklar.com (David Sklar) Date: Thu, 30 Oct 2003 10:09:56 -0500 Subject: [nycphp-talk] Food for Thought (Microsoft @ PHPCon) In-Reply-To: Message-ID: On Thursday, October 30, 2003 9:47 AM, wrote: > http://blogs.gotdotnet.com/bgold/PermaLink.aspx/8176f336-8b28-40f1 > -82ee-ff00 > e0c5c1d0 > I think some of this comes down to: Will PHP 6 (or 7 or whatever) be based on this: http://www.akbkhome.com/Projects/PHP_Sharp or this: http://www.edwardbear.org/pap.pdf Who gets to be libc for web programming? David From adam at trachtenberg.com Thu Oct 30 10:33:39 2003 From: adam at trachtenberg.com (Adam Maccabee Trachtenberg) Date: Thu, 30 Oct 2003 10:33:39 -0500 (EST) Subject: [nycphp-talk] Handling MySQL result sets In-Reply-To: References: Message-ID: On Thu, 30 Oct 2003, Michael Myers wrote: > Size of the data structure might also be an issue, but I'm so > new to MySQL and PHP I don't have an empirical sense of how fast it can > be. They're pretty fast. :) Well, it depends upon your machine and your traffic. > I'm anxious to get this first project working! In that case, I am always an advocate of doing the simplest thing possible and then optimizing later if need be. Writing the JOIN and retrieving the redundant data simplifies your PHP and will get you going. If you later decide that this is a bottleneck, then you can improve this piece of the code at that time. Don't waste your time trying to "fix" something that isn't necessarily broken. -adam -- adam at trachtenberg.com author of o'reilly's php cookbook avoid the holiday rush, buy your copy today! From shiflett at php.net Thu Oct 30 10:34:18 2003 From: shiflett at php.net (Chris Shiflett) Date: Thu, 30 Oct 2003 07:34:18 -0800 (PST) Subject: [nycphp-talk] Food for Thought (Microsoft @ PHPCon) In-Reply-To: Message-ID: <20031030153418.10881.qmail@web14308.mail.yahoo.com> --- David Sklar wrote: > I think some of this comes down to: > > Will PHP 6 (or 7 or whatever) be based on this: > > http://www.akbkhome.com/Projects/PHP_Sharp > > or this: > > http://www.edwardbear.org/pap.pdf Personally, I think Parrot is very interesting, and the idea of PHP running on top of Parrot and being a fast enough language that software traditionally written in C can be written in PHP (without too many people laughing at you) is pretty cool. Also, at OSCON, I understood what the heck .NET was for the first time when someone explained that it was sort of like Parrot. I think Larry Wall explained Parrot better in 10 minutes than anyone has been able to explain .NET in a few years. Interesting stuff. Chris ===== My Blog http://shiflett.org/ HTTP Developer's Handbook http://httphandbook.org/ RAMP Training Courses http://www.nyphp.org/ramp From hans at nyphp.org Thu Oct 30 10:51:21 2003 From: hans at nyphp.org (Hans Zaunere) Date: Thu, 30 Oct 2003 10:51:21 -0500 Subject: [nycphp-talk] Food for Thought (Microsoft @ PHPCon) In-Reply-To: References: Message-ID: <3FA13379.3080608@nyphp.org> David Sklar wrote: > On Thursday, October 30, 2003 9:47 AM, wrote: > > >>http://blogs.gotdotnet.com/bgold/PermaLink.aspx/8176f336-8b28-40f1-82ee-ff00e0c5c1d0 "Before I came down I was worried about how I would be accepted by this crowd as a Microsoft representative. Would it be hostile? Would it be open? I was pleasantly surprised by how well I was received. Everyone has been open, understanding, and engaging." I think that pretty well sums it up. The PHP crowd is often more 'open' than the Linux folks. > I think some of this comes down to: > > Will PHP 6 (or 7 or whatever) be based on this: > > http://www.akbkhome.com/Projects/PHP_Sharp > > or this: > > http://www.edwardbear.org/pap.pdf > > Who gets to be libc for web programming? PHP already is IMO; it's the 'libj' that everyone is trying to find. H From bpang at bpang.com Thu Oct 30 11:36:13 2003 From: bpang at bpang.com (Brian Pang) Date: Thu, 30 Oct 2003 11:36:13 -0500 Subject: [nycphp-talk] mySQL: update table from another table Message-ID: was it ever "mandated" that subject lines, if "OT" are somehow labeled? "mySQL:" is my attempt to alert the reader that this isn't directly PHP related. I need to update table2 with data from table1 the mysql4 code would be: update table2,table1 set table2.field = table1.field where table2.id = table1.id how is this done in mysql 3.x ? current mysql docs only show solutions for 4.x --- Of course, I could do a php solution, but that seems less elegant. conceptually: select id,field from table2 foreach(id) select field from table1 where table1.id = id update table2 set table2.field = field where table2.id = id thanks Brian From shiflett at php.net Thu Oct 30 12:04:32 2003 From: shiflett at php.net (Chris Shiflett) Date: Thu, 30 Oct 2003 09:04:32 -0800 (PST) Subject: [nycphp-talk] Food for Thought (Microsoft @ PHPCon) In-Reply-To: <3FA13379.3080608@nyphp.org> Message-ID: <20031030170432.83688.qmail@web14303.mail.yahoo.com> --- Hans Zaunere wrote: > > Who gets to be libc for web programming? > > PHP already is IMO; it's the 'libj' that everyone is trying to find. I think PHP/Perl/Python/Java/etc collectively make up the C. There is no libc yet. That's what my analogy looks like anyway. :-) Chris ===== My Blog http://shiflett.org/ HTTP Developer's Handbook http://httphandbook.org/ RAMP Training Courses http://www.nyphp.org/ramp From hans at nyphp.org Thu Oct 30 12:23:42 2003 From: hans at nyphp.org (Hans Zaunere) Date: Thu, 30 Oct 2003 12:23:42 -0500 Subject: [nycphp-talk] Fw: Delivery failure to pjmatthews@gotojml.com In-Reply-To: References: Message-ID: <3FA1491E.70404@nyphp.org> Brian Pang wrote: > Am I the only one getting these bounces from "ancient" posts to the list? > grrr He's been unsubscribed for some time, however I guess some were still left in the queue. This should be the last of it, though. H From tgales at tgaconnect.com Thu Oct 30 12:52:18 2003 From: tgales at tgaconnect.com (Tim Gales) Date: Thu, 30 Oct 2003 12:52:18 -0500 Subject: [nycphp-talk] mySQL: update table from another table In-Reply-To: Message-ID: <002a01c39f0e$906088f0$bf8d3818@oberon1> Brian, Here's an excerpt from the MySQL Manual 3.22 " * Updates and deletes that run over multiple tables is harder to do in MySQL. This will, however, be fixed in MySQL 4.0 with multi-table `DELETE' and multi-table `UPDATE' and in MySQL 4.1 with subselects. " And: ============================ `UPDATE' Syntax --------------- UPDATE [LOW_PRIORITY] [IGNORE] tbl_name SET col_name1=expr1, [col_name2=expr2, ...] [WHERE where_definition] [LIMIT #] `UPDATE' updates columns in existing table rows with new values. The `SET' clause indicates which columns to modify and the values they should be given. The `WHERE' clause, if given, specifies which rows should be updated. Otherwise all rows are updated... ================================ Hope this sheds some light on your situation T. Gales & Associates Helping People Connect with Technology http://www.tgaconnect.com -----Original Message----- From: talk-bounces at lists.nyphp.org [mailto:talk-bounces at lists.nyphp.org] On Behalf Of Brian Pang Sent: Thursday, October 30, 2003 11:36 AM To: talk at lists.nyphp.org Subject: [nycphp-talk] mySQL: update table from another table I need to update table2 with data from table1 the mysql4 code would be: update table2,table1 set table2.field = table1.field where table2.id = table1.id how is this done in mysql 3.x ? From sklar at sklar.com Thu Oct 30 12:55:14 2003 From: sklar at sklar.com (David Sklar) Date: Thu, 30 Oct 2003 12:55:14 -0500 Subject: [nycphp-talk] Food for Thought (Microsoft @ PHPCon) In-Reply-To: <20031030170432.83688.qmail@web14303.mail.yahoo.com> Message-ID: >>> Who gets to be libc for web programming? >> >> PHP already is IMO; it's the 'libj' that everyone is trying to find. > > I think PHP/Perl/Python/Java/etc collectively make up the C. There is > no libc yet. > > That's what my analogy looks like anyway. :-) Yeah. With multiple languages hosted by a common VM, you get access to the same core function library from each language instead of having to reimplement it again and again (cf. form processing, web services, image manipulation, XML parsing, etc. etc. etc.) When was the last time (if your name is Dan Bernstein, don't answer this question) you wrote a version of strlen() for your app? Not very frequently. When was the last time (even in PHP) you wrote a function to display an widget with the entity-encoded default value inserted if present in $_REQUEST? I want that to be the same in any web programming language. David From jonbaer at jonbaer.net Thu Oct 30 15:41:15 2003 From: jonbaer at jonbaer.net (jon baer) Date: Thu, 30 Oct 2003 15:41:15 -0500 Subject: [nycphp-talk] Merging/reissuing sessions ... Message-ID: <002801c39f26$2a593990$6600a8c0@thinkpad> all this session talk thought id throw out a question ... a long time ago someone made a plugin-like feature for tomcat java server which allowed for something like a reissue of a session id in which it merged together contents from one session content (the hard file) into a new session key. it was something like: session.reissue(); session.reissue(int); // tell it when to reissue after x transactions (default 1) it was mainly a security idea to prevent hijacking over time. does session_regenerate_id() perform these same type of functions w/ a transaction count? and is there anything new in php5 pertaining to this? - jon pgp key: http://www.jonbaer.net/jonbaer.asc fingerprint: F438 A47E C45E 8B27 F68C 1F9B 41DB DB8B 9A0C AF47 From bpang at bpang.com Thu Oct 30 15:51:03 2003 From: bpang at bpang.com (Brian Pang) Date: Thu, 30 Oct 2003 15:51:03 -0500 Subject: [nycphp-talk] mySQL: update table from another table Message-ID: Thanks, but this gives me an error UPDATE table2 SET table2.field = SELECT table1.field FROM table1 WHERE table1.id = table2.id "You have an error in your SQL syntax near 'SELECT ....." even though this fits the pattern of: UPDATE tbl_name SET col_name1=expr1 > Brian, > > Here's an excerpt from the MySQL Manual 3.22 > > " * Updates and deletes that run over multiple tables is > harder to do > in MySQL. This will, however, be fixed in MySQL 4.0 > with multi-table > `DELETE' and multi-table `UPDATE' and in MySQL 4.1 with > subselects. " > > And: > > ============================ > `UPDATE' Syntax > --------------- > > UPDATE [LOW_PRIORITY] [IGNORE] tbl_name > SET col_name1=expr1, [col_name2=expr2, ...] > [WHERE where_definition] > [LIMIT #] [snipped] > I need to update table2 with data from table1 > > the mysql4 code would be: > update table2,table1 set table2.field = table1.field where > table2.id = table1.id > > how is this done in mysql 3.x ? From adam at trachtenberg.com Thu Oct 30 15:55:03 2003 From: adam at trachtenberg.com (Adam Maccabee Trachtenberg) Date: Thu, 30 Oct 2003 15:55:03 -0500 (EST) Subject: [nycphp-talk] mySQL: update table from another table In-Reply-To: References: Message-ID: I think by expr1 the manual means 'adam' or MD5('password') not a SELECT. -adam On Thu, 30 Oct 2003, Brian Pang wrote: > Thanks, but this gives me an error > UPDATE table2 SET table2.field = SELECT table1.field FROM table1 WHERE > table1.id = table2.id > > "You have an error in your SQL syntax near 'SELECT ....." > > even though this fits the pattern of: > UPDATE tbl_name SET col_name1=expr1 > > > > Brian, > > > > Here's an excerpt from the MySQL Manual 3.22 > > > > " * Updates and deletes that run over multiple tables is > > harder to do > > in MySQL. This will, however, be fixed in MySQL 4.0 > > with multi-table > > `DELETE' and multi-table `UPDATE' and in MySQL 4.1 with > > subselects. " > > > > And: > > > > ============================ > > `UPDATE' Syntax > > --------------- > > > > UPDATE [LOW_PRIORITY] [IGNORE] tbl_name > > SET col_name1=expr1, [col_name2=expr2, ...] > > [WHERE where_definition] > > [LIMIT #] > [snipped] > > I need to update table2 with data from table1 > > > > the mysql4 code would be: > > update table2,table1 set table2.field = table1.field where > > table2.id = table1.id > > > > how is this done in mysql 3.x ? > > _______________________________________________ > talk mailing list > talk at lists.nyphp.org > http://lists.nyphp.org/mailman/listinfo/talk > -- adam at trachtenberg.com author of o'reilly's php cookbook avoid the holiday rush, buy your copy today! From nyphp at enobrev.com Thu Oct 30 16:20:32 2003 From: nyphp at enobrev.com (Mark Armendariz) Date: Thu, 30 Oct 2003 16:20:32 -0500 Subject: [nycphp-talk] Waiting for query redirect... Message-ID: (apologies if this msg gets posted twice, i posted form the wrong address the first time) Not sure how OT this is... I've been working on a registrar app that requires communication with an external api. On some queries to the api, the request takes a few seconds to go out for a response and return it. During the process, the browser basically just shows an incomplete page and then fills in the rest once the response is given from the external server. On sites like expedia.com and orbitz.com, when you do a search and it goes out to the airline api (sabre i believe it is), it shows an animated loading message, basically tellign the user that it's grabbing the info they're looking for. How would one go about doing that? - Where it waits for a full response to load showing a temporary page and then redirects to the query display once fully loaded. Thanks! Mark -------------- next part -------------- An HTML attachment was scrubbed... URL: From dkrook at hotmail.com Thu Oct 30 16:44:28 2003 From: dkrook at hotmail.com (D C Krook) Date: Thu, 30 Oct 2003 16:44:28 -0500 Subject: [nycphp-talk] Waiting for query redirect... Message-ID: >... Where it waits for a full response to >load showing a temporary page and then redirects to the query display once >fully loaded. I have had success doing this in JavaScript the following two ways. To show/hide the loading message on the same page as the results: - Place your loading message in a block element such as a TD or DIV with an id of "loading". - As the last line of the body in your document (and thus the last to load), use the following to hide it. To redirect after page loads: - As the last line of the body in your document (and thus the last to load), use ========================================== Daniel Christer Krook http://krook.net/ || http://krook.info/ http://civet.net/ || http://dev.krook.org/ _________________________________________________________________ Help STOP SPAM with the new MSN 8 and get 2 months FREE* http://join.msn.com/?page=features/junkmail From nyphp at enobrev.com Thu Oct 30 16:54:09 2003 From: nyphp at enobrev.com (Mark Armendariz) Date: Thu, 30 Oct 2003 16:54:09 -0500 Subject: [nycphp-talk] Waiting for query redirect... In-Reply-To: Message-ID: Definitely makes sense, and somewhat as I expected... Does that work fairly well cross browser? Thanks for the quick reply!! Mark -----Original Message----- From: talk-bounces at lists.nyphp.org [mailto:talk-bounces at lists.nyphp.org] On Behalf Of D C Krook Sent: Thursday, October 30, 2003 4:44 PM To: talk at lists.nyphp.org Subject: Re: [nycphp-talk] Waiting for query redirect... >... Where it waits for a full response to load showing a temporary page >and then redirects to the query display once fully loaded. I have had success doing this in JavaScript the following two ways. To show/hide the loading message on the same page as the results: - Place your loading message in a block element such as a TD or DIV with an id of "loading". - As the last line of the body in your document (and thus the last to load), use the following to hide it. To redirect after page loads: - As the last line of the body in your document (and thus the last to load), use ========================================== Daniel Christer Krook http://krook.net/ || http://krook.info/ http://civet.net/ || http://dev.krook.org/ _________________________________________________________________ Help STOP SPAM with the new MSN 8 and get 2 months FREE* http://join.msn.com/?page=features/junkmail _______________________________________________ talk mailing list talk at lists.nyphp.org http://lists.nyphp.org/mailman/listinfo/talk From tgales at tgaconnect.com Thu Oct 30 17:04:42 2003 From: tgales at tgaconnect.com (Tim Gales) Date: Thu, 30 Oct 2003 17:04:42 -0500 Subject: FW: [nycphp-talk] mySQL: update table from another table Message-ID: <003301c39f31$d2a97280$bf8d3818@oberon1> To: 'Brian Pang' Subject: RE: [nycphp-talk] mySQL: update table from another table You wrote: ...Thanks, but this gives me an error Brian, sorry about speaking 'Dervish' (as in whirling dervish)in my earlier post. I am often reluctant to say things in a definitive way E.G. "It can't be done" even with an AFAIK on it. So I tend to just quote something definitive. The active ingredient in my prior post was: > " * Updates and deletes that run over multiple tables is harder to > do > in MySQL. This will, however, be fixed in MySQL 4.0 > with multi-table > `DELETE' and multi-table `UPDATE' and in MySQL 4.1 with > subselects. " When the manual says "harder to do" I take that to mean (waffling again) the developer has to handle it programatically. I quoted the manual so that you could compare it with the current 4.XX Manual, because the 3.22 manual is sort of 'out of print' -- well you could find it on the web but it might take you a considerable amount of time. I didn't mean to say that you could actually do it with 3.XX MySQL statements. As to what you wrote earlier: "Of course, I could do a php solution, but that seems less elegant. conceptually: select id,field from table2 foreach(id) select field from table1 where table1.id = id update table2 set table2.field = field where table2.id = id" I think what you should try is more like this: A) Lock the table you want to update. B) Select the records you want to update into a temporary table. C) Use a programatic (such as php) method to do the update you want. D) Delete the records in question from the locked table E) Insert the temp records into the table. The reason I would do it this way is that if you have a lot of select activity on the table you could skip the locking of the table in step A. and use a synchronization method (like timestamps) to coordinate the deletion and insertion steps. As you probably are aware, the locking scheme in 3.2X is table based. All selects will wait on pending updates (as they should). But the effect of this is to make the database seem real slow to some users when there are bursts of activity. Sorry -- I should have been more clear. T. Gales & Associates Helping People Connect with Technology http://www.tgaconnect.com From dmintz at davidmintz.org Thu Oct 30 17:22:50 2003 From: dmintz at davidmintz.org (David Mintz) Date: Thu, 30 Oct 2003 17:22:50 -0500 (EST) Subject: [nycphp-talk] know any good FAQ manager? In-Reply-To: <003301c39f31$d2a97280$bf8d3818@oberon1> References: <003301c39f31$d2a97280$bf8d3818@oberon1> Message-ID: Friends, I'm looking for a FAQ manager -- something that will ease the pain of maintaining a FAQ. I see a few out there (thanks Google) but I wonder if anyone here has any recommendations, either negative or positive Thanks --- David Mintz http://davidmintz.org/ Email: See http://dmintzweb.com/whitelist.php first! "Anybody else got a problem with Webistics?" Sopranos 24:17 From csnyder at chxo.com Thu Oct 30 17:47:23 2003 From: csnyder at chxo.com (csnyder at chxo.com) Date: Thu, 30 Oct 2003 17:47:23 -0500 Subject: [nycphp-talk] Waiting for query redirect... In-Reply-To: References: Message-ID: <1067554043.3fa194fbe876b@webmail.tuffmail.net> Quoting Mark Armendariz : > On sites like expedia.com and > orbitz.com, when you do a search and it goes out to the airline api (sabre i > believe it is), it shows an animated loading message, basically tellign the > user that it's grabbing the info they're looking for. > Off the top of my head... You could cheat with some Javascript:

Please stand by.
.... rest of the result here Trick is forcing PHP to flush the output buffer after you print the div. OR you could hand off the query to a backend cli script that will write the result to a file, and use a refresh loop to keep checking for the file and displaying "please wait" if it's not found. That's a lot more complex, and possibly prone to security problems, but might be smoother from the client perspective. csnyder From danielc at analysisandsolutions.com Thu Oct 30 18:12:52 2003 From: danielc at analysisandsolutions.com (Analysis & Solutions) Date: Thu, 30 Oct 2003 18:12:52 -0500 Subject: [nycphp-talk] Waiting for query redirect... In-Reply-To: References: Message-ID: <20031030231251.GA10504@panix.com> Hey Folks: On Thu, Oct 30, 2003 at 04:44:28PM -0500, D C Krook wrote: > > To redirect after page loads: > - As the last line of the body in your document (and thus the last to > load), use And make sure to have a