From mmwaldman at nyc.rr.com  Mon Dec  1 20:14:57 2008
From: mmwaldman at nyc.rr.com (Michele Waldman)
Date: Mon, 1 Dec 2008 20:14:57 -0500
Subject: [nycphp-talk] Htaccess and php user account
Message-ID: <20081202011457.CVNE11341.hrndva-omta01.mail.rr.com@DeJaVu>

I'm trying to set up a user account with htaccess and mysql.

 

But the shared hosting account doesn't have mod_auth_mysql htaccess module
installed on the machines and I can't get root access.

 

How else are folks implementing accounts?

 

In php?

 

If so, what's the best general way to implement that.  Do you use session
variables for that?

 

My primary concern about implementing accounts in php is that php can stop
running on the server.  If that happens, the security becomes non-existent.
Plus, the php code can be dumped right to the browser.

 

I'd much rather server level security than in processes that can stop.

 

Thoughts on account security approaches, please.

 

Michele

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20081201/a7845c56/attachment.html>

From zippy1981 at gmail.com  Mon Dec  1 21:39:48 2008
From: zippy1981 at gmail.com (Justin Dearing)
Date: Mon, 1 Dec 2008 21:39:48 -0500
Subject: [nycphp-talk] Htaccess and php user account
In-Reply-To: <20081202011457.CVNE11341.hrndva-omta01.mail.rr.com@DeJaVu>
References: <20081202011457.CVNE11341.hrndva-omta01.mail.rr.com@DeJaVu>
Message-ID: <5458db3c0812011839x2105412cm83a17c214631ab46@mail.gmail.com>

Can you describe a senario where php stops working and as a result php would
stop?

Yes, theoretically apache could be reconfigured so its thinks that .php
files are just a text files, but if mod_php were to "crash", which generally
brings down the worker thread and fixes itself.

Session variables and a name and crypted password string in the database are
the way to go generally. I could reccomend more sofisticated approaches,
such as having php authenticate against LDAP, or the mysql database users
(assuming you restrict database access on a per user level), but if your
doing shared hosting (no root access), this is probably the best way.

Most php web apps work this way.

On Mon, Dec 1, 2008 at 8:14 PM, Michele Waldman <mmwaldman at nyc.rr.com>wrote:

>  I'm trying to set up a user account with htaccess and mysql.
>
>
>
> But the shared hosting account doesn't have mod_auth_mysql htaccess module
> installed on the machines and I can't get root access.
>
>
>
> How else are folks implementing accounts?
>
>
>
> In php?
>
>
>
> If so, what's the best general way to implement that.  Do you use session
> variables for that?
>
>
>
> My primary concern about implementing accounts in php is that php can stop
> running on the server.  If that happens, the security becomes non-existent.
> Plus, the php code can be dumped right to the browser.
>
>
>
> I'd much rather server level security than in processes that can stop.
>
>
>
> Thoughts on account security approaches, please.
>
>
>
> Michele
>
> _______________________________________________
> New York PHP User Group Community Talk Mailing List
> http://lists.nyphp.org/mailman/listinfo/talk
>
> http://www.nyphp.org/show_participation.php
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20081201/291f9ed8/attachment.html>

From mmwaldman at nyc.rr.com  Mon Dec  1 21:51:33 2008
From: mmwaldman at nyc.rr.com (Michele Waldman)
Date: Mon, 1 Dec 2008 21:51:33 -0500
Subject: [nycphp-talk] Htaccess and php user account
In-Reply-To: <5458db3c0812011839x2105412cm83a17c214631ab46@mail.gmail.com>
Message-ID: <20081202025132.STDM18207.hrndva-omta04.mail.rr.com@DeJaVu>

I'm not sure which process died, but I was programming one night and all of
the sudden all of my php code was being dumped to my browser.

 

I called my hosting provider and they said the underlying process had died
for some reason.

 

I can't remember if we did a reboot or if the process was started back up
independently.

 

Ever since then, I've taking into consideration that php is not necessarily
that secure.  One hiccup from the server and security could be compromised.
I keep sensitive data out of those files.

 

I was more curious about how it might be implemented in case my client
didn't upgrade the server, but my client will upgrade for more than just
this reason.

 

I know Zencart and other apps doesn't rely on htaccess, but rather php, but,
if I'm going to develop an app for which I am liable, I really think server
level is the only way to go.

 

Michele

 

  _____  

From: talk-bounces at lists.nyphp.org [mailto:talk-bounces at lists.nyphp.org] On
Behalf Of Justin Dearing
Sent: Monday, December 01, 2008 9:40 PM
To: NYPHP Talk
Subject: Re: [nycphp-talk] Htaccess and php user account

 

Can you describe a senario where php stops working and as a result php would
stop?

Yes, theoretically apache could be reconfigured so its thinks that .php
files are just a text files, but if mod_php were to "crash", which generally
brings down the worker thread and fixes itself.

 

Session variables and a name and crypted password string in the database are
the way to go generally. I could reccomend more sofisticated approaches,
such as having php authenticate against LDAP, or the mysql database users
(assuming you restrict database access on a per user level), but if your
doing shared hosting (no root access), this is probably the best way.

 

Most php web apps work this way. 

 

On Mon, Dec 1, 2008 at 8:14 PM, Michele Waldman <mmwaldman at nyc.rr.com>
wrote:

I'm trying to set up a user account with htaccess and mysql.

 

But the shared hosting account doesn't have mod_auth_mysql htaccess module
installed on the machines and I can't get root access.

 

How else are folks implementing accounts?

 

In php?

 

If so, what's the best general way to implement that.  Do you use session
variables for that?

 

My primary concern about implementing accounts in php is that php can stop
running on the server.  If that happens, the security becomes non-existent.
Plus, the php code can be dumped right to the browser.

 

I'd much rather server level security than in processes that can stop.

 

Thoughts on account security approaches, please.

 

Michele


_______________________________________________
New York PHP User Group Community Talk Mailing List
http://lists.nyphp.org/mailman/listinfo/talk

http://www.nyphp.org/show_participation.php

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20081201/beab8329/attachment.html>

From zippy1981 at gmail.com  Mon Dec  1 22:07:54 2008
From: zippy1981 at gmail.com (Justin Dearing)
Date: Mon, 1 Dec 2008 22:07:54 -0500
Subject: [nycphp-talk] Htaccess and php user account
In-Reply-To: <20081202025132.STDM18207.hrndva-omta04.mail.rr.com@DeJaVu>
References: <5458db3c0812011839x2105412cm83a17c214631ab46@mail.gmail.com>
	<20081202025132.STDM18207.hrndva-omta04.mail.rr.com@DeJaVu>
Message-ID: <5458db3c0812011907w36583d01r9d902053338c58fb@mail.gmail.com>

Michele,
I think your ISP lied to you. Assuming its apache and mod_php I'm pretty
sure that the only explanation was they reconfigured apache wrong, restarted
apache, you saw the issue, reported it, and they fixed it.

If your server is a windows server (unlikely in a shared hosting senario) or
this is something like lighthttpd or php running on apache through some
configuration I'm not totatly familiar with like CGI, then maybe this can
happen.

If what you experienced is a common occurrence with mod_php, I hope others
on this list will chime in. If it is I'm going to cease using apache and
mod_php in production environments.



On Mon, Dec 1, 2008 at 9:51 PM, Michele Waldman <mmwaldman at nyc.rr.com>wrote:

>  I'm not sure which process died, but I was programming one night and all
> of the sudden all of my php code was being dumped to my browser.
>
>
>
> I called my hosting provider and they said the underlying process had died
> for some reason.
>
>
>
> I can't remember if we did a reboot or if the process was started back up
> independently.
>
>
>
> Ever since then, I've taking into consideration that php is not necessarily
> that secure.  One hiccup from the server and security could be compromised.
> I keep sensitive data out of those files.
>
>
>
> I was more curious about how it might be implemented in case my client
> didn't upgrade the server, but my client will upgrade for more than just
> this reason.
>
>
>
> I know Zencart and other apps doesn't rely on htaccess, but rather php,
> but, if I'm going to develop an app for which I am liable, I really think
> server level is the only way to go.
>
>
>
> Michele
>
>
>  ------------------------------
>
> *From:* talk-bounces at lists.nyphp.org [mailto:talk-bounces at lists.nyphp.org]
> *On Behalf Of *Justin Dearing
> *Sent:* Monday, December 01, 2008 9:40 PM
> *To:* NYPHP Talk
> *Subject:* Re: [nycphp-talk] Htaccess and php user account
>
>
>
> Can you describe a senario where php stops working and as a result php
> would stop?
>
> Yes, theoretically apache could be reconfigured so its thinks that .php
> files are just a text files, but if mod_php were to "crash", which generally
> brings down the worker thread and fixes itself.
>
>
>
> Session variables and a name and crypted password string in the database
> are the way to go generally. I could reccomend more sofisticated approaches,
> such as having php authenticate against LDAP, or the mysql database users
> (assuming you restrict database access on a per user level), but if your
> doing shared hosting (no root access), this is probably the best way.
>
>
>
> Most php web apps work this way.
>
>
>
> On Mon, Dec 1, 2008 at 8:14 PM, Michele Waldman <mmwaldman at nyc.rr.com>
> wrote:
>
> I'm trying to set up a user account with htaccess and mysql.
>
>
>
> But the shared hosting account doesn't have mod_auth_mysql htaccess module
> installed on the machines and I can't get root access.
>
>
>
> How else are folks implementing accounts?
>
>
>
> In php?
>
>
>
> If so, what's the best general way to implement that.  Do you use session
> variables for that?
>
>
>
> My primary concern about implementing accounts in php is that php can stop
> running on the server.  If that happens, the security becomes non-existent.
> Plus, the php code can be dumped right to the browser.
>
>
>
> I'd much rather server level security than in processes that can stop.
>
>
>
> Thoughts on account security approaches, please.
>
>
>
> Michele
>
>
> _______________________________________________
> New York PHP User Group Community Talk Mailing List
> http://lists.nyphp.org/mailman/listinfo/talk
>
> http://www.nyphp.org/show_participation.php
>
>
>
> _______________________________________________
> New York PHP User Group Community Talk Mailing List
> http://lists.nyphp.org/mailman/listinfo/talk
>
> http://www.nyphp.org/show_participation.php
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20081201/86300e1d/attachment.html>

From shiflett at php.net  Mon Dec  1 22:15:13 2008
From: shiflett at php.net (Chris Shiflett)
Date: Mon, 1 Dec 2008 22:15:13 -0500
Subject: [nycphp-talk] Htaccess and php user account
In-Reply-To: <5458db3c0812011907w36583d01r9d902053338c58fb@mail.gmail.com>
References: <5458db3c0812011839x2105412cm83a17c214631ab46@mail.gmail.com>
	<20081202025132.STDM18207.hrndva-omta04.mail.rr.com@DeJaVu>
	<5458db3c0812011907w36583d01r9d902053338c58fb@mail.gmail.com>
Message-ID: <C7DD690F-1ED5-464B-B4A3-C1C4FE852811@php.net>

I heard that PHP has always been notorious for sometimes not  
processing requests poorly and sending back the source code for pages  
to the client:

http://shiflett.org/blog/2007/sep/catching-up-and-keeping-up

It's a shame that guy's blog no longer exists. At least the TechCrunch  
story still does. :-)

Chris

On Dec 1, 2008, at 22:07, Justin Dearing wrote:

> Michele,
>
> I think your ISP lied to you. Assuming its apache and mod_php I'm  
> pretty sure that the only explanation was they reconfigured apache  
> wrong, restarted apache, you saw the issue, reported it, and they  
> fixed it.
>
> If your server is a windows server (unlikely in a shared hosting  
> senario) or this is something like lighthttpd or php running on  
> apache through some configuration I'm not totatly familiar with like  
> CGI, then maybe this can happen.
>
> If what you experienced is a common occurrence with mod_php, I hope  
> others on this list will chime in. If it is I'm going to cease using  
> apache and mod_php in production environments.
>
>
> On Mon, Dec 1, 2008 at 9:51 PM, Michele Waldman  
> <mmwaldman at nyc.rr.com> wrote:
> I'm not sure which process died, but I was programming one night and  
> all of the sudden all of my php code was being dumped to my browser.
>
> I called my hosting provider and they said the underlying process  
> had died for some reason.
>

--
Chris Shiflett
http://shiflett.org/






From mmwaldman at nyc.rr.com  Mon Dec  1 22:20:23 2008
From: mmwaldman at nyc.rr.com (Michele Waldman)
Date: Mon, 1 Dec 2008 22:20:23 -0500
Subject: [nycphp-talk] Htaccess and php user account
In-Reply-To: <5458db3c0812011907w36583d01r9d902053338c58fb@mail.gmail.com>
Message-ID: <20081202032022.GXOC11341.hrndva-omta01.mail.rr.com@DeJaVu>

Justin,

 

I wouldn't stop using php.  It's still a useful language, but it runs as a
process on the server.  It's not build into server behavior.  I just
wouldn't use if to account security, personally.

 

I was on a virtual dedicated linux account with godaddy.  I know they have a
bad rep, but I'm under the impression they know how of configure a server
properly.

 

Also, here's the situation.  It was down for a short time before I
discovered it.  The likelihood of a hacker being on the site or sniffing the
site at that exact moment was fairly slim.  However, if it goes down and you
don't discover it, it would be a problem.

 

It's just something to keep in mind.  I would store data in a databasesand
passwords in a separate directory where http access has been revoked
entirely.  I do not put password in php, just in case.

 

Perhaps, there's a better way to configure the server, but the servers I use
have all been configured by the hosting provider.  Godaddy's not the only
one I've worked with, but you have very little way of knowing how different
providers have configured the shared accounts.

 

Michele

 

 

 

  _____  

From: talk-bounces at lists.nyphp.org [mailto:talk-bounces at lists.nyphp.org] On
Behalf Of Justin Dearing
Sent: Monday, December 01, 2008 10:08 PM
To: NYPHP Talk
Subject: Re: [nycphp-talk] Htaccess and php user account

 

Michele,

 

I think your ISP lied to you. Assuming its apache and mod_php I'm pretty
sure that the only explanation was they reconfigured apache wrong, restarted
apache, you saw the issue, reported it, and they fixed it.

 

If your server is a windows server (unlikely in a shared hosting senario) or
this is something like lighthttpd or php running on apache through some
configuration I'm not totatly familiar with like CGI, then maybe this can
happen. 

If what you experienced is a common occurrence with mod_php, I hope others
on this list will chime in. If it is I'm going to cease using apache and
mod_php in production environments. 

 

 

 

On Mon, Dec 1, 2008 at 9:51 PM, Michele Waldman <mmwaldman at nyc.rr.com>
wrote:

I'm not sure which process died, but I was programming one night and all of
the sudden all of my php code was being dumped to my browser.

 

I called my hosting provider and they said the underlying process had died
for some reason.

 

I can't remember if we did a reboot or if the process was started back up
independently.

 

Ever since then, I've taking into consideration that php is not necessarily
that secure.  One hiccup from the server and security could be compromised.
I keep sensitive data out of those files.

 

I was more curious about how it might be implemented in case my client
didn't upgrade the server, but my client will upgrade for more than just
this reason.

 

I know Zencart and other apps doesn't rely on htaccess, but rather php, but,
if I'm going to develop an app for which I am liable, I really think server
level is the only way to go.

 

Michele

 

  _____  

From: talk-bounces at lists.nyphp.org [mailto:talk-bounces at lists.nyphp.org] On
Behalf Of Justin Dearing
Sent: Monday, December 01, 2008 9:40 PM
To: NYPHP Talk
Subject: Re: [nycphp-talk] Htaccess and php user account

 

Can you describe a senario where php stops working and as a result php would
stop?

Yes, theoretically apache could be reconfigured so its thinks that .php
files are just a text files, but if mod_php were to "crash", which generally
brings down the worker thread and fixes itself.

 

Session variables and a name and crypted password string in the database are
the way to go generally. I could reccomend more sofisticated approaches,
such as having php authenticate against LDAP, or the mysql database users
(assuming you restrict database access on a per user level), but if your
doing shared hosting (no root access), this is probably the best way.

 

Most php web apps work this way. 

 

On Mon, Dec 1, 2008 at 8:14 PM, Michele Waldman <mmwaldman at nyc.rr.com>
wrote:

I'm trying to set up a user account with htaccess and mysql.

 

But the shared hosting account doesn't have mod_auth_mysql htaccess module
installed on the machines and I can't get root access.

 

How else are folks implementing accounts?

 

In php?

 

If so, what's the best general way to implement that.  Do you use session
variables for that?

 

My primary concern about implementing accounts in php is that php can stop
running on the server.  If that happens, the security becomes non-existent.
Plus, the php code can be dumped right to the browser.

 

I'd much rather server level security than in processes that can stop.

 

Thoughts on account security approaches, please.

 

Michele


_______________________________________________
New York PHP User Group Community Talk Mailing List
http://lists.nyphp.org/mailman/listinfo/talk

http://www.nyphp.org/show_participation.php

 


_______________________________________________
New York PHP User Group Community Talk Mailing List
http://lists.nyphp.org/mailman/listinfo/talk

http://www.nyphp.org/show_participation.php

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20081201/f765d59d/attachment.html>

From shiflett at php.net  Mon Dec  1 22:26:09 2008
From: shiflett at php.net (Chris Shiflett)
Date: Mon, 1 Dec 2008 22:26:09 -0500
Subject: [nycphp-talk] Htaccess and php user account
In-Reply-To: <20081202032022.GXOC11341.hrndva-omta01.mail.rr.com@DeJaVu>
References: <20081202032022.GXOC11341.hrndva-omta01.mail.rr.com@DeJaVu>
Message-ID: <818365D5-D70B-46F2-8EA7-9EA532542356@php.net>

Hi Michele,

On Dec 1, 2008, at 22:20, Michele Waldman wrote:

> I wouldn?t stop using php.  It?s still a useful language, but it  
> runs as a process on the server.  It?s not build into server  
> behavior.  I just wouldn?t use if to account security, personally.

I don't want to seem insensitive, but please keep in mind that you're  
speaking to a pretty informed community of people who don't look upon  
FUD and misinformation too kindly. It's pretty clear that you lack the  
depth required for your personal preferences to be helpful to others.

Chris

--
Chris Shiflett
http://shiflett.org/






From ajai at bitblit.net  Mon Dec  1 22:29:34 2008
From: ajai at bitblit.net (Ajai Khattri)
Date: Mon, 1 Dec 2008 22:29:34 -0500 (EST)
Subject: [nycphp-talk] Htaccess and php user account
In-Reply-To: <5458db3c0812011907w36583d01r9d902053338c58fb@mail.gmail.com>
Message-ID: <Pine.LNX.4.44.0812012217340.15044-100000@bitblit.net>

On Mon, 1 Dec 2008, Justin Dearing wrote:

> If your server is a windows server (unlikely in a shared hosting senario) or
> this is something like lighthttpd or php running on apache through some
> configuration I'm not totatly familiar with like CGI, then maybe this can
> happen.
> 
> If what you experienced is a common occurrence with mod_php, I hope others
> on this list will chime in. If it is I'm going to cease using apache and
> mod_php in production environments.

Wearing my sys admin hat: mod_php is not thread-safe right? Using 
mpm_prefork or mpm_itk you can make Apache 2.x run without threading.



-- 
Aj.



From lists at zaunere.com  Mon Dec  1 22:30:24 2008
From: lists at zaunere.com (Hans Zaunere)
Date: Mon, 1 Dec 2008 22:30:24 -0500
Subject: [nycphp-talk] Htaccess and php user account
In-Reply-To: <20081202032022.GXOC11341.hrndva-omta01.mail.rr.com@DeJaVu>
References: <5458db3c0812011907w36583d01r9d902053338c58fb@mail.gmail.com>
	<20081202032022.GXOC11341.hrndva-omta01.mail.rr.com@DeJaVu>
Message-ID: <002701c9542e$50c24eb0$f246ec10$@com>

 
> If what you experienced is a common occurrence with mod_php, I hope
> others on this list will chime in. If it is I'm going to cease using
> apache and mod_php in production environments.

This has nothing to do with mod_php/Apache that I've ever seen.  It's a
configuration issue.  As I said in my talk, if security is a real concern,
don't use a shared server that's administered by who-knows-who.

Shiflett's post nails it - as does this quote:

"PHP has always been notorious for sometimes not processing requests
poorly..."

Maybe those who configure servers should learn what a double negative is
first.

H




From tim_lists at o2group.com  Mon Dec  1 23:08:51 2008
From: tim_lists at o2group.com (Tim Lieberman)
Date: Mon, 1 Dec 2008 23:08:51 -0500
Subject: [nycphp-talk] Htaccess and php user account
In-Reply-To: <002701c9542e$50c24eb0$f246ec10$@com>
References: <5458db3c0812011907w36583d01r9d902053338c58fb@mail.gmail.com>
	<20081202032022.GXOC11341.hrndva-omta01.mail.rr.com@DeJaVu>
	<002701c9542e$50c24eb0$f246ec10$@com>
Message-ID: <447878A8-4D2A-4281-BA0E-C893FCC5B31B@o2group.com>

More generally, your top-level scripts getting dumped to the browser  
should not be a security issue to begin with.

If one is concerned that access to source makes something insecure,  
then they have no business using an open-source web server (like  
apache!).  I mean, anyone can just go grab all the source code!  The  
sky is surely falling!

-Tim



From tim_lists at o2group.com  Mon Dec  1 23:19:44 2008
From: tim_lists at o2group.com (Tim Lieberman)
Date: Mon, 1 Dec 2008 23:19:44 -0500
Subject: [nycphp-talk] Htaccess and php user account
In-Reply-To: <20081202011457.CVNE11341.hrndva-omta01.mail.rr.com@DeJaVu>
References: <20081202011457.CVNE11341.hrndva-omta01.mail.rr.com@DeJaVu>
Message-ID: <C2D41DAC-42F6-4827-8CBF-7AB869C46034@o2group.com>

Following up on my previous, more general post.

If you're just using PHP to control access to html content, and you're  
worried that your shared host is going to bork your apache  
configuration (which clearly is what happened in your case, assuming  
apache), you basically do the following:

1) Do a typical PHP auth setup of whatever design.  User accounts in  
mysql, with md5'd passwords.
2) Keep anything sensitive out of the web root.

So, very simplified, you've got something like this:

/some/dir/webroot -- webroot
/some/dir/secure -- not accessible by apache
/some/dir/lib/db.php - php script that contains any sensitive database  
connection information (note: your database shouldn't be accepting  
connections from just anyone, either.  That's why there's a "host"  
field in mysql.user.
/some/dir/webroot/page.php might look like:

<?PHP
// make sure the user has authenticated.
if (! auth() ){
	header("Location: login.php");
	exit();
}

//include the protected content
include "../lib/page.html";
?>

So even if your apache config goes south and spits out PHP code, all  
anyone sees is the content of page.php, above.

Exercise: Find the vulnerability in page.php that anyone can exploit.   
It must be useful.  The fact that there's a "lib" directory above the  
webroot is not really something that needs to be a secret.

Many PHP frameworks out there (cake and zend come to mind) use exactly  
this approach.

-Tim


/some/dir/webroot/page.php
On Dec 1, 2008, at 8:14 PM, Michele Waldman wrote:

> I?m trying to set up a user account with htaccess and mysql.
>
> But the shared hosting account doesn?t have mod_auth_mysql htaccess  
> module installed on the machines and I can?t get root access.
>
> How else are folks implementing accounts?
>
> In php?
>
> If so, what?s the best general way to implement that.  Do you use  
> session variables for that?
>
> My primary concern about implementing accounts in php is that php  
> can stop running on the server.  If that happens, the security  
> becomes non-existent.  Plus, the php code can be dumped right to the  
> browser.
>
> I?d much rather server level security than in processes that can stop.
>
> Thoughts on account security approaches, please.
>
> Michele
> _______________________________________________
> New York PHP User Group Community Talk Mailing List
> http://lists.nyphp.org/mailman/listinfo/talk
>
> http://www.nyphp.org/show_participation.php



From shiflett at php.net  Mon Dec  1 23:28:44 2008
From: shiflett at php.net (Chris Shiflett)
Date: Mon, 1 Dec 2008 23:28:44 -0500
Subject: [nycphp-talk] Htaccess and php user account
In-Reply-To: <002701c9542e$50c24eb0$f246ec10$@com>
References: <5458db3c0812011907w36583d01r9d902053338c58fb@mail.gmail.com>
	<20081202032022.GXOC11341.hrndva-omta01.mail.rr.com@DeJaVu>
	<002701c9542e$50c24eb0$f246ec10$@com>
Message-ID: <B8C039DE-F7E2-4B92-814F-033684148D71@php.net>

On Dec 1, 2008, at 22:30, Hans Zaunere wrote:

>> If what you experienced is a common occurrence with mod_php, I hope
>> others on this list will chime in. If it is I'm going to cease using
>> apache and mod_php in production environments.
>
> This has nothing to do with mod_php/Apache that I've ever seen.   
> It's a
> configuration issue.

Which reminds me, Brian Shire has a patch specifically to protect  
against this:

http://tekrat.com/apache/ap_source_defense/

--
Chris Shiflett
http://shiflett.org/






From mmwaldman at nyc.rr.com  Mon Dec  1 23:38:12 2008
From: mmwaldman at nyc.rr.com (Michele Waldman)
Date: Mon, 1 Dec 2008 23:38:12 -0500
Subject: [nycphp-talk] Htaccess and php user account
In-Reply-To: <B8C039DE-F7E2-4B92-814F-033684148D71@php.net>
Message-ID: <20081202043811.PZID8173.hrndva-omta03.mail.rr.com@DeJaVu>

Thanks to your soft, delicate input, I've been doing a little more research.

I was ps -ef on the linux server.  Php appears to be configured into the
server and the process goes down due to misconfiguration, is it not the same
process handling the htaccess?  Does that mean basically all web services
have stopped on the server and not even htaccess would protect it, leaving
the entire server vulnerable?  Or will htaccess still be working?

So, if this is a misconfiguration issue, that means if you don't have a sys
admin, that the programmer needs to learn the configuration and ensure it's
correct on the server?

-----Original Message-----
From: talk-bounces at lists.nyphp.org [mailto:talk-bounces at lists.nyphp.org] On
Behalf Of Chris Shiflett
Sent: Monday, December 01, 2008 11:29 PM
To: NYPHP Talk
Subject: Re: [nycphp-talk] Htaccess and php user account

On Dec 1, 2008, at 22:30, Hans Zaunere wrote:

>> If what you experienced is a common occurrence with mod_php, I hope
>> others on this list will chime in. If it is I'm going to cease using
>> apache and mod_php in production environments.
>
> This has nothing to do with mod_php/Apache that I've ever seen.   
> It's a
> configuration issue.

Which reminds me, Brian Shire has a patch specifically to protect  
against this:

http://tekrat.com/apache/ap_source_defense/

--
Chris Shiflett
http://shiflett.org/




_______________________________________________
New York PHP User Group Community Talk Mailing List
http://lists.nyphp.org/mailman/listinfo/talk

http://www.nyphp.org/show_participation.php



From ajai at bitblit.net  Mon Dec  1 23:48:07 2008
From: ajai at bitblit.net (Ajai Khattri)
Date: Mon, 1 Dec 2008 23:48:07 -0500 (EST)
Subject: [nycphp-talk] Htaccess and php user account
In-Reply-To: <20081202043811.PZID8173.hrndva-omta03.mail.rr.com@DeJaVu>
Message-ID: <Pine.LNX.4.44.0812012344150.15044-100000@bitblit.net>

On Mon, 1 Dec 2008, Michele Waldman wrote:

> server and the process goes down due to misconfiguration, is it not the same
> process handling the htaccess?  Does that mean basically all web services
> have stopped on the server and not even htaccess would protect it, leaving
> the entire server vulnerable?  Or will htaccess still be working?

mod_auth_mysql *is* an Apache module.

> So, if this is a misconfiguration issue, that means if you don't have a sys
> admin, that the programmer needs to learn the configuration and ensure it's
> correct on the server?

My personal opinion is that programmers should know more than just 
programming.



-- 
Aj.



From tim_lists at o2group.com  Tue Dec  2 00:14:28 2008
From: tim_lists at o2group.com (Tim Lieberman)
Date: Tue, 2 Dec 2008 00:14:28 -0500
Subject: [nycphp-talk] Htaccess and php user account
In-Reply-To: <20081202043811.PZID8173.hrndva-omta03.mail.rr.com@DeJaVu>
References: <20081202043811.PZID8173.hrndva-omta03.mail.rr.com@DeJaVu>
Message-ID: <D40AF7D5-194F-48C2-A73B-404D5E330634@o2group.com>

On Dec 1, 2008, at 11:38 PM, Michele Waldman wrote:

> Thanks to your soft, delicate input, I've been doing a little more  
> research.
>
> I was ps -ef on the linux server.  Php appears to be configured into  
> the
> server and the process goes down due to misconfiguration, is it not  
> the same
> process handling the htaccess?  Does that mean basically all web  
> services
> have stopped on the server and not even htaccess would protect it,  
> leaving
> the entire server vulnerable?  Or will htaccess still be working?

You're still operating under the impression that something went wrong  
with the software.

Nothing went wrong with the software.  The software worked exactly as  
it was supposed to.  The problem was that it was misconfigured.   
(Unless there really is some bug in apache that nobody here has ever  
seen/verified).  So, Garbage In (Configuration), Garbage (or, your  
source files, in this case) Out.

Even that facebook story ends up saying:

	"After looking at every possible angle, I was unable to configure our  
Apache build to serve source code even if we wanted to. What we  
eventually found was a single server running a standard distribution  
build of Apache in our production pool of several thousand web severs.  
A lot has been posted online blaming PHP for this, however, the server  
that we eventually found was not running PHP."

http://sizzo.org/wp/2007/09/youre-source-code-is-showing

He goes on to suggest the same thing I did in my last message.


> So, if this is a misconfiguration issue, that means if you don't  
> have a sys
> admin, that the programmer needs to learn the configuration and  
> ensure it's
> correct on the server?

If you rely on a server to deploy your applications you should do one  
of two things:

	1) Know enough about server administration/configuration
	2) Pay someone (or some organization) that does.




From tmpvar at gmail.com  Tue Dec  2 00:47:59 2008
From: tmpvar at gmail.com (Elijah Insua)
Date: Tue, 2 Dec 2008 00:47:59 -0500
Subject: [nycphp-talk] Htaccess and php user account
In-Reply-To: <D40AF7D5-194F-48C2-A73B-404D5E330634@o2group.com>
References: <20081202043811.PZID8173.hrndva-omta03.mail.rr.com@DeJaVu>
	<D40AF7D5-194F-48C2-A73B-404D5E330634@o2group.com>
Message-ID: <2b4feca10812012147x3ba22ab8nc072d741ebb571a2@mail.gmail.com>

http://tinyurl.com/5ux4q6

On Tue, Dec 2, 2008 at 12:14 AM, Tim Lieberman <tim_lists at o2group.com>wrote:

> On Dec 1, 2008, at 11:38 PM, Michele Waldman wrote:
>
>  Thanks to your soft, delicate input, I've been doing a little more
>> research.
>>
>> I was ps -ef on the linux server.  Php appears to be configured into the
>> server and the process goes down due to misconfiguration, is it not the
>> same
>> process handling the htaccess?  Does that mean basically all web services
>> have stopped on the server and not even htaccess would protect it, leaving
>> the entire server vulnerable?  Or will htaccess still be working?
>>
>
> You're still operating under the impression that something went wrong with
> the software.
>
> Nothing went wrong with the software.  The software worked exactly as it
> was supposed to.  The problem was that it was misconfigured.  (Unless there
> really is some bug in apache that nobody here has ever seen/verified).  So,
> Garbage In (Configuration), Garbage (or, your source files, in this case)
> Out.
>
> Even that facebook story ends up saying:
>
>        "After looking at every possible angle, I was unable to configure
> our Apache build to serve source code even if we wanted to. What we
> eventually found was a single server running a standard distribution build
> of Apache in our production pool of several thousand web severs. A lot has
> been posted online blaming PHP for this, however, the server that we
> eventually found was not running PHP."
>
> http://sizzo.org/wp/2007/09/youre-source-code-is-showing
>
> He goes on to suggest the same thing I did in my last message.
>
>
>  So, if this is a misconfiguration issue, that means if you don't have a
>> sys
>> admin, that the programmer needs to learn the configuration and ensure
>> it's
>> correct on the server?
>>
>
> If you rely on a server to deploy your applications you should do one of
> two things:
>
>        1) Know enough about server administration/configuration
>        2) Pay someone (or some organization) that does.
>
>
>
> _______________________________________________
> New York PHP User Group Community Talk Mailing List
> http://lists.nyphp.org/mailman/listinfo/talk
>
> http://www.nyphp.org/show_participation.php
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20081202/ba014e76/attachment.html>

From ramons at gmx.net  Tue Dec  2 07:07:21 2008
From: ramons at gmx.net (David Krings)
Date: Tue, 02 Dec 2008 07:07:21 -0500
Subject: [nycphp-talk] Htaccess and php user account
In-Reply-To: <C2D41DAC-42F6-4827-8CBF-7AB869C46034@o2group.com>
References: <20081202011457.CVNE11341.hrndva-omta01.mail.rr.com@DeJaVu>
	<C2D41DAC-42F6-4827-8CBF-7AB869C46034@o2group.com>
Message-ID: <493524F9.6040808@gmx.net>

Tim Lieberman wrote:
> 2) Keep anything sensitive out of the web root.
> 
> So, very simplified, you've got something like this:
> 
> /some/dir/webroot -- webroot
> /some/dir/secure -- not accessible by apache
> /some/dir/lib/db.php - php script that contains any sensitive database 
> connection information (note: your database shouldn't be accepting 
> connections from just anyone, either.  That's why there's a "host" field 
> in mysql.user.

Thanks for the interesting post. I was initially confused by one thing:
> /some/dir/lib/db.php - php script that contains any sensitive database 

I was always under the impression as that Apache/PHP cannot access scripts 
outside of webroot, which after some further thought appears to be only 
applicable to script files that are directly accessed (such as the page.php 
script in the original post). The script file with the db access information 
is not to be served up under any circumstances and it is also not necessary as 
Apache/PHP can access the local file system and read/write from/to any place 
the access restrictions allow.
This way the sensitive information is off-limits via the web and technically 
all that is needed in webroot is a single script file that only calls at least 
one other script that is located somewhere else outside of webroot. Sometimes 
the most difficult things are really darn easy.

David


From david at davidmintz.org  Tue Dec  2 10:45:46 2008
From: david at davidmintz.org (David Mintz)
Date: Tue, 2 Dec 2008 10:45:46 -0500
Subject: [nycphp-talk] how to correct wrong mysql datetime columns?
Message-ID: <721f1cc50812020745j8229312sbcf5d8d2e34db69d@mail.gmail.com>

This isn't necessarily PHP but... close enough? You could script a solution
in PHP and indeed I might.

I had two CentOS servers' date info somehow go bad over the weekend. When I
came back to work they thought it was 1993, wreaking havoc with the
PHP/MySQL application hosted thereon. I restarted ntpd and they are now
apparently doing fine, thanks. But I have some tables where the record
creation date is saved using MySQL's  now(). There are now some rows with
the wrong value in this field and I am not quite clever enough to see the
best way to fix.

The last output I have from the 'date' command before it was corrected is
Wed Mar  3 18:40:05 EST 1993. When we got back to the present, 'date' said
Tue Dec  2 09:20:05 EST 2008. Should I convert both to Unix timestamps,
subtract the smaller from the larger and add that number of seconds to the
values that I know are wrong? btw I know this number won't be exact but
close enough will do, there being no alternative AFAIK.

Gratefully,

-- 
David Mintz
http://davidmintz.org/

The subtle source is clear and bright
The tributary streams flow through the darkness
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20081202/7761715a/attachment.html>

From tedd at sperling.com  Tue Dec  2 10:53:53 2008
From: tedd at sperling.com (tedd)
Date: Tue, 2 Dec 2008 10:53:53 -0500
Subject: [nycphp-talk] Htaccess and php user account
In-Reply-To: <Pine.LNX.4.44.0812012344150.15044-100000@bitblit.net>
References: <Pine.LNX.4.44.0812012344150.15044-100000@bitblit.net>
Message-ID: <p06240801c55b0a607898@[192.168.1.101]>

At 11:48 PM -0500 12/1/08, Ajai Khattri wrote:

>My personal opinion is that programmers should know more than just
>programming.

Crap!

I have enough to keep up with as it is.

Cheers,

tedd
-- 
-------
http://sperling.com  http://ancientstones.com  http://earthstones.com


From ajai at bitblit.net  Tue Dec  2 12:27:48 2008
From: ajai at bitblit.net (Ajai Khattri)
Date: Tue, 2 Dec 2008 12:27:48 -0500 (EST)
Subject: [nycphp-talk] Htaccess and php user account
In-Reply-To: <p06240801c55b0a607898@[192.168.1.101]>
Message-ID: <Pine.LNX.4.44.0812021226130.15044-100000@bitblit.net>

On Tue, 2 Dec 2008, tedd wrote:

> Crap!
> 
> I have enough to keep up with as it is.

As someone else pointed out, if you don't then you should probably hire 
someone to deploy your app and manage your servers for you.



-- 
Aj.



From david at davidmintz.org  Tue Dec  2 12:55:54 2008
From: david at davidmintz.org (David Mintz)
Date: Tue, 2 Dec 2008 12:55:54 -0500
Subject: [nycphp-talk] how to correct wrong mysql datetime columns?
In-Reply-To: <721f1cc50812020745j8229312sbcf5d8d2e34db69d@mail.gmail.com>
References: <721f1cc50812020745j8229312sbcf5d8d2e34db69d@mail.gmail.com>
Message-ID: <721f1cc50812020955m2e201ca5pda850f26196262ba@mail.gmail.com>

I love answering my own questions (no sarcasm intended).

SELECT timestampdiff(SECOND, '1993-03-03 18:40:05', '2008-12-02 09:20:05');

Answer: 497025600

UPDATE your_table set created = date_add(created, INTERVAL 497025600 SECOND)
WHERE year(created) = 1993;

If anyone sees anything worth commenting please feel free. Otherwise, case
closed, just thought I'd post an answer for the record.

On Tue, Dec 2, 2008 at 10:45 AM, David Mintz <david at davidmintz.org> wrote:

> This isn't necessarily PHP but... close enough? You could script a solution
> in PHP and indeed I might.
>
> I had two CentOS servers' date info somehow go bad over the weekend. When I
> came back to work they thought it was 1993, wreaking havoc with the
> PHP/MySQL application hosted thereon. I restarted ntpd and they are now
> apparently doing fine, thanks. But I have some tables where the record
> creation date is saved using MySQL's  now(). There are now some rows with
> the wrong value in this field and I am not quite clever enough to see the
> best way to fix.
>
> The last output I have from the 'date' command before it was corrected is
> Wed Mar  3 18:40:05 EST 1993. When we got back to the present, 'date' said
> Tue Dec  2 09:20:05 EST 2008. Should I convert both to Unix timestamps,
> subtract the smaller from the larger and add that number of seconds to the
> values that I know are wrong? btw I know this number won't be exact but
> close enough will do, there being no alternative AFAIK.
>
> Gratefully,
>
> --
> David Mintz
> http://davidmintz.org/
>
> The subtle source is clear and bright
> The tributary streams flow through the darkness
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20081202/ec736cd9/attachment.html>

From michael.southwell at nyphp.com  Tue Dec  2 15:18:40 2008
From: michael.southwell at nyphp.com (Michael Southwell)
Date: Tue, 02 Dec 2008 15:18:40 -0500
Subject: [nycphp-talk] OT Quicktime to Flash convertor
Message-ID: <49359820.3050205@nyphp.com>

Does anybody know of one, preferably free, capable of converting a 650M 
file?
-- 
=================
Michael Southwell
Vice President, Education
NYPHP TRAINING:  http://nyphp.com/Training/Indepth


From zippy1981 at gmail.com  Tue Dec  2 15:28:15 2008
From: zippy1981 at gmail.com (Justin Dearing)
Date: Tue, 2 Dec 2008 15:28:15 -0500
Subject: [nycphp-talk] OT Quicktime to Flash convertor
In-Reply-To: <49359820.3050205@nyphp.com>
References: <49359820.3050205@nyphp.com>
Message-ID: <5458db3c0812021228m2249620fo742c78be458432f6@mail.gmail.com>

ffmpeg

I compile it myself on linux, but I'm sure you can find windows binaries.

The developers of the project rarely do formal releases and highly encourage
you to download the latest code from SVN. I find it an annoying policy on
their part, but would find it forgivable it they would at least linked to
websites that provided binaries.

On Tue, Dec 2, 2008 at 3:18 PM, Michael Southwell <
michael.southwell at nyphp.com> wrote:

> Does anybody know of one, preferably free, capable of converting a 650M
> file?
> --
> =================
> Michael Southwell
> Vice President, Education
> NYPHP TRAINING:  http://nyphp.com/Training/Indepth
> _______________________________________________
> New York PHP User Group Community Talk Mailing List
> http://lists.nyphp.org/mailman/listinfo/talk
>
> http://www.nyphp.org/show_participation.php
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20081202/74623833/attachment.html>

From randalrust at gmail.com  Wed Dec  3 15:23:06 2008
From: randalrust at gmail.com (Randal Rust)
Date: Wed, 3 Dec 2008 15:23:06 -0500
Subject: [nycphp-talk] Downloading File Outside of the Root
Message-ID: <a9caffe50812031223i10cdc0bdi49468e7b71c0679d@mail.gmail.com>

We are working on a small site where the client has an eBook for sale.
Once the purchase is completed, we want to provide the link to the
file, which we'd like to have sit outside of the server root. We are
trying to work this out by modifying the .htaccess file with the
following command.

RewriteRule
^download/pdf/book.pdf
/home/cooking/wwwroot/pdf/book.pdf

Unfortunately we keep getting 404 errors. This is a shared
environment, so the host may not even allow this, but does anyone see
anything that would keep this from working properly? FYI, I spaced it
out here for readability. It's one line in the file.

-- 
Randal Rust
R.Squared Communications
www.r2communications.com
614-370-0036


From codebowl at gmail.com  Wed Dec  3 15:26:17 2008
From: codebowl at gmail.com (Joseph Crawford)
Date: Wed, 3 Dec 2008 15:26:17 -0500
Subject: [nycphp-talk] Downloading File Outside of the Root
In-Reply-To: <a9caffe50812031223i10cdc0bdi49468e7b71c0679d@mail.gmail.com>
References: <a9caffe50812031223i10cdc0bdi49468e7b71c0679d@mail.gmail.com>
Message-ID: <B6A1AEA2-3EBD-4CAB-AC5E-8666B6EF34FA@gmail.com>

If you want the file to live outside the www that's fine, but i doubt  
you can do it like you did in the rewrite.  I would make the rewrite  
point to a php script that reads the file then outputs it for download  
using the appropriate headers etc.

On Dec 3, 2008, at 3:23 PM, Randal Rust wrote:

> We are working on a small site where the client has an eBook for sale.
> Once the purchase is completed, we want to provide the link to the
> file, which we'd like to have sit outside of the server root. We are
> trying to work this out by modifying the .htaccess file with the
> following command.
>
> RewriteRule
> ^download/pdf/book.pdf
> /home/cooking/wwwroot/pdf/book.pdf
>
> Unfortunately we keep getting 404 errors. This is a shared
> environment, so the host may not even allow this, but does anyone see
> anything that would keep this from working properly? FYI, I spaced it
> out here for readability. It's one line in the file.
>
> -- 
> Randal Rust
> R.Squared Communications
> www.r2communications.com
> 614-370-0036
> _______________________________________________
> New York PHP User Group Community Talk Mailing List
> http://lists.nyphp.org/mailman/listinfo/talk
>
> http://www.nyphp.org/show_participation.php



From ben at projectskyline.com  Wed Dec  3 15:33:15 2008
From: ben at projectskyline.com (Ben Sgro)
Date: Wed, 03 Dec 2008 15:33:15 -0500
Subject: [nycphp-talk] Downloading File Outside of the Root
In-Reply-To: <B6A1AEA2-3EBD-4CAB-AC5E-8666B6EF34FA@gmail.com>
References: <a9caffe50812031223i10cdc0bdi49468e7b71c0679d@mail.gmail.com>
	<B6A1AEA2-3EBD-4CAB-AC5E-8666B6EF34FA@gmail.com>
Message-ID: <4936ED0B.5020902@projectskyline.com>

Hello,

Why not just email them the book (size permitting)?

- Ben

Joseph Crawford wrote:
> If you want the file to live outside the www that's fine, but i doubt 
> you can do it like you did in the rewrite.  I would make the rewrite 
> point to a php script that reads the file then outputs it for download 
> using the appropriate headers etc.
>
> On Dec 3, 2008, at 3:23 PM, Randal Rust wrote:
>
>> We are working on a small site where the client has an eBook for sale.
>> Once the purchase is completed, we want to provide the link to the
>> file, which we'd like to have sit outside of the server root. We are
>> trying to work this out by modifying the .htaccess file with the
>> following command.
>>
>> RewriteRule
>> ^download/pdf/book.pdf
>> /home/cooking/wwwroot/pdf/book.pdf
>>
>> Unfortunately we keep getting 404 errors. This is a shared
>> environment, so the host may not even allow this, but does anyone see
>> anything that would keep this from working properly? FYI, I spaced it
>> out here for readability. It's one line in the file.
>>
>> -- 
>> Randal Rust
>> R.Squared Communications
>> www.r2communications.com
>> 614-370-0036
>> _______________________________________________
>> New York PHP User Group Community Talk Mailing List
>> http://lists.nyphp.org/mailman/listinfo/talk
>>
>> http://www.nyphp.org/show_participation.php
>
> _______________________________________________
> New York PHP User Group Community Talk Mailing List
> http://lists.nyphp.org/mailman/listinfo/talk
>
> http://www.nyphp.org/show_participation.php
>


From randalrust at gmail.com  Wed Dec  3 15:36:14 2008
From: randalrust at gmail.com (Randal Rust)
Date: Wed, 3 Dec 2008 15:36:14 -0500
Subject: [nycphp-talk] Downloading File Outside of the Root
In-Reply-To: <4936ED0B.5020902@projectskyline.com>
References: <a9caffe50812031223i10cdc0bdi49468e7b71c0679d@mail.gmail.com>
	<B6A1AEA2-3EBD-4CAB-AC5E-8666B6EF34FA@gmail.com>
	<4936ED0B.5020902@projectskyline.com>
Message-ID: <a9caffe50812031236j3e460c0cma9b093d229a8991@mail.gmail.com>

On Wed, Dec 3, 2008 at 3:33 PM, Ben Sgro <ben at projectskyline.com> wrote:

> Why not just email them the book (size permitting)?

It's too big. My other option is Amazon S3, which we've already used
on another, larger project. But I thought it would be kind of useful
to figure out how to do it this way as well.

I'm not really concerned about the customer downloading the book
multiple times, I just don't want people to be able to access it
directly and get it.

-- 
Randal Rust
R.Squared Communications
www.r2communications.com
614-370-0036


From codebowl at gmail.com  Wed Dec  3 15:43:37 2008
From: codebowl at gmail.com (Joseph Crawford)
Date: Wed, 3 Dec 2008 15:43:37 -0500
Subject: [nycphp-talk] Downloading File Outside of the Root
In-Reply-To: <a9caffe50812031236j3e460c0cma9b093d229a8991@mail.gmail.com>
References: <a9caffe50812031223i10cdc0bdi49468e7b71c0679d@mail.gmail.com>
	<B6A1AEA2-3EBD-4CAB-AC5E-8666B6EF34FA@gmail.com>
	<4936ED0B.5020902@projectskyline.com>
	<a9caffe50812031236j3e460c0cma9b093d229a8991@mail.gmail.com>
Message-ID: <2F14F3F7-9B6E-4024-86BD-3BC1364F651D@gmail.com>

Like I said have a php script serve it as a download. Doing it this  
way allows you to make sure that the user logged in.

On Dec 3, 2008, at 3:36 PM, Randal Rust wrote:

> On Wed, Dec 3, 2008 at 3:33 PM, Ben Sgro <ben at projectskyline.com>  
> wrote:
>
>> Why not just email them the book (size permitting)?
>
> It's too big. My other option is Amazon S3, which we've already used
> on another, larger project. But I thought it would be kind of useful
> to figure out how to do it this way as well.
>
> I'm not really concerned about the customer downloading the book
> multiple times, I just don't want people to be able to access it
> directly and get it.
>
> -- 
> Randal Rust
> R.Squared Communications
> www.r2communications.com
> 614-370-0036
> _______________________________________________
> New York PHP User Group Community Talk Mailing List
> http://lists.nyphp.org/mailman/listinfo/talk
>
> http://www.nyphp.org/show_participation.php



From dorgan at donaldorgan.com  Wed Dec  3 15:47:00 2008
From: dorgan at donaldorgan.com (Donald J. Organ IV)
Date: Wed, 3 Dec 2008 15:47:00 -0500 (EST)
Subject: [nycphp-talk] PHP/Java Bridge
Message-ID: <27158556.251228337220036.JavaMail.root@twoguyshosting.com.>

So I am trying to use Apache Lucene to add searching to a site I am working on. And so far I have been able to use the PHP/Java Bridge for this. 

http://php-java-bridge.sourceforge.net/pjb/ 

Has anyone used this before??

For the most part I have this working but I am trying to impletement MultiFieldQueryParser but not sure how to pass the fields.  I have tried the following:

$parser = new Java( 'org.apache.lucene.queryParser.MultiFieldQueryParser',array('name','description'),$analyzer );

I have also tried:
$parser = new Java( 'org.apache.lucene.queryParser.MultiFieldQueryParser',"name,description",$analyzer );

AND
$parser = new Java( 'org.apache.lucene.queryParser.MultiFieldQueryParser',"name description",$analyzer );



And I am not getting anything, has anyone done this before??

Thanks,

Donald

From randalrust at gmail.com  Wed Dec  3 15:55:10 2008
From: randalrust at gmail.com (Randal Rust)
Date: Wed, 3 Dec 2008 15:55:10 -0500
Subject: [nycphp-talk] Downloading File Outside of the Root
In-Reply-To: <2F14F3F7-9B6E-4024-86BD-3BC1364F651D@gmail.com>
References: <a9caffe50812031223i10cdc0bdi49468e7b71c0679d@mail.gmail.com>
	<B6A1AEA2-3EBD-4CAB-AC5E-8666B6EF34FA@gmail.com>
	<4936ED0B.5020902@projectskyline.com>
	<a9caffe50812031236j3e460c0cma9b093d229a8991@mail.gmail.com>
	<2F14F3F7-9B6E-4024-86BD-3BC1364F651D@gmail.com>
Message-ID: <a9caffe50812031255m65ea9d05vc681a51070db8a8b@mail.gmail.com>

On Wed, Dec 3, 2008 at 3:43 PM, Joseph Crawford <codebowl at gmail.com> wrote:

> Like I said have a php script serve it as a download. Doing it this way
> allows you to make sure that the user logged in.

Thanks, Joe. It worked perfectly!

-- 
Randal Rust
R.Squared Communications
www.r2communications.com
614-370-0036


From rolan at omnistep.com  Wed Dec  3 23:38:09 2008
From: rolan at omnistep.com (Rolan Yang)
Date: Wed, 03 Dec 2008 23:38:09 -0500
Subject: [nycphp-talk] Downloading File Outside of the Root
In-Reply-To: <a9caffe50812031255m65ea9d05vc681a51070db8a8b@mail.gmail.com>
References: <a9caffe50812031223i10cdc0bdi49468e7b71c0679d@mail.gmail.com>	<B6A1AEA2-3EBD-4CAB-AC5E-8666B6EF34FA@gmail.com>	<4936ED0B.5020902@projectskyline.com>	<a9caffe50812031236j3e460c0cma9b093d229a8991@mail.gmail.com>	<2F14F3F7-9B6E-4024-86BD-3BC1364F651D@gmail.com>
	<a9caffe50812031255m65ea9d05vc681a51070db8a8b@mail.gmail.com>
Message-ID: <49375EB1.10707@omnistep.com>

Randal Rust wrote:
> On Wed, Dec 3, 2008 at 3:43 PM, Joseph Crawford <codebowl at gmail.com> wrote:
>
>   
>> Like I said have a php script serve it as a download. Doing it this way
>> allows you to make sure that the user logged in.
>>     
>
> Thanks, Joe. It worked perfectly!
>   


This question and solution seems to come up time and time again. Perhaps 
it needs to be incorporated in the FAQ.

~Rolan


From afischer at email.smith.edu  Thu Dec  4 09:12:36 2008
From: afischer at email.smith.edu (Aaron Fischer)
Date: Thu, 4 Dec 2008 09:12:36 -0500
Subject: [nycphp-talk] Session timing out too soon
Message-ID: <8787CB11-546D-4A4F-9EB1-F8114F243DE5@email.smith.edu>

Greetings,

I have an application built for internal use that has a user login and  
then uses sessions to track their state.  I am running into a problem  
in that their session seems to expire if they are on one page for  
somewhere between 15-25 minutes.  This creates a big problem because  
they type up a long report, submit it and then get booted out of the  
application without the report being saved.

I would like to have the user be able to be logged in for a full eight  
hour day, regardless of their level of activity.

How would I do this?  I would appreciate any suggestions.  Also of  
note, I am in a shared hosting environment.

I tried three different solutions without any luck so far:
1) Using session_set_cookie_params() to extend the lifetime of the  
session cookie.
2) Using a javascript function to to periodically call an image to  
simulate page activity.
3) Using ini_set(session.gc_maxlifetime) to set the the number of  
seconds for php to wait before data may be seen as garbage and be  
cleaned up.

Thanks,

-Aaron


From dcech at phpwerx.net  Thu Dec  4 09:23:27 2008
From: dcech at phpwerx.net (Dan Cech)
Date: Thu, 04 Dec 2008 09:23:27 -0500
Subject: [nycphp-talk] Session timing out too soon
In-Reply-To: <8787CB11-546D-4A4F-9EB1-F8114F243DE5@email.smith.edu>
References: <8787CB11-546D-4A4F-9EB1-F8114F243DE5@email.smith.edu>
Message-ID: <4937E7DF.6050506@phpwerx.net>

Aaron Fischer wrote:
> I would like to have the user be able to be logged in for a full eight
> hour day, regardless of their level of activity.
> 
> How would I do this?  I would appreciate any suggestions.  Also of note,
> I am in a shared hosting environment.
> 
> I tried three different solutions without any luck so far:
> 1) Using session_set_cookie_params() to extend the lifetime of the
> session cookie.

The default setting of 0 for session.cookie_lifetime means 'until the
browser is closed', so you shouldn't need to mess with this.

> 2) Using a javascript function to to periodically call an image to
> simulate page activity.

You're on the right track here, but you need to be calling a php script
which accesses the session to renew the last access time.  Just
requesting a static image won't do it.

> 3) Using ini_set(session.gc_maxlifetime) to set the the number of
> seconds for php to wait before data may be seen as garbage and be
> cleaned up.

The problem you're most likely having here is that any scripts on the
machine which don't have this setting will trigger the session garbage
collector with the default settings, and cheerfully delete your session
files.

If you switch to a custom session storage system (ie, database-backed
sessions), then you can control the GC this way because they won't be
cleaned up by the default garbage collector.

Dan



From jellicle at gmail.com  Thu Dec  4 09:31:31 2008
From: jellicle at gmail.com (Michael Sims)
Date: Thu, 4 Dec 2008 09:31:31 -0500
Subject: [nycphp-talk] Session timing out too soon
In-Reply-To: <8787CB11-546D-4A4F-9EB1-F8114F243DE5@email.smith.edu>
References: <8787CB11-546D-4A4F-9EB1-F8114F243DE5@email.smith.edu>
Message-ID: <200812040931.32529.jellicle@gmail.com>

On Thursday 04 December 2008, Aaron Fischer wrote:

> Greetings,
>
> I have an application built for internal use that has a user login and
> then uses sessions to track their state.  I am running into a problem
> in that their session seems to expire if they are on one page for
> somewhere between 15-25 minutes.  This creates a big problem because
> they type up a long report, submit it and then get booted out of the
> application without the report being saved.
>
> I would like to have the user be able to be logged in for a full eight
> hour day, regardless of their level of activity.
>
> How would I do this?  I would appreciate any suggestions.  Also of
> note, I am in a shared hosting environment.

This one has been asked before.  The default lifetime for sessions is 24 
minutes.  However, in a shared environment, the default lifetime is the 
lowest of any user's choice; so if one user on the shared server has the 
default lifetime set to 1 minute, EVERYONE'S sessions expire after one 
minute (more or less; read up on how session files are randomly deleted).  
Because PHP can't tell the difference between that user's session files and 
your session files, they're all in the same common directory.

So.  What you need to do is specify your own directory for your session 
files (/sharedserver/myroot/mysessionfiles/), and then set the cleanup 
lifetime to whatever you want (session.gc_maxlifetime).

Here's an explanation with some sample code:

http://www.captain.at/howto-php-sessions.php

Michael Sims

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20081204/5487950c/attachment.html>

From paul at devonianfarm.com  Thu Dec  4 10:09:26 2008
From: paul at devonianfarm.com (Paul A Houle)
Date: Thu, 04 Dec 2008 10:09:26 -0500
Subject: [nycphp-talk] Session timing out too soon
In-Reply-To: <4937E7DF.6050506@phpwerx.net>
References: <8787CB11-546D-4A4F-9EB1-F8114F243DE5@email.smith.edu>
	<4937E7DF.6050506@phpwerx.net>
Message-ID: <4937F2A6.1060106@devonianfarm.com>

Dan Cech wrote:
> If you switch to a custom session storage system (ie, database-backed
> sessions), then you can control the GC this way because they won't be
> cleaned up by the default garbage collector.
>   
    This is the real answer.  PHP sessions (as well as the session 
mechanisms built into other systems such as JSP and ASP.NET) are flawed 
in a number of ways.  They are highly seductive to newbies,  since they 
help you write an application that almost works quickly,  but you can 
spend forever dealing with glitches and stability problems with them.

    User authentication should be done like this:

http://pdos.csail.mit.edu/papers/webauth:sec10.pdf

    That paper has been around for a decade and it still astonishes me 
that people are still using authentication systems that don't really 
work.  I mean,  an authentication system that's bound to a specific 
language?  That isn't good enough for the booby prize,  never mind the 
enterprise. 

The cryptography-based system in the above paper is scalable and can be 
implemented in about 100 lines of code in just about any language.  That 
mean you can log in once and access applications written in PHP,  Perl,  
Java,  Ruby,  C# or whatever.  It's possible to authenticate a user 
using only cryptography,  so you put a very limited load on a central 
database or session store.
 
Other than that,  it turns out that the sessions scope is rarely the 
~correct~ scope for any application.  For instance,  I've seen that 
sites that use language-bound sesson mechanisms often lose about 50% of 
sales because of glitches.  These glitches are hard to reproduce or 
monitor because session systems don't provide any log of lost shopping 
carts.  You'll hear businessmen complain about how they can't afford to 
do things right,  but then they're just happy to lose $2K of sales a day 
to a bad shopping cart.


From petros.ziogas at gmail.com  Thu Dec  4 10:30:41 2008
From: petros.ziogas at gmail.com (Petros Ziogas)
Date: Thu, 4 Dec 2008 17:30:41 +0200
Subject: [nycphp-talk] Session timing out too soon
In-Reply-To: <4937F2A6.1060106@devonianfarm.com>
References: <8787CB11-546D-4A4F-9EB1-F8114F243DE5@email.smith.edu>
	<4937E7DF.6050506@phpwerx.net> <4937F2A6.1060106@devonianfarm.com>
Message-ID: <236c3b210812040730n3da0156v2f9aec2d3f9defb5@mail.gmail.com>

That was an awesome read.
I felt really good for doing something similar for some years now :)

I also agree that authentication should not rely on anything more than a
well written algorythm.

Petros Ziogas
http://www.royalblue.gr



On Thu, Dec 4, 2008 at 5:09 PM, Paul A Houle <paul at devonianfarm.com> wrote:

> Dan Cech wrote:
>
>> If you switch to a custom session storage system (ie, database-backed
>> sessions), then you can control the GC this way because they won't be
>> cleaned up by the default garbage collector.
>>
>>
>   This is the real answer.  PHP sessions (as well as the session mechanisms
> built into other systems such as JSP and ASP.NET) are flawed in a number
> of ways.  They are highly seductive to newbies,  since they help you write
> an application that almost works quickly,  but you can spend forever dealing
> with glitches and stability problems with them.
>
>   User authentication should be done like this:
>
> http://pdos.csail.mit.edu/papers/webauth:sec10.pdf
>
>   That paper has been around for a decade and it still astonishes me that
> people are still using authentication systems that don't really work.  I
> mean,  an authentication system that's bound to a specific language?  That
> isn't good enough for the booby prize,  never mind the enterprise.
> The cryptography-based system in the above paper is scalable and can be
> implemented in about 100 lines of code in just about any language.  That
> mean you can log in once and access applications written in PHP,  Perl,
>  Java,  Ruby,  C# or whatever.  It's possible to authenticate a user using
> only cryptography,  so you put a very limited load on a central database or
> session store.
>
> Other than that,  it turns out that the sessions scope is rarely the
> ~correct~ scope for any application.  For instance,  I've seen that sites
> that use language-bound sesson mechanisms often lose about 50% of sales
> because of glitches.  These glitches are hard to reproduce or monitor
> because session systems don't provide any log of lost shopping carts.
>  You'll hear businessmen complain about how they can't afford to do things
> right,  but then they're just happy to lose $2K of sales a day to a bad
> shopping cart.
>
> _______________________________________________
> New York PHP User Group Community Talk Mailing List
> http://lists.nyphp.org/mailman/listinfo/talk
>
> http://www.nyphp.org/show_participation.php
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20081204/f4129f25/attachment.html>

From krook at us.ibm.com  Thu Dec  4 12:00:38 2008
From: krook at us.ibm.com (Daniel Krook)
Date: Thu, 4 Dec 2008 12:00:38 -0500
Subject: [nycphp-talk] PHP/Java Bridge
In-Reply-To: <27158556.251228337220036.JavaMail.root@twoguyshosting.com.>
References: <27158556.251228337220036.JavaMail.root@twoguyshosting.com.>
Message-ID: <OF8E84C4E1.46BA6939-ON85257515.005D1573-85257515.005D71B0@us.ibm.com>

Hi Donald,

> From: "Donald J. Organ IV" <dorgan at donaldorgan.com>
> To: NYPHP Talk <talk at lists.nyphp.org>
> Date: 12/03/2008 03:48 PM
> Subject: [nycphp-talk] PHP/Java Bridge
> 
> So I am trying to use Apache Lucene to add searching to a 
> site I am working on. And so far I have been able to use 
> the PHP/Java Bridge for this. 
> 
> http://php-java-bridge.sourceforge.net/pjb/ 
> 
> Has anyone used this before??
> 
> For the most part I have this working but I am trying to 
> impletement MultiFieldQueryParser but not sure how to pass
> the fields.  I have tried the following:
> 
> $parser = new Java( 
> 'org.apache.lucene.queryParser.MultiFieldQueryParser',array
> ('name','description'),$analyzer );
> 
> I have also tried:
> $parser = new Java( 
> 
'org.apache.lucene.queryParser.MultiFieldQueryParser',"name,description",
> $analyzer );
> 
> AND
> $parser = new Java( 
> 'org.apache.lucene.queryParser.MultiFieldQueryParser',"name
> description",$analyzer );
> 
> And I am not getting anything, has anyone done this before??
> 
> Thanks,
> 
> Donald

I was going to recommend you post this over to the PHP/Java Bridge list, 
but I see you've already done that :)

I have not used Lucene before, but there are some resources I came across 
when building a Project Zero/WebSphere sMash app recently.   They may be 
of use:

http://www.projectzero.org/blog/index.php/2008/10/28/searching-for-information-with-php-java-and-apache-lucene/
http://www.ibm.com/developerworks/websphere/library/techarticles/0809_phillips/0809_phillips.html




Thanks,
-Dan


Daniel Krook
Senior IT Specialist - Content Tools Developer, Global Solutions, ibm.com
IBM Certified IT Specialist, SCSA, SCJP, SCWCD, ZCE, ICDAssoc., ICAD




From arzala at gmail.com  Thu Dec  4 23:23:22 2008
From: arzala at gmail.com (Anirudhsinh Zala)
Date: Fri, 5 Dec 2008 09:53:22 +0530
Subject: [nycphp-talk] Session timing out too soon
In-Reply-To: <200812040931.32529.jellicle@gmail.com>
References: <8787CB11-546D-4A4F-9EB1-F8114F243DE5@email.smith.edu>
	<200812040931.32529.jellicle@gmail.com>
Message-ID: <200812050953.22522.arzala@gmail.com>

On Thursday 04 December 2008 20:01:31 Michael Sims wrote:
> On Thursday 04 December 2008, Aaron Fischer wrote:
> > Greetings,
> >
> > I have an application built for internal use that has a user login and
> > then uses sessions to track their state.  I am running into a problem
> > in that their session seems to expire if they are on one page for
> > somewhere between 15-25 minutes.  This creates a big problem because
> > they type up a long report, submit it and then get booted out of the
> > application without the report being saved.
> >
> > I would like to have the user be able to be logged in for a full eight
> > hour day, regardless of their level of activity.
> >
> > How would I do this?  I would appreciate any suggestions.  Also of
> > note, I am in a shared hosting environment.
>
> This one has been asked before.  The default lifetime for sessions is 24
> minutes.  However, in a shared environment, the default lifetime is the
> lowest of any user's choice; so if one user on the shared server has the
> default lifetime set to 1 minute, EVERYONE'S sessions expire after one
> minute (more or less; read up on how session files are randomly deleted).
> Because PHP can't tell the difference between that user's session files and
> your session files, they're all in the same common directory.
>
> So.  What you need to do is specify your own directory for your session
> files (/sharedserver/myroot/mysessionfiles/), and then set the cleanup
> lifetime to whatever you want (session.gc_maxlifetime).
>
> Here's an explanation with some sample code:
>
> http://www.captain.at/howto-php-sessions.php

I have a confusion about solution mentioned in this article, although I can't 
test this properly.

Read following line from that article:

"Now our session files are stored in the new directory and the regular garbage 
collector will not see them, so those files will survive at least that long 
as defined in gc_maxlifetime."

Does it mean that Garbage collector will automatically remove session files 
after new "session.gc_maxlifetime" value?

However according to PHP manual, as defined in php.ini, one has to write own 
garbage collection solution to clean-up such files. Here is relevant section 
from php.ini.

; NOTE: If you are using the subdirectory option for storing session files
;       (see session.save_path above), then garbage collection does *not*
;       happen automatically.  You will need to do your own garbage
;       collection through a shell script, cron entry, or some other method.
;       For example, the following script would is the equivalent of
;       setting session.gc_maxlifetime to 1440 (1440 seconds = 24 minutes):
;          cd /path/to/sessions; find -cmin +24 | xargs rm

If author means that session files will last longer till 
new "session.gc_maxlifetime" but after that "it will do reside there" then he 
would mention about above php.ini's NOTE to design own garbage collection 
method.

Thanks,

Anirudh Zala

>
> Michael Sims




From rotsen at gmail.com  Mon Dec  8 18:38:10 2008
From: rotsen at gmail.com (=?ISO-8859-1?Q?N=E9stor?=)
Date: Mon, 8 Dec 2008 15:38:10 -0800
Subject: [nycphp-talk] Report with line breaks
Message-ID: <a304e2d60812081538t6d1b4d0yd0e49885bca8e686@mail.gmail.com>

When creating a report how do you guys handle line breaks?
When printing a  table text table cell how do you do so that part of
text is not on one page and part on another?

Thanks,

Nestor:-)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20081208/8d9df449/attachment.html>

From tomsartain at gmail.com  Mon Dec  8 20:56:57 2008
From: tomsartain at gmail.com (Tom Sartain)
Date: Mon, 8 Dec 2008 20:56:57 -0500
Subject: [nycphp-talk] Report with line breaks
In-Reply-To: <a304e2d60812081538t6d1b4d0yd0e49885bca8e686@mail.gmail.com>
References: <a304e2d60812081538t6d1b4d0yd0e49885bca8e686@mail.gmail.com>
Message-ID: <20190d950812081756r50bc9a72t6fc92d26ee380c23@mail.gmail.com>

Are you looking for line breaks or page breaks?

Line breaks, you'll have to stick with a well placed PHP_EOL

Page breaks, you'll need to use the page-break-before page-break-after CSS
properties.There are actually a bunch of print specific CSS properties
available: http://www.w3schools.com/CSS/css_ref_print.asp

It's surprising how much control you can get over printouts with CSS.

-Tom

On Mon, Dec 8, 2008 at 6:38 PM, N?stor <rotsen at gmail.com> wrote:

> When creating a report how do you guys handle line breaks?
> When printing a  table text table cell how do you do so that part of
> text is not on one page and part on another?
>
> Thanks,
>
> Nestor:-)
>
> _______________________________________________
> New York PHP User Group Community Talk Mailing List
> http://lists.nyphp.org/mailman/listinfo/talk
>
> http://www.nyphp.org/show_participation.php
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20081208/b81aa57b/attachment.html>

From mikesz at qualityadvantages.com  Mon Dec  8 23:10:12 2008
From: mikesz at qualityadvantages.com (mikesz at qualityadvantages.com)
Date: Tue, 9 Dec 2008 12:10:12 +0800
Subject: [nycphp-talk] PHP FTP function...
Message-ID: <1653101522.20081209121012@qualityadvantages.com>

Hello and Greetings, NYPHP,

   I have a potential project that requires the ability to do file
   transfers from one website to another using FTP, i.e. the files and
   folders are on an ftp server and need to be downloaded to a folder
   /directory that is running on the server making the request.

   Is this a possibility using PHP? Has anyone done it successfully?

   I am looking at the possibilities of using :


   $url = "http://test.com/index.html"; fopen($url, "r");

   and/or
   
   $f = fopen("ftp://test.com");
   ftp_pasv($f, true);

Pointers very much apprecated. TIA.

-- 
Best regards,
 mikesz                          mailto:mikesz at qualityadvantages.com



From jcampbell1 at gmail.com  Mon Dec  8 23:35:29 2008
From: jcampbell1 at gmail.com (John Campbell)
Date: Mon, 8 Dec 2008 23:35:29 -0500
Subject: [nycphp-talk] Report with line breaks
In-Reply-To: <20190d950812081756r50bc9a72t6fc92d26ee380c23@mail.gmail.com>
References: <a304e2d60812081538t6d1b4d0yd0e49885bca8e686@mail.gmail.com>
	<20190d950812081756r50bc9a72t6fc92d26ee380c23@mail.gmail.com>
Message-ID: <8f0676b40812082035g6044a33av50ff227185708a4c@mail.gmail.com>

On Mon, Dec 8, 2008 at 8:56 PM, Tom Sartain <tomsartain at gmail.com> wrote:

> It's surprising how much control you can get over printouts with CSS.

In theory... those CSS properties are only supported by Safari, and
IE8.  Unfortunately I found that out the hard way.

-John Campbell


From kenrbnsn at rbnsn.com  Mon Dec  8 23:40:59 2008
From: kenrbnsn at rbnsn.com (Ken Robinson)
Date: Mon, 08 Dec 2008 23:40:59 -0500
Subject: [nycphp-talk] PHP FTP function...
In-Reply-To: <1653101522.20081209121012@qualityadvantages.com>
References: <1653101522.20081209121012@qualityadvantages.com>
Message-ID: <20081209044104.B383A1CB29F5@lists.nyphp.org>

At 11:10 PM 12/8/2008, mikesz at qualityadvantages.com wrote:
>Hello and Greetings, NYPHP,
>
>    I have a potential project that requires the ability to do file
>    transfers from one website to another using FTP, i.e. the files and
>    folders are on an ftp server and need to be downloaded to a folder
>    /directory that is running on the server making the request.
>
>    Is this a possibility using PHP? Has anyone done it successfully?

There are FTP functions built-in to PHP. See http://www.php.net/ftp

Ken 



From mikesz at qualityadvantages.com  Tue Dec  9 00:14:05 2008
From: mikesz at qualityadvantages.com (mikesz at qualityadvantages.com)
Date: Tue, 9 Dec 2008 13:14:05 +0800
Subject: [nycphp-talk] PHP FTP function...
In-Reply-To: <20081209044104.B383A1CB29F5@lists.nyphp.org>
References: <1653101522.20081209121012@qualityadvantages.com>
	<20081209044104.B383A1CB29F5@lists.nyphp.org>
Message-ID: <1491263475.20081209131405@qualityadvantages.com>

Hello Ken,

Tuesday, December 9, 2008, 12:40:59 PM, you wrote:

> At 11:10 PM 12/8/2008, mikesz at qualityadvantages.com wrote:
>>Hello and Greetings, NYPHP,
>>
>>    I have a potential project that requires the ability to do file
>>    transfers from one website to another using FTP, i.e. the files and
>>    folders are on an ftp server and need to be downloaded to a folder
>>    /directory that is running on the server making the request.
>>
>>    Is this a possibility using PHP? Has anyone done it successfully?

> There are FTP functions built-in to PHP. See http://www.php.net/ftp

> Ken 

> _______________________________________________
> New York PHP User Group Community Talk Mailing List
> http://lists.nyphp.org/mailman/listinfo/talk

> http://www.nyphp.org/show_participation.php

> __________ Information from ESET Smart Security, version of virus
> signature database 3674 (20081209) __________

> The message was checked by ESET Smart Security.

> http://www.eset.com



Thanks, actually, I just found them on my second pass at
the manual.

-- 
Best regards,
 mikesz                            mailto:mikesz at qualityadvantages.com



From mikesz at qualityadvantages.com  Tue Dec  9 00:12:54 2008
From: mikesz at qualityadvantages.com (mikesz at qualityadvantages.com)
Date: Tue, 9 Dec 2008 13:12:54 +0800
Subject: [nycphp-talk] PHP FTP function...
In-Reply-To: <1653101522.20081209121012@qualityadvantages.com>
References: <1653101522.20081209121012@qualityadvantages.com>
Message-ID: <9310000985.20081209131254@qualityadvantages.com>

Hello mikesz,

Tuesday, December 9, 2008, 12:10:12 PM, you wrote:

> Hello and Greetings, NYPHP,

>    I have a potential project that requires the ability to do file
>    transfers from one website to another using FTP, i.e. the files and
>    folders are on an ftp server and need to be downloaded to a folder
>    /directory that is running on the server making the request.

Sorry, just found the page that has all the ftp commands in the PHP
manual, didn't see it the first time.

> Pointers very much apprecated. TIA.

But I would appreciate any pointers in any event.


-- 
Best regards,
 mikesz                            mailto:mikesz at qualityadvantages.com



From ramons at gmx.net  Tue Dec  9 06:49:20 2008
From: ramons at gmx.net (David Krings)
Date: Tue, 09 Dec 2008 06:49:20 -0500
Subject: [nycphp-talk] Report with line breaks
In-Reply-To: <8f0676b40812082035g6044a33av50ff227185708a4c@mail.gmail.com>
References: <a304e2d60812081538t6d1b4d0yd0e49885bca8e686@mail.gmail.com>	<20190d950812081756r50bc9a72t6fc92d26ee380c23@mail.gmail.com>
	<8f0676b40812082035g6044a33av50ff227185708a4c@mail.gmail.com>
Message-ID: <493E5B40.1030006@gmx.net>

John Campbell wrote:
> On Mon, Dec 8, 2008 at 8:56 PM, Tom Sartain <tomsartain at gmail.com> wrote:
> 
>> It's surprising how much control you can get over printouts with CSS.
> 
> In theory... those CSS properties are only supported by Safari, and
> IE8.  Unfortunately I found that out the hard way.
> 
> -John Campbell

Opera should be able to do it as well, but I assume you tried it and found it 
not to be the case?

David


From ken at secdat.com  Tue Dec  9 08:29:38 2008
From: ken at secdat.com (Kenneth Downs)
Date: Tue, 09 Dec 2008 08:29:38 -0500
Subject: [nycphp-talk] Report with line breaks
In-Reply-To: <a304e2d60812081538t6d1b4d0yd0e49885bca8e686@mail.gmail.com>
References: <a304e2d60812081538t6d1b4d0yd0e49885bca8e686@mail.gmail.com>
Message-ID: <493E72C2.6040609@secdat.com>

N?stor wrote:
> When creating a report how do you guys handle line breaks?
> When printing a  table text table cell how do you do so that part of
> text is not on one page and part on another?
>
> Thanks,

Have you tried fpdf (fpdf.org) to make things in PDF format? 

I tried making HTML reports a few years ago and concluded the support is 
simply not there to make it worthwhile, and went PDF instead.

>
> Nestor:-)
> ------------------------------------------------------------------------
>
> _______________________________________________
> New York PHP User Group Community Talk Mailing List
> http://lists.nyphp.org/mailman/listinfo/talk
>
> http://www.nyphp.org/show_participation.php


-- 
Kenneth Downs
Secure Data Software, Inc.
www.secdat.com    www.andromeda-project.org
631-689-7200   Fax: 631-689-0527
cell: 631-379-0010

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20081209/0e24187e/attachment.html>

From rotsen at gmail.com  Tue Dec  9 10:24:35 2008
From: rotsen at gmail.com (=?ISO-8859-1?Q?N=E9stor?=)
Date: Tue, 9 Dec 2008 07:24:35 -0800
Subject: [nycphp-talk] Report with line breaks
In-Reply-To: <493E72C2.6040609@secdat.com>
References: <a304e2d60812081538t6d1b4d0yd0e49885bca8e686@mail.gmail.com>
	<493E72C2.6040609@secdat.com>
Message-ID: <a304e2d60812090724g64b0da45k75a3df446a305862@mail.gmail.com>

But with PDF can you control page breaks? Page headings?

Is there a default number of lines per page?
When printing a cell in a table is there a way to tell how many lines
printing a cell will take
because a cell can be 1 line or many.

I have create a report but the managers do not want part of a table record
in one page
and part on another page

Thanks,

Nestor :-)

On Tue, Dec 9, 2008 at 5:29 AM, Kenneth Downs <ken at secdat.com> wrote:

>  N?stor wrote:
>
> When creating a report how do you guys handle line breaks?
> When printing a  table text table cell how do you do so that part of
> text is not on one page and part on another?
>
> Thanks,
>
>
> Have you tried fpdf (fpdf.org) to make things in PDF format?
>
> I tried making HTML reports a few years ago and concluded the support is
> simply not there to make it worthwhile, and went PDF instead.
>
>
> Nestor:-)
>
> ------------------------------
>
> _______________________________________________
> New York PHP User Group Community Talk Mailing Listhttp://lists.nyphp.org/mailman/listinfo/talk
> http://www.nyphp.org/show_participation.php
>
>
>
> --
> Kenneth Downs
> Secure Data Software, Inc.www.secdat.com    www.andromeda-project.org
> 631-689-7200   Fax: 631-689-0527
> cell: 631-379-0010
>
>
> _______________________________________________
> New York PHP User Group Community Talk Mailing List
> http://lists.nyphp.org/mailman/listinfo/talk
>
> http://www.nyphp.org/show_participation.php
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20081209/fe99749c/attachment.html>

From rolan at omnistep.com  Tue Dec  9 10:33:11 2008
From: rolan at omnistep.com (Rolan Yang)
Date: Tue, 09 Dec 2008 10:33:11 -0500
Subject: [nycphp-talk] Report with line breaks
In-Reply-To: <493E72C2.6040609@secdat.com>
References: <a304e2d60812081538t6d1b4d0yd0e49885bca8e686@mail.gmail.com>
	<493E72C2.6040609@secdat.com>
Message-ID: <493E8FB7.8020506@omnistep.com>

Kenneth Downs wrote:
> N?stor wrote:
>> When creating a report how do you guys handle line breaks?
>> When printing a  table text table cell how do you do so that part of
>> text is not on one page and part on another?
>>
>> Thanks,
>
> Have you tried fpdf (fpdf.org) to make things in PDF format? 
>
> I tried making HTML reports a few years ago and concluded the support 
> is simply not there to make it worthwhile, and went PDF instead.
>

The CSS method will work if you allow for ample clearance between page 
margins (which, when printing in HTML, you have no control).

I have gone the fpdf route before also, but that led to it's own 
challenges such as making sure the content fits within the fixed box 
cells drawn, and then there are all the precalculations required to 
figure out how large an expandable table can be before it exceeds the 
page length and when to split the table onto the next page.

The easiest way, I think (might even be considered a cop-out!), is to 
export the table data to Excel and let the end user figure out how they 
want the report formatted. It's usually an easy sell once you point out 
that, with the data in a spreadsheet, they have the power to manipulate 
the data in hundreds of ways and generate their own additional reports.

~Rolan





From ken at secdat.com  Tue Dec  9 10:32:10 2008
From: ken at secdat.com (Kenneth Downs)
Date: Tue, 09 Dec 2008 10:32:10 -0500
Subject: [nycphp-talk] Report with line breaks
In-Reply-To: <a304e2d60812090724g64b0da45k75a3df446a305862@mail.gmail.com>
References: <a304e2d60812081538t6d1b4d0yd0e49885bca8e686@mail.gmail.com>	<493E72C2.6040609@secdat.com>
	<a304e2d60812090724g64b0da45k75a3df446a305862@mail.gmail.com>
Message-ID: <493E8F7A.8040709@secdat.com>

N?stor wrote:
> But with PDF can you control page breaks? Page headings?

Yes and Yes.

>
> Is there a default number of lines per page? 

Determined by font size, line height and page size.

> When printing a cell in a table is there a way to tell how many lines 
> printing a cell will take
> because a cell can be 1 line or many.

This is a bitch.  FPDF can do this, but it becomes damn near impossible 
if you have more than one such entry in a row.  I put a lot of effort 
into it and finally decided it only works if there is one multi-line 
value and it is at the *end* of the line.

>
> I have create a report but the managers do not want part of a table 
> record in one page
> and part on another page

Also tough.

>
> Thanks,
>
> Nestor :-)
>
> On Tue, Dec 9, 2008 at 5:29 AM, Kenneth Downs <ken at secdat.com 
> <mailto:ken at secdat.com>> wrote:
>
>     N?stor wrote:
>>     When creating a report how do you guys handle line breaks?
>>     When printing a  table text table cell how do you do so that part of
>>     text is not on one page and part on another?
>>
>>     Thanks,
>
>     Have you tried fpdf (fpdf.org <http://fpdf.org>) to make things in
>     PDF format? 
>
>     I tried making HTML reports a few years ago and concluded the
>     support is simply not there to make it worthwhile, and went PDF
>     instead.
>
>>
>>     Nestor:-)
>>     ------------------------------------------------------------------------
>>     _______________________________________________ New York PHP User
>>     Group Community Talk Mailing List
>>     http://lists.nyphp.org/mailman/listinfo/talk
>>     http://www.nyphp.org/show_participation.php
>
>
>     -- 
>     Kenneth Downs
>     Secure Data Software, Inc.
>     www.secdat.com <http://www.secdat.com>    www.andromeda-project.org <http://www.andromeda-project.org>
>     631-689-7200   Fax: 631-689-0527
>     cell: 631-379-0010
>         
>
>
>     _______________________________________________
>     New York PHP User Group Community Talk Mailing List
>     http://lists.nyphp.org/mailman/listinfo/talk
>
>     http://www.nyphp.org/show_participation.php
>
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> New York PHP User Group Community Talk Mailing List
> http://lists.nyphp.org/mailman/listinfo/talk
>
> http://www.nyphp.org/show_participation.php


-- 
Kenneth Downs
Secure Data Software, Inc.
www.secdat.com    www.andromeda-project.org
631-689-7200   Fax: 631-689-0527
cell: 631-379-0010

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20081209/f5f46b4d/attachment.html>

From rotsen at gmail.com  Tue Dec  9 11:02:46 2008
From: rotsen at gmail.com (=?ISO-8859-1?Q?N=E9stor?=)
Date: Tue, 9 Dec 2008 08:02:46 -0800
Subject: [nycphp-talk] Report with line breaks
In-Reply-To: <493E8F7A.8040709@secdat.com>
References: <a304e2d60812081538t6d1b4d0yd0e49885bca8e686@mail.gmail.com>
	<493E72C2.6040609@secdat.com>
	<a304e2d60812090724g64b0da45k75a3df446a305862@mail.gmail.com>
	<493E8F7A.8040709@secdat.com>
Message-ID: <a304e2d60812090802h2d0d2843v1aa25243c194d72@mail.gmail.com>

Thanks to all for your answers.

I have been searching the internet and it seems that it is very hard to
create reports.

Thanks again,

Nestor :-)

On Tue, Dec 9, 2008 at 7:32 AM, Kenneth Downs <ken at secdat.com> wrote:

>  N?stor wrote:
>
> But with PDF can you control page breaks? Page headings?
>
>
> Yes and Yes.
>
>
> Is there a default number of lines per page?
>
>
> Determined by font size, line height and page size.
>
> When printing a cell in a table is there a way to tell how many lines
> printing a cell will take
> because a cell can be 1 line or many.
>
>
> This is a bitch.  FPDF can do this, but it becomes damn near impossible if
> you have more than one such entry in a row.  I put a lot of effort into it
> and finally decided it only works if there is one multi-line value and it is
> at the *end* of the line.
>
>
> I have create a report but the managers do not want part of a table record
> in one page
> and part on another page
>
>
> Also tough.
>
>
>
> Thanks,
>
> Nestor :-)
>
> On Tue, Dec 9, 2008 at 5:29 AM, Kenneth Downs <ken at secdat.com> wrote:
>
>>  N?stor wrote:
>>
>> When creating a report how do you guys handle line breaks?
>> When printing a  table text table cell how do you do so that part of
>> text is not on one page and part on another?
>>
>> Thanks,
>>
>>
>> Have you tried fpdf (fpdf.org) to make things in PDF format?
>>
>> I tried making HTML reports a few years ago and concluded the support is
>> simply not there to make it worthwhile, and went PDF instead.
>>
>>
>> Nestor:-)
>>
>> ------------------------------
>>
>> _______________________________________________
>> New York PHP User Group Community Talk Mailing Listhttp://lists.nyphp.org/mailman/listinfo/talk
>> http://www.nyphp.org/show_participation.php
>>
>>
>>
>> --
>> Kenneth Downs
>> Secure Data Software, Inc.www.secdat.com    www.andromeda-project.org
>> 631-689-7200   Fax: 631-689-0527
>> cell: 631-379-0010
>>
>>
>>
>> _______________________________________________
>> New York PHP User Group Community Talk Mailing List
>> http://lists.nyphp.org/mailman/listinfo/talk
>>
>> http://www.nyphp.org/show_participation.php
>>
>
> ------------------------------
>
> _______________________________________________
> New York PHP User Group Community Talk Mailing Listhttp://lists.nyphp.org/mailman/listinfo/talk
> http://www.nyphp.org/show_participation.php
>
>
>
> --
> Kenneth Downs
> Secure Data Software, Inc.www.secdat.com    www.andromeda-project.org
> 631-689-7200   Fax: 631-689-0527
> cell: 631-379-0010
>
>
> _______________________________________________
> New York PHP User Group Community Talk Mailing List
> http://lists.nyphp.org/mailman/listinfo/talk
>
> http://www.nyphp.org/show_participation.php
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20081209/44bd2871/attachment.html>

From tmpvar at gmail.com  Tue Dec  9 11:05:05 2008
From: tmpvar at gmail.com (Elijah Insua)
Date: Tue, 9 Dec 2008 11:05:05 -0500
Subject: [nycphp-talk] Report with line breaks
In-Reply-To: <a304e2d60812090802h2d0d2843v1aa25243c194d72@mail.gmail.com>
References: <a304e2d60812081538t6d1b4d0yd0e49885bca8e686@mail.gmail.com>
	<493E72C2.6040609@secdat.com>
	<a304e2d60812090724g64b0da45k75a3df446a305862@mail.gmail.com>
	<493E8F7A.8040709@secdat.com>
	<a304e2d60812090802h2d0d2843v1aa25243c194d72@mail.gmail.com>
Message-ID: <2b4feca10812090805v2b5ec379g112de10cac9328e8@mail.gmail.com>

dompdf?

On Tue, Dec 9, 2008 at 11:02 AM, N?stor <rotsen at gmail.com> wrote:

> Thanks to all for your answers.
>
> I have been searching the internet and it seems that it is very hard to
> create reports.
>
> Thanks again,
>
> Nestor :-)
>
>
> On Tue, Dec 9, 2008 at 7:32 AM, Kenneth Downs <ken at secdat.com> wrote:
>
>>  N?stor wrote:
>>
>> But with PDF can you control page breaks? Page headings?
>>
>>
>> Yes and Yes.
>>
>>
>> Is there a default number of lines per page?
>>
>>
>> Determined by font size, line height and page size.
>>
>> When printing a cell in a table is there a way to tell how many lines
>> printing a cell will take
>> because a cell can be 1 line or many.
>>
>>
>> This is a bitch.  FPDF can do this, but it becomes damn near impossible if
>> you have more than one such entry in a row.  I put a lot of effort into it
>> and finally decided it only works if there is one multi-line value and it is
>> at the *end* of the line.
>>
>>
>> I have create a report but the managers do not want part of a table record
>> in one page
>> and part on another page
>>
>>
>> Also tough.
>>
>>
>>
>> Thanks,
>>
>> Nestor :-)
>>
>> On Tue, Dec 9, 2008 at 5:29 AM, Kenneth Downs <ken at secdat.com> wrote:
>>
>>>  N?stor wrote:
>>>
>>> When creating a report how do you guys handle line breaks?
>>> When printing a  table text table cell how do you do so that part of
>>> text is not on one page and part on another?
>>>
>>> Thanks,
>>>
>>>
>>> Have you tried fpdf (fpdf.org) to make things in PDF format?
>>>
>>> I tried making HTML reports a few years ago and concluded the support is
>>> simply not there to make it worthwhile, and went PDF instead.
>>>
>>>
>>> Nestor:-)
>>>
>>> ------------------------------
>>>
>>> _______________________________________________
>>> New York PHP User Group Community Talk Mailing Listhttp://lists.nyphp.org/mailman/listinfo/talk
>>> http://www.nyphp.org/show_participation.php
>>>
>>>
>>>
>>> --
>>> Kenneth Downs
>>> Secure Data Software, Inc.www.secdat.com    www.andromeda-project.org
>>> 631-689-7200   Fax: 631-689-0527
>>> cell: 631-379-0010
>>>
>>>
>>>
>>> _______________________________________________
>>> New York PHP User Group Community Talk Mailing List
>>> http://lists.nyphp.org/mailman/listinfo/talk
>>>
>>> http://www.nyphp.org/show_participation.php
>>>
>>
>> ------------------------------
>>
>> _______________________________________________
>> New York PHP User Group Community Talk Mailing Listhttp://lists.nyphp.org/mailman/listinfo/talk
>> http://www.nyphp.org/show_participation.php
>>
>>
>>
>> --
>> Kenneth Downs
>> Secure Data Software, Inc.www.secdat.com    www.andromeda-project.org
>> 631-689-7200   Fax: 631-689-0527
>> cell: 631-379-0010
>>
>>
>> _______________________________________________
>> New York PHP User Group Community Talk Mailing List
>> http://lists.nyphp.org/mailman/listinfo/talk
>>
>> http://www.nyphp.org/show_participation.php
>>
>
>
> _______________________________________________
> New York PHP User Group Community Talk Mailing List
> http://lists.nyphp.org/mailman/listinfo/talk
>
> http://www.nyphp.org/show_participation.php
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20081209/7390cd33/attachment.html>

From fgabrieli at gmail.com  Tue Dec  9 13:02:28 2008
From: fgabrieli at gmail.com (Fernando Gabrieli)
Date: Tue, 9 Dec 2008 15:02:28 -0300
Subject: [nycphp-talk] Report with line breaks
In-Reply-To: <a304e2d60812090802h2d0d2843v1aa25243c194d72@mail.gmail.com>
References: <a304e2d60812081538t6d1b4d0yd0e49885bca8e686@mail.gmail.com>
	<493E72C2.6040609@secdat.com>
	<a304e2d60812090724g64b0da45k75a3df446a305862@mail.gmail.com>
	<493E8F7A.8040709@secdat.com>
	<a304e2d60812090802h2d0d2843v1aa25243c194d72@mail.gmail.com>
Message-ID: <be1d525a0812091002y256dc040j5b9dcd721c00b943@mail.gmail.com>

Nestor,  you could use html2pdf which will let you create all the code in
HTML and then export it as a PDF, a line break is just adding a <br>

or dompdf as someone suggested before, but i think that the 2nd has no more
support (i read so in the forums at sf.net some months ago)


On Tue, Dec 9, 2008 at 1:02 PM, N?stor <rotsen at gmail.com> wrote:

> Thanks to all for your answers.
>
> I have been searching the internet and it seems that it is very hard to
> create reports.
>
> Thanks again,
>
> Nestor :-)
>
>
> On Tue, Dec 9, 2008 at 7:32 AM, Kenneth Downs <ken at secdat.com> wrote:
>
>>  N?stor wrote:
>>
>> But with PDF can you control page breaks? Page headings?
>>
>>
>> Yes and Yes.
>>
>>
>> Is there a default number of lines per page?
>>
>>
>> Determined by font size, line height and page size.
>>
>> When printing a cell in a table is there a way to tell how many lines
>> printing a cell will take
>> because a cell can be 1 line or many.
>>
>>
>> This is a bitch.  FPDF can do this, but it becomes damn near impossible if
>> you have more than one such entry in a row.  I put a lot of effort into it
>> and finally decided it only works if there is one multi-line value and it is
>> at the *end* of the line.
>>
>>
>> I have create a report but the managers do not want part of a table record
>> in one page
>> and part on another page
>>
>>
>> Also tough.
>>
>>
>>
>> Thanks,
>>
>> Nestor :-)
>>
>> On Tue, Dec 9, 2008 at 5:29 AM, Kenneth Downs <ken at secdat.com> wrote:
>>
>>>  N?stor wrote:
>>>
>>> When creating a report how do you guys handle line breaks?
>>> When printing a  table text table cell how do you do so that part of
>>> text is not on one page and part on another?
>>>
>>> Thanks,
>>>
>>>
>>> Have you tried fpdf (fpdf.org) to make things in PDF format?
>>>
>>> I tried making HTML reports a few years ago and concluded the support is
>>> simply not there to make it worthwhile, and went PDF instead.
>>>
>>>
>>> Nestor:-)
>>>
>>> ------------------------------
>>>
>>> _______________________________________________
>>> New York PHP User Group Community Talk Mailing Listhttp://lists.nyphp.org/mailman/listinfo/talk
>>> http://www.nyphp.org/show_participation.php
>>>
>>>
>>>
>>> --
>>> Kenneth Downs
>>> Secure Data Software, Inc.www.secdat.com    www.andromeda-project.org
>>> 631-689-7200   Fax: 631-689-0527
>>> cell: 631-379-0010
>>>
>>>
>>>
>>> _______________________________________________
>>> New York PHP User Group Community Talk Mailing List
>>> http://lists.nyphp.org/mailman/listinfo/talk
>>>
>>> http://www.nyphp.org/show_participation.php
>>>
>>
>> ------------------------------
>>
>> _______________________________________________
>> New York PHP User Group Community Talk Mailing Listhttp://lists.nyphp.org/mailman/listinfo/talk
>> http://www.nyphp.org/show_participation.php
>>
>>
>>
>> --
>> Kenneth Downs
>> Secure Data Software, Inc.www.secdat.com    www.andromeda-project.org
>> 631-689-7200   Fax: 631-689-0527
>> cell: 631-379-0010
>>
>>
>> _______________________________________________
>> New York PHP User Group Community Talk Mailing List
>> http://lists.nyphp.org/mailman/listinfo/talk
>>
>> http://www.nyphp.org/show_participation.php
>>
>
>
> _______________________________________________
> New York PHP User Group Community Talk Mailing List
> http://lists.nyphp.org/mailman/listinfo/talk
>
> http://www.nyphp.org/show_participation.php
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20081209/47249cdd/attachment.html>

From rolan at omnistep.com  Tue Dec  9 14:15:31 2008
From: rolan at omnistep.com (Rolan Yang)
Date: Tue, 09 Dec 2008 14:15:31 -0500
Subject: [nycphp-talk] reports/graphs realtime mashups
Message-ID: <493EC3D3.3060902@omnistep.com>

This is somewhat, but not completely related to the "Report with line 
breaks" thread.

I discovered yesterday that Google spreadsheets allows importing 
external data into the tables with the "=importData(URL)" function. 
Thought it would be cool to import some weather and home automation data 
which I am store on my home server.

Here's a small mashup which I threw together this morning that displays 
real time usage of my home furnace and the outside temperature.

http://www.omnistep.com/furnacemonitor/

Runs off linux,apache,php,mysql,google spreadsheets & gadgets.
There are links to source and component info in case you are interested 
in how it works.

It was surprisingly easy to throw together graphs and reports with 
google apps+gadgets. The only issue I might have with using this in 
"real" production is the passing of proprietary company data over Google 
(and possibly third party) networks and also the fact that running large 
dataset apps with javascript can turn a Pentium x GHz computer into what 
seems like a 386sx running Windows 3.1 (occasional freezing and crashing 
is expected).

~Rolan


From david at davidmintz.org  Tue Dec  9 15:30:05 2008
From: david at davidmintz.org (David Mintz)
Date: Tue, 9 Dec 2008 15:30:05 -0500
Subject: [nycphp-talk] Ajax UI, where to display a detailed view of a record
Message-ID: <721f1cc50812091230y198f3751qf5a3a99803ad1f9c@mail.gmail.com>

Working on a page that gives the user the ability to do some sophisticated
searching of a database. I do an Ajax request, display the query resullts in
a table and add an event handler to the 'click' event on each row so that a
tooltip/context menu pops up for the user to do various actions with that
row of data. One of those actions is "view details" -- zoom in to see more.
The decision to be made is, should this view

(a)  pop up in a new window (or tab, if the user's browser is set to do
that) so that the state of the form that did the search will stay intact if
they decide to go back, even though it adds some clutter their workspace? or

 (b) appear in the current window, even though it means if they hit their
back button they will have to start over with their search parameters? or

(c) do something else? e.g., me go to the trouble of saving their search
parameters in the session and restoring the form state from session,
whenever such exists?

Just wondering how you folks approach this not-uncommon problem in the age
of Web 2.0



-- 
David Mintz
http://davidmintz.org/

The subtle source is clear and bright
The tributary streams flow through the darkness
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20081209/b9e90dbc/attachment.html>

From codebowl at gmail.com  Tue Dec  9 15:33:34 2008
From: codebowl at gmail.com (Joseph Crawford)
Date: Tue, 9 Dec 2008 15:33:34 -0500
Subject: [nycphp-talk] Ajax UI,
	where to display a detailed view of a record
In-Reply-To: <721f1cc50812091230y198f3751qf5a3a99803ad1f9c@mail.gmail.com>
References: <721f1cc50812091230y198f3751qf5a3a99803ad1f9c@mail.gmail.com>
Message-ID: <68053B6A-3AFF-4274-BEC9-8A74C12FE034@gmail.com>

I have always liked the way that ebay motors allows you to search, it  
uses a sidebar and then allows you to remove items by clicking an X

Another method may be that of how politics.com does the login screen  
using a modal div that greys out the background page.

Joseph Crawford

On Dec 9, 2008, at 3:30 PM, David Mintz wrote:

> Working on a page that gives the user the ability to do some  
> sophisticated searching of a database. I do an Ajax request, display  
> the query resullts in a table and add an event handler to the  
> 'click' event on each row so that a tooltip/context menu pops up for  
> the user to do various actions with that row of data. One of those  
> actions is "view details" -- zoom in to see more. The decision to be  
> made is, should this view
>
> (a)  pop up in a new window (or tab, if the user's browser is set to  
> do that) so that the state of the form that did the search will stay  
> intact if they decide to go back, even though it adds some clutter  
> their workspace? or
>
>  (b) appear in the current window, even though it means if they hit  
> their back button they will have to start over with their search  
> parameters? or
>
> (c) do something else? e.g., me go to the trouble of saving their  
> search parameters in the session and restoring the form state from  
> session, whenever such exists?
>
> Just wondering how you folks approach this not-uncommon problem in  
> the age of Web 2.0
>
>
>
> -- 
> David Mintz
> http://davidmintz.org/
>
> The subtle source is clear and bright
> The tributary streams flow through the darkness
> _______________________________________________
> New York PHP User Group Community Talk Mailing List
> http://lists.nyphp.org/mailman/listinfo/talk
>
> http://www.nyphp.org/show_participation.php

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20081209/696c94f2/attachment.html>

From tim_lists at o2group.com  Tue Dec  9 15:37:46 2008
From: tim_lists at o2group.com (Tim Lieberman)
Date: Tue, 9 Dec 2008 15:37:46 -0500
Subject: [nycphp-talk] Ajax UI,
	where to display a detailed view of a record
In-Reply-To: <721f1cc50812091230y198f3751qf5a3a99803ad1f9c@mail.gmail.com>
References: <721f1cc50812091230y198f3751qf5a3a99803ad1f9c@mail.gmail.com>
Message-ID: <A1F5BED9-C771-4A9E-BBC2-9340286ABED9@o2group.com>

Display the record in a (possibly modal) float-div-type window.

Most of the major javascript libraries do this out-of-the-box or with  
some kind of UI plug-in.

Or it might make more sense to do some kind of border-layout with  
three panes.  A Search Form pane, a search results pane, and a detail  
pane.

-Tim

On Dec 9, 2008, at 3:30 PM, David Mintz wrote:

> Working on a page that gives the user the ability to do some  
> sophisticated searching of a database. I do an Ajax request, display  
> the query resullts in a table and add an event handler to the  
> 'click' event on each row so that a tooltip/context menu pops up for  
> the user to do various actions with that row of data. One of those  
> actions is "view details" -- zoom in to see more. The decision to be  
> made is, should this view
>
> (a)  pop up in a new window (or tab, if the user's browser is set to  
> do that) so that the state of the form that did the search will stay  
> intact if they decide to go back, even though it adds some clutter  
> their workspace? or
>
>  (b) appear in the current window, even though it means if they hit  
> their back button they will have to start over with their search  
> parameters? or
>
> (c) do something else? e.g., me go to the trouble of saving their  
> search parameters in the session and restoring the form state from  
> session, whenever such exists?
>
> Just wondering how you folks approach this not-uncommon problem in  
> the age of Web 2.0
>
>
>
> -- 
> David Mintz
> http://davidmintz.org/
>
> The subtle source is clear and bright
> The tributary streams flow through the darkness
> _______________________________________________
> New York PHP User Group Community Talk Mailing List
> http://lists.nyphp.org/mailman/listinfo/talk
>
> http://www.nyphp.org/show_participation.php



From jcampbell1 at gmail.com  Tue Dec  9 16:27:47 2008
From: jcampbell1 at gmail.com (John Campbell)
Date: Tue, 9 Dec 2008 16:27:47 -0500
Subject: [nycphp-talk] Ajax UI,
	where to display a detailed view of a record
In-Reply-To: <721f1cc50812091230y198f3751qf5a3a99803ad1f9c@mail.gmail.com>
References: <721f1cc50812091230y198f3751qf5a3a99803ad1f9c@mail.gmail.com>
Message-ID: <8f0676b40812091327h333596f1tf768d386fecd91f3@mail.gmail.com>

I would use a modal dialog or append the content below the record and
slide down the new content.

-John C.


From smanes at magpie.com  Tue Dec  9 16:31:28 2008
From: smanes at magpie.com (Steve Manes)
Date: Tue, 09 Dec 2008 16:31:28 -0500
Subject: [nycphp-talk] Ajax UI,
	where to display a detailed view of a record
In-Reply-To: <721f1cc50812091230y198f3751qf5a3a99803ad1f9c@mail.gmail.com>
References: <721f1cc50812091230y198f3751qf5a3a99803ad1f9c@mail.gmail.com>
Message-ID: <493EE3B0.9080109@magpie.com>

David Mintz wrote:
> Just wondering how you folks approach this not-uncommon problem in the 
> age of Web 2.0

A client had a similar requirement so so I built him something like this:

https://www.directv.com/DTVAPP/listing/dodMovies.jsp?category=All

My stuff runs on a protected server but you get the general idea.  You 
can do it a couple of ways, either by stuffing the extra data in a 
hidden DIV when you generate the results table or by making an Ajax call 
to populate the DIV when you make the display:none -> display:block call.


From corey at gelform.com  Tue Dec  9 16:34:59 2008
From: corey at gelform.com (Corey H Maass - gelform.com)
Date: Tue, 09 Dec 2008 16:34:59 -0500
Subject: [nycphp-talk] Ajax UI,
 where to display a detailed view of a record
In-Reply-To: <8f0676b40812091327h333596f1tf768d386fecd91f3@mail.gmail.com>
References: <721f1cc50812091230y198f3751qf5a3a99803ad1f9c@mail.gmail.com>
	<8f0676b40812091327h333596f1tf768d386fecd91f3@mail.gmail.com>
Message-ID: <1228858499.6115.1289176997@webmail.messagingengine.com>

As a Front End guy, another vote for this. And a general nudge for using
thickbox.
http://jquery.com/demo/thickbox/
We use it all the time. I consider it the best implementation of the
modal window.


On Tue, 9 Dec 2008 16:27:47 -0500, "John Campbell"
<jcampbell1 at gmail.com> said:
> I would use a modal dialog or append the content below the record and
> slide down the new content.
> 
> -John C.
> _______________________________________________
> New York PHP User Group Community Talk Mailing List
> http://lists.nyphp.org/mailman/listinfo/talk
> 
> http://www.nyphp.org/show_participation.php

//
Corey H Maass
Gelform Design
Brooklyn, NY
Print and web design for art and business

em corey at gelform.com
ww http://www.gelform.com
ph 646/228.5048
fx 866/502.4861
IM gelform



From david at davidmintz.org  Tue Dec  9 17:19:59 2008
From: david at davidmintz.org (David Mintz)
Date: Tue, 9 Dec 2008 17:19:59 -0500
Subject: [nycphp-talk] Ajax UI,
	where to display a detailed view of a record
In-Reply-To: <1228858499.6115.1289176997@webmail.messagingengine.com>
References: <721f1cc50812091230y198f3751qf5a3a99803ad1f9c@mail.gmail.com>
	<8f0676b40812091327h333596f1tf768d386fecd91f3@mail.gmail.com>
	<1228858499.6115.1289176997@webmail.messagingengine.com>
Message-ID: <721f1cc50812091419w2d697255hdc51f6f6e147f4d7@mail.gmail.com>

My thanks to everybody. Modal div sounds like a nice idea. I am already
using Prototype so I think I will look for an implementation based on it
rather than JQuery.

On Tue, Dec 9, 2008 at 4:34 PM, Corey H Maass - gelform.com <
corey at gelform.com> wrote:

> As a Front End guy, another vote for this. And a general nudge for using
> thickbox.
> http://jquery.com/demo/thickbox/
> We use it all the time. I consider it the best implementation of the
> modal window.
>
>
> On Tue, 9 Dec 2008 16:27:47 -0500, "John Campbell"
> <jcampbell1 at gmail.com> said:
> > I would use a modal dialog or append the content below the record and
> > slide down the new content.
> >
> > -John C.
>
>


-- 
David Mintz
http://davidmintz.org/

The subtle source is clear and bright
The tributary streams flow through the darkness
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20081209/14720d0a/attachment.html>

From felix.shnir at gmail.com  Tue Dec  9 17:22:34 2008
From: felix.shnir at gmail.com (Felix Shnir)
Date: Tue, 9 Dec 2008 17:22:34 -0500
Subject: [nycphp-talk] Ajax UI,
	where to display a detailed view of a record
In-Reply-To: <721f1cc50812091419w2d697255hdc51f6f6e147f4d7@mail.gmail.com>
References: <721f1cc50812091230y198f3751qf5a3a99803ad1f9c@mail.gmail.com>
	<8f0676b40812091327h333596f1tf768d386fecd91f3@mail.gmail.com>
	<1228858499.6115.1289176997@webmail.messagingengine.com>
	<721f1cc50812091419w2d697255hdc51f6f6e147f4d7@mail.gmail.com>
Message-ID: <ee3adaa10812091422n19c03cdei8d2c5acf11872d73@mail.gmail.com>

Then look no further than this: http://prototype-ui.com/


On Tue, Dec 9, 2008 at 5:19 PM, David Mintz <david at davidmintz.org> wrote:

> My thanks to everybody. Modal div sounds like a nice idea. I am already
> using Prototype so I think I will look for an implementation based on it
> rather than JQuery.
>
> On Tue, Dec 9, 2008 at 4:34 PM, Corey H Maass - gelform.com <
> corey at gelform.com> wrote:
>
>> As a Front End guy, another vote for this. And a general nudge for using
>> thickbox.
>> http://jquery.com/demo/thickbox/
>> We use it all the time. I consider it the best implementation of the
>> modal window.
>>
>>
>> On Tue, 9 Dec 2008 16:27:47 -0500, "John Campbell"
>> <jcampbell1 at gmail.com> said:
>> > I would use a modal dialog or append the content below the record and
>> > slide down the new content.
>> >
>> > -John C.
>>
>>
>
>
> --
> David Mintz
> http://davidmintz.org/
>
> The subtle source is clear and bright
> The tributary streams flow through the darkness
>
> _______________________________________________
> New York PHP User Group Community Talk Mailing List
> http://lists.nyphp.org/mailman/listinfo/talk
>
> http://www.nyphp.org/show_participation.php
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20081209/3a251b55/attachment.html>

From david at davidmintz.org  Tue Dec  9 17:37:52 2008
From: david at davidmintz.org (David Mintz)
Date: Tue, 9 Dec 2008 17:37:52 -0500
Subject: [nycphp-talk] Ajax UI,
	where to display a detailed view of a record
In-Reply-To: <ee3adaa10812091422n19c03cdei8d2c5acf11872d73@mail.gmail.com>
References: <721f1cc50812091230y198f3751qf5a3a99803ad1f9c@mail.gmail.com>
	<8f0676b40812091327h333596f1tf768d386fecd91f3@mail.gmail.com>
	<1228858499.6115.1289176997@webmail.messagingengine.com>
	<721f1cc50812091419w2d697255hdc51f6f6e147f4d7@mail.gmail.com>
	<ee3adaa10812091422n19c03cdei8d2c5acf11872d73@mail.gmail.com>
Message-ID: <721f1cc50812091437s2f0459b2ofe2dedca166a1c5a@mail.gmail.com>

On Tue, Dec 9, 2008 at 5:22 PM, Felix Shnir <felix.shnir at gmail.com> wrote:

> Then look no further than this: http://prototype-ui.com/
>
>
> On Tue, Dec 9, 2008 at 5:19 PM, David Mintz <david at davidmintz.org> wrote:
>
>> My thanks to everybody. Modal div sounds like a nice idea. I am already
>> using Prototype so I think I will look for an implementation based on it
>> rather than JQuery.
>>
>>
Oooooh, looks tasty. I was justing starting at
http://livepipe.net/control/window but http://prototype-ui.com/ looks
simpler to use. And I really like simple.

-- 
David Mintz
http://davidmintz.org/

The subtle source is clear and bright
The tributary streams flow through the darkness
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20081209/09931159/attachment.html>

From david at davidmintz.org  Tue Dec  9 17:38:22 2008
From: david at davidmintz.org (David Mintz)
Date: Tue, 9 Dec 2008 17:38:22 -0500
Subject: [nycphp-talk] Ajax UI,
	where to display a detailed view of a record
In-Reply-To: <721f1cc50812091437s2f0459b2ofe2dedca166a1c5a@mail.gmail.com>
References: <721f1cc50812091230y198f3751qf5a3a99803ad1f9c@mail.gmail.com>
	<8f0676b40812091327h333596f1tf768d386fecd91f3@mail.gmail.com>
	<1228858499.6115.1289176997@webmail.messagingengine.com>
	<721f1cc50812091419w2d697255hdc51f6f6e147f4d7@mail.gmail.com>
	<ee3adaa10812091422n19c03cdei8d2c5acf11872d73@mail.gmail.com>
	<721f1cc50812091437s2f0459b2ofe2dedca166a1c5a@mail.gmail.com>
Message-ID: <721f1cc50812091438i215648acs24f0c28bdcc872af@mail.gmail.com>

On Tue, Dec 9, 2008 at 5:37 PM, David Mintz <david at davidmintz.org> wrote:

>
>
> On Tue, Dec 9, 2008 at 5:22 PM, Felix Shnir <felix.shnir at gmail.com> wrote:
>
>> Then look no further than this: http://prototype-ui.com/
>>
>>
>> On Tue, Dec 9, 2008 at 5:19 PM, David Mintz <david at davidmintz.org> wrote:
>>
>>> My thanks to everybody. Modal div sounds like a nice idea. I am already
>>> using Prototype so I think I will look for an implementation based on it
>>> rather than JQuery.
>>>
>>>
> Oooooh, looks tasty. I was justing starting at
> http://livepipe.net/control/window but http://prototype-ui.com/ looks
> simpler to use. And I really like simple.
>
>

Excuse me, I meant "staring at..."

-- 
David Mintz
http://davidmintz.org/

The subtle source is clear and bright
The tributary streams flow through the darkness
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20081209/a5c80886/attachment.html>

From greg.rundlett at gmail.com  Tue Dec  9 17:46:24 2008
From: greg.rundlett at gmail.com (Greg Rundlett)
Date: Tue, 9 Dec 2008 17:46:24 -0500
Subject: [nycphp-talk] Ajax UI,
	where to display a detailed view of a record
In-Reply-To: <721f1cc50812091438i215648acs24f0c28bdcc872af@mail.gmail.com>
References: <721f1cc50812091230y198f3751qf5a3a99803ad1f9c@mail.gmail.com>
	<721f1cc50812091437s2f0459b2ofe2dedca166a1c5a@mail.gmail.com>
	<721f1cc50812091438i215648acs24f0c28bdcc872af@mail.gmail.com>
Message-ID: <200812091746.25036.Greg_Rundlett@harvard.edu>

On Tuesday 09 December 2008 17:38:22 David Mintz wrote:
> On Tue, Dec 9, 2008 at 5:37 PM, David Mintz <david at davidmintz.org> wrote:
> > On Tue, Dec 9, 2008 at 5:22 PM, Felix Shnir <felix.shnir at gmail.com> wrote:
> >> Then look no further than this: http://prototype-ui.com/
> >>
> >> On Tue, Dec 9, 2008 at 5:19 PM, David Mintz <david at davidmintz.org> wrote:
> >>> My thanks to everybody. Modal div sounds like a nice idea. I am already
> >>> using Prototype so I think I will look for an implementation based on
> >>> it rather than JQuery.
> >
> > Oooooh, looks tasty. I was justing starting at
> > http://livepipe.net/control/window but http://prototype-ui.com/ looks
> > simpler to use. And I really like simple.
>
> Excuse me, I meant "staring at..."
Maybe 
http://ui.jquery.com/
will convince you to use JQuery :-)

Using multiple libraries got you down?  With the Google AJAX Libraries API, it 
makes it easy to use libraries without actually installing and maintaining the 
library infrastructure locally -- with some other benefits like opening the 
possibility that the user already has the library cached.

http://code.google.com/apis/ajaxlibs/

-- 
Greg Rundlett
Web Developer - Initiative in Innovative Computing
http://iic.harvard.edu
m. 978-764-4424
o. 978-225-8302
skype/aim/irc/twitter freephile
http://profiles.aim.com/freephile


From mitch.pirtle at gmail.com  Wed Dec 10 08:21:58 2008
From: mitch.pirtle at gmail.com (Mitch Pirtle)
Date: Wed, 10 Dec 2008 08:21:58 -0500
Subject: [nycphp-talk] Poll on presentation topic
Message-ID: <330532b60812100521w26e797daud79d9bc56cc90a3f@mail.gmail.com>

Hi everyone,

Been discussing with one of the many Hanses about a possible
presentation in 2009, and would like to know which topics would be of
most interest to you:

* The standard Joomla update
* Experiences learned implementing a massive traffic site for MTV
* Integrating your site with KickApps for rich, hosted social media
functionality

DISCLAIMERS: I'm a founder of Joomla, and seem to give a yearly
presentation on what is happening with that project. I'm also VP
Developer Relations at KickApps, and have done a lot of integration
with Joomla, Drupal and Wordpress since they are such an open company
;-)

-- Mitch


From david at davidmintz.org  Wed Dec 10 09:14:00 2008
From: david at davidmintz.org (David Mintz)
Date: Wed, 10 Dec 2008 09:14:00 -0500
Subject: [nycphp-talk] Ajax UI,
	where to display a detailed view of a record
In-Reply-To: <ee3adaa10812091422n19c03cdei8d2c5acf11872d73@mail.gmail.com>
References: <721f1cc50812091230y198f3751qf5a3a99803ad1f9c@mail.gmail.com>
	<8f0676b40812091327h333596f1tf768d386fecd91f3@mail.gmail.com>
	<1228858499.6115.1289176997@webmail.messagingengine.com>
	<721f1cc50812091419w2d697255hdc51f6f6e147f4d7@mail.gmail.com>
	<ee3adaa10812091422n19c03cdei8d2c5acf11872d73@mail.gmail.com>
Message-ID: <721f1cc50812100614q44ad7666tbf2191cfcc3b28f4@mail.gmail.com>

On Tue, Dec 9, 2008 at 5:22 PM, Felix Shnir <felix.shnir at gmail.com> wrote:

> Then look no further than this: http://prototype-ui.com/
>
>
Are you using this in production? Seems they recommend that we don't.

-- 
David Mintz
http://davidmintz.org/

The subtle source is clear and bright
The tributary streams flow through the darkness
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20081210/593e76e8/attachment.html>

From leam at reuel.net  Wed Dec 10 10:17:07 2008
From: leam at reuel.net (Leam Hall)
Date: Wed, 10 Dec 2008 10:17:07 -0500
Subject: [nycphp-talk] Poll on presentation topic
In-Reply-To: <330532b60812100521w26e797daud79d9bc56cc90a3f@mail.gmail.com>
References: <330532b60812100521w26e797daud79d9bc56cc90a3f@mail.gmail.com>
Message-ID: <1228922227.4502.13.camel@leam>

Yes.  :P

Leam

On Wed, 2008-12-10 at 08:21 -0500, Mitch Pirtle wrote:
> Hi everyone,
> 
> Been discussing with one of the many Hanses about a possible
> presentation in 2009, and would like to know which topics would be of
> most interest to you:
> 
> * The standard Joomla update
> * Experiences learned implementing a massive traffic site for MTV
> * Integrating your site with KickApps for rich, hosted social media
> functionality
> 
> DISCLAIMERS: I'm a founder of Joomla, and seem to give a yearly
> presentation on what is happening with that project. I'm also VP
> Developer Relations at KickApps, and have done a lot of integration
> with Joomla, Drupal and Wordpress since they are such an open company
> ;-)
> 
> -- Mitch
> _______________________________________________
> New York PHP User Group Community Talk Mailing List
> http://lists.nyphp.org/mailman/listinfo/talk
> 
> http://www.nyphp.org/show_participation.php



From danielc at analysisandsolutions.com  Wed Dec 10 11:25:32 2008
From: danielc at analysisandsolutions.com (Daniel Convissor)
Date: Wed, 10 Dec 2008 11:25:32 -0500
Subject: [nycphp-talk] security & google ajax lib (was: Ajax UI...)
In-Reply-To: <200812091746.25036.Greg_Rundlett@harvard.edu>
References: <721f1cc50812091230y198f3751qf5a3a99803ad1f9c@mail.gmail.com>
	<721f1cc50812091437s2f0459b2ofe2dedca166a1c5a@mail.gmail.com>
	<721f1cc50812091438i215648acs24f0c28bdcc872af@mail.gmail.com>
	<200812091746.25036.Greg_Rundlett@harvard.edu>
Message-ID: <20081210162532.GA10591@panix.com>

Hi Greg:

On Tue, Dec 09, 2008 at 05:46:24PM -0500, Greg Rundlett wrote:
> 
> Using multiple libraries got you down?  
> With the Google AJAX Libraries API, it 
> makes it easy to use libraries without actually installing and 
> maintaining the
> library infrastructure locally

Interesting.  I'm wondering what the security implications of this are.

Also there's the issue of giving Google even more data about browsing 
habits.

Finally, there are folks like myself that use Firefox's No Script add on 
that allows me to limit which domains can load JavaScript in my browser.  
I tend to not allow sites other than the one I'm looking at to run JS.

--Dan

-- 
 T H E   A N A L Y S I S   A N D   S O L U T I O N S   C O M P A N Y
            data intensive web and database programming
                http://www.AnalysisAndSolutions.com/
 4015 7th Ave #4, Brooklyn NY 11232  v: 718-854-0335 f: 718-854-0409


From danielc at analysisandsolutions.com  Wed Dec 10 11:32:40 2008
From: danielc at analysisandsolutions.com (Daniel Convissor)
Date: Wed, 10 Dec 2008 11:32:40 -0500
Subject: [nycphp-talk] Poll on presentation topic
In-Reply-To: <330532b60812100521w26e797daud79d9bc56cc90a3f@mail.gmail.com>
References: <330532b60812100521w26e797daud79d9bc56cc90a3f@mail.gmail.com>
Message-ID: <20081210163240.GB10591@panix.com>

Hey Mitch:

> * Experiences learned implementing a massive traffic site for MTV

This piques my interest.

--Dan

-- 
 T H E   A N A L Y S I S   A N D   S O L U T I O N S   C O M P A N Y
            data intensive web and database programming
                http://www.AnalysisAndSolutions.com/
 4015 7th Ave #4, Brooklyn NY 11232  v: 718-854-0335 f: 718-854-0409


From fgabrieli at gmail.com  Wed Dec 10 11:43:55 2008
From: fgabrieli at gmail.com (Fernando Gabrieli)
Date: Wed, 10 Dec 2008 13:43:55 -0300
Subject: [nycphp-talk] Poll on presentation topic
In-Reply-To: <20081210163240.GB10591@panix.com>
References: <330532b60812100521w26e797daud79d9bc56cc90a3f@mail.gmail.com>
	<20081210163240.GB10591@panix.com>
Message-ID: <be1d525a0812100843h3c3b4942r3b4dd5e2efdf8ba0@mail.gmail.com>

* Experiences learned implementing a massive traffic site for MTV

it would be excellent to have a video of the conference to see it online too


On Wed, Dec 10, 2008 at 1:32 PM, Daniel Convissor <
danielc at analysisandsolutions.com> wrote:

> Hey Mitch:
>
> > * Experiences learned implementing a massive traffic site for MTV
>
> This piques my interest.
>
> --Dan
>
> --
>  T H E   A N A L Y S I S   A N D   S O L U T I O N S   C O M P A N Y
>            data intensive web and database programming
>                http://www.AnalysisAndSolutions.com/
>  4015 7th Ave #4, Brooklyn NY 11232  v: 718-854-0335 f: 718-854-0409
> _______________________________________________
> New York PHP User Group Community Talk Mailing List
> http://lists.nyphp.org/mailman/listinfo/talk
>
> http://www.nyphp.org/show_participation.php
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20081210/d634aad4/attachment.html>

From greg.rundlett at gmail.com  Wed Dec 10 12:30:24 2008
From: greg.rundlett at gmail.com (Greg Rundlett)
Date: Wed, 10 Dec 2008 12:30:24 -0500
Subject: [nycphp-talk] security & google ajax lib (was: Ajax UI...)
In-Reply-To: <20081210162532.GA10591@panix.com>
References: <721f1cc50812091230y198f3751qf5a3a99803ad1f9c@mail.gmail.com>
	<200812091746.25036.Greg_Rundlett@harvard.edu>
	<20081210162532.GA10591@panix.com>
Message-ID: <200812101230.24610.Greg_Rundlett@harvard.edu>

On Wednesday 10 December 2008 11:25:32 Daniel Convissor wrote:
> Hi Greg:
>
> On Tue, Dec 09, 2008 at 05:46:24PM -0500, Greg Rundlett wrote:
> > Using multiple libraries got you down?
> > With the Google AJAX Libraries API, it
> > makes it easy to use libraries without actually installing and
> > maintaining the
> > library infrastructure locally
>
> Interesting.  I'm wondering what the security implications of this are.
>
> Also there's the issue of giving Google even more data about browsing
> habits.
>
> Finally, there are folks like myself that use Firefox's No Script add on
> that allows me to limit which domains can load JavaScript in my browser.
> I tend to not allow sites other than the one I'm looking at to run JS.
>
> --Dan

Thanks for the counterpoints Dan,  

I agree with you and use NoScript too.  Google's AJAX Libraries can be 
convenient, but like everything, there are drawbacks to consider.

-- 
Greg Rundlett
Web Developer - Initiative in Innovative Computing
http://iic.harvard.edu
m. 978-764-4424
o. 978-225-8302
skype/aim/irc/twitter freephile
http://profiles.aim.com/freephile


From chsnyder at gmail.com  Wed Dec 10 12:32:31 2008
From: chsnyder at gmail.com (csnyder)
Date: Wed, 10 Dec 2008 12:32:31 -0500
Subject: [nycphp-talk] security & google ajax lib (was: Ajax UI...)
In-Reply-To: <20081210162532.GA10591@panix.com>
References: <721f1cc50812091230y198f3751qf5a3a99803ad1f9c@mail.gmail.com>
	<721f1cc50812091437s2f0459b2ofe2dedca166a1c5a@mail.gmail.com>
	<721f1cc50812091438i215648acs24f0c28bdcc872af@mail.gmail.com>
	<200812091746.25036.Greg_Rundlett@harvard.edu>
	<20081210162532.GA10591@panix.com>
Message-ID: <b76252690812100932x224a73afoc7eaad83f88bfe95@mail.gmail.com>

On Wed, Dec 10, 2008 at 11:25 AM, Daniel Convissor
<danielc at analysisandsolutions.com> wrote:
> Hi Greg:
>
> On Tue, Dec 09, 2008 at 05:46:24PM -0500, Greg Rundlett wrote:
>>
>> Using multiple libraries got you down?
>> With the Google AJAX Libraries API, it
>> makes it easy to use libraries without actually installing and
>> maintaining the
>> library infrastructure locally
>
> Interesting.  I'm wondering what the security implications of this are.
>
> Also there's the issue of giving Google even more data about browsing
> habits.
>
> Finally, there are folks like myself that use Firefox's No Script add on
> that allows me to limit which domains can load JavaScript in my browser.
> I tend to not allow sites other than the one I'm looking at to run JS.
>
> --Dan

You pretty much nailed it, Dan. In exchange for convenience, you let
Google own your users' browsing habits.

I'm not so concerned about security -- I think it would be incredibly
embarrassing to Google if one of those hosted javascripts got
compromised -- but I do would worry about application breakage should
Google update to a newer version of a library, or delete an old, buggy
version.

And agreed wrt NoScript. On the other hand, it should be safe to allow
those scripts... see potential embarrassment to Google if any of those
hosted libs contains trojan code. One hopes they have part of the
brain trust actually looking at the scripts before committing them to
the global Googlescape.

Chris Snyder
http://chxor.chxo.com/


From david at davidmintz.org  Wed Dec 10 14:51:08 2008
From: david at davidmintz.org (David Mintz)
Date: Wed, 10 Dec 2008 14:51:08 -0500
Subject: [nycphp-talk] security & google ajax lib (was: Ajax UI...)
In-Reply-To: <b76252690812100932x224a73afoc7eaad83f88bfe95@mail.gmail.com>
References: <721f1cc50812091230y198f3751qf5a3a99803ad1f9c@mail.gmail.com>
	<721f1cc50812091437s2f0459b2ofe2dedca166a1c5a@mail.gmail.com>
	<721f1cc50812091438i215648acs24f0c28bdcc872af@mail.gmail.com>
	<200812091746.25036.Greg_Rundlett@harvard.edu>
	<20081210162532.GA10591@panix.com>
	<b76252690812100932x224a73afoc7eaad83f88bfe95@mail.gmail.com>
Message-ID: <721f1cc50812101151i44e9fea2yde119d045c36201@mail.gmail.com>

On Wed, Dec 10, 2008 at 12:32 PM, csnyder <chsnyder at gmail.com> wrote:

> On Wed, Dec 10, 2008 at 11:25 AM, Daniel Convissor
> <danielc at analysisandsolutions.com> wrote:
> > Hi Greg:
> >
> > On Tue, Dec 09, 2008 at 05:46:24PM -0500, Greg Rundlett wrote:
> >>
> >> Using multiple libraries got you down?
> >> With the Google AJAX Libraries API, it
> >> makes it easy to use libraries without actually installing and
> >> maintaining the
> >> library infrastructure locally
> >
> > Interesting.  I'm wondering what the security implications of this are.
> >
> > Also there's the issue of giving Google even more data about browsing
> > habits.
> >
> > Finally, there are folks like myself that use Firefox's No Script add on
> > that allows me to limit which domains can load JavaScript in my browser.
> > I tend to not allow sites other than the one I'm looking at to run JS.
> >
> > --Dan
>
> You pretty much nailed it, Dan. In exchange for convenience, you let
> Google own your users' browsing habits.
>
> I'm not so concerned about security -- I think it would be incredibly
> embarrassing to Google if one of those hosted javascripts got
> compromised -- but I do would worry about application breakage should
> Google update to a newer version of a library, or delete an old, buggy
> version.
>


Although if you want to, you can tell Google which version you want, which
should protect you from an unwanted upgrade.

-- 
David Mintz
http://davidmintz.org/

The subtle source is clear and bright
The tributary streams flow through the darkness
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20081210/4e68622e/attachment.html>

From mitch.pirtle at gmail.com  Wed Dec 10 14:58:31 2008
From: mitch.pirtle at gmail.com (Mitch Pirtle)
Date: Wed, 10 Dec 2008 14:58:31 -0500
Subject: [nycphp-talk] Poll on presentation topic
In-Reply-To: <be1d525a0812100843h3c3b4942r3b4dd5e2efdf8ba0@mail.gmail.com>
References: <330532b60812100521w26e797daud79d9bc56cc90a3f@mail.gmail.com>
	<20081210163240.GB10591@panix.com>
	<be1d525a0812100843h3c3b4942r3b4dd5e2efdf8ba0@mail.gmail.com>
Message-ID: <330532b60812101158x68ecd987u7c51728f339d5c4f@mail.gmail.com>

Ok, I can setup HD video, and will stream it too. However y'all still
have to help me decide on what to present.

-- Mitch, tapping foot


On Wed, Dec 10, 2008 at 11:43 AM, Fernando Gabrieli <fgabrieli at gmail.com> wrote:
> * Experiences learned implementing a massive traffic site for MTV
>
> it would be excellent to have a video of the conference to see it online too
>
>
> On Wed, Dec 10, 2008 at 1:32 PM, Daniel Convissor
> <danielc at analysisandsolutions.com> wrote:
>>
>> Hey Mitch:
>>
>> > * Experiences learned implementing a massive traffic site for MTV
>>
>> This piques my interest.
>>
>> --Dan
>>
>> --
>>  T H E   A N A L Y S I S   A N D   S O L U T I O N S   C O M P A N Y
>>            data intensive web and database programming
>>                http://www.AnalysisAndSolutions.com/
>>  4015 7th Ave #4, Brooklyn NY 11232  v: 718-854-0335 f: 718-854-0409
>> _______________________________________________
>> New York PHP User Group Community Talk Mailing List
>> http://lists.nyphp.org/mailman/listinfo/talk
>>
>> http://www.nyphp.org/show_participation.php
>
>
> _______________________________________________
> New York PHP User Group Community Talk Mailing List
> http://lists.nyphp.org/mailman/listinfo/talk
>
> http://www.nyphp.org/show_participation.php
>


From tmpvar at gmail.com  Wed Dec 10 15:05:24 2008
From: tmpvar at gmail.com (Elijah Insua)
Date: Wed, 10 Dec 2008 15:05:24 -0500
Subject: [nycphp-talk] security & google ajax lib (was: Ajax UI...)
In-Reply-To: <721f1cc50812101151i44e9fea2yde119d045c36201@mail.gmail.com>
References: <721f1cc50812091230y198f3751qf5a3a99803ad1f9c@mail.gmail.com>
	<721f1cc50812091437s2f0459b2ofe2dedca166a1c5a@mail.gmail.com>
	<721f1cc50812091438i215648acs24f0c28bdcc872af@mail.gmail.com>
	<200812091746.25036.Greg_Rundlett@harvard.edu>
	<20081210162532.GA10591@panix.com>
	<b76252690812100932x224a73afoc7eaad83f88bfe95@mail.gmail.com>
	<721f1cc50812101151i44e9fea2yde119d045c36201@mail.gmail.com>
Message-ID: <2b4feca10812101205o555f7abw220d67c14bd66d7f@mail.gmail.com>

There could be problems with man in the middle attacks, but that's goes for
just about anything being served up remotely.

On Wed, Dec 10, 2008 at 2:51 PM, David Mintz <david at davidmintz.org> wrote:

>
>
> On Wed, Dec 10, 2008 at 12:32 PM, csnyder <chsnyder at gmail.com> wrote:
>
>> On Wed, Dec 10, 2008 at 11:25 AM, Daniel Convissor
>> <danielc at analysisandsolutions.com> wrote:
>> > Hi Greg:
>> >
>> > On Tue, Dec 09, 2008 at 05:46:24PM -0500, Greg Rundlett wrote:
>> >>
>> >> Using multiple libraries got you down?
>> >> With the Google AJAX Libraries API, it
>> >> makes it easy to use libraries without actually installing and
>> >> maintaining the
>> >> library infrastructure locally
>> >
>> > Interesting.  I'm wondering what the security implications of this are.
>> >
>> > Also there's the issue of giving Google even more data about browsing
>> > habits.
>> >
>> > Finally, there are folks like myself that use Firefox's No Script add on
>> > that allows me to limit which domains can load JavaScript in my browser.
>> > I tend to not allow sites other than the one I'm looking at to run JS.
>> >
>> > --Dan
>>
>> You pretty much nailed it, Dan. In exchange for convenience, you let
>> Google own your users' browsing habits.
>>
>> I'm not so concerned about security -- I think it would be incredibly
>> embarrassing to Google if one of those hosted javascripts got
>> compromised -- but I do would worry about application breakage should
>> Google update to a newer version of a library, or delete an old, buggy
>> version.
>>
>
>
> Although if you want to, you can tell Google which version you want, which
> should protect you from an unwanted upgrade.
>
> --
> David Mintz
> http://davidmintz.org/
>
> The subtle source is clear and bright
> The tributary streams flow through the darkness
>
> _______________________________________________
> New York PHP User Group Community Talk Mailing List
> http://lists.nyphp.org/mailman/listinfo/talk
>
> http://www.nyphp.org/show_participation.php
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20081210/24546466/attachment.html>

From tmpvar at gmail.com  Wed Dec 10 15:07:37 2008
From: tmpvar at gmail.com (Elijah Insua)
Date: Wed, 10 Dec 2008 15:07:37 -0500
Subject: [nycphp-talk] Poll on presentation topic
In-Reply-To: <330532b60812101158x68ecd987u7c51728f339d5c4f@mail.gmail.com>
References: <330532b60812100521w26e797daud79d9bc56cc90a3f@mail.gmail.com>
	<20081210163240.GB10591@panix.com>
	<be1d525a0812100843h3c3b4942r3b4dd5e2efdf8ba0@mail.gmail.com>
	<330532b60812101158x68ecd987u7c51728f339d5c4f@mail.gmail.com>
Message-ID: <2b4feca10812101207n395c86edlf47d53671b34f70e@mail.gmail.com>

only thing that seems interesting to me is the 'massive traffic site'.

On Wed, Dec 10, 2008 at 2:58 PM, Mitch Pirtle <mitch.pirtle at gmail.com>wrote:

> Ok, I can setup HD video, and will stream it too. However y'all still
> have to help me decide on what to present.
>
> -- Mitch, tapping foot
>
>
> On Wed, Dec 10, 2008 at 11:43 AM, Fernando Gabrieli <fgabrieli at gmail.com>
> wrote:
> > * Experiences learned implementing a massive traffic site for MTV
> >
> > it would be excellent to have a video of the conference to see it online
> too
> >
> >
> > On Wed, Dec 10, 2008 at 1:32 PM, Daniel Convissor
> > <danielc at analysisandsolutions.com> wrote:
> >>
> >> Hey Mitch:
> >>
> >> > * Experiences learned implementing a massive traffic site for MTV
> >>
> >> This piques my interest.
> >>
> >> --Dan
> >>
> >> --
> >>  T H E   A N A L Y S I S   A N D   S O L U T I O N S   C O M P A N Y
> >>            data intensive web and database programming
> >>                http://www.AnalysisAndSolutions.com/
> >>  4015 7th Ave #4, Brooklyn NY 11232  v: 718-854-0335 f: 718-854-0409
> >> _______________________________________________
> >> New York PHP User Group Community Talk Mailing List
> >> http://lists.nyphp.org/mailman/listinfo/talk
> >>
> >> http://www.nyphp.org/show_participation.php
> >
> >
> > _______________________________________________
> > New York PHP User Group Community Talk Mailing List
> > http://lists.nyphp.org/mailman/listinfo/talk
> >
> > http://www.nyphp.org/show_participation.php
> >
> _______________________________________________
> New York PHP User Group Community Talk Mailing List
> http://lists.nyphp.org/mailman/listinfo/talk
>
> http://www.nyphp.org/show_participation.php
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20081210/eb429c61/attachment.html>

From chsnyder at gmail.com  Wed Dec 10 16:32:48 2008
From: chsnyder at gmail.com (csnyder)
Date: Wed, 10 Dec 2008 16:32:48 -0500
Subject: [nycphp-talk] security & google ajax lib (was: Ajax UI...)
In-Reply-To: <2b4feca10812101205o555f7abw220d67c14bd66d7f@mail.gmail.com>
References: <721f1cc50812091230y198f3751qf5a3a99803ad1f9c@mail.gmail.com>
	<721f1cc50812091437s2f0459b2ofe2dedca166a1c5a@mail.gmail.com>
	<721f1cc50812091438i215648acs24f0c28bdcc872af@mail.gmail.com>
	<200812091746.25036.Greg_Rundlett@harvard.edu>
	<20081210162532.GA10591@panix.com>
	<b76252690812100932x224a73afoc7eaad83f88bfe95@mail.gmail.com>
	<721f1cc50812101151i44e9fea2yde119d045c36201@mail.gmail.com>
	<2b4feca10812101205o555f7abw220d67c14bd66d7f@mail.gmail.com>
Message-ID: <b76252690812101332l79a73eder60164b37eb631edd@mail.gmail.com>

On Wed, Dec 10, 2008 at 3:05 PM, Elijah Insua <tmpvar at gmail.com> top posted:
>
> There could be problems with man in the middle attacks, but that's goes for
> just about anything being served up remotely.
>

DNS hijacking could be a worry. I'd say ajax.googleapis.com is a
pretty high-value target for someone who wants to quietly inject their
code into a lot of different sites.


From brian at realm3.com  Fri Dec 12 09:39:55 2008
From: brian at realm3.com (Brian Dailey)
Date: Fri, 12 Dec 2008 09:39:55 -0500
Subject: [nycphp-talk] preg_match and pattern matching
In-Reply-To: <15710438105.20081122222457@qualityadvantages.com>
References: <15710438105.20081122222457@qualityadvantages.com>
Message-ID: <494277BB.3030308@realm3.com>

Instead of re-inventing the wheel, I suggest taking a look at some of 
the code written by others. This is a common problem to any web developer.

One example would be CakePHP's Sanitize class:
http://api.cakephp.org/1.2/sanitize_8php-source.html

Chris Shiflett's blog has a lot of resources on PHP security:
http://shiflett.org/

- Brian

mikesz at qualityadvantages.com wrote:
> Hello and Greetings,
> 
> I have just been reviewing a script that says its a PHP firewall. It
> is using an array with 250 elements that are all basically subsets of
> code and injections that hackers use to break into sites. I could
> easily take this array and create a preg_match test but was wondering
> at what point pattern matching gets unmanageable or impractical. This
> script looks a lot like .htaccess using mod rewrite to block badguys.
> 
> I would appreciates some feedback on this, what is the rest of the
> world using to block or intercept bad guy injection attacks?
> 

-- 
realm3 web applications [realm3.com]
Information architecture, application development.
phone: (917) 512-3594
fax: (440) 744-3559


From matt at atopia.net  Sun Dec 14 21:00:08 2008
From: matt at atopia.net (Matt Juszczak)
Date: Sun, 14 Dec 2008 21:00:08 -0500 (EST)
Subject: [nycphp-talk] Open Source Project Management Tools
Message-ID: <alpine.BSF.2.00.0812142058420.27188@pluto.atopia.net>

Hi All,

I'm wondering if there are any open source good project management tools 
out there (PHP based).  They would have to be web based and integrate with 
email, and provide:

"state-of-the-art project management software which will include automated 
project scheduling, issue management, risk management, resource management 
and other tools; skills training for project managers; consistent project 
management methodologies, and Proactive communication of project and task 
status."

There's a larger list, but before we purchase something, I'm wondering if 
there's anything open source?

Thanks for any suggestions!

-MJ


From tim_lists at o2group.com  Sun Dec 14 22:21:23 2008
From: tim_lists at o2group.com (Tim Lieberman)
Date: Sun, 14 Dec 2008 22:21:23 -0500
Subject: [nycphp-talk] Open Source Project Management Tools
In-Reply-To: <alpine.BSF.2.00.0812142058420.27188@pluto.atopia.net>
References: <alpine.BSF.2.00.0812142058420.27188@pluto.atopia.net>
Message-ID: <93998313-E7F9-4130-96EA-5B8044C841C6@o2group.com>

What kind of organization is this for?

Disclaimer: I don't think there's any such thing as "good project  
management tools", open source or otherwise.  In most cases, the  
purchase decision is based upon the irrational hope that some piece of  
software will mitigate organizational and managerial weaknesses.

I'd be delighted to see a system that actually facilitates work  
getting done instead of getting in the way, if anyone has seen such a  
thing.

-Tim

On Dec 14, 2008, at 9:00 PM, Matt Juszczak wrote:

> Hi All,
>
> I'm wondering if there are any open source good project management  
> tools out there (PHP based).  They would have to be web based and  
> integrate with email, and provide:
>
> "state-of-the-art project management software which will include  
> automated project scheduling, issue management, risk management,  
> resource management and other tools; skills training for project  
> managers; consistent project management methodologies, and Proactive  
> communication of project and task status."
>
> There's a larger list, but before we purchase something, I'm  
> wondering if there's anything open source?
>
> Thanks for any suggestions!
>
> -MJ
> _______________________________________________
> New York PHP User Group Community Talk Mailing List
> http://lists.nyphp.org/mailman/listinfo/talk
>
> http://www.nyphp.org/show_participation.php



From matt at atopia.net  Sun Dec 14 22:23:06 2008
From: matt at atopia.net (matt at atopia.net)
Date: Mon, 15 Dec 2008 03:23:06 +0000
Subject: [nycphp-talk] Open Source Project Management Tools
Message-ID: <1337485309-1229311368-cardhu_decombobulator_blackberry.rim.net-777484459-@bxe342.bisx.prod.on.blackberry>

I agree. Most of these project management solutions stink. Its for an online web based company. 
------Original Message------
From: Tim Lieberman
Sender: talk-bounces at lists.nyphp.org
To: NYPHP Talk
ReplyTo: NYPHP Talk
Subject: Re: [nycphp-talk] Open Source Project Management Tools
Sent: Dec 14, 2008 22:21

What kind of organization is this for?

Disclaimer: I don't think there's any such thing as "good project  
management tools", open source or otherwise.  In most cases, the  
purchase decision is based upon the irrational hope that some piece of  
software will mitigate organizational and managerial weaknesses.

I'd be delighted to see a system that actually facilitates work  
getting done instead of getting in the way, if anyone has seen such a  
thing.

-Tim

On Dec 14, 2008, at 9:00 PM, Matt Juszczak wrote:

> Hi All,
>
> I'm wondering if there are any open source good project management  
> tools out there (PHP based).  They would have to be web based and  
> integrate with email, and provide:
>
> "state-of-the-art project management software which will include  
> automated project scheduling, issue management, risk management,  
> resource management and other tools; skills training for project  
> managers; consistent project management methodologies, and Proactive  
> communication of project and task status."
>
> There's a larger list, but before we purchase something, I'm  
> wondering if there's anything open source?
>
> Thanks for any suggestions!
>
> -MJ
> _______________________________________________
> New York PHP User Group Community Talk Mailing List
> http://lists.nyphp.org/mailman/listinfo/talk
>
> http://www.nyphp.org/show_participation.php

_______________________________________________
New York PHP User Group Community Talk Mailing List
http://lists.nyphp.org/mailman/listinfo/talk

http://www.nyphp.org/show_participation.php


From ajai at bitblit.net  Sun Dec 14 23:45:49 2008
From: ajai at bitblit.net (Ajai Khattri)
Date: Sun, 14 Dec 2008 23:45:49 -0500 (EST)
Subject: [nycphp-talk] Open Source Project Management Tools
In-Reply-To: <alpine.BSF.2.00.0812142058420.27188@pluto.atopia.net>
Message-ID: <Pine.LNX.4.44.0812142341220.3614-100000@bitblit.net>

On Sun, 14 Dec 2008, Matt Juszczak wrote:

> "state-of-the-art project management software which will include automated 
> project scheduling, issue management, risk management, resource management 
> and other tools; skills training for project managers; consistent project 
> management methodologies, and Proactive communication of project and task 
> status."

And you forgot the kitchen sink :-)

I think Ive spent years looking for a good open source solution and Ive 
never found anything close. (Maybe we should write one? :-)

As far as commercial solutions go, right now we're using FogBugz but 
Mingle looks pretty good too.


-- 
Aj.



From tim_lists at o2group.com  Mon Dec 15 00:04:33 2008
From: tim_lists at o2group.com (Tim Lieberman)
Date: Mon, 15 Dec 2008 00:04:33 -0500
Subject: [nycphp-talk] Open Source Project Management Tools
In-Reply-To: <Pine.LNX.4.44.0812142341220.3614-100000@bitblit.net>
References: <Pine.LNX.4.44.0812142341220.3614-100000@bitblit.net>
Message-ID: <0EE0A187-D16E-4CC9-99F6-090108818083@o2group.com>


On Dec 14, 2008, at 11:45 PM, Ajai Khattri wrote:

> On Sun, 14 Dec 2008, Matt Juszczak wrote:
>
>> "state-of-the-art project management software which will include  
>> automated
>> project scheduling, issue management, risk management, resource  
>> management
>> and other tools; skills training for project managers; consistent  
>> project
>> management methodologies, and Proactive communication of project  
>> and task
>> status."
>
> And you forgot the kitchen sink :-)
>
> I think Ive spent years looking for a good open source solution and  
> Ive
> never found anything close. (Maybe we should write one? :-)
>
> As far as commercial solutions go, right now we're using FogBugz but
> Mingle looks pretty good too.

FogBugz is nice for what it does.  The killer feature is email  
integration, IMO.  Mantis (mantisbt.org) is a nice (PHP) open-source  
issue-tracker that's pretty flexible as far as use cases go.

Project Management is bigger than just issue-tracking.

There's the school of thought that says "Project Management is about  
Communication (and everything else is a waste of time)" -- mostly  
championed by the 37signals guys (their product, basecamp (http://www.basecamphq.com 
), is actually pretty useful for a small-ish kind of enterprise.  (At  
least) one of their founders, Jason Fried, is pretty outspoken about  
the philosophy.  I went to an event while I was out in Denver where he  
pontificated about that sort of stuff for a long time.  I don't agree  
with a lot of what he says, but it's still thought-provoking.  There's  
a low-fi recording of the talk and some Q/A here:

<http://blog.electricmindcontrol.net/2008/08/jason-fried-of-37signals-new-denver-ad-club-audio-notes/ 
 >

The highlight for me was when he said he'd run his company into the  
ground before including GANTT charts as a feature, no matter how many  
people ask for it. So if there's an interest in taking a step back,  
you might want to pass that around as food for thought.




From ajai at bitblit.net  Mon Dec 15 00:30:12 2008
From: ajai at bitblit.net (Ajai Khattri)
Date: Mon, 15 Dec 2008 00:30:12 -0500 (EST)
Subject: [nycphp-talk] Open Source Project Management Tools
In-Reply-To: <0EE0A187-D16E-4CC9-99F6-090108818083@o2group.com>
Message-ID: <Pine.LNX.4.44.0812150028220.3614-100000@bitblit.net>

On Mon, 15 Dec 2008, Tim Lieberman wrote:

> FogBugz is nice for what it does.  The killer feature is email  
> integration, IMO.  Mantis (mantisbt.org) is a nice (PHP) open-source  
> issue-tracker that's pretty flexible as far as use cases go.
> 
> Project Management is bigger than just issue-tracking.

Agreed.

> There's the school of thought that says "Project Management is about  
> Communication (and everything else is a waste of time)" -- mostly  
> championed by the 37signals guys (their product, basecamp (http://www.basecamphq.com 
> ), is actually pretty useful for a small-ish kind of enterprise.

We used to use it. Not good enough to track what's going on in our 
projects. FogBugz was a compromise. Now Ive been looking at Mingle because 
the workflow is pretty useful.


-- 
Aj.



From matt at atopia.net  Mon Dec 15 00:33:38 2008
From: matt at atopia.net (Matt Juszczak)
Date: Mon, 15 Dec 2008 00:33:38 -0500 (EST)
Subject: [nycphp-talk] Open Source Project Management Tools
In-Reply-To: <Pine.LNX.4.44.0812142341220.3614-100000@bitblit.net>
References: <Pine.LNX.4.44.0812142341220.3614-100000@bitblit.net>
Message-ID: <alpine.BSF.2.00.0812150031140.38101@pluto.atopia.net>

> I think Ive spent years looking for a good open source solution and Ive
> never found anything close. (Maybe we should write one? :-)

Agreed.  I think there's a big market here for an open source project 
management solution.  I'd gladly provide hosting/svn, etc. if people 
wanted to get together and start one.

> As far as commercial solutions go, right now we're using FogBugz but
> Mingle looks pretty good too.

Great!  I'll look at them, thanks!


From ajai at bitblit.net  Mon Dec 15 00:42:34 2008
From: ajai at bitblit.net (Ajai Khattri)
Date: Mon, 15 Dec 2008 00:42:34 -0500 (EST)
Subject: [nycphp-talk] Open Source Project Management Tools
In-Reply-To: <alpine.BSF.2.00.0812150031140.38101@pluto.atopia.net>
Message-ID: <Pine.LNX.4.44.0812150042060.3614-100000@bitblit.net>

On Mon, 15 Dec 2008, Matt Juszczak wrote:

> Great!  I'll look at them, thanks!

Also check out Wrike - appears to be completely email-driven but Ive never 
used it myself.


-- 
Aj.



From brianw1975 at gmail.com  Mon Dec 15 01:22:54 2008
From: brianw1975 at gmail.com (Brian Williams)
Date: Mon, 15 Dec 2008 01:22:54 -0500
Subject: [nycphp-talk] Open Source Project Management Tools
In-Reply-To: <alpine.BSF.2.00.0812142058420.27188@pluto.atopia.net>
References: <alpine.BSF.2.00.0812142058420.27188@pluto.atopia.net>
Message-ID: <ae0c70e80812142222w710372d4pb369527829885809@mail.gmail.com>

The company I used to work at used scrum for projects and used VersionOne
http://www.versionone.com/ for planning, tracking, etc

Once i got used to it i found it to be of great use in keeping things on
track and specific tasks etc in order.



On Sun, Dec 14, 2008 at 9:00 PM, Matt Juszczak <matt at atopia.net> wrote:

> Hi All,
>
> I'm wondering if there are any open source good project management tools
> out there (PHP based).  They would have to be web based and integrate with
> email, and provide:
>
> "state-of-the-art project management software which will include automated
> project scheduling, issue management, risk management, resource management
> and other tools; skills training for project managers; consistent project
> management methodologies, and Proactive communication of project and task
> status."
>
> There's a larger list, but before we purchase something, I'm wondering if
> there's anything open source?
>
> Thanks for any suggestions!
>
> -MJ
> _______________________________________________
> New York PHP User Group Community Talk Mailing List
> http://lists.nyphp.org/mailman/listinfo/talk
>
> http://www.nyphp.org/show_participation.php
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20081215/19648469/attachment.html>

From mutazmusa at gmail.com  Mon Dec 15 01:26:58 2008
From: mutazmusa at gmail.com (Mutaz Musa)
Date: Sun, 14 Dec 2008 22:26:58 -0800
Subject: [nycphp-talk] Open Source Project Management Tools
In-Reply-To: <ae0c70e80812142222w710372d4pb369527829885809@mail.gmail.com>
References: <alpine.BSF.2.00.0812142058420.27188@pluto.atopia.net>
	<ae0c70e80812142222w710372d4pb369527829885809@mail.gmail.com>
Message-ID: <602c8ac0812142226g543ab0e3j29de2923763e537c@mail.gmail.com>

There's also Epiware, though I've not used it myself.

http://www.epiware.com/

On Sun, Dec 14, 2008 at 10:22 PM, Brian Williams <brianw1975 at gmail.com>wrote:

> The company I used to work at used scrum for projects and used VersionOne
> http://www.versionone.com/ for planning, tracking, etc
>
> Once i got used to it i found it to be of great use in keeping things on
> track and specific tasks etc in order.
>
>
>
>
> On Sun, Dec 14, 2008 at 9:00 PM, Matt Juszczak <matt at atopia.net> wrote:
>
>> Hi All,
>>
>> I'm wondering if there are any open source good project management tools
>> out there (PHP based).  They would have to be web based and integrate with
>> email, and provide:
>>
>> "state-of-the-art project management software which will include automated
>> project scheduling, issue management, risk management, resource management
>> and other tools; skills training for project managers; consistent project
>> management methodologies, and Proactive communication of project and task
>> status."
>>
>> There's a larger list, but before we purchase something, I'm wondering if
>> there's anything open source?
>>
>> Thanks for any suggestions!
>>
>> -MJ
>> _______________________________________________
>> New York PHP User Group Community Talk Mailing List
>> http://lists.nyphp.org/mailman/listinfo/talk
>>
>> http://www.nyphp.org/show_participation.php
>>
>
>
> _______________________________________________
> New York PHP User Group Community Talk Mailing List
> http://lists.nyphp.org/mailman/listinfo/talk
>
> http://www.nyphp.org/show_participation.php
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20081214/03b87dbc/attachment.html>

From brianw1975 at gmail.com  Mon Dec 15 01:31:42 2008
From: brianw1975 at gmail.com (Brian Williams)
Date: Mon, 15 Dec 2008 01:31:42 -0500
Subject: [nycphp-talk] Open Source Project Management Tools
In-Reply-To: <ae0c70e80812142222w710372d4pb369527829885809@mail.gmail.com>
References: <alpine.BSF.2.00.0812142058420.27188@pluto.atopia.net>
	<ae0c70e80812142222w710372d4pb369527829885809@mail.gmail.com>
Message-ID: <ae0c70e80812142231j69d0d907j532e21fb68c36acd@mail.gmail.com>

I also forgot that there is

http://www.dotproject.net/

dotProject - the Open Source Project Management tool.

On Mon, Dec 15, 2008 at 1:22 AM, Brian Williams <brianw1975 at gmail.com>wrote:

> The company I used to work at used scrum for projects and used VersionOne
> http://www.versionone.com/ for planning, tracking, etc
>
> Once i got used to it i found it to be of great use in keeping things on
> track and specific tasks etc in order.
>
>
>
>
> On Sun, Dec 14, 2008 at 9:00 PM, Matt Juszczak <matt at atopia.net> wrote:
>
>> Hi All,
>>
>> I'm wondering if there are any open source good project management tools
>> out there (PHP based).  They would have to be web based and integrate with
>> email, and provide:
>>
>> "state-of-the-art project management software which will include automated
>> project scheduling, issue management, risk management, resource management
>> and other tools; skills training for project managers; consistent project
>> management methodologies, and Proactive communication of project and task
>> status."
>>
>> There's a larger list, but before we purchase something, I'm wondering if
>> there's anything open source?
>>
>> Thanks for any suggestions!
>>
>> -MJ
>> _______________________________________________
>> New York PHP User Group Community Talk Mailing List
>> http://lists.nyphp.org/mailman/listinfo/talk
>>
>> http://www.nyphp.org/show_participation.php
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20081215/c4f18cdc/attachment.html>

From edwardpotter at gmail.com  Mon Dec 15 09:07:21 2008
From: edwardpotter at gmail.com (Edward Potter)
Date: Mon, 15 Dec 2008 09:07:21 -0500
Subject: [nycphp-talk] Open Source Project Management Tools
In-Reply-To: <ae0c70e80812142231j69d0d907j532e21fb68c36acd@mail.gmail.com>
References: <alpine.BSF.2.00.0812142058420.27188@pluto.atopia.net>
	<ae0c70e80812142222w710372d4pb369527829885809@mail.gmail.com>
	<ae0c70e80812142231j69d0d907j532e21fb68c36acd@mail.gmail.com>
Message-ID: <090CD095-2C2E-431D-915D-C3A3F91EF2FE@gmail.com>

Building of the Empire State Building was project managed with a pad  
and a pencil. 365 days start to finish.

Would be interesting to read up on how they did it. And not an iPhone  
in sight.  :-)



On Dec 15, 2008, at 1:31 AM, "Brian Williams" <brianw1975 at gmail.com>  
wrote:

> I also forgot that there is
>
> http://www.dotproject.net/
>
> dotProject - the Open Source Project Management tool.
>
>
>
> On Mon, Dec 15, 2008 at 1:22 AM, Brian Williams  
> <brianw1975 at gmail.com> wrote:
> The company I used to work at used scrum for projects and used  
> VersionOne http://www.versionone.com/ for planning, tracking, etc
>
> Once i got used to it i found it to be of great use in keeping  
> things on track and specific tasks etc in order.
>
>
>
>
> On Sun, Dec 14, 2008 at 9:00 PM, Matt Juszczak <matt at atopia.net>  
> wrote:
> Hi All,
>
> I'm wondering if there are any open source good project management  
> tools out there (PHP based).  They would have to be web based and  
> integrate with email, and provide:
>
> "state-of-the-art project management software which will include  
> automated project scheduling, issue management, risk management,  
> resource management and other tools; skills training for project  
> managers; consistent project management methodologies, and Proactive  
> communication of project and task status."
>
> There's a larger list, but before we purchase something, I'm  
> wondering if there's anything open source?
>
> Thanks for any suggestions!
>
> -MJ
> _______________________________________________
> New York PHP User Group Community Talk Mailing List
> http://lists.nyphp.org/mailman/listinfo/talk
>
> http://www.nyphp.org/show_participation.php
>
>
> _______________________________________________
> New York PHP User Group Community Talk Mailing List
> http://lists.nyphp.org/mailman/listinfo/talk
>
> http://www.nyphp.org/show_participation.php
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20081215/c48a7d26/attachment.html>

From php at lynxtdc.com  Mon Dec 15 09:07:37 2008
From: php at lynxtdc.com (Paul McGrane)
Date: Mon, 15 Dec 2008 09:07:37 -0500
Subject: [nycphp-talk] Open Source Project Management Tools
In-Reply-To: <alpine.BSF.2.00.0812150031140.38101@pluto.atopia.net>
References: <Pine.LNX.4.44.0812142341220.3614-100000@bitblit.net>
	<alpine.BSF.2.00.0812150031140.38101@pluto.atopia.net>
Message-ID: <01eb01c95ebe$7dea8b10$0301a8c0@ltdcmain>

You should check out web2project.net  This is a new open source project
management tool that sounds like it answers most of your issues...you can
demo it at demo.web2project.net

Paul 

-----Original Message-----
From: talk-bounces at lists.nyphp.org [mailto:talk-bounces at lists.nyphp.org] On
Behalf Of Matt Juszczak
Sent: Monday, December 15, 2008 12:34 AM
To: NYPHP Talk
Subject: Re: [nycphp-talk] Open Source Project Management Tools

> I think Ive spent years looking for a good open source solution and 
> Ive never found anything close. (Maybe we should write one? :-)

Agreed.  I think there's a big market here for an open source project
management solution.  I'd gladly provide hosting/svn, etc. if people wanted
to get together and start one.

> As far as commercial solutions go, right now we're using FogBugz but 
> Mingle looks pretty good too.

Great!  I'll look at them, thanks!
_______________________________________________
New York PHP User Group Community Talk Mailing List
http://lists.nyphp.org/mailman/listinfo/talk

http://www.nyphp.org/show_participation.php



From ajai at bitblit.net  Mon Dec 15 09:16:37 2008
From: ajai at bitblit.net (Ajai Khattri)
Date: Mon, 15 Dec 2008 09:16:37 -0500 (EST)
Subject: [nycphp-talk] Open Source Project Management Tools
In-Reply-To: <090CD095-2C2E-431D-915D-C3A3F91EF2FE@gmail.com>
Message-ID: <Pine.LNX.4.44.0812150912540.3614-100000@bitblit.net>

On Mon, 15 Dec 2008, Edward Potter wrote:

> Building of the Empire State Building was project managed with a pad  
> and a pencil. 365 days start to finish.

Back in the day, I wrote 6502 assembly code using pencil and paper before 
sitting down at a keyboard, but I dont think that would work for project 
management today :-)



-- 
Aj.



From ps at sun-code.com  Mon Dec 15 09:30:53 2008
From: ps at sun-code.com (Peter Sawczynec)
Date: Mon, 15 Dec 2008 09:30:53 -0500
Subject: [nycphp-talk] Open Source Project Management Tools
In-Reply-To: <alpine.BSF.2.00.0812142058420.27188@pluto.atopia.net>
References: <alpine.BSF.2.00.0812142058420.27188@pluto.atopia.net>
Message-ID: <000b01c95ec1$bc8f8070$35ae8150$@com>

PHProjekt: http://www.phprojekt.com/index.php?&newlang=eng

May not fit all you specs but could be good for someone else looking 
at this type of thing. 


Warmest regards, 
?
Peter Sawczynec 
Technology Dir.
Sun-code Interactive
Sun-code.com 
941.893.0396
ps at sun-code.com




-----Original Message-----
From: talk-bounces at lists.nyphp.org [mailto:talk-bounces at lists.nyphp.org]
On Behalf Of Matt Juszczak
Sent: Sunday, December 14, 2008 9:00 PM
To: talk at lists.nyphp.org
Subject: [nycphp-talk] Open Source Project Management Tools

Hi All,

I'm wondering if there are any open source good project management tools

out there (PHP based).  They would have to be web based and integrate
with 
email, and provide:

"state-of-the-art project management software which will include
automated 
project scheduling, issue management, risk management, resource
management 
and other tools; skills training for project managers; consistent
project 
management methodologies, and Proactive communication of project and
task 
status."

There's a larger list, but before we purchase something, I'm wondering
if 
there's anything open source?

Thanks for any suggestions!

-MJ
_______________________________________________
New York PHP User Group Community Talk Mailing List
http://lists.nyphp.org/mailman/listinfo/talk

http://www.nyphp.org/show_participation.php



From ben at projectskyline.com  Mon Dec 15 10:02:30 2008
From: ben at projectskyline.com (Ben Sgro)
Date: Mon, 15 Dec 2008 10:02:30 -0500
Subject: [nycphp-talk] Open Source Project Management Tools
In-Reply-To: <000b01c95ec1$bc8f8070$35ae8150$@com>
References: <alpine.BSF.2.00.0812142058420.27188@pluto.atopia.net>
	<000b01c95ec1$bc8f8070$35ae8150$@com>
Message-ID: <49467186.9080106@projectskyline.com>

Hello,

I've had great experience with mantis and basecamp (again, for small 
organizations)..

I tried using SugarCRM for a while, even built some custom views, but 
the UI is
pretty awful and the workflow didn't fit in with us.

Gantt charts aren't that bad. = ]

- Ben

Peter Sawczynec wrote:
> PHProjekt: http://www.phprojekt.com/index.php?&newlang=eng
>
> May not fit all you specs but could be good for someone else looking 
> at this type of thing. 
>
>
> Warmest regards, 
>  
> Peter Sawczynec 
> Technology Dir.
> Sun-code Interactive
> Sun-code.com 
> 941.893.0396
> ps at sun-code.com
>
>
>
>
> -----Original Message-----
> From: talk-bounces at lists.nyphp.org [mailto:talk-bounces at lists.nyphp.org]
> On Behalf Of Matt Juszczak
> Sent: Sunday, December 14, 2008 9:00 PM
> To: talk at lists.nyphp.org
> Subject: [nycphp-talk] Open Source Project Management Tools
>
> Hi All,
>
> I'm wondering if there are any open source good project management tools
>
> out there (PHP based).  They would have to be web based and integrate
> with 
> email, and provide:
>
> "state-of-the-art project management software which will include
> automated 
> project scheduling, issue management, risk management, resource
> management 
> and other tools; skills training for project managers; consistent
> project 
> management methodologies, and Proactive communication of project and
> task 
> status."
>
> There's a larger list, but before we purchase something, I'm wondering
> if 
> there's anything open source?
>
> Thanks for any suggestions!
>
> -MJ
> _______________________________________________
> New York PHP User Group Community Talk Mailing List
> http://lists.nyphp.org/mailman/listinfo/talk
>
> http://www.nyphp.org/show_participation.php
>
> _______________________________________________
> New York PHP User Group Community Talk Mailing List
> http://lists.nyphp.org/mailman/listinfo/talk
>
> http://www.nyphp.org/show_participation.php
>
>   


From matt at atopia.net  Mon Dec 15 10:53:35 2008
From: matt at atopia.net (Matt Juszczak)
Date: Mon, 15 Dec 2008 10:53:35 -0500 (EST)
Subject: [nycphp-talk] Open Source Project Management Tools
In-Reply-To: <01eb01c95ebe$7dea8b10$0301a8c0@ltdcmain>
References: <Pine.LNX.4.44.0812142341220.3614-100000@bitblit.net>
	<alpine.BSF.2.00.0812150031140.38101@pluto.atopia.net>
	<01eb01c95ebe$7dea8b10$0301a8c0@ltdcmain>
Message-ID: <alpine.BSF.2.00.0812151053320.74322@pluto.atopia.net>

Thanks for all of these suggestions!

On Mon, 15 Dec 2008, Paul McGrane wrote:

> You should check out web2project.net  This is a new open source project
> management tool that sounds like it answers most of your issues...you can
> demo it at demo.web2project.net
>
> Paul
>
> -----Original Message-----
> From: talk-bounces at lists.nyphp.org [mailto:talk-bounces at lists.nyphp.org] On
> Behalf Of Matt Juszczak
> Sent: Monday, December 15, 2008 12:34 AM
> To: NYPHP Talk
> Subject: Re: [nycphp-talk] Open Source Project Management Tools
>
>> I think Ive spent years looking for a good open source solution and
>> Ive never found anything close. (Maybe we should write one? :-)
>
> Agreed.  I think there's a big market here for an open source project
> management solution.  I'd gladly provide hosting/svn, etc. if people wanted
> to get together and start one.
>
>> As far as commercial solutions go, right now we're using FogBugz but
>> Mingle looks pretty good too.
>
> Great!  I'll look at them, thanks!
> _______________________________________________
> New York PHP User Group Community Talk Mailing List
> http://lists.nyphp.org/mailman/listinfo/talk
>
> http://www.nyphp.org/show_participation.php
>
> _______________________________________________
> New York PHP User Group Community Talk Mailing List
> http://lists.nyphp.org/mailman/listinfo/talk
>
> http://www.nyphp.org/show_participation.php
>


From lists at zaunere.com  Mon Dec 15 14:08:40 2008
From: lists at zaunere.com (Hans Zaunere)
Date: Mon, 15 Dec 2008 14:08:40 -0500
Subject: [nycphp-talk] Sahana Project?
Message-ID: <01f001c95ee8$8a5771e0$9f0655a0$@com>

Hello,

Out of curiosity, anyone familiar with the Sahana project?

http://www.sahana.lk/

FYI, significant AMP based disaster recovery (DR) project.

---
Hans Zaunere / Managing Member / New York PHP
      www.nyphp.org  / ?www.nyphp.com





From hafezadnan at gmail.com  Tue Dec 16 03:45:05 2008
From: hafezadnan at gmail.com (hafez ahmad)
Date: Tue, 16 Dec 2008 10:45:05 +0200
Subject: [nycphp-talk] Run PHP script as service (every 10 seconds)
Message-ID: <cd481c70812160045o1ff7d77bu5abaaf49f837075a@mail.gmail.com>

Dears,

I need to run PHP script every 10 seconds , I can do that with (while true)
and sleep(10), but I need to the script always run on Linux machine as
service.

Any Ideas?

Regards,
hafez
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20081216/062d67c5/attachment.html>

From jon.gilkison at gmail.com  Tue Dec 16 04:49:25 2008
From: jon.gilkison at gmail.com (Jon Gilkison)
Date: Tue, 16 Dec 2008 04:49:25 -0500
Subject: [nycphp-talk] Run PHP script as service (every 10 seconds)
In-Reply-To: <cd481c70812160045o1ff7d77bu5abaaf49f837075a@mail.gmail.com>
References: <cd481c70812160045o1ff7d77bu5abaaf49f837075a@mail.gmail.com>
Message-ID: <6FAE47B7-3CBB-4854-B72F-38216AC4B0BE@gmail.com>

#!/usr/bin/php
<?php

/**
  * Handles SIG handlers
  */
$sigterm=false;
$sighup=false;

/**
  * SIG handler
  */
function sig_handler($signo)
{
	global $sigterm, $sigup;

	if($signo == SIGTERM)
		$sigterm = true;
  	else if($signo == SIGHUP)
		$sighup = true;
}

// Set up the forking
global $sigterm, $sighup;

ini_set("max_execution_time", "0");
ini_set("max_input_time", "0");
set_time_limit(0);

pcntl_signal(SIGTERM, "sig_handler");
pcntl_signal(SIGHUP, "sig_handler");

// fork this process into a background child process
$pid = pcntl_fork();
if($pid == -1)
	die("There is no fork()!");

if($pid)
{
	echo($pid);
	return 0;
}

while(!$sigterm)
{
	// CHANGE TO WHATEVER SCRIPT YOU WANT TO RUN
	exec('php /path/to/your/script');

	// CHANGE TO WHATEVER TIME
	sleep(2);
}

return 0;

?>

This will launch itself in the background and execute a script every x  
seconds.

HTH,

Jon.


jon gilkison
chief technology officer / massify.com


On Dec 16, 2008, at 3:45 AM, hafez ahmad wrote:

> Dears,
>
> I need to run PHP script every 10 seconds , I can do that with  
> (while true) and sleep(10), but I need to the script always run on  
> Linux machine as service.
>
> Any Ideas?
>
> Regards,
> hafez
> _______________________________________________
> New York PHP User Group Community Talk Mailing List
> http://lists.nyphp.org/mailman/listinfo/talk
>
> http://www.nyphp.org/show_participation.php

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20081216/51062759/attachment.html>

From fgabrieli at gmail.com  Tue Dec 16 09:43:34 2008
From: fgabrieli at gmail.com (Fernando Gabrieli)
Date: Tue, 16 Dec 2008 11:43:34 -0300
Subject: [nycphp-talk] Run PHP script as service (every 10 seconds)
In-Reply-To: <cd481c70812160045o1ff7d77bu5abaaf49f837075a@mail.gmail.com>
References: <cd481c70812160045o1ff7d77bu5abaaf49f837075a@mail.gmail.com>
Message-ID: <be1d525a0812160643y1245f730pe193c2b8b9d9b6e3@mail.gmail.com>

if you could change it so it runs every minute (instead of every 10 seconds)
you could use a cron...

On Tue, Dec 16, 2008 at 5:45 AM, hafez ahmad <hafezadnan at gmail.com> wrote:

> Dears,
>
> I need to run PHP script every 10 seconds , I can do that with (while true)
> and sleep(10), but I need to the script always run on Linux machine as
> service.
>
> Any Ideas?
>
> Regards,
> hafez
>
> _______________________________________________
> New York PHP User Group Community Talk Mailing List
> http://lists.nyphp.org/mailman/listinfo/talk
>
> http://www.nyphp.org/show_participation.php
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20081216/a3dfe4e9/attachment.html>

From anthony at thrillist.com  Tue Dec 16 10:04:25 2008
From: anthony at thrillist.com (Anthony Wlodarski)
Date: Tue, 16 Dec 2008 07:04:25 -0800
Subject: [nycphp-talk] Run PHP script as service (every 10 seconds)
In-Reply-To: <be1d525a0812160643y1245f730pe193c2b8b9d9b6e3@mail.gmail.com>
Message-ID: <C56D2DA9.2A05%anthony@thrillist.com>

On your distro of choice execute "man crontab".  Also try "crontab -l" to familiarize yourself with how the cron layout looks.

-Anthony


________________________________
From: Fernando Gabrieli <fgabrieli at gmail.com>
Reply-To: NYPHP Talk <talk at lists.nyphp.org>
Date: Tue, 16 Dec 2008 06:43:34 -0800
To: NYPHP Talk <talk at lists.nyphp.org>
Subject: Re: [nycphp-talk] Run PHP script as service (every 10 seconds)

if you could change it so it runs every minute (instead of every 10 seconds) you could use a cron...

On Tue, Dec 16, 2008 at 5:45 AM, hafez ahmad <hafezadnan at gmail.com> wrote:
Dears,

I need to run PHP script every 10 seconds , I can do that with (while true) and sleep(10), but I need to the script always run on Linux machine as service.

Any Ideas?

Regards,
hafez

_______________________________________________
New York PHP User Group Community Talk Mailing List
http://lists.nyphp.org/mailman/listinfo/talk

http://www.nyphp.org/show_participation.php


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20081216/9ebfe071/attachment.html>

From rolan at omnistep.com  Tue Dec 16 10:15:13 2008
From: rolan at omnistep.com (Rolan Yang)
Date: Tue, 16 Dec 2008 10:15:13 -0500
Subject: [nycphp-talk] Run PHP script as service (every 10 seconds)
In-Reply-To: <cd481c70812160045o1ff7d77bu5abaaf49f837075a@mail.gmail.com>
References: <cd481c70812160045o1ff7d77bu5abaaf49f837075a@mail.gmail.com>
Message-ID: <4947C601.8090701@omnistep.com>

hafez ahmad wrote:
> Dears,
>
> I need to run PHP script every 10 seconds , I can do that with (while 
> true) and sleep(10), but I need to the script always run on Linux 
> machine as service.
>
> Any Ideas?
>
While not as elegant as some of the other suggestions above, you could 
run "screen" to create a virtual terminal that remains active (even when 
you log off), then use the "watch" command to run a script every x 
seconds like so:

watch -n 10 ./myphpscript

Use CTRL-A D to drop out of the screen terminal and leave it running in 
the background.

~Rolan


From ramons at gmx.net  Tue Dec 16 10:34:13 2008
From: ramons at gmx.net (David Krings)
Date: Tue, 16 Dec 2008 10:34:13 -0500
Subject: [nycphp-talk] Run PHP script as service (every 10 seconds)
In-Reply-To: <be1d525a0812160643y1245f730pe193c2b8b9d9b6e3@mail.gmail.com>
References: <cd481c70812160045o1ff7d77bu5abaaf49f837075a@mail.gmail.com>
	<be1d525a0812160643y1245f730pe193c2b8b9d9b6e3@mail.gmail.com>
Message-ID: <4947CA75.2030401@gmx.net>

Fernando Gabrieli wrote:
> if you could change it so it runs every minute (instead of every 10 
> seconds) you could use a cron...

Or craft the script so that it loops five times while waiting ten seconds and 
then hook that script into cron.

David


From jcampbell1 at gmail.com  Tue Dec 16 11:01:46 2008
From: jcampbell1 at gmail.com (John Campbell)
Date: Tue, 16 Dec 2008 11:01:46 -0500
Subject: [nycphp-talk] Run PHP script as service (every 10 seconds)
In-Reply-To: <be1d525a0812160643y1245f730pe193c2b8b9d9b6e3@mail.gmail.com>
References: <cd481c70812160045o1ff7d77bu5abaaf49f837075a@mail.gmail.com>
	<be1d525a0812160643y1245f730pe193c2b8b9d9b6e3@mail.gmail.com>
Message-ID: <8f0676b40812160801v7e960b30w549bee3d9682dc22@mail.gmail.com>

On Tue, Dec 16, 2008 at 9:43 AM, Fernando Gabrieli <fgabrieli at gmail.com> wrote:
> if you could change it so it runs every minute (instead of every 10 seconds)
> you could use a cron...
>

You probably want the script to run 10 seconds after it last ran to
prevent multiple instances in the case where the script takes more
than 10 seconds to run.   If you use cron, make sure you have a lock
to prevent the script from running simultaneously.

-John Campbell


From nasir81 at gmail.com  Tue Dec 16 19:21:55 2008
From: nasir81 at gmail.com (Nasir Zubair)
Date: Tue, 16 Dec 2008 19:21:55 -0500
Subject: [nycphp-talk] [Slightly OT] Profiling Site Response Time
Message-ID: <40fcda730812161621u514fd3cfvcd1e6fec5792168b@mail.gmail.com>

Hi All,

Can anyone suggest an offline program or utility to profile response time
for an intranet website during various visits.

I'm trying troubleshooting a peculiar problem with one of our intranet
websites in IE6. The site is not fully functional in non-IE browsers (IE6
being the company standard). On the first visit to site for the day, the
site takes good 30-45 seconds to respond, any subsequent visits are under 1
sec, as expected. After some general testing (cache, cookies, etc.) I am
fairly confident that the workstation configuration are not a problem. The
issue can be reproduced on a number of workstations using a number of
different NT accounts. For every account, the slow down is only once, during
the initial visit.

I have been looking for various tools to profile the site response and have
consistently been running into the following issues:

1. the site is on an intranet, inaccessible from the internet, which rules
out all the online tools.
2. the site is using SSL, which caused Fiddler (
http://www.fiddlertool.com/fiddler/) and couple of other utilities to skip
it altogether.

I am not the developer of the site in question, but since I'm given the task
of troubleshooting the issue, I want to back up my obvious conclusions with
some numbers.

Thanks in advance.

- Nasir
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20081216/d2aa6696/attachment.html>

From brenttech at gmail.com  Tue Dec 16 20:39:11 2008
From: brenttech at gmail.com (Brent Baisley)
Date: Tue, 16 Dec 2008 20:39:11 -0500
Subject: [nycphp-talk] [Slightly OT] Profiling Site Response Time
In-Reply-To: <40fcda730812161621u514fd3cfvcd1e6fec5792168b@mail.gmail.com>
References: <40fcda730812161621u514fd3cfvcd1e6fec5792168b@mail.gmail.com>
Message-ID: <F2289771-A2DD-45A1-B958-67EDED5E7FA6@gmail.com>

You can try using some unix utilities like wget to do timings. PHP has  
CURL commands you can use to automate some testings. There are also  
testing tools, like Selenium, you can use on any computer to do  
automated testing.

Brent

On Dec 16, 2008, at 7:21 PM, Nasir Zubair wrote:

> Hi All,
>
> Can anyone suggest an offline program or utility to profile response  
> time for an intranet website during various visits.
>
> I'm trying troubleshooting a peculiar problem with one of our  
> intranet websites in IE6. The site is not fully functional in non-IE  
> browsers (IE6 being the company standard). On the first visit to  
> site for the day, the site takes good 30-45 seconds to respond, any  
> subsequent visits are under 1 sec, as expected. After some general  
> testing (cache, cookies, etc.) I am fairly confident that the  
> workstation configuration are not a problem. The issue can be  
> reproduced on a number of workstations using a number of different  
> NT accounts. For every account, the slow down is only once, during  
> the initial visit.
>
> I have been looking for various tools to profile the site response  
> and have consistently been running into the following issues:
>
> 1. the site is on an intranet, inaccessible from the internet, which  
> rules out all the online tools.
> 2. the site is using SSL, which caused Fiddler (http://www.fiddlertool.com/fiddler/ 
> ) and couple of other utilities to skip it altogether.
>
> I am not the developer of the site in question, but since I'm given  
> the task of troubleshooting the issue, I want to back up my obvious  
> conclusions with some numbers.
>
> Thanks in advance.
>
> - Nasir
>
> _______________________________________________
> New York PHP User Group Community Talk Mailing List
> http://lists.nyphp.org/mailman/listinfo/talk
>
> http://www.nyphp.org/show_participation.php

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20081216/707b04b6/attachment.html>

From rolan at omnistep.com  Tue Dec 16 20:54:01 2008
From: rolan at omnistep.com (Rolan Yang)
Date: Tue, 16 Dec 2008 20:54:01 -0500
Subject: [nycphp-talk] [Slightly OT] Profiling Site Response Time
In-Reply-To: <40fcda730812161621u514fd3cfvcd1e6fec5792168b@mail.gmail.com>
References: <40fcda730812161621u514fd3cfvcd1e6fec5792168b@mail.gmail.com>
Message-ID: <49485BB9.9010808@omnistep.com>

Nasir Zubair wrote:
> Hi All,
>
> Can anyone suggest an offline program or utility to profile response 
> time for an intranet website during various visits.
>
> I'm trying troubleshooting a peculiar problem with one of our intranet 
> websites in IE6. The site is not fully functional in non-IE browsers 
> (IE6 being the company standard). On the first visit to site for the 
> day, the site takes good 30-45 seconds to respond, any subsequent 
> visits are under 1 sec, as expected. After some general testing 
> (cache, cookies, etc.) I am fairly confident that the workstation 
> configuration are not a problem. The issue can be reproduced on a 
> number of workstations using a number of different NT accounts. For 
> every account, the slow

The fact that it doesn't work with non-IE browsers is somewhat of a 
hurdle, but if it does with with Firefox, there is a nice plugin called 
Yslow that will profile your web pages and offer suggestions on how to 
optimize.

~Rolan


From nasir81 at gmail.com  Tue Dec 16 21:06:29 2008
From: nasir81 at gmail.com (Nasir Zubair)
Date: Tue, 16 Dec 2008 21:06:29 -0500
Subject: [nycphp-talk] [Slightly OT] Profiling Site Response Time
In-Reply-To: <F2289771-A2DD-45A1-B958-67EDED5E7FA6@gmail.com>
References: <40fcda730812161621u514fd3cfvcd1e6fec5792168b@mail.gmail.com>
	<F2289771-A2DD-45A1-B958-67EDED5E7FA6@gmail.com>
Message-ID: <40fcda730812161806m13939facq35f60b664d90c690@mail.gmail.com>

Will try cURL and see how it works.

Just browsed through Selenium's site. Interesting concept. I will see how
involved the setup is and would it even be worth the effort.

Thanks for the suggestions.

- Nasir

On Tue, Dec 16, 2008 at 8:39 PM, Brent Baisley <brenttech at gmail.com> wrote:

> You can try using some unix utilities like wget to do timings. PHP has CURL
> commands you can use to automate some testings. There are also testing
> tools, like Selenium, you can use on any computer to do automated testing.
>
> Brent
>
> On Dec 16, 2008, at 7:21 PM, Nasir Zubair wrote:
>
> Hi All,
>
> Can anyone suggest an offline program or utility to profile response time
> for an intranet website during various visits.
>
> I'm trying troubleshooting a peculiar problem with one of our intranet
> websites in IE6. The site is not fully functional in non-IE browsers (IE6
> being the company standard). On the first visit to site for the day, the
> site takes good 30-45 seconds to respond, any subsequent visits are under 1
> sec, as expected. After some general testing (cache, cookies, etc.) I am
> fairly confident that the workstation configuration are not a problem. The
> issue can be reproduced on a number of workstations using a number of
> different NT accounts. For every account, the slow down is only once, during
> the initial visit.
>
> I have been looking for various tools to profile the site response and have
> consistently been running into the following issues:
>
> 1. the site is on an intranet, inaccessible from the internet, which rules
> out all the online tools.
> 2. the site is using SSL, which caused Fiddler (
> http://www.fiddlertool.com/fiddler/) and couple of other utilities to skip
> it altogether.
>
> I am not the developer of the site in question, but since I'm given the
> task of troubleshooting the issue, I want to back up my obvious conclusions
> with some numbers.
>
> Thanks in advance.
>
> - Nasir
>
> _______________________________________________
> New York PHP User Group Community Talk Mailing List
> http://lists.nyphp.org/mailman/listinfo/talk
>
> http://www.nyphp.org/show_participation.php
>
>
>
> _______________________________________________
> New York PHP User Group Community Talk Mailing List
> http://lists.nyphp.org/mailman/listinfo/talk
>
> http://www.nyphp.org/show_participation.php
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20081216/beda7648/attachment.html>

From nasir81 at gmail.com  Tue Dec 16 21:07:47 2008
From: nasir81 at gmail.com (Nasir Zubair)
Date: Tue, 16 Dec 2008 21:07:47 -0500
Subject: [nycphp-talk] [Slightly OT] Profiling Site Response Time
In-Reply-To: <49485BB9.9010808@omnistep.com>
References: <40fcda730812161621u514fd3cfvcd1e6fec5792168b@mail.gmail.com>
	<49485BB9.9010808@omnistep.com>
Message-ID: <40fcda730812161807i4ace7103g64fbfd4accc195ae@mail.gmail.com>

Yeah, that's a bummer. YSlow is my first choice for any task like this. But
the site not working in FF is one of the reason I'm looking for another
solution.

- Nasir

On Tue, Dec 16, 2008 at 8:54 PM, Rolan Yang <rolan at omnistep.com> wrote:

> Nasir Zubair wrote:
>
>> Hi All,
>>
>> Can anyone suggest an offline program or utility to profile response time
>> for an intranet website during various visits.
>>
>> I'm trying troubleshooting a peculiar problem with one of our intranet
>> websites in IE6. The site is not fully functional in non-IE browsers (IE6
>> being the company standard). On the first visit to site for the day, the
>> site takes good 30-45 seconds to respond, any subsequent visits are under 1
>> sec, as expected. After some general testing (cache, cookies, etc.) I am
>> fairly confident that the workstation configuration are not a problem. The
>> issue can be reproduced on a number of workstations using a number of
>> different NT accounts. For every account, the slow
>>
>
> The fact that it doesn't work with non-IE browsers is somewhat of a hurdle,
> but if it does with with Firefox, there is a nice plugin called Yslow that
> will profile your web pages and offer suggestions on how to optimize.
>
> ~Rolan
>
> _______________________________________________
> New York PHP User Group Community Talk Mailing List
> http://lists.nyphp.org/mailman/listinfo/talk
>
> http://www.nyphp.org/show_participation.php
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20081216/ac0bc840/attachment.html>

From tom at supertom.com  Tue Dec 16 21:54:35 2008
From: tom at supertom.com (Tom Melendez)
Date: Tue, 16 Dec 2008 18:54:35 -0800
Subject: [nycphp-talk] [Slightly OT] Profiling Site Response Time
In-Reply-To: <40fcda730812161807i4ace7103g64fbfd4accc195ae@mail.gmail.com>
References: <40fcda730812161621u514fd3cfvcd1e6fec5792168b@mail.gmail.com>
	<49485BB9.9010808@omnistep.com>
	<40fcda730812161807i4ace7103g64fbfd4accc195ae@mail.gmail.com>
Message-ID: <117286890812161854jce40592n73af57c25c86e3e@mail.gmail.com>

On Tue, Dec 16, 2008 at 6:07 PM, Nasir Zubair <nasir81 at gmail.com> wrote:
> Yeah, that's a bummer. YSlow is my first choice for any task like this. But
> the site not working in FF is one of the reason I'm looking for another
> solution.
>

What do you mean by "not working in FF"?  Things just don't look right
or functionality is actually degraded, or more importantly, requests
aren't actually being made?  If it just appearance, you can still get
some good data with FF.

Thanks,

Tom
http://www.liphp.org


From nasir81 at gmail.com  Tue Dec 16 21:59:39 2008
From: nasir81 at gmail.com (Nasir Zubair)
Date: Tue, 16 Dec 2008 21:59:39 -0500
Subject: [nycphp-talk] [Slightly OT] Profiling Site Response Time
In-Reply-To: <117286890812161854jce40592n73af57c25c86e3e@mail.gmail.com>
References: <40fcda730812161621u514fd3cfvcd1e6fec5792168b@mail.gmail.com>
	<49485BB9.9010808@omnistep.com>
	<40fcda730812161807i4ace7103g64fbfd4accc195ae@mail.gmail.com>
	<117286890812161854jce40592n73af57c25c86e3e@mail.gmail.com>
Message-ID: <40fcda730812161859v143c5d07w7e7b44435d4d4193@mail.gmail.com>

as far as I can tell, requests are being made, but the it seems to encounter
an XML error in the first few lines of the data that is sent back.

Wasn't sure if I would get any useful data out of YSlow with that. Will try
it first thing tomorrow.

- Nasir

On Tue, Dec 16, 2008 at 9:54 PM, Tom Melendez <tom at supertom.com> wrote:

> On Tue, Dec 16, 2008 at 6:07 PM, Nasir Zubair <nasir81 at gmail.com> wrote:
> > Yeah, that's a bummer. YSlow is my first choice for any task like this.
> But
> > the site not working in FF is one of the reason I'm looking for another
> > solution.
> >
>
> What do you mean by "not working in FF"?  Things just don't look right
> or functionality is actually degraded, or more importantly, requests
> aren't actually being made?  If it just appearance, you can still get
> some good data with FF.
>
> Thanks,
>
> Tom
> http://www.liphp.org
> _______________________________________________
> New York PHP User Group Community Talk Mailing List
> http://lists.nyphp.org/mailman/listinfo/talk
>
> http://www.nyphp.org/show_participation.php
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20081216/bb58fbfc/attachment.html>

From rotsen at gmail.com  Wed Dec 17 19:19:15 2008
From: rotsen at gmail.com (=?ISO-8859-1?Q?N=E9stor?=)
Date: Wed, 17 Dec 2008 16:19:15 -0800
Subject: [nycphp-talk] Help using a variable
Message-ID: <a304e2d60812171619h4fb822c3p768fd9364d94ba8b@mail.gmail.com>

I am passing a variable and value using the query method to myreport.php.

I can see using phpinfo() the query string and the var and the value:
_GET["drange"]AND (proj_adv_date >= DATE_FORMAT(\'2008-12-17\',\'%Y-%m-%d\')
AND proj_adv_date <= DATE_FORMAT(\'2009-12-17\', \'%Y-%m-%d\'))
_SERVER["QUERY_STRING"]show=1&proj_owner=Engineering&drange=AND+%28proj_adv_date+%3E%3D+DATE_FORMAT%28%272008-12-17%27%2C%27%25Y-%25m-%25d%27%29+AND+proj_adv_date+%3C%3D+DATE_FORMAT%28%272009-12-17%27%2C+%27%25Y-%25m-%25d%27%29%29

_SERVER["REQUEST_URI"]/opps/eco_reports/rep/uco_report.php?show=1&proj_owner=Engineering&drange=AND+%28proj_adv_date+%3E%3D+DATE_FORMAT%28%272008-12-17%27%2C%27%25Y-%25m-%25d%27%29+AND+proj_adv_date+%3C%3D+DATE_FORMAT%28%272009-12-17%27%2C+%27%25Y-%25m-%25d%27%29%29


but when I put the following code in the program dies:
 $drange  = $_GET['drange'];

I jjust discovered that if I change the variable to $xdrange the program
does nto stop
 $xdrange  = $_GET['drange'];

What????

I need the variable to be $drange because it is a date range that I use to
create the query and this program calls itself.

What could be causing the problem?  What should I do to use this variable
$drange?

Thanks,

Nestor :-)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20081217/a63a12b1/attachment.html>

From brian at realm3.com  Wed Dec 17 19:53:53 2008
From: brian at realm3.com (Brian D.)
Date: Wed, 17 Dec 2008 19:53:53 -0500
Subject: [nycphp-talk] Help using a variable
In-Reply-To: <a304e2d60812171619h4fb822c3p768fd9364d94ba8b@mail.gmail.com>
References: <a304e2d60812171619h4fb822c3p768fd9364d94ba8b@mail.gmail.com>
Message-ID: <c7c53eda0812171653v3178cc0yf1c9c3a1686110e8@mail.gmail.com>

When you say it "dies", you should get some sort of an error status
message. Make sure you're displaying error messages (E_ALL, maybe),
and you should get something more useful.

-b.

realm3 web applications [realm3.com]
Information architecture, application development.
phone: (917) 512-3594
fax: (440) 744-3559



On Wed, Dec 17, 2008 at 7:19 PM, N?stor <rotsen at gmail.com> wrote:
> I am passing a variable and value using the query method to myreport.php.
>
> I can see using phpinfo() the query string and the var and the value:
> _GET["drange"]AND (proj_adv_date >= DATE_FORMAT(\'2008-12-17\',\'%Y-%m-%d\')
> AND proj_adv_date <= DATE_FORMAT(\'2009-12-17\', \'%Y-%m-%d\'))
> _SERVER["QUERY_STRING"]show=1&proj_owner=Engineering&drange=AND+%28proj_adv_date+%3E%3D+DATE_FORMAT%28%272008-12-17%27%2C%27%25Y-%25m-%25d%27%29+AND+proj_adv_date+%3C%3D+DATE_FORMAT%28%272009-12-17%27%2C+%27%25Y-%25m-%25d%27%29%29
> _SERVER["REQUEST_URI"]/opps/eco_reports/rep/uco_report.php?show=1&proj_owner=Engineering&drange=AND+%28proj_adv_date+%3E%3D+DATE_FORMAT%28%272008-12-17%27%2C%27%25Y-%25m-%25d%27%29+AND+proj_adv_date+%3C%3D+DATE_FORMAT%28%272009-12-17%27%2C+%27%25Y-%25m-%25d%27%29%29
>
>
> but when I put the following code in the program dies:
>  $drange  = $_GET['drange'];
>
> I jjust discovered that if I change the variable to $xdrange the program
> does nto stop
>  $xdrange  = $_GET['drange'];
>
> What????
>
> I need the variable to be $drange because it is a date range that I use to
> create the query and this program calls itself.
>
> What could be causing the problem?  What should I do to use this variable
> $drange?
>
> Thanks,
>
> Nestor :-)
>
>
>
>
> _______________________________________________
> New York PHP User Group Community Talk Mailing List
> http://lists.nyphp.org/mailman/listinfo/talk
>
> http://www.nyphp.org/show_participation.php
>


From arzala at gmail.com  Wed Dec 17 22:24:42 2008
From: arzala at gmail.com (Anirudhsinh Zala)
Date: Thu, 18 Dec 2008 08:54:42 +0530
Subject: [nycphp-talk] Help using a variable
In-Reply-To: <a304e2d60812171619h4fb822c3p768fd9364d94ba8b@mail.gmail.com>
References: <a304e2d60812171619h4fb822c3p768fd9364d94ba8b@mail.gmail.com>
Message-ID: <200812180854.42434.arzala@gmail.com>

On Thursday 18 December 2008 05:49:15 N?stor wrote:
> I am passing a variable and value using the query method to myreport.php.
>
> I can see using phpinfo() the query string and the var and the value:
> _GET["drange"]AND (proj_adv_date >=
> DATE_FORMAT(\'2008-12-17\',\'%Y-%m-%d\') AND proj_adv_date <=
> DATE_FORMAT(\'2009-12-17\', \'%Y-%m-%d\'))
> _SERVER["QUERY_STRING"]show=1&proj_owner=Engineering&drange=AND+%28proj_adv
>_date+%3E%3D+DATE_FORMAT%28%272008-12-17%27%2C%27%25Y-%25m-%25d%27%29+AND+pr
>oj_adv_date+%3C%3D+DATE_FORMAT%28%272009-12-17%27%2C+%27%25Y-%25m-%25d%27%29
>%29
>
> _SERVER["REQUEST_URI"]/opps/eco_reports/rep/uco_report.php?show=1&proj_owne
>r=Engineering&drange=AND+%28proj_adv_date+%3E%3D+DATE_FORMAT%28%272008-12-17
>%27%2C%27%25Y-%25m-%25d%27%29+AND+proj_adv_date+%3C%3D+DATE_FORMAT%28%272009
>-12-17%27%2C+%27%25Y-%25m-%25d%27%29%29
>
>
> but when I put the following code in the program dies:
>  $drange  = $_GET['drange'];

Difficult to analyse but Is directive "register_globals" set to "On" either in 
php.ini or in your script?

Btw, passing SQL chunk (i.e implementation logic) via query string is not good 
method. Instead you should pass just necessary values of dates etc.

Thanks

Anirudh Zala

>
> I jjust discovered that if I change the variable to $xdrange the program
> does nto stop
>  $xdrange  = $_GET['drange'];
>
> What????
>
> I need the variable to be $drange because it is a date range that I use to
> create the query and this program calls itself.
>
> What could be causing the problem?  What should I do to use this variable
> $drange?
>
> Thanks,
>
> Nestor :-)




From rotsen at gmail.com  Wed Dec 17 22:38:19 2008
From: rotsen at gmail.com (=?ISO-8859-1?Q?N=E9stor?=)
Date: Wed, 17 Dec 2008 19:38:19 -0800
Subject: [nycphp-talk] Help using a variable
In-Reply-To: <200812180854.42434.arzala@gmail.com>
References: <a304e2d60812171619h4fb822c3p768fd9364d94ba8b@mail.gmail.com>
	<200812180854.42434.arzala@gmail.com>
Message-ID: <a304e2d60812171938p7e8c61aen2386323017c3df59@mail.gmail.com>

Register Globals are OFF
:-)

On Wed, Dec 17, 2008 at 7:24 PM, Anirudhsinh Zala <arzala at gmail.com> wrote:

> On Thursday 18 December 2008 05:49:15 N?stor wrote:
> > I am passing a variable and value using the query method to myreport.php.
> >
> > I can see using phpinfo() the query string and the var and the value:
> > _GET["drange"]AND (proj_adv_date >=
> > DATE_FORMAT(\'2008-12-17\',\'%Y-%m-%d\') AND proj_adv_date <=
> > DATE_FORMAT(\'2009-12-17\', \'%Y-%m-%d\'))
> >
> _SERVER["QUERY_STRING"]show=1&proj_owner=Engineering&drange=AND+%28proj_adv
>
> >_date+%3E%3D+DATE_FORMAT%28%272008-12-17%27%2C%27%25Y-%25m-%25d%27%29+AND+pr
>
> >oj_adv_date+%3C%3D+DATE_FORMAT%28%272009-12-17%27%2C+%27%25Y-%25m-%25d%27%29
> >%29
> >
> >
> _SERVER["REQUEST_URI"]/opps/eco_reports/rep/uco_report.php?show=1&proj_owne
>
> >r=Engineering&drange=AND+%28proj_adv_date+%3E%3D+DATE_FORMAT%28%272008-12-17
>
> >%27%2C%27%25Y-%25m-%25d%27%29+AND+proj_adv_date+%3C%3D+DATE_FORMAT%28%272009
> >-12-17%27%2C+%27%25Y-%25m-%25d%27%29%29
> >
> >
> > but when I put the following code in the program dies:
> >  $drange  = $_GET['drange'];
>
> Difficult to analyse but Is directive "register_globals" set to "On" either
> in
> php.ini or in your script?
>
> Btw, passing SQL chunk (i.e implementation logic) via query string is not
> good
> method. Instead you should pass just necessary values of dates etc.
>
> Thanks
>
> Anirudh Zala
>
> >
> > I jjust discovered that if I change the variable to $xdrange the program
> > does nto stop
> >  $xdrange  = $_GET['drange'];
> >
> > What????
> >
> > I need the variable to be $drange because it is a date range that I use
> to
> > create the query and this program calls itself.
> >
> > What could be causing the problem?  What should I do to use this variable
> > $drange?
> >
> > Thanks,
> >
> > Nestor :-)
>
>
> _______________________________________________
> New York PHP User Group Community Talk Mailing List
> http://lists.nyphp.org/mailman/listinfo/talk
>
> http://www.nyphp.org/show_participation.php
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20081217/3069dc69/attachment.html>

From elizabeth at linuxbox.com  Thu Dec 18 13:32:01 2008
From: elizabeth at linuxbox.com (elizabeth)
Date: Thu, 18 Dec 2008 13:32:01 -0500
Subject: [nycphp-talk] Open Source Project Management Tools
In-Reply-To: <01eb01c95ebe$7dea8b10$0301a8c0@ltdcmain>
References: <Pine.LNX.4.44.0812142341220.3614-100000@bitblit.net>	<alpine.BSF.2.00.0812150031140.38101@pluto.atopia.net>
	<01eb01c95ebe$7dea8b10$0301a8c0@ltdcmain>
Message-ID: <494A9721.8050403@linuxbox.com>

Hi,

web2project is not new.  It is really /dotProject/ with a new skin but 
it does not include the Helpdesk module.

elizabeth


Paul McGrane wrote:
> You should check out web2project.net  This is a new open source project
> management tool that sounds like it answers most of your issues...you can
> demo it at demo.web2project.net
>
> Paul 
>
> -----Original Message-----
> From: talk-bounces at lists.nyphp.org [mailto:talk-bounces at lists.nyphp.org] On
> Behalf Of Matt Juszczak
> Sent: Monday, December 15, 2008 12:34 AM
> To: NYPHP Talk
> Subject: Re: [nycphp-talk] Open Source Project Management Tools
>
>   
>> I think Ive spent years looking for a good open source solution and 
>> Ive never found anything close. (Maybe we should write one? :-)
>>     
>
> Agreed.  I think there's a big market here for an open source project
> management solution.  I'd gladly provide hosting/svn, etc. if people wanted
> to get together and start one.
>
>   
>> As far as commercial solutions go, right now we're using FogBugz but 
>> Mingle looks pretty good too.
>>     
>
> Great!  I'll look at them, thanks!
> _______________________________________________
> New York PHP User Group Community Talk Mailing List
> http://lists.nyphp.org/mailman/listinfo/talk
>
> http://www.nyphp.org/show_participation.php
>
> _______________________________________________
> New York PHP User Group Community Talk Mailing List
> http://lists.nyphp.org/mailman/listinfo/talk
>
> http://www.nyphp.org/show_participation.php
>   

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20081218/56479caf/attachment.html>

From mailinglists at caseysoftware.com  Thu Dec 18 13:54:25 2008
From: mailinglists at caseysoftware.com (Keith Casey)
Date: Thu, 18 Dec 2008 13:54:25 -0500
Subject: [nycphp-talk] Open Source Project Management Tools
In-Reply-To: <494A9721.8050403@linuxbox.com>
References: <Pine.LNX.4.44.0812142341220.3614-100000@bitblit.net>
	<alpine.BSF.2.00.0812150031140.38101@pluto.atopia.net>
	<01eb01c95ebe$7dea8b10$0301a8c0@ltdcmain>
	<494A9721.8050403@linuxbox.com>
Message-ID: <fd219f0f0812181054i5afab506u2cdd38809fd65442@mail.gmail.com>

On Thu, Dec 18, 2008 at 1:32 PM, elizabeth <elizabeth at linuxbox.com> wrote:
> web2project is not new.  It is really dotProject with a new skin but it does
> not include the Helpdesk module.

Former dotProject and current web2project contributor here...

First off, Helpdesk hasn't ever been a core module and iirc, it's
deprecated... I don't think it's a purposeful decision, just the fact
that it's rarely updated.

More importantly,, web2project is not just "dotproejct with a new skin":

*  We're steadily working towards XHTML 1.0 compliance.  Since I was
one of the guys to do this on the (since deprecated) dotProject Head
development, I'm taking care of these things as we can.

*  The underlying permissions system has a caching layer built in.
>From our tests - both in dev and in production with 400+ products -
we've seen response times improve by over 50% and a 90% reduction in
the number of queries performed.  I am hosting 5-6 production
customers on it right now.

*  The security fixes are numerous, but the biggest one -
http://caseysoftware.com/blog/vulnerability-disclosure-dotproject -
limits users from performing arbitrary actions.

*  We've reworked portions of the database - for example, making
enumerated types separate fields as opposed to /n delimited strings -
to make the system easier to interact with programatically.  The
Vision for this is to eventually have a RESTful API included in core.
I gave a *brief* overview of it at the DCPHP Conference a while back.

*  A great deal of the cruft in the system has been removed.  By
simply deleting code that was executing *but not doing anything*,
we've improved response times of certain screens by 50%... independent
of the permissions caching noted above.

*  In terms of general code cleanliness, we're in progress in actually
using the CakePHP coding standard to make sure things are all
readable.  I've also been working to remove all the extraneous bits of
PHP from the HTML.  We're no where near complete on either of these
pieces, but making things steadily better.


Next month I'll be giving a demo and overview of web2project... all
are welcome to attend the Northern Virginia Linux Users' Group (03
Jan), the DC PHP Users' Group (14 Jan), or the soon-to-be-announced
php|architect Webinar Series (mine is 23 Jan).

Thanks,
keith

-- 
D. Keith Casey Jr.
CEO, CaseySoftware, LLC
http://CaseySoftware.com


From rotsen at gmail.com  Fri Dec 19 01:05:46 2008
From: rotsen at gmail.com (=?ISO-8859-1?Q?N=E9stor?=)
Date: Thu, 18 Dec 2008 22:05:46 -0800
Subject: [nycphp-talk] Help using a variable
In-Reply-To: <a304e2d60812171938p7e8c61aen2386323017c3df59@mail.gmail.com>
References: <a304e2d60812171619h4fb822c3p768fd9364d94ba8b@mail.gmail.com>
	<200812180854.42434.arzala@gmail.com>
	<a304e2d60812171938p7e8c61aen2386323017c3df59@mail.gmail.com>
Message-ID: <a304e2d60812182205n10c9d419n21372216117e29e5@mail.gmail.com>

I sat down and re wrote all of the code and things are working.
Thnaks,

Nestor :-)

On Wed, Dec 17, 2008 at 7:38 PM, N?stor <rotsen at gmail.com> wrote:

> Register Globals are OFF
> :-)
>
>
> On Wed, Dec 17, 2008 at 7:24 PM, Anirudhsinh Zala <arzala at gmail.com>wrote:
>
>> On Thursday 18 December 2008 05:49:15 N?stor wrote:
>> > I am passing a variable and value using the query method to
>> myreport.php.
>> >
>> > I can see using phpinfo() the query string and the var and the value:
>> > _GET["drange"]AND (proj_adv_date >=
>> > DATE_FORMAT(\'2008-12-17\',\'%Y-%m-%d\') AND proj_adv_date <=
>> > DATE_FORMAT(\'2009-12-17\', \'%Y-%m-%d\'))
>> >
>> _SERVER["QUERY_STRING"]show=1&proj_owner=Engineering&drange=AND+%28proj_adv
>>
>> >_date+%3E%3D+DATE_FORMAT%28%272008-12-17%27%2C%27%25Y-%25m-%25d%27%29+AND+pr
>>
>> >oj_adv_date+%3C%3D+DATE_FORMAT%28%272009-12-17%27%2C+%27%25Y-%25m-%25d%27%29
>> >%29
>> >
>> >
>> _SERVER["REQUEST_URI"]/opps/eco_reports/rep/uco_report.php?show=1&proj_owne
>>
>> >r=Engineering&drange=AND+%28proj_adv_date+%3E%3D+DATE_FORMAT%28%272008-12-17
>>
>> >%27%2C%27%25Y-%25m-%25d%27%29+AND+proj_adv_date+%3C%3D+DATE_FORMAT%28%272009
>> >-12-17%27%2C+%27%25Y-%25m-%25d%27%29%29
>> >
>> >
>> > but when I put the following code in the program dies:
>> >  $drange  = $_GET['drange'];
>>
>> Difficult to analyse but Is directive "register_globals" set to "On"
>> either in
>> php.ini or in your script?
>>
>> Btw, passing SQL chunk (i.e implementation logic) via query string is not
>> good
>> method. Instead you should pass just necessary values of dates etc.
>>
>> Thanks
>>
>> Anirudh Zala
>>
>> >
>> > I jjust discovered that if I change the variable to $xdrange the program
>> > does nto stop
>> >  $xdrange  = $_GET['drange'];
>> >
>> > What????
>> >
>> > I need the variable to be $drange because it is a date range that I use
>> to
>> > create the query and this program calls itself.
>> >
>> > What could be causing the problem?  What should I do to use this
>> variable
>> > $drange?
>> >
>> > Thanks,
>> >
>> > Nestor :-)
>>
>>
>> _______________________________________________
>> New York PHP User Group Community Talk Mailing List
>> http://lists.nyphp.org/mailman/listinfo/talk
>>
>> http://www.nyphp.org/show_participation.php
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20081218/4d02caaa/attachment.html>

From danielc at analysisandsolutions.com  Sat Dec 20 23:09:11 2008
From: danielc at analysisandsolutions.com (Daniel Convissor)
Date: Sat, 20 Dec 2008 23:09:11 -0500
Subject: [nycphp-talk] [Slightly OT] Profiling Site Response Time
In-Reply-To: <40fcda730812161807i4ace7103g64fbfd4accc195ae@mail.gmail.com>
References: <40fcda730812161621u514fd3cfvcd1e6fec5792168b@mail.gmail.com>
	<49485BB9.9010808@omnistep.com>
	<40fcda730812161807i4ace7103g64fbfd4accc195ae@mail.gmail.com>
Message-ID: <20081221040911.GA7367@panix.com>

Hi Nasir:

> YSlow is my first choice for any task like this. But
> the site not working in FF

That could be the reason the site is slow.  It may be downloading fine 
but the browsers are choking on the rendering phase on the first page 
load because your HTML or style sheets are totally broken.

--Dan

-- 
 T H E   A N A L Y S I S   A N D   S O L U T I O N S   C O M P A N Y
            data intensive web and database programming
                http://www.AnalysisAndSolutions.com/
 4015 7th Ave #4, Brooklyn NY 11232  v: 718-854-0335 f: 718-854-0409


From mmwaldman at nyc.rr.com  Wed Dec 24 17:01:39 2008
From: mmwaldman at nyc.rr.com (Michele Waldman)
Date: Wed, 24 Dec 2008 17:01:39 -0500
Subject: [nycphp-talk] Captcha/Question
Message-ID: <20081224220136.TWZZ13791.hrndva-omta05.mail.rr.com@DeJaVu>

I see zencart moved from using a captcha to a security question.

 

They only have a finite number of questions like "What is the color of a
blue sky?"

 

Can't that be easily gotten around?

 

You can just read the security question from the page and program the
response for that question.

 

Thoughts on captchas and security questions?

 

Michele

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20081224/c283601f/attachment.html>

From tom at supertom.com  Wed Dec 24 17:19:12 2008
From: tom at supertom.com (Tom Melendez)
Date: Wed, 24 Dec 2008 14:19:12 -0800
Subject: [nycphp-talk] Captcha/Question
In-Reply-To: <20081224220136.TWZZ13791.hrndva-omta05.mail.rr.com@DeJaVu>
References: <20081224220136.TWZZ13791.hrndva-omta05.mail.rr.com@DeJaVu>
Message-ID: <117286890812241419l674078aeofdf3c9c58be36855@mail.gmail.com>

On Wed, Dec 24, 2008 at 2:01 PM, Michele Waldman <mmwaldman at nyc.rr.com> wrote:
> I see zencart moved from using a captcha to a security question.
>
Do you know why? (I'm asking, I don't know why either)  Do they let
you enable one instead of the other?
>
>
> They only have a finite number of questions like "What is the color of a
> blue sky?"
>
Is it possible to add your own?
>
>
> Can't that be easily gotten around?
>
> You can just read the security question from the page and program the
> response for that question.
>
Well, the answer is per user, so you would have to know their answer
to begin with, right?
>
>
> Thoughts on captchas and security questions?
>
Well, either or both combined shouldn't define your security policy.
For example, if you're running on a shared host, or non-SSL your
"security" is very limited.  What are you trying to protect against?
What is your concern?

With that said, I tend to like the multi-step process that involves both.

Tom
http://www.liphp.org


From mmwaldman at nyc.rr.com  Wed Dec 24 17:26:00 2008
From: mmwaldman at nyc.rr.com (Michele Waldman)
Date: Wed, 24 Dec 2008 17:26:00 -0500
Subject: [nycphp-talk] Captcha/Question
In-Reply-To: <117286890812241419l674078aeofdf3c9c58be36855@mail.gmail.com>
Message-ID: <20081224222557.SMTM23940.hrndva-omta03.mail.rr.com@DeJaVu>

The purpose of the captchas and security question is to prevent automated
login attempts and automated password guessing.

-----Original Message-----
From: talk-bounces at lists.nyphp.org [mailto:talk-bounces at lists.nyphp.org] On
Behalf Of Tom Melendez
Sent: Wednesday, December 24, 2008 5:19 PM
To: NYPHP Talk
Subject: Re: [nycphp-talk] Captcha/Question

On Wed, Dec 24, 2008 at 2:01 PM, Michele Waldman <mmwaldman at nyc.rr.com>
wrote:
> I see zencart moved from using a captcha to a security question.
>
Do you know why? (I'm asking, I don't know why either)  Do they let
you enable one instead of the other?
>
>
> They only have a finite number of questions like "What is the color of a
> blue sky?"
>
Is it possible to add your own?
>
>
> Can't that be easily gotten around?
>
> You can just read the security question from the page and program the
> response for that question.
>
Well, the answer is per user, so you would have to know their answer
to begin with, right?
>
>
> Thoughts on captchas and security questions?
>
Well, either or both combined shouldn't define your security policy.
For example, if you're running on a shared host, or non-SSL your
"security" is very limited.  What are you trying to protect against?
What is your concern?

With that said, I tend to like the multi-step process that involves both.

Tom
http://www.liphp.org
_______________________________________________
New York PHP User Group Community Talk Mailing List
http://lists.nyphp.org/mailman/listinfo/talk

http://www.nyphp.org/show_participation.php



From yitzchas at touro.edu  Mon Dec 29 10:37:42 2008
From: yitzchas at touro.edu (Yitzchak Schaffer)
Date: Mon, 29 Dec 2008 10:37:42 -0500
Subject: [nycphp-talk] Server maintenance
Message-ID: <4958EEC6.60301@touro.edu>

Greetings all:

We are doing an upgrade of the server which hosts the survey and staff 
wiki; there may be brief service interruptions over the next hour or so.

Cheers,

-- 
Yitzchak Schaffer
Systems Librarian
Touro College Libraries
33 West 23rd Street
New York, NY 10010
Tel (212) 463-0400 x5230
Fax (212) 627-3197
yitzchas at touro.edu


From yitzchas at touro.edu  Mon Dec 29 10:38:23 2008
From: yitzchas at touro.edu (Yitzchak Schaffer)
Date: Mon, 29 Dec 2008 10:38:23 -0500
Subject: [nycphp-talk] Server maintenance
In-Reply-To: <4958EEC6.60301@touro.edu>
References: <4958EEC6.60301@touro.edu>
Message-ID: <4958EEEF.6070907@touro.edu>

Yitzchak Schaffer wrote:
> Greetings all:
> 

Whoops, wrong recipient - mea culpa, apologies!

-- 
Yitzchak Schaffer
Systems Librarian
Touro College Libraries
33 West 23rd Street
New York, NY 10010
Tel (212) 463-0400 x5230
Fax (212) 627-3197
yitzchas at touro.edu


From y2rob at aol.com  Wed Dec 31 11:19:19 2008
From: y2rob at aol.com (y2rob at aol.com)
Date: Wed, 31 Dec 2008 11:19:19 -0500
Subject: [nycphp-talk] Open Source Project Management Tools
In-Reply-To: <alpine.BSF.2.00.0812150031140.38101@pluto.atopia.net>
References: <Pine.LNX.4.44.0812142341220.3614-100000@bitblit.net>
	<alpine.BSF.2.00.0812150031140.38101@pluto.atopia.net>
Message-ID: <8CB397AAAE0A1C7-C10-646@WEBMAIL-DY34.sysops.aol.com>


 i'd be interested in contributing to that :)

~rob


 


 

-----Original Message-----
From: Matt Juszczak <matt at atopia.net>
To: NYPHP Talk <talk at lists.nyphp.org>
Sent: Mon, 15 Dec 2008 12:33 am
Subject: Re: [nycphp-talk] Open Source Project Management Tools









> I think Ive spent years looking for a good open source solution and Ive?

> never found anything close. (Maybe we should write one? :-)?
?

Agreed.  I think there's a big market here for an open source project 
management solution.  I'd gladly provide hosting/svn, etc. if people 
wanted to get together and start one.?
?

> As far as commercial solutions go, right now we're using FogBugz but?

> Mingle looks pretty good too.?
?

Great!  I'll look at them, thanks!?

_______________________________________________?

New York PHP User Group Community Talk Mailing List?

http://lists.nyphp.org/mailman/listinfo/talk?
?

http://www.nyphp.org/show_participation.php?



 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20081231/cac2c791/attachment.html>

From ramons at gmx.net  Wed Dec 31 19:26:33 2008
From: ramons at gmx.net (David Krings)
Date: Wed, 31 Dec 2008 19:26:33 -0500
Subject: [nycphp-talk] Open Source Project Management Tools
In-Reply-To: <8CB397AAAE0A1C7-C10-646@WEBMAIL-DY34.sysops.aol.com>
References: <Pine.LNX.4.44.0812142341220.3614-100000@bitblit.net>	<alpine.BSF.2.00.0812150031140.38101@pluto.atopia.net>
	<8CB397AAAE0A1C7-C10-646@WEBMAIL-DY34.sysops.aol.com>
Message-ID: <495C0DB9.6050104@gmx.net>

Hi!

Count me in for QA / tech writing (help / manual). I guess I am way better at 
that than the programming.

David


y2rob at aol.com wrote:
>   i'd be interested in contributing to that :)
> 
> ~rob
> 
> 
> -----Original Message-----
> From: Matt Juszczak <matt at atopia.net>
> To: NYPHP Talk <talk at lists.nyphp.org>
> Sent: Mon, 15 Dec 2008 12:33 am
> Subject: Re: [nycphp-talk] Open Source Project Management Tools
> 
>>  I think Ive spent years looking for a good open source solution and Ive 
>>  never found anything close. (Maybe we should write one? :-) 
>  
> Agreed. I think there's a big market here for an open source project 
> management solution. I'd gladly provide hosting/svn, etc. if people 
> wanted to get together and start one. 
>  
>>  As far as commercial solutions go, right now we're using FogBugz but 
>>  Mingle looks pretty good too. 
>  
> Great! I'll look at them, thanks! 
> _______________________________________________ 
> New York PHP User Group Community Talk Mailing List 
> http://lists.nyphp.org/mailman/listinfo/talk 
>  
> http://www.nyphp.org/show_participation.php 
> 
> ------------------------------------------------------------------------
> Get a *free MP3* every day with the Spinner.com Toolbar. Get it Now 
> <http://toolbar.aol.com/spinner/download.html?ncid=emlweusdown00000020>.
> 
> 
> ------------------------------------------------------------------------
> 
> _______________________________________________
> New York PHP User Group Community Talk Mailing List
> http://lists.nyphp.org/mailman/listinfo/talk
> 
> http://www.nyphp.org/show_participation.php


From john at coggeshall.org  Wed Dec 31 19:34:22 2008
From: john at coggeshall.org (John Coggeshall)
Date: Wed, 31 Dec 2008 16:34:22 -0800
Subject: [nycphp-talk] Open Source Project Management Tools
In-Reply-To: <495C0DB9.6050104@gmx.net>
References: <Pine.LNX.4.44.0812142341220.3614-100000@bitblit.net>
	<alpine.BSF.2.00.0812150031140.38101@pluto.atopia.net>
	<8CB397AAAE0A1C7-C10-646@WEBMAIL-DY34.sysops.aol.com>
	<495C0DB9.6050104@gmx.net>
Message-ID: <1ae19b080812311634r4d74294bp5bbce98f66b70f9@mail.gmail.com>

There is also a great Trac plugin Agilo for SCRUM development cycles
we use to great success.

http://www.agile42.com/


On Wed, Dec 31, 2008 at 4:26 PM, David Krings <ramons at gmx.net> wrote:
> Hi!
>
> Count me in for QA / tech writing (help / manual). I guess I am way better
> at that than the programming.
>
> David
>
>
> y2rob at aol.com wrote:
>>
>>  i'd be interested in contributing to that :)
>>
>> ~rob
>>
>>
>> -----Original Message-----
>> From: Matt Juszczak <matt at atopia.net>
>> To: NYPHP Talk <talk at lists.nyphp.org>
>> Sent: Mon, 15 Dec 2008 12:33 am
>> Subject: Re: [nycphp-talk] Open Source Project Management Tools
>>
>>>  I think Ive spent years looking for a good open source solution and Ive
>>>  never found anything close. (Maybe we should write one? :-)
>>
>>  Agreed. I think there's a big market here for an open source project
>> management solution. I'd gladly provide hosting/svn, etc. if people wanted
>> to get together and start one.
>>>
>>>  As far as commercial solutions go, right now we're using FogBugz but
>>>  Mingle looks pretty good too.
>>
>>  Great! I'll look at them, thanks!
>> _______________________________________________ New York PHP User Group
>> Community Talk Mailing List http://lists.nyphp.org/mailman/listinfo/talk
>>  http://www.nyphp.org/show_participation.php
>> ------------------------------------------------------------------------
>> Get a *free MP3* every day with the Spinner.com Toolbar. Get it Now
>> <http://toolbar.aol.com/spinner/download.html?ncid=emlweusdown00000020>.
>>
>>
>> ------------------------------------------------------------------------
>>
>> _______________________________________________
>> New York PHP User Group Community Talk Mailing List
>> http://lists.nyphp.org/mailman/listinfo/talk
>>
>> http://www.nyphp.org/show_participation.php
>
> _______________________________________________
> New York PHP User Group Community Talk Mailing List
> http://lists.nyphp.org/mailman/listinfo/talk
>
> http://www.nyphp.org/show_participation.php
>