From jkapron at newageweb.com Sat Jun 1 01:30:03 2002 From: jkapron at newageweb.com (Jerry Kapron) Date: Sat, 01 Jun 2002 01:30:03 -0400 Subject: PHP Object handling. A rant. References: <200205311652.g4VGqEP62837@slipdisc.virul.net> Message-ID: <3CF85BDA.2EDA20AD@NewAgeWeb.com> Is it really that bad? -> http://www.itchyfeet.org.nz/local/phprant.php From charles at softwareprototypes.com Sat Jun 1 10:33:55 2002 From: charles at softwareprototypes.com (charles at softwareprototypes.com) Date: Sat, 1 Jun 2002 10:33:55 -0400 Subject: [nycphp-talk] PHP Object handling. A rant. Message-ID: <61040-22002661143355281@softwareprototypes.com> Object oriented systems are notoriously hard to debug. Smalltalks have excellent interactive debugging but that only works if the IDE is present. On packaged apps. you don't ship the IDE. If you do, the footprint becomes huge and your users have to be Smalltalk developpers who know what to do with a Walkback Window. The only ones who have a decent handle on the process are IBM with VisualAge Smalltalk which is the same thing as saying OTI's ENVY/Developper which is the engine. The entire stack and all objects in RAM are serialized and streamed to a file when an application crash occurs. That's a lot of over-head for a crash and those files are huge and buggers to work with without the specialised tools. What he's bitching about though, is the stateless nature of the web and the fact that the entire system and the application that he's working on has to be designed as a state machine which is forced to recoved its relevant state information at every invocation and which has to stuff its state information at every exit. I say he's got it easy compared to programming in CICS or IDMS-DC where the problems of releasing every resource between invocation are compounded by a limit of 32k-words of memory per process. Read a "Programming in Command -level CICS COBOL" for an appreaciation of the problem. His beef has dick-all to do with object-orientation and everything to do with the fact that he doesn't know how to implement a state machine or handle dialog flow. Ripping out the object-oriented code won't help him. His problem is that he's not thinking in objects so his logic flow is spanning object methods and he doesn't know what to do. State machines are perpendicular to structure in the same way that a mobile is perpendicular to its hanging three dimensional structure or that a true aquatic ballet is perpendicular to the position of the swimmers in the pool. If you only look at the surface, you're missing the true dimension of the problem and can't get the point of the exercise. The GUI is a state machine but only for the GUI. The rest of the objects implement their own state machines as required. To wax poetic, as I once did in "The Hot-Line on Object-Oriented Technology" software development is like choreographing the dance of electrons in n-dimensions. This poor flat-lander has two left feet. -Charles-A. > From: Jerry Kapron > Organization: New York PHP > Reply-To: talk at nyphp.org > Date: Sat, 1 Jun 2002 01:25:48 -0400 > To: NYPHP Talk > Subject: [nycphp-talk] PHP Object handling. A rant. > > Is it really that bad? -> http://www.itchyfeet.org.nz/local/phprant.php > > From rderoo at supserv.com Sat Jun 1 10:42:04 2002 From: rderoo at supserv.com (Raymond DeRoo) Date: Sat, 1 Jun 2002 10:42:04 -0400 Subject: [nycphp-talk] PHP Object handling. A rant. In-Reply-To: <200206010525.g515PmP67170@slipdisc.virul.net> References: <200206010525.g515PmP67170@slipdisc.virul.net> Message-ID: <200206011442.g51Eg36o015373@base.deroo.net> Jerry-- > Is it really that bad? -> http://www.itchyfeet.org.nz/local/phprant.php Some of the points he brings up where probably valid at the time of his writing. Though he does not mention specifically which version he's using, but I would guess 4.0.6. PHP 4.1.x> can put objects in sessions and be carried from one page to the next. Still at issue (at least for 4.2.1) is when you serialize() an object, methods are lost when you unserialize(). Though I've heard this has been corrected in Zend 2.0 As for is gripping about error handling, PHP 4.2 now ships default with E_ALL for error reporting as the default. A *great* way to write code, but I don't run production servers with error logging set that high. But that's just me, YMMV. .r From charles at softwareprototypes.com Sat Jun 1 20:38:19 2002 From: charles at softwareprototypes.com (charles at softwareprototypes.com) Date: Sat, 1 Jun 2002 20:38:19 -0400 Subject: The system date on dev is still screwed up... Message-ID: <301480-2200260203819156@softwareprototypes.com> Hello Hans, the system date on the dev box is still one day ahead. Later, -Charles-A. From rainman at deroo.net Sat Jun 1 21:25:43 2002 From: rainman at deroo.net (Raymond DeRoo) Date: Sat, 1 Jun 2002 21:25:43 -0400 Subject: [nycphp-talk] PHP Object handling. A rant. Message-ID: <200206020125.g521Pg6o017255@base.deroo.net> Jerry-- > Is it really that bad? -> http://www.itchyfeet.org.nz/local/phprant.php Some of the points he brings up where probably valid at the time of his writing. Though he does not mention specifically which version he's using, but I would guess 4.0.6. PHP 4.1.x> can put objects in sessions and be carried from one page to the next. Still at issue (at least for 4.2.1) is when you serialize() an object, methods are lost when you unserialize(). Though I've heard this has been corrected in Zend 2.0 As for is gripping about error handling, PHP 4.2 now ships default with E_ALL for error reporting as the default. A *great* way to write code, but I don't run production servers with error logging set that high. But that's just me, YMMV. .r From ejp at well.com Sun Jun 2 01:44:12 2002 From: ejp at well.com (Edward Potter) Date: Sun, 02 Jun 2002 01:44:12 -0400 Subject: [nycphp-talk] PHP Object handling. A rant. References: <200206011429.g51ETiP72907@slipdisc.virul.net> Message-ID: <3CF9B0AC.20101@well.com> O gosh, just pass the value in a hidden field. It's fool proof right? :-) e charles at softwareprototypes.com wrote: > Object oriented systems are notoriously hard to debug. > > Smalltalks have excellent interactive debugging but that only works > if the IDE is present. On packaged apps. you don't ship the IDE. If > you do, the footprint becomes huge and your users have to be > Smalltalk developpers who know what to do with a Walkback Window. > > The only ones who have a decent handle on the process are IBM with > VisualAge Smalltalk which is the same thing as saying OTI's > ENVY/Developper which is the engine. The entire stack and all objects > in RAM are serialized and streamed to a file when an application > crash occurs. That's a lot of over-head for a crash and those files > are huge and buggers to work with without the specialised tools. > > What he's bitching about though, is the stateless nature of the web > and the fact that the entire system and the application that he's > working on has to be designed as a state machine which is forced to > recoved its relevant state information at every invocation and which > has to stuff its state information at every exit. > > I say he's got it easy compared to programming in CICS or IDMS-DC > where the problems of releasing every resource between invocation are > compounded by a limit of 32k-words of memory per process. > > Read a "Programming in Command -level CICS COBOL" for an > appreaciation of the problem. > > His beef has dick-all to do with object-orientation and everything to > do with the fact that he doesn't know how to implement a state > machine or handle dialog flow. > > Ripping out the object-oriented code won't help him. His problem is > that he's not thinking in objects so his logic flow is spanning > object methods and he doesn't know what to do. > > State machines are perpendicular to structure in the same way that a > mobile is perpendicular to its hanging three dimensional structure or > that a true aquatic ballet is perpendicular to the position of the > swimmers in the pool. If you only look at the surface, you're missing > the true dimension of the problem and can't get the point of the > exercise. > > The GUI is a state machine but only for the GUI. The rest of the > objects implement their own state machines as required. > > To wax poetic, as I once did in "The Hot-Line on Object-Oriented > Technology" software development is like choreographing the dance of > electrons in n-dimensions. This poor flat-lander has two left feet. > > -Charles-A. > > > >>From: Jerry Kapron >>Organization: New York PHP >>Reply-To: talk at nyphp.org >>Date: Sat, 1 Jun 2002 01:25:48 -0400 >>To: NYPHP Talk >>Subject: [nycphp-talk] PHP Object handling. A rant. >> >>Is it really that bad? -> >> > http://www.itchyfeet.org.nz/local/phprant.php > >> > > > > > From ejp at well.com Sun Jun 2 01:46:42 2002 From: ejp at well.com (Edward Potter) Date: Sun, 02 Jun 2002 01:46:42 -0400 Subject: [nycphp-talk] The system date on dev is still screwed up... References: <200206020034.g520Y6P76692@slipdisc.virul.net> Message-ID: <3CF9B142.6060907@well.com> The Clock Mini-HOWTO http://www.tldp.org/HOWTO/mini/Clock.html charles at softwareprototypes.com wrote: > Hello Hans, > > the system date on the dev box is still one day ahead. > > Later, > > -Charles-A. > > > > > From charles at softwareprototypes.com Sun Jun 2 12:41:42 2002 From: charles at softwareprototypes.com (charles at softwareprototypes.com) Date: Sun, 2 Jun 2002 12:41:42 -0400 Subject: [nycphp-talk] PHP Object handling. A rant. Message-ID: <280070-2200260216414278@softwareprototypes.com> Until we get IPv6 and a client's IP address can be used as a session ID, YES, just pass the session ID and ONLY the session ID in a hidden variable. If the field coming in is isEmptyOrNil, you initialize the session objects, the state machine and context objects. If the field isNotEnptyOrNil, you load that session's context data from storage (files are fine but it may actually be faster to bind to a database and load an XML object since the previous session values may still be in the database cache pool.) Saving to a data store (file or data base) is performed using values saved in the session context and NOT from what ever's coming from the client machine. The GUI state machine must validate all incoming data and transfer it to the 'context state' data store. From there it can be transferred to a persistent data store (file or database.) This state-store mechanism makes reestablishing the session and the dialog trivial. This also allow the implementor to break the conceptual link between a user session and the dialog flow. The page you're dealing is only the page you're dealing with. It is only a part of a larger GUI state machine procession context which itself is a part of a dialog flow within a dialog state machine. Wheels within wheels. This is how it is done on mainframes to reestablish context, maintain run-units aka units-of-work, and it also allows you to apply error security and recovery to whatever granularity you wish/need. It also allows for secure call-back mechanisms, run-unit ownrship transfer (to switch or prevent the switching betwen client machines,) two-stage commits, logging and recovery (just store the stats machine objects with versionning information.) On (re)entry you (re)establish your GUI ans context variables and jump to the appropriate position in the GUI state machine aka call the appropriate function call /application object message send of the GUI event loop. Just because you're working in php doesn't mean you don't have an event loop for your application. -Charles-A. ---- Original Message ---- From: ejp at well.com To: talk at nyphp.org, Subject: Re: [nycphp-talk] PHP Object handling. A rant. Date: Sun, 2 Jun 2002 01:45:10 -0400 >O gosh, just pass the value in a hidden field. It's fool proof right? > >:-) e > > > >charles at softwareprototypes.com wrote: > >> Object oriented systems are notoriously hard to debug. >> >> Smalltalks have excellent interactive debugging but that only works >> if the IDE is present. On packaged apps. you don't ship the IDE. If >> you do, the footprint becomes huge and your users have to be >> Smalltalk developpers who know what to do with a Walkback Window. >> >> The only ones who have a decent handle on the process are IBM with >> VisualAge Smalltalk which is the same thing as saying OTI's >> ENVY/Developper which is the engine. The entire stack and all >objects >> in RAM are serialized and streamed to a file when an application >> crash occurs. That's a lot of over-head for a crash and those files >> are huge and buggers to work with without the specialised tools. >> >> What he's bitching about though, is the stateless nature of the web >> and the fact that the entire system and the application that he's >> working on has to be designed as a state machine which is forced to >> recoved its relevant state information at every invocation and >which >> has to stuff its state information at every exit. >> >> I say he's got it easy compared to programming in CICS or IDMS-DC >> where the problems of releasing every resource between invocation >are >> compounded by a limit of 32k-words of memory per process. >> >> Read a "Programming in Command -level CICS COBOL" for an >> appreaciation of the problem. >> >> His beef has dick-all to do with object-orientation and everything >to >> do with the fact that he doesn't know how to implement a state >> machine or handle dialog flow. >> >> Ripping out the object-oriented code won't help him. His problem is >> that he's not thinking in objects so his logic flow is spanning >> object methods and he doesn't know what to do. >> >> State machines are perpendicular to structure in the same way that >a >> mobile is perpendicular to its hanging three dimensional structure >or >> that a true aquatic ballet is perpendicular to the position of the >> swimmers in the pool. If you only look at the surface, you're >missing >> the true dimension of the problem and can't get the point of the >> exercise. >> >> The GUI is a state machine but only for the GUI. The rest of the >> objects implement their own state machines as required. >> >> To wax poetic, as I once did in "The Hot-Line on Object-Oriented >> Technology" software development is like choreographing the dance >of >> electrons in n-dimensions. This poor flat-lander has two left feet. >> >> -Charles-A. >> >> >> >>>From: Jerry Kapron >>>Organization: New York PHP >>>Reply-To: talk at nyphp.org >>>Date: Sat, 1 Jun 2002 01:25:48 -0400 >>>To: NYPHP Talk >>>Subject: [nycphp-talk] PHP Object handling. A rant. >>> >>>Is it really that bad? -> >>> >> http://www.itchyfeet.org.nz/local/phprant.php >> >>> From charles at softwareprototypes.com Sun Jun 2 12:43:10 2002 From: charles at softwareprototypes.com (charles at softwareprototypes.com) Date: Sun, 2 Jun 2002 12:43:10 -0400 Subject: [nycphp-talk] The system date on dev is still screwed up... Message-ID: <187060-22002602164310578@softwareprototypes.com> Its not my box. I don't have root. I'm not going to screw with the system date. -Charles-A. ---- Original Message ---- From: ejp at well.com To: talk at nyphp.org, Subject: Re: [nycphp-talk] The system date on dev is still screwed up... Date: Sun, 2 Jun 2002 01:47:40 -0400 > >The Clock Mini-HOWTO >http://www.tldp.org/HOWTO/mini/Clock.html > > >charles at softwareprototypes.com wrote: > >> Hello Hans, >> >> the system date on the dev box is still one day ahead. >> >> Later, >> >> -Charles-A. >> >> >> >> >> > > > > From zaunere at yahoo.com Sun Jun 2 14:42:22 2002 From: zaunere at yahoo.com (Hans Zaunere) Date: Sun, 2 Jun 2002 11:42:22 -0700 (PDT) Subject: [nycphp-talk] PHP Object handling. A rant. In-Reply-To: <200206010525.g515PmP67170@slipdisc.virul.net> Message-ID: <20020602184222.87070.qmail@web12806.mail.yahoo.com> --- Jerry Kapron wrote: > Is it really that bad? -> > http://www.itchyfeet.org.nz/local/phprant.php > Hardly. A rant is just that; a rant - and usually overkill (I recently sent a rant to the editors of the email RFCS - when I read what I wrote the next day, I felt a *little* bad). Anyway, rather than picking apart the rant (which way be an interesting course of dicussion on the wiki - yes, it's stable, but slow), I can only stress one thing, concerning OO in PHP. http://www.zend.com/zend/art/mistake1.php#Heading13 PHP is not an OO language. For the 100% anal-retentiveness that is true OOP, you'll need Java or C# (I don't even think C++ is considered kosher in this respect). That said, OO is really a state of organization and mind. I've seen OO code in pure C. To boot, PHP does a nice job of bringing some of the fundementals of OO to help you in this organization. RantyDave probably wasn't using a modern version of PHP at the time, and, a modern brain for problem solving (this line sums it up: "...and would far rather return a blank result than kick you in the head for not knowing what you're doing.") You have to be smarter than the computer, RantyDave. :) Hans Z. __________________________________________________ Do You Yahoo!? Yahoo! - Official partner of 2002 FIFA World Cup http://fifaworldcup.yahoo.com From zaunere at yahoo.com Mon Jun 3 09:13:15 2002 From: zaunere at yahoo.com (Hans Zaunere) Date: Mon, 3 Jun 2002 06:13:15 -0700 (PDT) Subject: PHP and XML and Soap Message-ID: <20020603131315.50871.qmail@web12804.mail.yahoo.com> If anyone catches the weekly newletter from Zend, it's apparent that XML is making big strides in PHP. As an XML freshmen, I found this article exceptionally useful as a reference and roadmap: http://bumblebury.com/phptodo/xmsl.html Hans Z. __________________________________________________ Do You Yahoo!? Yahoo! - Official partner of 2002 FIFA World Cup http://fifaworldcup.yahoo.com From jonbaer at digitalanywhere.com Mon Jun 3 19:22:08 2002 From: jonbaer at digitalanywhere.com (Jon Baer) Date: Mon, 03 Jun 2002 19:22:08 -0400 Subject: [nycphp-talk] PHP and XML and Soap References: <200206031313.g53DDJP03832@slipdisc.virul.net> Message-ID: <3CFBFA20.3050505@digitalanywhere.com> What are backend things in PHP that make the past XML/XSLT support so inadquate in the past that he mentions in the beginning? Personally I don't find XML/XML-RPC/SOAP to be rocket science but it happens so often that session management pops up, other outside problems arise and its things that tend not to do with the original problems (if any) ... There are some small things in general with XML/Envelopes that I personally would like to see ... things like document handling (either DOM nodes) or basic changes for XML documents tied to a backend database. This isn't a PHP problem per se but just that there doesn't seem to be much info based on large document event handling, the same goes for SOAP ... It would be nice to be able to get an Envelope from a server, modify it, and have those modifications be tied back to the originating server, but its obvious that the XML or SOAP can't do this but so many people I know have projects that revolve around SQL/XML (via network) that getting the two to tie together seems like 10 different ways to accomplish that one task. - Jon Hans Zaunere wrote: >If anyone catches the weekly newletter from Zend, it's apparent that >XML is making big strides in PHP. As an XML freshmen, I found this >article exceptionally useful as a reference and roadmap: > >http://bumblebury.com/phptodo/xmsl.html > > >Hans Z. > >__________________________________________________ >Do You Yahoo!? >Yahoo! - Official partner of 2002 FIFA World Cup >http://fifaworldcup.yahoo.com > > > From southwell at dneba.com Tue Jun 4 10:39:32 2002 From: southwell at dneba.com (Michael Southwell) Date: Tue, 04 Jun 2002 10:39:32 -0400 Subject: relative newbie needs installation help Message-ID: <5.1.0.14.2.20020604103107.00b47e48@mail.optonline.net> I have some scripts that are working beautifully on the host but are not working on my localhost installation (which I thought I had gotten working): PHP 4.2.1 running under Apache 1.3.24 on Windows XP. The problem comes in recognizing variables locally, so I get "undefined variable" and "undefined constant" messages. PHPInfo() tells me that my local Server API is CGI, while on the host it's Apache. I am guessing that this is the cause of the problems, though I don't really understand the difference. Can anybody offer an explanation/possible solution? TIA. Michael G. Southwell ================================= DNEBA Enterprises 81 South Road Bloomingdale, NJ 07403-1425 973/492-7873 (voice and fax) southwell at dneba.com http://www.dneba.com ====================================================== From jim at alliedtours.com Tue Jun 4 11:13:24 2002 From: jim at alliedtours.com (Jim Suto) Date: Tue, 4 Jun 2002 11:13:24 -0400 Subject: multiple gateways and linux In-Reply-To: <200206041439.g54EdmP13804@slipdisc.virul.net> Message-ID: I am looking for any ideas people might have to maximize the value of having multiple T1s from different providers and being able to provide redundancy and possibly performance gains from having a linux server utilize these multiple gateways. Some ideas I was thinking about: 1) enable linux to do dead gateway detection and avoid using a gateway if it is not up 2) enable linux to distribute traffic among the gateways to whichever one is least busy (this might be a little bit more difficult) 3) enable linux to figure out from a list of hosts which gateway would allow connection to a specific host with minimum lag and/or hops I guess some shell scripts could accomplish some of these tasks unless someone knows a better way? regards, Jim From LarryC at indexstock.com Tue Jun 4 11:54:49 2002 From: LarryC at indexstock.com (Larry Chuon) Date: Tue, 4 Jun 2002 11:54:49 -0400 Subject: [nycphp-talk] multiple gateways and linux Message-ID: <86713EAB93BD5F40B94A0C8E604C7C913F82FC@index-exchange.indexstock.com> Keep in mind that when you have multiple circuits, you're running into some complecity with your network design. Here is a general guideline. 1. Are you planning to subscribe the add'l T1 from the same ISP of from a different one? Same: a. Easy to loadbalance (LB) your package both inbound and outbound b. You don't require to have a heavy duty router. This way you can accept partial BGP route. As a result your, hardware requirement is much less. c. Use vendor assigned Autonymous System Number (ASN). d. If the ISP is down, assuming both T1 are from the same c/o, you're out! e. I recommend that you have two separate routers for each circuit. Different: a. You must apply for you own ASN from ARIN. b. Tedious BGP configuration c. Setup of LB might be difficult depends on your environment, but not impossible d. Complete ISP redundancy - due to two separate path in and out e. Same as 1e above. With the two routers as your gateway, you can configure HSRP/VSRP (depends on the vendors). Essentially, you have two real gateways and one virtual one that everyone is pointing to. When any of the real gateways is down, it won't affect your connectivity at all. Linux has something to that affect as well. I don't have experience with it nor do I know what it calls. -----Original Message----- From: Jim Suto [mailto:jim at alliedtours.com] Sent: Tuesday, June 04, 2002 11:10 AM To: NYPHP Talk Subject: [nycphp-talk] multiple gateways and linux I am looking for any ideas people might have to maximize the value of having multiple T1s from different providers and being able to provide redundancy and possibly performance gains from having a linux server utilize these multiple gateways. Some ideas I was thinking about: 1) enable linux to do dead gateway detection and avoid using a gateway if it is not up 2) enable linux to distribute traffic among the gateways to whichever one is least busy (this might be a little bit more difficult) 3) enable linux to figure out from a list of hosts which gateway would allow connection to a specific host with minimum lag and/or hops I guess some shell scripts could accomplish some of these tasks unless someone knows a better way? regards, Jim From jim at alliedtours.com Tue Jun 4 12:18:10 2002 From: jim at alliedtours.com (Jim Suto) Date: Tue, 4 Jun 2002 12:18:10 -0400 Subject: [nycphp-talk] multiple gateways and linux In-Reply-To: <200206041554.g54FsvP14348@slipdisc.virul.net> Message-ID: We have 3 T1s, 2 are from Worldcom, one is from Cable & Wireless. These are already in place with each provider having its own CISCO router. If we use HSRP, we are only going to be using one single router at any time and the other one will sit by idle, right? It's good for redundancy but not for maximizing usage of the available bandwidth. I was thinking of using roundrobing DNS for incoming connections to our server using the 3 IPs (1 from each T1 block). The outgoing connections could be returned via source routing perhaps? And if a gateway is down, use another gateway even if that will create an assymetrical route? In your point (e) if we got two routers for each circuit we would need to have 6 routers, do you think the cost would be justified for slightly reduced failover risk? I think the company could live in a pinch even on just a single working T1 but it seems like a waste to have all that other bandwidth just sitting there unused. Let me know what you think. regards, Jim -----Original Message----- From: Larry Chuon [mailto:LarryC at indexstock.com] Sent: Tuesday, June 04, 2002 11:55 AM To: NYPHP Talk Subject: RE: [nycphp-talk] multiple gateways and linux Keep in mind that when you have multiple circuits, you're running into some complecity with your network design. Here is a general guideline. 1. Are you planning to subscribe the add'l T1 from the same ISP of from a different one? Same: a. Easy to loadbalance (LB) your package both inbound and outbound b. You don't require to have a heavy duty router. This way you can accept partial BGP route. As a result your, hardware requirement is much less. c. Use vendor assigned Autonymous System Number (ASN). d. If the ISP is down, assuming both T1 are from the same c/o, you're out! e. I recommend that you have two separate routers for each circuit. Different: a. You must apply for you own ASN from ARIN. b. Tedious BGP configuration c. Setup of LB might be difficult depends on your environment, but not impossible d. Complete ISP redundancy - due to two separate path in and out e. Same as 1e above. With the two routers as your gateway, you can configure HSRP/VSRP (depends on the vendors). Essentially, you have two real gateways and one virtual one that everyone is pointing to. When any of the real gateways is down, it won't affect your connectivity at all. Linux has something to that affect as well. I don't have experience with it nor do I know what it calls. -----Original Message----- From: Jim Suto [mailto:jim at alliedtours.com] Sent: Tuesday, June 04, 2002 11:10 AM To: NYPHP Talk Subject: [nycphp-talk] multiple gateways and linux I am looking for any ideas people might have to maximize the value of having multiple T1s from different providers and being able to provide redundancy and possibly performance gains from having a linux server utilize these multiple gateways. Some ideas I was thinking about: 1) enable linux to do dead gateway detection and avoid using a gateway if it is not up 2) enable linux to distribute traffic among the gateways to whichever one is least busy (this might be a little bit more difficult) 3) enable linux to figure out from a list of hosts which gateway would allow connection to a specific host with minimum lag and/or hops I guess some shell scripts could accomplish some of these tasks unless someone knows a better way? regards, Jim From LarryC at indexstock.com Tue Jun 4 12:17:09 2002 From: LarryC at indexstock.com (Larry Chuon) Date: Tue, 4 Jun 2002 12:17:09 -0400 Subject: [nycphp-talk] multiple gateways and linux Message-ID: <86713EAB93BD5F40B94A0C8E604C7C913F8300@index-exchange.indexstock.com> BTW, I found some interesting link to VRRP. Hope this helps. VRRP http://w3.arobas.net/~jetienne/vrrpd/FAQ http://w3.arobas.net/~jetienne/vrrpd/index.html http://www.cs.fiu.edu/~flynnj/work/virtrouter.html http://rpmfind.net/linux/RPM/cooker/cookfire/i386/Mandrake/RPMS/vrrpd-0.4-1m dk.i386.html Keepalive http://www.keepalived.org/ -----Original Message----- From: Larry Chuon [mailto:LarryC at indexstock.com] Sent: Tuesday, June 04, 2002 11:55 AM To: NYPHP Talk Subject: RE: [nycphp-talk] multiple gateways and linux Keep in mind that when you have multiple circuits, you're running into some complecity with your network design. Here is a general guideline. 1. Are you planning to subscribe the add'l T1 from the same ISP of from a different one? Same: a. Easy to loadbalance (LB) your package both inbound and outbound b. You don't require to have a heavy duty router. This way you can accept partial BGP route. As a result your, hardware requirement is much less. c. Use vendor assigned Autonymous System Number (ASN). d. If the ISP is down, assuming both T1 are from the same c/o, you're out! e. I recommend that you have two separate routers for each circuit. Different: a. You must apply for you own ASN from ARIN. b. Tedious BGP configuration c. Setup of LB might be difficult depends on your environment, but not impossible d. Complete ISP redundancy - due to two separate path in and out e. Same as 1e above. With the two routers as your gateway, you can configure HSRP/VSRP (depends on the vendors). Essentially, you have two real gateways and one virtual one that everyone is pointing to. When any of the real gateways is down, it won't affect your connectivity at all. Linux has something to that affect as well. I don't have experience with it nor do I know what it calls. -----Original Message----- From: Jim Suto [mailto:jim at alliedtours.com] Sent: Tuesday, June 04, 2002 11:10 AM To: NYPHP Talk Subject: [nycphp-talk] multiple gateways and linux I am looking for any ideas people might have to maximize the value of having multiple T1s from different providers and being able to provide redundancy and possibly performance gains from having a linux server utilize these multiple gateways. Some ideas I was thinking about: 1) enable linux to do dead gateway detection and avoid using a gateway if it is not up 2) enable linux to distribute traffic among the gateways to whichever one is least busy (this might be a little bit more difficult) 3) enable linux to figure out from a list of hosts which gateway would allow connection to a specific host with minimum lag and/or hops I guess some shell scripts could accomplish some of these tasks unless someone knows a better way? regards, Jim From LarryC at indexstock.com Tue Jun 4 12:32:04 2002 From: LarryC at indexstock.com (Larry Chuon) Date: Tue, 4 Jun 2002 12:32:04 -0400 Subject: [nycphp-talk] multiple gateways and linux Message-ID: <86713EAB93BD5F40B94A0C8E604C7C913F8301@index-exchange.indexstock.com> Since you already have three cisco routers, assuming that you have access to them, you can create two sets of HSRP. Then, divide the group of servers/users into two. Make one gateway as the primary for one group and the other gateway the primary for the other group. (Make the other as your secondary for each). You must run BGP to advertise your internal network to the Internet. Otherwise, there is no use of having three circuits and only one of them can accept inbound traffic. You can configure your network to have some traffics route through one T1 and other traffics through another T1. -----Original Message----- From: Jim Suto [mailto:jim at alliedtours.com] Sent: Tuesday, June 04, 2002 12:15 PM To: NYPHP Talk Subject: RE: [nycphp-talk] multiple gateways and linux We have 3 T1s, 2 are from Worldcom, one is from Cable & Wireless. These are already in place with each provider having its own CISCO router. If we use HSRP, we are only going to be using one single router at any time and the other one will sit by idle, right? It's good for redundancy but not for maximizing usage of the available bandwidth. I was thinking of using roundrobing DNS for incoming connections to our server using the 3 IPs (1 from each T1 block). The outgoing connections could be returned via source routing perhaps? And if a gateway is down, use another gateway even if that will create an assymetrical route? In your point (e) if we got two routers for each circuit we would need to have 6 routers, do you think the cost would be justified for slightly reduced failover risk? I think the company could live in a pinch even on just a single working T1 but it seems like a waste to have all that other bandwidth just sitting there unused. Let me know what you think. regards, Jim -----Original Message----- From: Larry Chuon [mailto:LarryC at indexstock.com] Sent: Tuesday, June 04, 2002 11:55 AM To: NYPHP Talk Subject: RE: [nycphp-talk] multiple gateways and linux Keep in mind that when you have multiple circuits, you're running into some complecity with your network design. Here is a general guideline. 1. Are you planning to subscribe the add'l T1 from the same ISP of from a different one? Same: a. Easy to loadbalance (LB) your package both inbound and outbound b. You don't require to have a heavy duty router. This way you can accept partial BGP route. As a result your, hardware requirement is much less. c. Use vendor assigned Autonymous System Number (ASN). d. If the ISP is down, assuming both T1 are from the same c/o, you're out! e. I recommend that you have two separate routers for each circuit. Different: a. You must apply for you own ASN from ARIN. b. Tedious BGP configuration c. Setup of LB might be difficult depends on your environment, but not impossible d. Complete ISP redundancy - due to two separate path in and out e. Same as 1e above. With the two routers as your gateway, you can configure HSRP/VSRP (depends on the vendors). Essentially, you have two real gateways and one virtual one that everyone is pointing to. When any of the real gateways is down, it won't affect your connectivity at all. Linux has something to that affect as well. I don't have experience with it nor do I know what it calls. -----Original Message----- From: Jim Suto [mailto:jim at alliedtours.com] Sent: Tuesday, June 04, 2002 11:10 AM To: NYPHP Talk Subject: [nycphp-talk] multiple gateways and linux I am looking for any ideas people might have to maximize the value of having multiple T1s from different providers and being able to provide redundancy and possibly performance gains from having a linux server utilize these multiple gateways. Some ideas I was thinking about: 1) enable linux to do dead gateway detection and avoid using a gateway if it is not up 2) enable linux to distribute traffic among the gateways to whichever one is least busy (this might be a little bit more difficult) 3) enable linux to figure out from a list of hosts which gateway would allow connection to a specific host with minimum lag and/or hops I guess some shell scripts could accomplish some of these tasks unless someone knows a better way? regards, Jim From jim at alliedtours.com Tue Jun 4 12:56:16 2002 From: jim at alliedtours.com (Jim Suto) Date: Tue, 4 Jun 2002 12:56:16 -0400 Subject: [nycphp-talk] multiple gateways and linux In-Reply-To: <200206041632.g54GWCP14660@slipdisc.virul.net> Message-ID: If you set up a secondary gateway for users, how does the PC know when to use that (how does it determine that the primary gateway is down)? > -----Original Message----- > From: Larry Chuon [mailto:LarryC at indexstock.com] > Sent: Tuesday, June 04, 2002 12:32 PM > To: NYPHP Talk > Subject: RE: [nycphp-talk] multiple gateways and linux > > > Since you already have three cisco routers, assuming that you > have access to > them, you can create two sets of HSRP. Then, divide the group of > servers/users into two. Make one gateway as the primary for one group and > the other gateway the primary for the other group. (Make the > other as your > secondary for each). > From chalu at egenius.com Tue Jun 4 13:03:59 2002 From: chalu at egenius.com (Chalu Kim) Date: Tue, 4 Jun 2002 13:03:59 -0400 Subject: [nycphp-talk] multiple gateways and linux References: <200206041614.g54GEnP14494@slipdisc.virul.net> Message-ID: <015c01c20be9$d4312030$5c00a8c0@mothergoose> Why not check out IPROUTE which does fail-over and packet balancing? It is available on Linux... Instead of going the circuitous way of HSRP and VRRP or BGP, this is more in the localized first step to high availability to the intranet. ----- Original Message ----- From: "Jim Suto" To: "NYPHP Talk" Sent: Tuesday, June 04, 2002 12:14 PM Subject: RE: [nycphp-talk] multiple gateways and linux > We have 3 T1s, 2 are from Worldcom, one is from Cable & Wireless. These are > already in place with each provider having its own CISCO router. If we use > HSRP, we are only going to be using one single router at any time and the > other one will sit by idle, right? It's good for redundancy but not for > maximizing usage of the available bandwidth. I was thinking of using > roundrobing DNS for incoming connections to our server using the 3 IPs (1 > from each T1 block). The outgoing connections could be returned via source > routing perhaps? And if a gateway is down, use another gateway even if that > will create an assymetrical route? > In your point (e) if we got two routers for each circuit we would need to > have 6 routers, do you think the cost would be justified for slightly > reduced failover risk? I think the company could live in a pinch even on > just a single working T1 but it seems like a waste to have all that other > bandwidth just sitting there unused. Let me know what you think. > > regards, > Jim > > -----Original Message----- > From: Larry Chuon [mailto:LarryC at indexstock.com] > Sent: Tuesday, June 04, 2002 11:55 AM > To: NYPHP Talk > Subject: RE: [nycphp-talk] multiple gateways and linux > > > Keep in mind that when you have multiple circuits, you're running into some > complecity with your network design. Here is a general guideline. > 1. Are you planning to subscribe the add'l T1 from the same ISP of from a > different one? > Same: > a. Easy to loadbalance (LB) your package both inbound and outbound > b. You don't require to have a heavy duty router. This way you can accept > partial BGP route. As a result your, hardware requirement is much less. > c. Use vendor assigned Autonymous System Number (ASN). > d. If the ISP is down, assuming both T1 are from the same c/o, you're out! > e. I recommend that you have two separate routers for each circuit. > > Different: > a. You must apply for you own ASN from ARIN. > b. Tedious BGP configuration > c. Setup of LB might be difficult depends on your environment, but not > impossible > d. Complete ISP redundancy - due to two separate path in and out > e. Same as 1e above. > > With the two routers as your gateway, you can configure HSRP/VSRP (depends > on the vendors). Essentially, you have two real gateways and one virtual > one that everyone is pointing to. When any of the real gateways is down, it > won't affect your connectivity at all. Linux has something to that affect > as well. I don't have experience with it nor do I know what it calls. > > > -----Original Message----- > From: Jim Suto [mailto:jim at alliedtours.com] > Sent: Tuesday, June 04, 2002 11:10 AM > To: NYPHP Talk > Subject: [nycphp-talk] multiple gateways and linux > > > I am looking for any ideas people might have to maximize the value of having > multiple T1s from different providers and being able to provide redundancy > and possibly performance gains from having a linux server utilize these > multiple gateways. Some ideas I was thinking about: > 1) enable linux to do dead gateway detection and avoid using a gateway if it > is not up > 2) enable linux to distribute traffic among the gateways to whichever one is > least busy (this might be a little bit more difficult) > 3) enable linux to figure out from a list of hosts which gateway would allow > connection to a specific host with minimum lag and/or hops > > I guess some shell scripts could accomplish some of these tasks unless > someone knows a better way? > > regards, > Jim > > > > > > --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.368 / Virus Database: 204 - Release Date: 5/30/2002 From LarryC at indexstock.com Tue Jun 4 13:04:09 2002 From: LarryC at indexstock.com (Larry Chuon) Date: Tue, 4 Jun 2002 13:04:09 -0400 Subject: [nycphp-talk] multiple gateways and linux Message-ID: <86713EAB93BD5F40B94A0C8E604C7C913F8303@index-exchange.indexstock.com> That's the task of the OS to figure out. Some dump OSes, like Win9x, doesn't know. Anyway, with HSRP or VRRP, you don't really need secondary. That's overkill. -----Original Message----- From: Jim Suto [mailto:jim at alliedtours.com] Sent: Tuesday, June 04, 2002 12:53 PM To: NYPHP Talk Subject: RE: [nycphp-talk] multiple gateways and linux If you set up a secondary gateway for users, how does the PC know when to use that (how does it determine that the primary gateway is down)? > -----Original Message----- > From: Larry Chuon [mailto:LarryC at indexstock.com] > Sent: Tuesday, June 04, 2002 12:32 PM > To: NYPHP Talk > Subject: RE: [nycphp-talk] multiple gateways and linux > > > Since you already have three cisco routers, assuming that you > have access to > them, you can create two sets of HSRP. Then, divide the group of > servers/users into two. Make one gateway as the primary for one group and > the other gateway the primary for the other group. (Make the > other as your > secondary for each). > From LarryC at indexstock.com Tue Jun 4 13:16:55 2002 From: LarryC at indexstock.com (Larry Chuon) Date: Tue, 4 Jun 2002 13:16:55 -0400 Subject: [nycphp-talk] multiple gateways and linux Message-ID: <86713EAB93BD5F40B94A0C8E604C7C913F8304@index-exchange.indexstock.com> That won't solve your redundancy problem if your services are residing on a subnet that goes down. The rest of the world won't know how to automatically get to your domain. For instance, alliedtours.com's IP@ is 208.193.190.3. AlliedTours has three T1 and at least one circuit comes from another provider. You need a way to tell all the routing tables around the world how to get to you when the circuit for 208.193.109.3 is down. Going out won't be a problem. One way to solve that problem is by implementing BGP or IS-IS. -----Original Message----- From: Chalu Kim [mailto:chalu at egenius.com] Sent: Tuesday, June 04, 2002 12:59 PM To: NYPHP Talk Subject: Re: [nycphp-talk] multiple gateways and linux Why not check out IPROUTE which does fail-over and packet balancing? It is available on Linux... Instead of going the circuitous way of HSRP and VRRP or BGP, this is more in the localized first step to high availability to the intranet. ----- Original Message ----- From: "Jim Suto" To: "NYPHP Talk" Sent: Tuesday, June 04, 2002 12:14 PM Subject: RE: [nycphp-talk] multiple gateways and linux > We have 3 T1s, 2 are from Worldcom, one is from Cable & Wireless. These are > already in place with each provider having its own CISCO router. If we use > HSRP, we are only going to be using one single router at any time and the > other one will sit by idle, right? It's good for redundancy but not for > maximizing usage of the available bandwidth. I was thinking of using > roundrobing DNS for incoming connections to our server using the 3 IPs (1 > from each T1 block). The outgoing connections could be returned via source > routing perhaps? And if a gateway is down, use another gateway even if that > will create an assymetrical route? > In your point (e) if we got two routers for each circuit we would need to > have 6 routers, do you think the cost would be justified for slightly > reduced failover risk? I think the company could live in a pinch even on > just a single working T1 but it seems like a waste to have all that other > bandwidth just sitting there unused. Let me know what you think. > > regards, > Jim > > -----Original Message----- > From: Larry Chuon [mailto:LarryC at indexstock.com] > Sent: Tuesday, June 04, 2002 11:55 AM > To: NYPHP Talk > Subject: RE: [nycphp-talk] multiple gateways and linux > > > Keep in mind that when you have multiple circuits, you're running into some > complecity with your network design. Here is a general guideline. > 1. Are you planning to subscribe the add'l T1 from the same ISP of from a > different one? > Same: > a. Easy to loadbalance (LB) your package both inbound and outbound > b. You don't require to have a heavy duty router. This way you can accept > partial BGP route. As a result your, hardware requirement is much less. > c. Use vendor assigned Autonymous System Number (ASN). > d. If the ISP is down, assuming both T1 are from the same c/o, you're out! > e. I recommend that you have two separate routers for each circuit. > > Different: > a. You must apply for you own ASN from ARIN. > b. Tedious BGP configuration > c. Setup of LB might be difficult depends on your environment, but not > impossible > d. Complete ISP redundancy - due to two separate path in and out > e. Same as 1e above. > > With the two routers as your gateway, you can configure HSRP/VSRP (depends > on the vendors). Essentially, you have two real gateways and one virtual > one that everyone is pointing to. When any of the real gateways is down, it > won't affect your connectivity at all. Linux has something to that affect > as well. I don't have experience with it nor do I know what it calls. > > > -----Original Message----- > From: Jim Suto [mailto:jim at alliedtours.com] > Sent: Tuesday, June 04, 2002 11:10 AM > To: NYPHP Talk > Subject: [nycphp-talk] multiple gateways and linux > > > I am looking for any ideas people might have to maximize the value of having > multiple T1s from different providers and being able to provide redundancy > and possibly performance gains from having a linux server utilize these > multiple gateways. Some ideas I was thinking about: > 1) enable linux to do dead gateway detection and avoid using a gateway if it > is not up > 2) enable linux to distribute traffic among the gateways to whichever one is > least busy (this might be a little bit more difficult) > 3) enable linux to figure out from a list of hosts which gateway would allow > connection to a specific host with minimum lag and/or hops > > I guess some shell scripts could accomplish some of these tasks unless > someone knows a better way? > > regards, > Jim > > > > > > --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.368 / Virus Database: 204 - Release Date: 5/30/2002 From jim at alliedtours.com Tue Jun 4 13:29:14 2002 From: jim at alliedtours.com (Jim Suto) Date: Tue, 4 Jun 2002 13:29:14 -0400 Subject: [nycphp-talk] multiple gateways and linux In-Reply-To: <200206041717.g54HH4P15104@slipdisc.virul.net> Message-ID: Actually the circuits in question are not at the location you mentioned but I could make address DNS records for www.alliedtours.com to point to X.X.X.X, Y.Y.Y.Y, Z.Z.Z.Z where x,y,z represent public IPs that I got from the three T1s and have all those IPs each assigned to one of three NICS in the server. This doesn't require bgp to work, right? > -----Original Message----- > From: Larry Chuon [mailto:LarryC at indexstock.com] > Sent: Tuesday, June 04, 2002 1:17 PM > To: NYPHP Talk > Subject: RE: [nycphp-talk] multiple gateways and linux > > > That won't solve your redundancy problem if your services are > residing on a > subnet that goes down. The rest of the world won't know how to > automatically get to your domain. For instance, alliedtours.com's IP@ is > 208.193.190.3. AlliedTours has three T1 and at least one circuit > comes from > another provider. You need a way to tell all the routing tables > around the > world how to get to you when the circuit for 208.193.109.3 is down. Going > out won't be a problem. One way to solve that problem is by > implementing BGP > or IS-IS. > > > -----Original Message----- > From: Chalu Kim [mailto:chalu at egenius.com] > Sent: Tuesday, June 04, 2002 12:59 PM > To: NYPHP Talk > Subject: Re: [nycphp-talk] multiple gateways and linux > > > Why not check out IPROUTE which does fail-over and packet balancing? It is > available on Linux... > Instead of going the circuitous way of HSRP and VRRP or BGP, this > is more in > the localized first step to high availability to the intranet. > > ----- Original Message ----- > From: "Jim Suto" > To: "NYPHP Talk" > Sent: Tuesday, June 04, 2002 12:14 PM > Subject: RE: [nycphp-talk] multiple gateways and linux > > > > We have 3 T1s, 2 are from Worldcom, one is from Cable & Wireless. These > are > > already in place with each provider having its own CISCO router. If we > use > > HSRP, we are only going to be using one single router at any > time and the > > other one will sit by idle, right? It's good for redundancy but not for > > maximizing usage of the available bandwidth. I was thinking of using > > roundrobing DNS for incoming connections to our server using > the 3 IPs (1 > > from each T1 block). The outgoing connections could be returned via > source > > routing perhaps? And if a gateway is down, use another gateway even if > that > > will create an assymetrical route? > > In your point (e) if we got two routers for each circuit we > would need to > > have 6 routers, do you think the cost would be justified for slightly > > reduced failover risk? I think the company could live in a > pinch even on > > just a single working T1 but it seems like a waste to have all > that other > > bandwidth just sitting there unused. Let me know what you think. > > > > regards, > > Jim > > > > -----Original Message----- > > From: Larry Chuon [mailto:LarryC at indexstock.com] > > Sent: Tuesday, June 04, 2002 11:55 AM > > To: NYPHP Talk > > Subject: RE: [nycphp-talk] multiple gateways and linux > > > > > > Keep in mind that when you have multiple circuits, you're running into > some > > complecity with your network design. Here is a general guideline. > > 1. Are you planning to subscribe the add'l T1 from the same ISP > of from a > > different one? > > Same: > > a. Easy to loadbalance (LB) your package both inbound and outbound > > b. You don't require to have a heavy duty router. This way you > can accept > > partial BGP route. As a result your, hardware requirement is much less. > > c. Use vendor assigned Autonymous System Number (ASN). > > d. If the ISP is down, assuming both T1 are from the same c/o, > you're out! > > e. I recommend that you have two separate routers for each circuit. > > > > Different: > > a. You must apply for you own ASN from ARIN. > > b. Tedious BGP configuration > > c. Setup of LB might be difficult depends on your environment, but not > > impossible > > d. Complete ISP redundancy - due to two separate path in and out > > e. Same as 1e above. > > > > With the two routers as your gateway, you can configure > HSRP/VSRP (depends > > on the vendors). Essentially, you have two real gateways and > one virtual > > one that everyone is pointing to. When any of the real > gateways is down, > it > > won't affect your connectivity at all. Linux has something to > that affect > > as well. I don't have experience with it nor do I know what it calls. > > > > > > -----Original Message----- > > From: Jim Suto [mailto:jim at alliedtours.com] > > Sent: Tuesday, June 04, 2002 11:10 AM > > To: NYPHP Talk > > Subject: [nycphp-talk] multiple gateways and linux > > > > > > I am looking for any ideas people might have to maximize the value of > having > > multiple T1s from different providers and being able to provide > redundancy > > and possibly performance gains from having a linux server utilize these > > multiple gateways. Some ideas I was thinking about: > > 1) enable linux to do dead gateway detection and avoid using a > gateway if > it > > is not up > > 2) enable linux to distribute traffic among the gateways to > whichever one > is > > least busy (this might be a little bit more difficult) > > 3) enable linux to figure out from a list of hosts which gateway would > allow > > connection to a specific host with minimum lag and/or hops > > > > I guess some shell scripts could accomplish some of these tasks unless > > someone knows a better way? > > > > regards, > > Jim > > > > > > > > > > > > > > > --- > Outgoing mail is certified Virus Free. > Checked by AVG anti-virus system (http://www.grisoft.com). > Version: 6.0.368 / Virus Database: 204 - Release Date: 5/30/2002 > > From zaunere at yahoo.com Tue Jun 4 15:09:56 2002 From: zaunere at yahoo.com (Hans Zaunere) Date: Tue, 4 Jun 2002 12:09:56 -0700 (PDT) Subject: [nycphp-talk] relative newbie needs installation help In-Reply-To: <200206041439.g54EdmP13804@slipdisc.virul.net> Message-ID: <20020604190956.70005.qmail@web12801.mail.yahoo.com> My first guess is it's a register_globals problem. register_globals is turned off by default in 4.2.1. CGI vs Apache module shouldn't make a difference in this case (I'm assuming you are only using the basic variables, such as the post,get,server variables). As a quick fix, goto your php.ini and find the register_globals directive, changing it to 'On'. If this works, let us know; if not, what specific variables does it report it can't find/are undefined? Hans Z. --- Michael Southwell wrote: > I have some scripts that are working beautifully on the host but are > not > working on my localhost installation (which I thought I had gotten > working): PHP 4.2.1 running under Apache 1.3.24 on Windows XP. The > problem comes in recognizing variables locally, so I get "undefined > variable" and "undefined constant" messages. PHPInfo() tells me that > my > local Server API is CGI, while on the host it's Apache. I am > guessing that > this is the cause of the problems, though I don't really understand > the > difference. Can anybody offer an explanation/possible solution? > TIA. > > Michael G. Southwell ================================= > DNEBA Enterprises > 81 South Road > Bloomingdale, NJ 07403-1425 > 973/492-7873 (voice and fax) > southwell at dneba.com > http://www.dneba.com > ====================================================== > > > __________________________________________________ Do You Yahoo!? Yahoo! - Official partner of 2002 FIFA World Cup http://fifaworldcup.yahoo.com From jim at alliedtours.com Tue Jun 4 15:35:11 2002 From: jim at alliedtours.com (Jim Suto) Date: Tue, 4 Jun 2002 15:35:11 -0400 Subject: strange ifconfig error message In-Reply-To: <200206041717.g54HH4P15104@slipdisc.virul.net> Message-ID: Can anyone explain why this happens: [root at reddy root]# ifconfig eth0:1 10.0.101.101/16 SIOCSIFNETMASK: Cannot assign requested address [root at reddy root]# ifconfig eth0:1 10.0.101.101/16 [root at reddy root]# If you notice, the second command is exactly the same as the first (up-arrow) and the second time it takes and properly assigns the IP address with no error. Why not the first time? Jim From kenschwartz at nyc.rr.com Tue Jun 4 15:59:38 2002 From: kenschwartz at nyc.rr.com (Kenneth Schwartz) Date: Tue, 4 Jun 2002 15:59:38 -0400 Subject: [nycphp-talk] relative newbie needs installation help References: <200206041910.g54JA1P16139@slipdisc.virul.net> Message-ID: <001001c20c02$5c19ae50$e354c118@kenschwartz> I think you're exactly right. I am a relative newbie also and I had the same problem. I didn't realize at first that my local installation had a default level of security that would require a more specific syntax for variable declaration. ----- Original Message ----- From: "Hans Zaunere" To: "NYPHP Talk" Sent: Tuesday, June 04, 2002 3:10 PM Subject: Re: [nycphp-talk] relative newbie needs installation help > > My first guess is it's a register_globals problem. register_globals is > turned off by default in 4.2.1. CGI vs Apache module shouldn't make a > difference in this case (I'm assuming you are only using the basic > variables, such as the post,get,server variables). > > As a quick fix, goto your php.ini and find the register_globals > directive, changing it to 'On'. If this works, let us know; if not, > what specific variables does it report it can't find/are undefined? > > Hans Z. > > > --- Michael Southwell wrote: > > I have some scripts that are working beautifully on the host but are > > not > > working on my localhost installation (which I thought I had gotten > > working): PHP 4.2.1 running under Apache 1.3.24 on Windows XP. The > > problem comes in recognizing variables locally, so I get "undefined > > variable" and "undefined constant" messages. PHPInfo() tells me that > > my > > local Server API is CGI, while on the host it's Apache. I am > > guessing that > > this is the cause of the problems, though I don't really understand > > the > > difference. Can anybody offer an explanation/possible solution? > > TIA. > > > > Michael G. Southwell ================================= > > DNEBA Enterprises > > 81 South Road > > Bloomingdale, NJ 07403-1425 > > 973/492-7873 (voice and fax) > > southwell at dneba.com > > http://www.dneba.com > > ====================================================== > > > > > > > > > __________________________________________________ > Do You Yahoo!? > Yahoo! - Official partner of 2002 FIFA World Cup > http://fifaworldcup.yahoo.com > > From LarryC at indexstock.com Tue Jun 4 16:33:19 2002 From: LarryC at indexstock.com (Larry Chuon) Date: Tue, 4 Jun 2002 16:33:19 -0400 Subject: Jobs on NYNMA.org Message-ID: <86713EAB93BD5F40B94A0C8E604C7C913F8308@index-exchange.indexstock.com> PHP programmer with Systems Admin skills needed We are looking for strong PHP /oracle programmer on unix with Systems Admin skills. This is an oppty to lead our tech endeavors to develop new applications and work on improving existing applications for internal projects and for clients. Company Profile: StarChefs.com, New York is a leading culinary magazine and the "hot jobs" for the foodservice industry. We have been in business for 7 years, and cover our monthly burn with revenue. Because we are a small company (11 employees), you have the opportunity to really make an impact on the company and the service we provide. You will need strong programming skills, strong systems admin skills, strong interpersonal skills, an entrepreneurial spirit, and a drive for results. http://www.nynma.org/careers/find_a_job? &id[1]=107965&catName=Information%20Technology&object=jobs[job]&findField=ca t_id_1&findFieldValue=8 -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: spacer.gif Type: image/gif Size: 67 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: Ivy.gif Type: image/gif Size: 5665 bytes Desc: not available URL: From southwell at dneba.com Tue Jun 4 17:40:09 2002 From: southwell at dneba.com (Michael Southwell) Date: Tue, 04 Jun 2002 17:40:09 -0400 Subject: [nycphp-talk] relative newbie needs installation help In-Reply-To: <200206041910.g54JA1P16139@slipdisc.virul.net> Message-ID: <5.1.0.14.2.20020604173638.00b25048@mail.optonline.net> Thanks, Klaus. This suggestion sounded promising but didn't work. I changed register_globals to On and rebooted. But I still got the following error: Notice: Undefined variable: HTTP_USER_AGENT in g:\\dneba\\browsers.php on line 50 Here is the relevant code (it is obvious which is line 50): Your choice of web browser is the single most important factor in controlling your experience of a website. Your browser seems to be 0){ $brow="MSIE"; $level=substr($agent,$pos+5,3); $new=1;}} I think $HTTP_USER_AGENT is about as basic a variable as you can get. Needless to say, this code works perfectly (within its limitations, which no doubt are plenty) at http://www.dneba.com/browsers.php. So there must be something else going on. At 03:10 PM 6/4/2002, you wrote: >My first guess is it's a register_globals problem. register_globals is >turned off by default in 4.2.1. CGI vs Apache module shouldn't make a >difference in this case (I'm assuming you are only using the basic >variables, such as the post,get,server variables). > >As a quick fix, goto your php.ini and find the register_globals >directive, changing it to 'On'. If this works, let us know; if not, >what specific variables does it report it can't find/are undefined? > >Hans Z. > > >--- Michael Southwell wrote: > > I have some scripts that are working beautifully on the host but are > > not > > working on my localhost installation (which I thought I had gotten > > working): PHP 4.2.1 running under Apache 1.3.24 on Windows XP. The > > problem comes in recognizing variables locally, so I get "undefined > > variable" and "undefined constant" messages. PHPInfo() tells me that > > my > > local Server API is CGI, while on the host it's Apache. I am > > guessing that > > this is the cause of the problems, though I don't really understand > > the > > difference. Can anybody offer an explanation/possible solution? > > TIA. > > > > Michael G. Southwell ================================= > > DNEBA Enterprises > > 81 South Road > > Bloomingdale, NJ 07403-1425 > > 973/492-7873 (voice and fax) > > southwell at dneba.com > > http://www.dneba.com > > ====================================================== > > > > > > > > >__________________________________________________ >Do You Yahoo!? >Yahoo! - Official partner of 2002 FIFA World Cup >http://fifaworldcup.yahoo.com Michael G. Southwell ================================= DNEBA Enterprises 81 South Road Bloomingdale, NJ 07403-1425 973/492-7873 (voice and fax) southwell at dneba.com http://www.dneba.com ====================================================== From zaunere at yahoo.com Tue Jun 4 18:22:54 2002 From: zaunere at yahoo.com (Hans Zaunere) Date: Tue, 4 Jun 2002 15:22:54 -0700 (PDT) Subject: [nycphp-talk] multiple gateways and linux In-Reply-To: <200206041510.g54FA3P14018@slipdisc.virul.net> Message-ID: <20020604222255.10585.qmail@web12807.mail.yahoo.com> While I've been out of the game [network admin] for a while, let me say that solving this The Right Way will be either hard, or expensive - or both. For one, you need to pin down exactly what it is you want to do: ingress redundancy, egress redundancy, ingress load-balancing, egress load-balancing, or multiplexing. Each is at least slightly different, and will require different solutions. Egress stuff is much easier, since you have the most control. But, note that if a packet from your box goes out one T1, and then it goes down, the return packets will still try to hit the downed T1. AFAIK, the only way to handle this is with some fancy routing/cooperation from your providers/and possibly additional hardware. Ingress is more involved. Consider, even if you are announcing your routes, and a T1 goes down, you'll most likely need cooperation from your provuider, since the outside world won't know where to look for your route broadcasts (since where it's expecting to find them, is down). Since you have two T1s from one provider, and one from an additional provider, you may want to consider using the third T1 for general Internet access, and with possible additional hardware/professional IP network designer/cooperation from the provider, you could multiplex the other two T1s to increase failover and bandwidth. > 1) enable linux to do dead gateway detection and avoid using a > gateway if it > is not up Fairly simple. Best done in C, or there are probably utils for this already. Basically, once a dead gateway is discovered, you change your routing table, but you will lose any existing connections I believe. > 2) enable linux to distribute traffic among the gateways to whichever > one is > least busy (this might be a little bit more difficult) Slightly more complex, because you need a reliable way to determine "least busy", but basically the same as above. > 3) enable linux to figure out from a list of hosts which gateway > would allow > connection to a specific host with minimum lag and/or hops Again, harder to determine this, but same principals apply. > I guess some shell scripts could accomplish some of these tasks > unless someone knows a better way? No. This is a kernel, userland C at best, problem. I wouldn't want to do per packet analysis with any language except C (not even PHP). A close look at some of the Open Source firewall utils would help, but overall, to do what you really want (using 3 T1s as one, with aggregate bandwidth and redundancy, no?) is not easy. What is easy, is to manually segragate your [office] to use each of the T1s. Or, be prepared to spend some money, on hardware and/or a IP network engineer. To go the Open Source/Do-It-Yourself route: I generally follow the ipfilter mailing list, which often has discussion about this sort of thing. The mailing list archives via: http://www.google.com/search?hl=en&q=ipfilter+redundancy http://www.google.com/search?hl=en&lr=&q=ipfilter+load-balancing may get you a good start. Also, they are very helpful/knowledgable, so posting your own question would probably be good too. I've always been partial to ipfilter and BSD for this type of thing, but you can substitute whatever they call the latest Linux firewall package for 'ipfilter' for more specific info. But note that load-balancing, isn't really across T1s, but within the same network, once your upstream link has been crossed. Also, some helpful links: http://www.nwfusion.com/newsletters/linux/2001/00408537.html http://linux-ha.org/ but also note most of these are per-machine high-availability - crossing network links is a whole other ball of wax. And if it makes you feel any better, I'd be happy to pay to colocate a small web/email server with you, to take advantage of one of those T1s. :) Good luck, and keep us informed, Hans Z. __________________________________________________ Do You Yahoo!? Yahoo! - Official partner of 2002 FIFA World Cup http://fifaworldcup.yahoo.com From zaunere at yahoo.com Tue Jun 4 18:42:02 2002 From: zaunere at yahoo.com (Hans Zaunere) Date: Tue, 4 Jun 2002 15:42:02 -0700 (PDT) Subject: [nycphp-talk] relative newbie needs installation help In-Reply-To: <200206042139.g54LdxP17560@slipdisc.virul.net> Message-ID: <20020604224202.11824.qmail@web12802.mail.yahoo.com> Change: $agent=$HTTP_USER_AGENT; to: $agent=$_SERVER['HTTP_USER_AGENT']; and that should do the trick. From first thought, this seems like a register_globals problem, but maybe it's track_vars or variable_order or something. Can't remember off the top. Do a phpinfo(); to confirm that that var is actually getting created as well. HZ --- Michael Southwell wrote: > Thanks, Klaus. This suggestion sounded promising but didn't work. I > > changed register_globals to On and > rebooted. But I still got the following error: > > Notice: Undefined variable: HTTP_USER_AGENT in > g:\\dneba\\browsers.php on > line 50 > > Here is the relevant code (it is obvious which is line 50): > > > Your choice of web browser is the single most important factor in > controlling your experience > of a website. Your browser seems to be > > $agent=$HTTP_USER_AGENT; > > $brow=""; > > if ($brow==""){ > $pos=strpos($agent,"MSIE"); > if ($pos>0){ > $brow="MSIE"; > $level=substr($agent,$pos+5,3); > $new=1;}} > > > I think $HTTP_USER_AGENT is about as basic a variable as you can > get. Needless to say, > this code works perfectly (within its limitations, which no doubt are > > plenty) at http://www.dneba.com/browsers.php. > > So there must be something else going on. > > At 03:10 PM 6/4/2002, you wrote: > > >My first guess is it's a register_globals problem. register_globals > is > >turned off by default in 4.2.1. CGI vs Apache module shouldn't make > a > >difference in this case (I'm assuming you are only using the basic > >variables, such as the post,get,server variables). > > > >As a quick fix, goto your php.ini and find the register_globals > >directive, changing it to 'On'. If this works, let us know; if not, > >what specific variables does it report it can't find/are undefined? > > > >Hans Z. > > > > > >--- Michael Southwell wrote: > > > I have some scripts that are working beautifully on the host but > are > > > not > > > working on my localhost installation (which I thought I had > gotten > > > working): PHP 4.2.1 running under Apache 1.3.24 on Windows XP. > The > > > problem comes in recognizing variables locally, so I get > "undefined > > > variable" and "undefined constant" messages. PHPInfo() tells me > that > > > my > > > local Server API is CGI, while on the host it's Apache. I am > > > guessing that > > > this is the cause of the problems, though I don't really > understand > > > the > > > difference. Can anybody offer an explanation/possible solution? > > > TIA. > > > > > > Michael G. Southwell ================================= > > > DNEBA Enterprises > > > 81 South Road > > > Bloomingdale, NJ 07403-1425 > > > 973/492-7873 (voice and fax) > > > southwell at dneba.com > > > http://www.dneba.com > > > ====================================================== > > > > > > > > > > > > > > >__________________________________________________ > >Do You Yahoo!? > >Yahoo! - Official partner of 2002 FIFA World Cup > >http://fifaworldcup.yahoo.com > > Michael G. Southwell ================================= > DNEBA Enterprises > 81 South Road > Bloomingdale, NJ 07403-1425 > 973/492-7873 (voice and fax) > southwell at dneba.com > http://www.dneba.com > ====================================================== > > > __________________________________________________ Do You Yahoo!? Yahoo! - Official partner of 2002 FIFA World Cup http://fifaworldcup.yahoo.com From zaunere at yahoo.com Tue Jun 4 18:46:06 2002 From: zaunere at yahoo.com (Hans Zaunere) Date: Tue, 4 Jun 2002 15:46:06 -0700 (PDT) Subject: [nycphp-talk] strange ifconfig error message In-Reply-To: <200206041931.g54JVqP16329@slipdisc.virul.net> Message-ID: <20020604224606.6463.qmail@web12808.mail.yahoo.com> And it works properly afterwords? Seems like a driver bug. If you can, cycle the interface down/up and try again. Or reboot/ensure your hardware is good/exactly correct driver version for chipset. I always use the full netmask [255.255.0.0] but that shouldn't really make a difference. HZ --- Jim Suto wrote: > Can anyone explain why this happens: > > [root at reddy root]# ifconfig eth0:1 10.0.101.101/16 > SIOCSIFNETMASK: Cannot assign requested address > [root at reddy root]# ifconfig eth0:1 10.0.101.101/16 > [root at reddy root]# > > If you notice, the second command is exactly the same as the first > (up-arrow) and the second time it takes and properly assigns the IP > address > with no error. Why not the first time? > > Jim > > > __________________________________________________ Do You Yahoo!? Yahoo! - Official partner of 2002 FIFA World Cup http://fifaworldcup.yahoo.com From MSouthwell at bigfoot.com Tue Jun 4 20:30:13 2002 From: MSouthwell at bigfoot.com (Michael Southwell) Date: Tue, 04 Jun 2002 20:30:13 -0400 Subject: [nycphp-talk] relative newbie needs installation help In-Reply-To: <200206042242.g54Mg5P18274@slipdisc.virul.net> Message-ID: <5.1.0.14.2.20020604202754.00b2db98@mail.optonline.net> That does the trick; I will pore over the documentation to try to figure out why. Thanks, Hans. At 06:42 PM 6/4/2002, you wrote: >Change: > $agent=$HTTP_USER_AGENT; > >to: > $agent=$_SERVER['HTTP_USER_AGENT']; > >and that should do the trick. From first thought, this seems like a >register_globals problem, but maybe it's track_vars or variable_order >or something. Can't remember off the top. Do a phpinfo(); to confirm >that that var is actually getting created as well. > >HZ > > >--- Michael Southwell wrote: > > Thanks, Klaus. This suggestion sounded promising but didn't work. I > > > > changed register_globals to On and > > rebooted. But I still got the following error: > > > > Notice: Undefined variable: HTTP_USER_AGENT in > > g:\\dneba\\browsers.php on > > line 50 > > > > Here is the relevant code (it is obvious which is line 50): > > > > > > Your choice of web browser is the single most important factor in > > controlling your experience > > of a website. Your browser seems to be > > > > > $agent=$HTTP_USER_AGENT; > > > > $brow=""; > > > > if ($brow==""){ > > $pos=strpos($agent,"MSIE"); > > if ($pos>0){ > > $brow="MSIE"; > > $level=substr($agent,$pos+5,3); > > $new=1;}} > > > > > > I think $HTTP_USER_AGENT is about as basic a variable as you can > > get. Needless to say, > > this code works perfectly (within its limitations, which no doubt are > > > > plenty) at http://www.dneba.com/browsers.php. > > > > So there must be something else going on. > > > > At 03:10 PM 6/4/2002, you wrote: > > > > >My first guess is it's a register_globals problem. register_globals > > is > > >turned off by default in 4.2.1. CGI vs Apache module shouldn't make > > a > > >difference in this case (I'm assuming you are only using the basic > > >variables, such as the post,get,server variables). > > > > > >As a quick fix, goto your php.ini and find the register_globals > > >directive, changing it to 'On'. If this works, let us know; if not, > > >what specific variables does it report it can't find/are undefined? > > > > > >Hans Z. > > > > > > > > >--- Michael Southwell wrote: > > > > I have some scripts that are working beautifully on the host but > > are > > > > not > > > > working on my localhost installation (which I thought I had > > gotten > > > > working): PHP 4.2.1 running under Apache 1.3.24 on Windows XP. > > The > > > > problem comes in recognizing variables locally, so I get > > "undefined > > > > variable" and "undefined constant" messages. PHPInfo() tells me > > that > > > > my > > > > local Server API is CGI, while on the host it's Apache. I am > > > > guessing that > > > > this is the cause of the problems, though I don't really > > understand > > > > the > > > > difference. Can anybody offer an explanation/possible solution? > > > > TIA. > > > > > > > > Michael G. Southwell ================================= > > > > DNEBA Enterprises > > > > 81 South Road > > > > Bloomingdale, NJ 07403-1425 > > > > 973/492-7873 (voice and fax) > > > > southwell at dneba.com > > > > http://www.dneba.com > > > > ====================================================== > > > > > > > > > > > > > > > > > > > > >__________________________________________________ > > >Do You Yahoo!? > > >Yahoo! - Official partner of 2002 FIFA World Cup > > >http://fifaworldcup.yahoo.com > > > > Michael G. Southwell ================================= > > DNEBA Enterprises > > 81 South Road > > Bloomingdale, NJ 07403-1425 > > 973/492-7873 (voice and fax) > > southwell at dneba.com > > http://www.dneba.com > > ====================================================== > > > > > > > > >__________________________________________________ >Do You Yahoo!? >Yahoo! - Official partner of 2002 FIFA World Cup >http://fifaworldcup.yahoo.com Michael G. Southwell ================================= 81 South Road Bloomingdale, NJ 07403-1419 973-838-1022 (voice) 973-492-7873 (fax) mailto:MSouthwell at bigfoot.com http://www.dneba.com ====================================================== From zaunere at yahoo.com Wed Jun 5 00:24:50 2002 From: zaunere at yahoo.com (Hans Zaunere) Date: Tue, 4 Jun 2002 21:24:50 -0700 (PDT) Subject: NYPHP Wiki WAS:Making URLs Search Engine Friendly - Follow Up In-Reply-To: <200205231443.g4NEhnp36113@slipdisc.virul.net> Message-ID: <20020605042450.47083.qmail@web12807.mail.yahoo.com> Hey Ophir and others, Sorry I'm so late in getting back to this, but it kind of got lost in my email stack. I've cut and pasted Ophir's great info to the wiki (http://dev.nyphp.org/wiki), as well as the follow-up messages, which provide additional info. It's still rough, but I hope people will work with it and get it formatted and completed in more of an article format. Hopefully this will spark the building of additional articles and information with this wiki, which then will be integrated with forums and mailing lists, building a knowledge base. To keep the wiki sane, we have a wiki master/editor, available for contact at wikimaster at nyphp.org. Thank your Charles! People interested in participating with this, should join the NYPHP Development list, since we don't want to clutter other's mail boxes too much. Thank you, Hans Z. --- ophir prusak wrote: > > Hi All, > > I wanted to go over a few items as a follow up to my presentation > last > night (ok - I forgot to look at my notes :) > > 1. I don't know how I forgot to mention this, but one of the biggest > disadvantages of the PATH_INFO method is that it does not work with > cgi > versions of PHP. > As in the nature of yesterday's presentation - does anyone know what > error you get and why it doesn't work with cgi versions of PHP ? > > 2. When making your URLs search engine friendly, there is an > advantage > of using URLs that looks like an .html file (and not just a path, as > often done with the PATH_INFO method). > In the future, if you should want to make any of your pages truly > static, > it makes life easier. > For example, one of the pages on my web site was getting a lot of > traffic, > so instead of having it be created on the fly, I simply created a > crontab > entry that once a day grabbed the dynamic page and saved it to a > static > page. Something like this: > wget http://www.mysite.com/dynamic-version.php -o static-version.html > > Just a side note - I no longer do it this way, but instead use a > output > caching object to get almost the same performance gain. > > 3. Someone asked how do I make ANY file in a directory be treated > like > a PHP file, regardless of filename (under apache of course). Add this > line in your .htaccess file for the directory you want to use: > > ForceType application/x-httpd-php (or whatever mime type you use > for > php) > > For more details see > http://httpd.apache.org/docs/mod/mod_mime.html#forcetype > > I've created an example at: > http://www.consolemonkey.com/nyphp/allphpfiles/example/name/ophir/city/nyc.html > (I'll leave it up to the reader to write the regex to remove the > .html > from the PATH_INFO so your last value won't have .html appended to it > ;) > > Hope you all learned something. > > Ophir > > ---- > Ophir Prusak > Internet developer > prutwo at onebox.com | http://www.prusak.com/ > > > __________________________________________________ Do You Yahoo!? Yahoo! - Official partner of 2002 FIFA World Cup http://fifaworldcup.yahoo.com From zaunere at yahoo.com Wed Jun 5 00:43:13 2002 From: zaunere at yahoo.com (Hans Zaunere) Date: Tue, 4 Jun 2002 21:43:13 -0700 (PDT) Subject: Fwd: [nyc-geeks] McGraw Hill Bookstore closing Message-ID: <20020605044313.49044.qmail@web12807.mail.yahoo.com> > ---------- Forwarded message ---------- > Date: Tue, 04 Jun 2002 13:18:18 -0700 > From: mjr40 at ix.netcom.com > Reply-To: nyc-geeks at yahoogroups.com > To: nyc-geeks at yahoogroups.com > Subject: [nyc-geeks] McGraw Hill Bookstore closing > > Hi all - > > Just wanted to let you know that the McGraw Hill bookstore on 48th > and 6th > (Concourse level) is closing in a week or so. All of their computer > books > are 20% off. They have a wide range of titles: Java, PHP, Perl, > Unix, > Linux, networking, databases, and more Open Source things. Also, > Computer > Book Works downtown at 78 Reade St. has a Sunday discount; I think it > is > 10%. I think business is slow since 9/11. > > Matt > __________________________________________________ Do You Yahoo!? Yahoo! - Official partner of 2002 FIFA World Cup http://fifaworldcup.yahoo.com From ejp at well.com Wed Jun 5 08:06:06 2002 From: ejp at well.com (Edward Potter) Date: Wed, 05 Jun 2002 08:06:06 -0400 Subject: [nycphp-talk] Fwd: [nyc-geeks] McGraw Hill Bookstore closing References: <200206050443.g554hHP22126@slipdisc.virul.net> Message-ID: <3CFDFEAE.6020001@well.com> 2 bad, i remember many hours spent there checking out the racks of computer and science books. One of those Manhattan icons to me. Hmmmm, I guess if I had the $$$, it would be cool to open up a geek book store somewhere on Lower Ludlow Street, throw in some techno music, flat panels and power drinks. :-) I heard the new Wolfram book is going to be big, some maybe science will be fun again! >>>> The next Newton? Recluse, maverick physicist and Mathematica developer Stephen Wolfram claims to have revolutionized science with his new, computer-based theories. http://www.salon.com/books/feature/2002/05/15/wolfram/index.html :-) e Hans Zaunere wrote: >>---------- Forwarded message ---------- >>Date: Tue, 04 Jun 2002 13:18:18 -0700 >>From: mjr40 at ix.netcom.com >>Reply-To: nyc-geeks at yahoogroups.com >>To: nyc-geeks at yahoogroups.com >>Subject: [nyc-geeks] McGraw Hill Bookstore closing >> >>Hi all - >> >>Just wanted to let you know that the McGraw Hill bookstore on 48th >>and 6th >>(Concourse level) is closing in a week or so. All of their computer >>books >>are 20% off. They have a wide range of titles: Java, PHP, Perl, >>Unix, >>Linux, networking, databases, and more Open Source things. Also, >>Computer >>Book Works downtown at 78 Reade St. has a Sunday discount; I think it >>is >>10%. I think business is slow since 9/11. >> >>Matt >> >> > > __________________________________________________ > Do You Yahoo!? > Yahoo! - Official partner of 2002 FIFA World Cup > http://fifaworldcup.yahoo.com > > > > From jim at alliedtours.com Wed Jun 5 09:44:13 2002 From: jim at alliedtours.com (Jim Suto) Date: Wed, 5 Jun 2002 09:44:13 -0400 Subject: [nycphp-talk] strange ifconfig error message In-Reply-To: <200206042246.g54MkAP18305@slipdisc.virul.net> Message-ID: Yes, it works properly afterwards. And I tried this on at least 2 machines (RH 7.3) and they both exhibited the same behaviour. I believe it's using the tulip driver (netgear cards). Jim > -----Original Message----- > From: Hans Zaunere [mailto:zaunere at yahoo.com] > Sent: Tuesday, June 04, 2002 6:46 PM > To: NYPHP Talk > Subject: Re: [nycphp-talk] strange ifconfig error message > > > > And it works properly afterwords? Seems like a driver bug. If you > can, cycle the interface down/up and try again. Or reboot/ensure your > hardware is good/exactly correct driver version for chipset. I always > use the full netmask [255.255.0.0] but that shouldn't really make a > difference. > > HZ > > > --- Jim Suto wrote: > > Can anyone explain why this happens: > > > > [root at reddy root]# ifconfig eth0:1 10.0.101.101/16 > > SIOCSIFNETMASK: Cannot assign requested address > > [root at reddy root]# ifconfig eth0:1 10.0.101.101/16 > > [root at reddy root]# > > > > If you notice, the second command is exactly the same as the first > > (up-arrow) and the second time it takes and properly assigns the IP > > address > > with no error. Why not the first time? > > > > Jim > > > > > > > > > __________________________________________________ > Do You Yahoo!? > Yahoo! - Official partner of 2002 FIFA World Cup > http://fifaworldcup.yahoo.com > From ssmith at tomega.com Wed Jun 5 09:58:18 2002 From: ssmith at tomega.com (Sean Smith) Date: Wed, 05 Jun 2002 09:58:18 -0400 Subject: [nycphp-talk] strange ifconfig error message References: <200206051340.g55DesP28289@slipdisc.virul.net> Message-ID: <3CFE18FA.3A3A2751@tomega.com> Hello everyone, I joined the list about a month ago and have been reading some very useful posts. They have helped a great deal. Thank you to everyone. About the ifconfig error, is this only happening on RH 7.3? I've used the tulip drivers with netgears cards from RH 6.2 up to RH 7.1 (current running version at my office) without a problem. I have downloaded 7.3 just haven't upgraded yet. I guess I won't until I hear the results of this problem. -------------- next part -------------- A non-text attachment was scrubbed... Name: ssmith.vcf Type: text/x-vcard Size: 316 bytes Desc: Card for Sean Smith URL: From MSouthwell at bigfoot.com Wed Jun 5 17:21:15 2002 From: MSouthwell at bigfoot.com (Michael Southwell) Date: Wed, 05 Jun 2002 17:21:15 -0400 Subject: [nycphp-talk] relative newbie needs installation help In-Reply-To: <200206042242.g54Mg5P18274@slipdisc.virul.net> Message-ID: <5.1.0.14.2.20020605171755.00b42e38@mail.optonline.net> Many thanks, Hans; this makes it work perfectly. I will now proceed to struggle through the documentation to try to figure out exactly how this is different from the original, and why this works while the other didn't. Thanks also to others who chimed in; this list is very helpful! At 06:42 PM 6/4/2002, you wrote: >Change: > $agent=$HTTP_USER_AGENT; > >to: > $agent=$_SERVER['HTTP_USER_AGENT']; > >and that should do the trick. From first thought, this seems like a >register_globals problem, but maybe it's track_vars or variable_order >or something. Can't remember off the top. Do a phpinfo(); to confirm >that that var is actually getting created as well. > >HZ > > >--- Michael Southwell wrote: > > Thanks, Klaus. This suggestion sounded promising but didn't work. I > > > > changed register_globals to On and > > rebooted. But I still got the following error: > > > > Notice: Undefined variable: HTTP_USER_AGENT in > > g:\\dneba\\browsers.php on > > line 50 > > > > Here is the relevant code (it is obvious which is line 50): > > > > > > Your choice of web browser is the single most important factor in > > controlling your experience > > of a website. Your browser seems to be > > > > > $agent=$HTTP_USER_AGENT; > > > > $brow=""; > > > > if ($brow==""){ > > $pos=strpos($agent,"MSIE"); > > if ($pos>0){ > > $brow="MSIE"; > > $level=substr($agent,$pos+5,3); > > $new=1;}} > > > > > > I think $HTTP_USER_AGENT is about as basic a variable as you can > > get. Needless to say, > > this code works perfectly (within its limitations, which no doubt are > > > > plenty) at http://www.dneba.com/browsers.php. > > > > So there must be something else going on. > > > > At 03:10 PM 6/4/2002, you wrote: > > > > >My first guess is it's a register_globals problem. register_globals > > is > > >turned off by default in 4.2.1. CGI vs Apache module shouldn't make > > a > > >difference in this case (I'm assuming you are only using the basic > > >variables, such as the post,get,server variables). > > > > > >As a quick fix, goto your php.ini and find the register_globals > > >directive, changing it to 'On'. If this works, let us know; if not, > > >what specific variables does it report it can't find/are undefined? > > > > > >Hans Z. > > > > > > > > >--- Michael Southwell wrote: > > > > I have some scripts that are working beautifully on the host but > > are > > > > not > > > > working on my localhost installation (which I thought I had > > gotten > > > > working): PHP 4.2.1 running under Apache 1.3.24 on Windows XP. > > The > > > > problem comes in recognizing variables locally, so I get > > "undefined > > > > variable" and "undefined constant" messages. PHPInfo() tells me > > that > > > > my > > > > local Server API is CGI, while on the host it's Apache. I am > > > > guessing that > > > > this is the cause of the problems, though I don't really > > understand > > > > the > > > > difference. Can anybody offer an explanation/possible solution? > > > > TIA. > > > > > > > > Michael G. Southwell ================================= > > > > DNEBA Enterprises > > > > 81 South Road > > > > Bloomingdale, NJ 07403-1425 > > > > 973/492-7873 (voice and fax) > > > > southwell at dneba.com > > > > http://www.dneba.com > > > > ====================================================== > > > > > > > > > > > > > > > > > > > > >__________________________________________________ > > >Do You Yahoo!? > > >Yahoo! - Official partner of 2002 FIFA World Cup > > >http://fifaworldcup.yahoo.com > > > > Michael G. Southwell ================================= > > DNEBA Enterprises > > 81 South Road > > Bloomingdale, NJ 07403-1425 > > 973/492-7873 (voice and fax) > > southwell at dneba.com > > http://www.dneba.com > > ====================================================== > > > > > > > > >__________________________________________________ >Do You Yahoo!? >Yahoo! - Official partner of 2002 FIFA World Cup >http://fifaworldcup.yahoo.com Michael G. Southwell ================================= 81 South Road Bloomingdale, NJ 07403-1419 973-838-1022 (voice) 973-492-7873 (fax) mailto:MSouthwell at bigfoot.com http://www.dneba.com ====================================================== From southwell at dneba.com Wed Jun 5 23:12:23 2002 From: southwell at dneba.com (Michael Southwell) Date: Wed, 05 Jun 2002 23:12:23 -0400 Subject: receiving params passed from one webpage to another Message-ID: <5.1.0.14.2.20020605231046.00b48df0@mail.optonline.net> Here I am with another elementary question; sorry about that. I'm trying to pass parameters from one webpage to another. So I have something like this in the first one: please help by ">letting us know I can tell by the url that the parameter is being sent correctly. Then in browform I have (for testing purposes) But this gives me the notice that "brow is an undefined variable." So the problem is that browform isn't receiving the parameter. I'm sure there's some very simple answer to this (I have this kind of thing working perfectly elsewhere in a POST), but right now I'm stumped. Can somebody help? Thanks in advance. Michael G. Southwell ================================= DNEBA Enterprises 81 South Road Bloomingdale, NJ 07403-1425 973/492-7873 (voice and fax) southwell at dneba.com http://www.dneba.com ====================================================== From nyphp at altunergil.com Wed Jun 5 23:22:58 2002 From: nyphp at altunergil.com (Oktay Altunergil) Date: Wed, 5 Jun 2002 23:22:58 -0400 Subject: [nycphp-talk] receiving params passed from one webpage to another In-Reply-To: <200206060315.g563FPP36885@slipdisc.virul.net> References: <200206060315.g563FPP36885@slipdisc.virul.net> Message-ID: <20020605232258.20a15098.nyphp@altunergil.com> Try to echo $GLOBALS[HTTP_GET_VARS]['brow'] on the receiving page. If this works, you might want to look into whether you should enable register_globals in php.ini. Oktay Altunergil On Wed, 05 Jun 2002 23:15:25 -0400 Michael Southwell wrote: > Here I am with another elementary question; sorry about that. > > I'm trying to pass parameters from one webpage to another. So > I have something like this in the first one: > > please help by ">letting > us know > > I can tell by the url that the parameter is being sent correctly. > > Then in browform I have (for testing purposes) > > > > But this gives me the notice that "brow is an undefined variable." So the > problem > is that browform isn't receiving the parameter. > > I'm sure there's some very simple answer to this (I have this > kind of thing working perfectly elsewhere in a POST), but right now I'm > stumped. > Can somebody help? Thanks in advance. > > > Michael G. Southwell ================================= > DNEBA Enterprises > 81 South Road > Bloomingdale, NJ 07403-1425 > 973/492-7873 (voice and fax) > southwell at dneba.com > http://www.dneba.com > ====================================================== > > > From brian at preston-campbell.com Wed Jun 5 23:29:32 2002 From: brian at preston-campbell.com (Preston-Campbell) Date: Wed, 5 Jun 2002 23:29:32 -0400 Subject: [nycphp-talk] receiving params passed from one webpage to another References: <200206060315.g563FPP36885@slipdisc.virul.net> Message-ID: <006801c20d0a$60f1f960$6e7094ce@p1n1w5> Wouldn't it be cleaner to do echo "please help by letting us know"; ??? ----- Original Message ----- From: "Michael Southwell" To: "NYPHP Talk" Sent: Wednesday, June 05, 2002 11:15 PM Subject: [nycphp-talk] receiving params passed from one webpage to another > Here I am with another elementary question; sorry about that. > > I'm trying to pass parameters from one webpage to another. So > I have something like this in the first one: > > please help by ">letting > us know > > I can tell by the url that the parameter is being sent correctly. > > Then in browform I have (for testing purposes) > > > > But this gives me the notice that "brow is an undefined variable." So the > problem > is that browform isn't receiving the parameter. > > I'm sure there's some very simple answer to this (I have this > kind of thing working perfectly elsewhere in a POST), but right now I'm > stumped. > Can somebody help? Thanks in advance. > > > Michael G. Southwell ================================= > DNEBA Enterprises > 81 South Road > Bloomingdale, NJ 07403-1425 > 973/492-7873 (voice and fax) > southwell at dneba.com > http://www.dneba.com > ====================================================== > > > > > From adam at ecamp.net Wed Jun 5 23:36:21 2002 From: adam at ecamp.net (Adam) Date: Wed, 5 Jun 2002 23:36:21 -0400 Subject: [nycphp-talk] receiving params passed from one webpage to another In-Reply-To: <200206060329.g563TeP37051@slipdisc.virul.net> Message-ID: Well style is one thing... As Oktay said, his problem is most likely he's using 4.2+ and register_globals is off. -----Original Message----- From: Preston-Campbell [mailto:brian at preston-campbell.com] Sent: Wednesday, June 05, 2002 11:30 PM To: NYPHP Talk Subject: Re: [nycphp-talk] receiving params passed from one webpage to another Wouldn't it be cleaner to do echo "please help by letting us know"; ??? ----- Original Message ----- From: "Michael Southwell" To: "NYPHP Talk" Sent: Wednesday, June 05, 2002 11:15 PM Subject: [nycphp-talk] receiving params passed from one webpage to another > Here I am with another elementary question; sorry about that. > > I'm trying to pass parameters from one webpage to another. So > I have something like this in the first one: > > please help by ">letting > us know > > I can tell by the url that the parameter is being sent correctly. > > Then in browform I have (for testing purposes) > > > > But this gives me the notice that "brow is an undefined variable." So the > problem > is that browform isn't receiving the parameter. > > I'm sure there's some very simple answer to this (I have this > kind of thing working perfectly elsewhere in a POST), but right now I'm > stumped. > Can somebody help? Thanks in advance. > > > Michael G. Southwell ================================= > DNEBA Enterprises > 81 South Road > Bloomingdale, NJ 07403-1425 > 973/492-7873 (voice and fax) > southwell at dneba.com > http://www.dneba.com > ====================================================== > > > > > From rderoo at supserv.com Thu Jun 6 09:32:02 2002 From: rderoo at supserv.com (Raymond DeRoo) Date: Thu, 6 Jun 2002 09:32:02 -0400 Subject: [nycphp-talk] receiving params passed from one webpage to another In-Reply-To: <200206060329.g563TeP37051@slipdisc.virul.net> References: <200206060329.g563TeP37051@slipdisc.virul.net> Message-ID: <200206061327.g56DRuY0006332@base.deroo.net> > Wouldn't it be cleaner to do > echo "please help by letting us > know"; > ??? I would say that is a matter of opinion. I go to great lengths not to have php output HTML. I personally find please help by ">letting us know to much easier easier to read than echo "please help by letting us know"; especially when working within syntax highlighting editors. Not to mention it is faster to not have PHP parse something it will do nothing with. Granted in this case no speed increase would be realized. I tend to break a page into two parts. The first or top part has just about all the PHP code which the page is going to use. The second or bottom has the HTML and where I need to insert a value I simply . Now, as a rule, I do not use short tags (ie one will never find ) but allowing for the ASP style output is *very* nice and, IMO, go a long way to making readable code. .r From zaunere at yahoo.com Thu Jun 6 10:00:09 2002 From: zaunere at yahoo.com (Hans Zaunere) Date: Thu, 6 Jun 2002 07:00:09 -0700 (PDT) Subject: [nycphp-talk] relative newbie needs installation help In-Reply-To: <200206052122.g55LMtP33307@slipdisc.virul.net> Message-ID: <20020606140009.56765.qmail@web12808.mail.yahoo.com> On a 4.1.2 install of PHP, I turned register_globals = On in php.ini and stopped/started apache. Voila, $HTTP_USER_AGENT is found. So, you might not be getting the proper setting of register_globals, and even in 4.2.x this should still work. However, I would move away from this, since depending on globally scoped variables and register_globals is being deprecated quickly. For this situation, get_browser() may be the way to go. Hans Z. --- Michael Southwell wrote: > Many thanks, Hans; this makes it work perfectly. I will now proceed > to > struggle through the documentation to try to figure out exactly how > this is > different from the original, and why this works while the other > didn't. Thanks also to others who chimed in; this list is very > helpful! > > At 06:42 PM 6/4/2002, you wrote: > > >Change: > > $agent=$HTTP_USER_AGENT; > > > >to: > > $agent=$_SERVER['HTTP_USER_AGENT']; > > > >and that should do the trick. From first thought, this seems like a > >register_globals problem, but maybe it's track_vars or > variable_order > >or something. Can't remember off the top. Do a phpinfo(); to > confirm > >that that var is actually getting created as well. > > > >HZ > > > > > >--- Michael Southwell wrote: > > > Thanks, Klaus. This suggestion sounded promising but didn't > work. I > > > > > > changed register_globals to On and > > > rebooted. But I still got the following error: > > > > > > Notice: Undefined variable: HTTP_USER_AGENT in > > > g:\\dneba\\browsers.php on > > > line 50 > > > > > > Here is the relevant code (it is obvious which is line 50): > > > > > > > > > Your choice of web browser is the single most important factor in > > > controlling your experience > > > of a website. Your browser seems to be > > > > > > > > $agent=$HTTP_USER_AGENT; > > > > > > $brow=""; > > > > > > if ($brow==""){ > > > $pos=strpos($agent,"MSIE"); > > > if ($pos>0){ > > > $brow="MSIE"; > > > $level=substr($agent,$pos+5,3); > > > $new=1;}} > > > > > > > > > I think $HTTP_USER_AGENT is about as basic a variable as you can > > > get. Needless to say, > > > this code works perfectly (within its limitations, which no doubt > are > > > > > > plenty) at http://www.dneba.com/browsers.php. > > > > > > So there must be something else going on. > > > > > > At 03:10 PM 6/4/2002, you wrote: > > > > > > >My first guess is it's a register_globals problem. > register_globals > > > is > > > >turned off by default in 4.2.1. CGI vs Apache module shouldn't > make > > > a > > > >difference in this case (I'm assuming you are only using the > basic > > > >variables, such as the post,get,server variables). > > > > > > > >As a quick fix, goto your php.ini and find the register_globals > > > >directive, changing it to 'On'. If this works, let us know; if > not, > > > >what specific variables does it report it can't find/are > undefined? > > > > > > > >Hans Z. > > > > > > > > > > > >--- Michael Southwell wrote: > > > > > I have some scripts that are working beautifully on the host > but > > > are > > > > > not > > > > > working on my localhost installation (which I thought I had > > > gotten > > > > > working): PHP 4.2.1 running under Apache 1.3.24 on Windows > XP. > > > The > > > > > problem comes in recognizing variables locally, so I get > > > "undefined > > > > > variable" and "undefined constant" messages. PHPInfo() tells > me > > > that > > > > > my > > > > > local Server API is CGI, while on the host it's Apache. I am > > > > > guessing that > > > > > this is the cause of the problems, though I don't really > > > understand > > > > > the > > > > > difference. Can anybody offer an explanation/possible > solution? > > > > > TIA. > > > > > > > > > > Michael G. Southwell ================================= > > > > > DNEBA Enterprises > > > > > 81 South Road > > > > > Bloomingdale, NJ 07403-1425 > > > > > 973/492-7873 (voice and fax) > > > > > southwell at dneba.com > > > > > http://www.dneba.com > > > > > ====================================================== > > > > > > > > > > > > > > > > > > > > > > > > > > >__________________________________________________ > > > >Do You Yahoo!? > > > >Yahoo! - Official partner of 2002 FIFA World Cup > > > >http://fifaworldcup.yahoo.com > > > > > > Michael G. Southwell ================================= > > > DNEBA Enterprises > > > 81 South Road > > > Bloomingdale, NJ 07403-1425 > > > 973/492-7873 (voice and fax) > > > southwell at dneba.com > > > http://www.dneba.com > > > ====================================================== > > > > > > > > > > > > > > >__________________________________________________ > >Do You Yahoo!? > >Yahoo! - Official partner of 2002 FIFA World Cup > >http://fifaworldcup.yahoo.com > > Michael G. Southwell ================================= > 81 South Road > Bloomingdale, NJ 07403-1419 > 973-838-1022 (voice) 973-492-7873 (fax) > mailto:MSouthwell at bigfoot.com > http://www.dneba.com > ====================================================== > > > __________________________________________________ Do You Yahoo!? Yahoo! - Official partner of 2002 FIFA World Cup http://fifaworldcup.yahoo.com From zaunere at yahoo.com Thu Jun 6 10:05:46 2002 From: zaunere at yahoo.com (Hans Zaunere) Date: Thu, 6 Jun 2002 07:05:46 -0700 (PDT) Subject: [nycphp-talk] strange ifconfig error message In-Reply-To: <200206051358.g55DwLP28493@slipdisc.virul.net> Message-ID: <20020606140546.70823.qmail@web12805.mail.yahoo.com> I don't think this would be a problem in RedHat, per se, but rather the kernel/NIC drivers of any given Linux distro. Tulip NICs and their drivers, from my expierence, have been notorisouly fickle - they seem to have slight version changes and revisions regularly. This may just be a case of the NIC being a different revision than the driver - and the ifconfig command needs to be pounded in a little harder, by way of the extra call. I have RH 7.3 on a couple production machines, and it's been running great (it's beginning to rival my faith in 6.2). I wouldn't let this stop you from the upgrade, and you could always downgrade/recompile an older driver revision for your NIC. HZ --- Sean Smith wrote: > This message contained 1 file(s) and is available at > http://nyphp.org/list/paralist_archive.html?L_mid=294 > > Hello everyone, > > I joined the list about a month ago and have been reading some > very > useful posts. They have helped a great deal. Thank you to everyone. > > About the ifconfig error, is this only happening on RH 7.3? I've > used the tulip drivers with netgears cards from RH 6.2 up to RH 7.1 > (current running version at my office) without a problem. I have > downloaded 7.3 just haven't upgraded yet. I guess I won't until I > hear > the results of this problem. > > __________________________________________________ Do You Yahoo!? Yahoo! - Official partner of 2002 FIFA World Cup http://fifaworldcup.yahoo.com From zaunere at yahoo.com Thu Jun 6 10:13:07 2002 From: zaunere at yahoo.com (Hans Zaunere) Date: Thu, 6 Jun 2002 07:13:07 -0700 (PDT) Subject: [nycphp-talk] receiving params passed from one webpage to another In-Reply-To: <200206060315.g563FPP36885@slipdisc.virul.net> Message-ID: <20020606141307.30572.qmail@web12803.mail.yahoo.com> This is certainly a register_globals issue - but don't turn it on! Code better! in a.php: Please help by letting us know Then in browform.php: Thank you for helping ! Or something similar. Note that wrote: > Here I am with another elementary question; sorry about that. > > I'm trying to pass parameters from one webpage to another. So > I have something like this in the first one: > > please help by ?>">letting > us know > > I can tell by the url that the parameter is being sent correctly. > > Then in browform I have (for testing purposes) > > > > But this gives me the notice that "brow is an undefined variable." > So the > problem > is that browform isn't receiving the parameter. > > I'm sure there's some very simple answer to this (I have this > kind of thing working perfectly elsewhere in a POST), but right now > I'm > stumped. > Can somebody help? Thanks in advance. > > > Michael G. Southwell ================================= > DNEBA Enterprises > 81 South Road > Bloomingdale, NJ 07403-1425 > 973/492-7873 (voice and fax) > southwell at dneba.com > http://www.dneba.com > ====================================================== > > > __________________________________________________ Do You Yahoo!? Yahoo! - Official partner of 2002 FIFA World Cup http://fifaworldcup.yahoo.com From southwell at dneba.com Thu Jun 6 10:44:26 2002 From: southwell at dneba.com (Michael Southwell) Date: Thu, 06 Jun 2002 10:44:26 -0400 Subject: [nycphp-talk] receiving params passed from one webpage to another In-Reply-To: <200206060323.g563N3P36967@slipdisc.virul.net> Message-ID: <5.1.0.14.2.20020606103718.00b4de88@mail.optonline.net> Register_globals is already turned on, so that's not it. The url "http://localhost/dneba/browform.php?brow=a%20new" shows me that the parameter is indeed being passed. Echoing $GLOBALS[HTTP_GET_VARS]['brow'] produces "Array['brow']" which I don't find exactly comprehensible but is clearly not what I'm looking for. So I'm still stuck. At 11:23 PM 6/5/2002, you wrote: >Try to echo $GLOBALS[HTTP_GET_VARS]['brow'] on the receiving page. If >this works, you might want to look into whether you should >enable register_globals in php.ini. > >Oktay Altunergil > >On Wed, 05 Jun 2002 23:15:25 -0400 >Michael Southwell wrote: > > > Here I am with another elementary question; sorry about that. > > > > I'm trying to pass parameters from one webpage to another. So > > I have something like this in the first one: > > > > please help by ">letting > > us know > > > > I can tell by the url that the parameter is being sent correctly. > > > > Then in browform I have (for testing purposes) > > > > > > > > But this gives me the notice that "brow is an undefined variable." So the > > problem > > is that browform isn't receiving the parameter. > > > > I'm sure there's some very simple answer to this (I have this > > kind of thing working perfectly elsewhere in a POST), but right now I'm > > stumped. > > Can somebody help? Thanks in advance. > > > > > > Michael G. Southwell ================================= > > DNEBA Enterprises > > 81 South Road > > Bloomingdale, NJ 07403-1425 > > 973/492-7873 (voice and fax) > > southwell at dneba.com > > http://www.dneba.com > > ====================================================== > > > > > > Michael G. Southwell ================================= DNEBA Enterprises 81 South Road Bloomingdale, NJ 07403-1425 973/492-7873 (voice and fax) southwell at dneba.com http://www.dneba.com ====================================================== From rderoo at byramhealthcare.com Thu Jun 6 11:05:38 2002 From: rderoo at byramhealthcare.com (Raymond DeRoo) Date: Thu, 6 Jun 2002 11:05:38 -0400 Subject: [nycphp-talk] receiving params passed from one webpage to another In-Reply-To: <200206061444.g56EiEP44643@slipdisc.virul.net> References: <200206061444.g56EiEP44643@slipdisc.virul.net> Message-ID: <200206061501.g56F1TKs006580@mail01.byramhealthcare.com> Michael-- > Register_globals is already turned on, so that's not it. The url > "http://localhost/dneba/browform.php?brow=a%20new" shows me that the > parameter is indeed being passed. Echoing > $GLOBALS[HTTP_GET_VARS]['brow'] produces "Array['brow']" which I don't > find exactly comprehensible but is clearly not what I'm looking for. So > I'm still stuck. What version of PHP are you using? Although your php.ini may say it is on, what does the output of phpinfo() say? .r From zaunere at yahoo.com Thu Jun 6 11:35:00 2002 From: zaunere at yahoo.com (Hans Zaunere) Date: Thu, 6 Jun 2002 08:35:00 -0700 (PDT) Subject: JOB FORUM Rescheduled Message-ID: <20020606153500.83942.qmail@web12805.mail.yahoo.com> Hello all, As to not interfere with the Mozbash.NYC, the Job forum has been moved up one day (6/13) and the RSVP date is (6/11). I've also updated some details on http://nyphp.org, so take a look there. Thank you, Hans Z. __________________________________________________ Do You Yahoo!? Yahoo! - Official partner of 2002 FIFA World Cup http://fifaworldcup.yahoo.com From rderoo at supserv.com Thu Jun 6 12:01:55 2002 From: rderoo at supserv.com (Raymond DeRoo) Date: Thu, 6 Jun 2002 12:01:55 -0400 Subject: [nycphp-talk] receiving params passed from one webpage to another Message-ID: <200206061557.g56FvlY0006874@base.deroo.net> Michael-- > Register_globals is already turned on, so that's not it. The url > "http://localhost/dneba/browform.php?brow=a%20new" shows me that the > parameter is indeed being passed. Echoing > $GLOBALS[HTTP_GET_VARS]['brow'] produces "Array['brow']" which I don't > find exactly comprehensible but is clearly not what I'm looking for. So > I'm still stuck. What version of PHP are you using? Although your php.ini may say it is on, what does the output of phpinfo() say? .r From southwell at dneba.com Thu Jun 6 15:53:40 2002 From: southwell at dneba.com (Michael Southwell) Date: Thu, 06 Jun 2002 15:53:40 -0400 Subject: Fwd: Re: [nycphp-talk] receiving params passed from one webpage to another -- SOLVED Message-ID: <5.1.0.14.2.20020606155026.00b34590@wheresmymailserver.com> Thanks a lot, guys. It turns out that php was using php.ini in m:\\windows but I was modifying php.ini in m:\\windows\\system32. stupid!! >Date: Thu, 06 Jun 2002 10:44:26 -0400 >To: talk at nyphp.org >From: Michael Southwell >Subject: Re: [nycphp-talk] receiving params passed from one webpage to another > >Register_globals is already turned on, so that's not it. The url >"http://localhost/dneba/browform.php?brow=a%20new" shows me that the >parameter is indeed being passed. Echoing >$GLOBALS[HTTP_GET_VARS]['brow'] produces "Array['brow']" which I don't >find exactly comprehensible but is clearly not what I'm looking for. So >I'm still stuck. Michael G. Southwell ================================= DNEBA Enterprises 81 South Road Bloomingdale, NJ 07403-1425 973/492-7873 (voice and fax) southwell at dneba.com http://www.dneba.com ====================================================== From nyphp at altunergil.com Thu Jun 6 16:01:57 2002 From: nyphp at altunergil.com (Oktay Altunergil) Date: Thu, 6 Jun 2002 16:01:57 -0400 Subject: Fwd: Re: [nycphp-talk] receiving params passed from one webpage to another -- SOLVED In-Reply-To: <200206061956.g56JuqP48396@slipdisc.virul.net> References: <200206061956.g56JuqP48396@slipdisc.virul.net> Message-ID: <20020606160157.65b43e19.nyphp@altunergil.com> FYI, You should check the output of phpinfo(); to see if something like register_globals is turned on or off rather than the php.ini file itself. You might have multiple copies or your only copy might be in the incorrect directory which makes it unreliable. On the same page you will also find (towards the TOP) the location of the php.ini file your PHP installation is reading when it's initialized. Oktay ALtunergil On Thu, 06 Jun 2002 15:56:52 -0400 Michael Southwell wrote: > Thanks a lot, guys. It turns out that php was using php.ini in m:\\windows > but I was modifying php.ini in m:\\windows\\system32. stupid!! > > >Date: Thu, 06 Jun 2002 10:44:26 -0400 > >To: talk at nyphp.org > >From: Michael Southwell > >Subject: Re: [nycphp-talk] receiving params passed from one webpage to another > > > >Register_globals is already turned on, so that's not it. The url > >"http://localhost/dneba/browform.php?brow=a%20new" shows me that the > >parameter is indeed being passed. Echoing > >$GLOBALS[HTTP_GET_VARS]['brow'] produces "Array['brow']" which I don't > >find exactly comprehensible but is clearly not what I'm looking for. So > >I'm still stuck. > > Michael G. Southwell ================================= > DNEBA Enterprises > 81 South Road > Bloomingdale, NJ 07403-1425 > 973/492-7873 (voice and fax) > southwell at dneba.com > http://www.dneba.com > ====================================================== > > > From MSouthwell at bigfoot.com Thu Jun 6 16:10:48 2002 From: MSouthwell at bigfoot.com (Michael Southwell) Date: Thu, 06 Jun 2002 16:10:48 -0400 Subject: Fwd: Re: [nycphp-talk] receiving params passed from one webpage to another -- SOLVED In-Reply-To: <200206062002.g56K21P48513@slipdisc.virul.net> Message-ID: <5.1.0.14.2.20020606160919.00b232e0@mail.optonline.net> yeah, that's exactly how I solved this after discovering that it all worked perfectly on my host but not on localhost. Many thanks for your help in getting me going in the right direction. At 04:02 PM 6/6/2002, you wrote: >FYI, > >You should check the output of phpinfo(); to see if something like >register_globals is turned on or off rather than the php.ini file itself. >You might have multiple copies or your only copy might be in the incorrect >directory which makes it unreliable. On the same page you will also find >(towards the TOP) the location of the php.ini file your PHP installation >is reading when it's initialized. > >Oktay ALtunergil > >On Thu, 06 Jun 2002 15:56:52 -0400 >Michael Southwell wrote: > > > Thanks a lot, guys. It turns out that php was using php.ini in m:\\windows > > but I was modifying php.ini in m:\\windows\\system32. stupid!! > > > > >Date: Thu, 06 Jun 2002 10:44:26 -0400 > > >To: talk at nyphp.org > > >From: Michael Southwell > > >Subject: Re: [nycphp-talk] receiving params passed from one webpage to > another > > > > > >Register_globals is already turned on, so that's not it. The url > > >"http://localhost/dneba/browform.php?brow=a%20new" shows me that the > > >parameter is indeed being passed. Echoing > > >$GLOBALS[HTTP_GET_VARS]['brow'] produces "Array['brow']" which I don't > > >find exactly comprehensible but is clearly not what I'm looking for. So > > >I'm still stuck. > > > > Michael G. Southwell ================================= > > DNEBA Enterprises > > 81 South Road > > Bloomingdale, NJ 07403-1425 > > 973/492-7873 (voice and fax) > > southwell at dneba.com > > http://www.dneba.com > > ====================================================== > > > > > > Michael G. Southwell ================================= 81 South Road Bloomingdale, NJ 07403-1419 973-838-1022 (voice) 973-492-7873 (fax) mailto:MSouthwell at bigfoot.com http://www.dneba.com ====================================================== From prutwo at onebox.com Fri Jun 7 09:56:35 2002 From: prutwo at onebox.com (ophir prusak) Date: Fri, 07 Jun 2002 06:56:35 -0700 Subject: Fwd: [PHP Classes] comp.lang.php newsgroup to be approved with your help Message-ID: <20020607135636.TIBU4694.mta07.onebox.com@onebox.com> Please help create a comp.lang.php newsgroup ! I just got this in my email - every vote counts ! Ophir Forwarded email: --------------------- Another issue that is not really related with the PHP Classes site butis very important for the recognition of PHP as a language well supported within the programming community, is the fact that finally a newsgroup named comp.lang.php is about to be voted for approval in the Usenet. For those that do not know what this means, Usenet is probably the oldest network of discussion groups distributed over the Internet. It has several hierarchies of groups but only the Big 8 are well distributed among ISPs. The comp hierarchy is one of the Big 8 hierarchies. There are already the alt.php, alt.php.sql and the alt.comp.lang.phpnews groups but the alt hierarchy is not one of the Big 8 hierarchies andso it is not so widely available as the comp hierarchy. There are also several regional PHP newsgroups that are even less well distributed. The official mailing lists maintained by the PHP Group are also available via NNTP but AFAIK no ISP redistributes those news groups. Having a PHP newsgroup sub-hierarchy under comp.lang.php is not justa matter of having a better distributed hierarchy of PHP news groups. Itis also a matter of status for PHP as well recognized language. If you go to Google and see the list of languages under the comp.lang hierarchy, you see there 55 languages and none of them is PHP, as ifPHP would be such a minor language that would not justify a hierarchy for itself. http://groups.google.com/groups?hl=en&lr=&group=comp.lang So, it is very important for PHP and all of those that work with it,that the comp.lang.php group just submitted for voting becomes approved. The Call For votes message was posted here: http://groups.google.com/groups?selm=1023125386.82479%40isc.org So, all you need to do to contribute to the process of approval is tosend a message to vote at technopagan.org with the text "I vote YES on comp.lang.php" in the body of the message. Eventually this link will help you do it without much effort: vote at technopagan.org?Body=I%20vote%20YES%20on%20comp.lang.php Of course, you should only vote YES if you agree with the creation ofthe news group, but as subscriber of the PHP Classes site I assume that you most likely agree that it is a good idea. In the name of the PHP community, thank you for your cooperation. Regards, Manuel Lemos --------------------------- The original email is attached. ---- Ophir Prusak Internet developer prutwo at onebox.com | http://www.prusak.com/ -------------- next part -------------- An embedded message was scrubbed... From: PHP Classes Subject: [PHP Classes] Latest PHP news in the site newsletter and comp.lang.php newsgroup to be approved with your help Date: 7 Jun 2002 02:54:30 -0000 Size: 3947 URL: From prutwo at onebox.com Fri Jun 7 10:47:23 2002 From: prutwo at onebox.com (ophir prusak) Date: Fri, 07 Jun 2002 07:47:23 -0700 Subject: Object Oriented Question Message-ID: <20020607144724.LTXG7375.mta06.onebox.com@onebox.com> Hi All, I've decided to clean up the code on my site, and at the same time use object oriented code. I have a few ideas in my head, but I really wanted to get some input from others that have built projects in PHP using OO code. Here's the problem I'm currently trying to solve (I've simplified it a bit and left out un-necessary details). My site is a video game site. Currently, my database has: A games table which has basic game information for each game (game_id, title, console, etc) A reviews table which has game_id (foreign key to games table), review date, review text, reviewer name and email. If you look at this URL http://ps2.consolemonkey.com/reviews_date.php3?order=rev_id you can see a page which shows a list of all the games and the date for the most recent review for that game. Currently I'm just doing this with a single SQL query (simple join of the two tables) and echoing out the results. Very fast. I'm trying to envision how to create this page using object oriented code. My initial thought was to somehow use a game object, but if I have to instantiate a game object for every game, this seems like it would have an enormous amount of overhead and be slow. How is this usually done on OO projects ? Am I missing something or would you say that if your data sits in a relational database and your doing a search or mass listing of data then OO code is not the way to go. comments/suggestions/thoughts/ideas/etc ? Thanx Ophir ---- Ophir Prusak Internet developer prutwo at onebox.com | http://www.prusak.com/ From adam at ecamp.net Fri Jun 7 11:07:16 2002 From: adam at ecamp.net (Adam) Date: Fri, 7 Jun 2002 11:07:16 -0400 Subject: [nycphp-talk] Object Oriented Question In-Reply-To: <200206071447.g57ElWP62726@slipdisc.virul.net> Message-ID: I generally use php classes for all my code, but mostly centered around an OO design from the UI and second logic, especially for pages like your. I would have a class gamesite with all my base functions that would be use. User authentication, emails, voting functions etc... and if you don't have that many feature you can keep everything in this one class. Or if you have multiple sections, you can create different classes that extend this one to keep things separate and neat. So you can have something like in index.php Include "gamesite.class"; $page=new gamesite; $page->init(); //start session, whatever else u do every page $page->checkLogin(); // checks to see if user is logged in, if not redirect somewhere $page->buildTop(); //builds top nav $page->processForms(); //process any forms that may have been submitted before displaying content $page->showGameReview(); // here you can do that example you were talking about $page->footer(); and then inside class gamesite, you can build functions that these master functions call... but this generally keeps things a little more organized than complete top down programming I suppose. PHP isn't C++ or Python, where it takes a lot more effort in some cases to really OO something. I find having a few base classes is nice and I just extend upon them, using functions I've had for years as if they are native php I'm so used to them. If you check out http://madhive.com it was done all PHP OO over the past few years. Site is a bit slow most likely because of lack of attention to the servers for months. The you login and notice the content boxes on the right, those are all treated as separate php objects throughout the users session and move from page to page. Their functionality is nicer throughout the site. As well as skin color changes, and other preferences. The OO method made changing these things super easy. -----Original Message----- From: ophir prusak [mailto:prutwo at onebox.com] Sent: Friday, June 07, 2002 10:48 AM To: NYPHP Talk Subject: [nycphp-talk] Object Oriented Question Hi All, I've decided to clean up the code on my site, and at the same time use object oriented code. I have a few ideas in my head, but I really wanted to get some input from others that have built projects in PHP using OO code. Here's the problem I'm currently trying to solve (I've simplified it a bit and left out un-necessary details). My site is a video game site. Currently, my database has: A games table which has basic game information for each game (game_id, title, console, etc) A reviews table which has game_id (foreign key to games table), review date, review text, reviewer name and email. If you look at this URL http://ps2.consolemonkey.com/reviews_date.php3?order=rev_id you can see a page which shows a list of all the games and the date for the most recent review for that game. Currently I'm just doing this with a single SQL query (simple join of the two tables) and echoing out the results. Very fast. I'm trying to envision how to create this page using object oriented code. My initial thought was to somehow use a game object, but if I have to instantiate a game object for every game, this seems like it would have an enormous amount of overhead and be slow. How is this usually done on OO projects ? Am I missing something or would you say that if your data sits in a relational database and your doing a search or mass listing of data then OO code is not the way to go. comments/suggestions/thoughts/ideas/etc ? Thanx Ophir ---- Ophir Prusak Internet developer prutwo at onebox.com | http://www.prusak.com/ From ian at plusfour.org Fri Jun 7 11:26:25 2002 From: ian at plusfour.org (Ian Forsyth) Date: Fri, 7 Jun 2002 11:26:25 -0400 Subject: [nycphp-talk] Object Oriented Question In-Reply-To: <200206071447.g57ElWP62726@slipdisc.virul.net> Message-ID: class game extends db //in teh db class you have a function db that intialized connection so there is only on file with connection credentials.. { function game($gameid,$type = "single") { switch($gameid) { case "0" : $this->getAllGames($type); break; default : $this->getGame($gameid); } function getAllGames($type) { $q = "select * from games g,reviews r where g.gameid = r.gameid "; $q .= " and g.console = '$type'"; $this->query($q); } } > -----Original Message----- > From: ophir prusak [mailto:prutwo at onebox.com] > Sent: Friday, June 07, 2002 10:48 AM > To: NYPHP Talk > Subject: [nycphp-talk] Object Oriented Question > > > > Hi All, > > I've decided to clean up the code on my site, and at the same time use > object oriented code. > I have a few ideas in my head, but I really wanted to get some input > from others that have built projects in PHP using OO code. > > Here's the problem I'm currently trying to solve (I've simplified it > a bit and left out un-necessary details). > My site is a video game site. Currently, my database has: > A games table which has basic game information for each game (game_id, > title, console, etc) > A reviews table which has game_id (foreign key to games table), review > date, review text, reviewer name and email. > > If you look at this URL > http://ps2.consolemonkey.com/reviews_date.php3?order=rev_id > you can see a page which shows a list of all the games and the date for > the most recent review for that game. > > Currently I'm just doing this with a single SQL query (simple join of > the two tables) and echoing out the results. > Very fast. > > I'm trying to envision how to create this page using object oriented > code. > My initial thought was to somehow use a game object, but if I have to > instantiate a game object for every game, this seems like it would have > an enormous amount of overhead and be slow. > > How is this usually done on OO projects ? > > Am I missing something or would you say that if your data sits in > a relational > database and your doing a search or mass listing of data then OO code > is not the way to go. > > comments/suggestions/thoughts/ideas/etc ? > > Thanx > Ophir > > > ---- > Ophir Prusak > Internet developer > prutwo at onebox.com | http://www.prusak.com/ > > > > From charles at softwareprototypes.com Fri Jun 7 11:52:52 2002 From: charles at softwareprototypes.com (charles at softwareprototypes.com) Date: Fri, 7 Jun 2002 11:52:52 -0400 Subject: Object-Oriented answer Message-ID: <2620-220026571552520@softwareprototypes.com> Hello Ophir, instantiation of a class is extremely fast and getting faster. Basically, you're creating a small marker, an instance "frame", which points back to the object class, and points to every slot variable in the heap that's given a value. We're talking fractions of a microsecond to instantiate an object. There are different allocation schemes out there and I don't know which one Zend uses but allocating an object is about as fast as making a popping a frame onto the stack (making a subroutine call in assembler.) Filling its slots is just as fast. You are sending the object a message so you already have the object frame and you're setting a slot value to point to a location in RAM where the value is already located. The "for Instance" you gave is a perfect example. How do you think MySQL keeps track of the rows? Each table is an object which defines each row and each row is an object with values loaded from disk. Don't worry about time, instantiation is bloody fast. You can also redesign your algorithm to peel out any waste and optimize it once you get it working properly. The three rules of software design and implementation are: 1) Make it RIGHT. (Insure the correctness [1+1 = 2 and only 2]) 2) Make it FAST. (Without screwing up #1.)(see optimization) 3) Make it SMALL. (Until you screw up #2.) The two rules of optimization are: Don't do anything you don't need to. (a) Don't do anything twice. Cache cache, cache. a.1) That means don't go through loops any forther than you absolutely need to. When filling a window, do not transfer a byte that's not visible because that's a waste of time. a.1.a) Time is something you can't buy. Not even Bill Gates can buy a second once its gone. a.2) That means don't hit the disk unless you absolutely need the data. Use lazy evaluation when you instantiate a class to fetch instances when you need them and not a moment before and ONLY if you use them. Prefetch is nice until you've fetched something you don't need. Then it was a waste of time. (See a.1.a) Hope this helps, -Charles-A. > From: "ophir prusak" > Organization: New York PHP > Reply-To: talk at nyphp.org > Date: Fri, 7 Jun 2002 10:47:32 -0400 > To: NYPHP Talk > Subject: [nycphp-talk] Object Oriented Question > > > Hi All, > > I've decided to clean up the code on my site, and at the same time use > object oriented code. > I have a few ideas in my head, but I really wanted to get some input > from others that have built projects in PHP using OO code. > > Here's the problem I'm currently trying to solve (I've simplified it > a bit and left out un-necessary details). > My site is a video game site. Currently, my database has: > A games table which has basic game information for each game (game_id, > title, console, etc) > A reviews table which has game_id (foreign key to games table), review > date, review text, reviewer name and email. > > If you look at this URL > http://ps2.consolemonkey.com/reviews_date.php3?order=rev_id > you can see a page which shows a list of all the games and the date for > the most recent review for that game. > > Currently I'm just doing this with a single SQL query (simple join of > the two tables) and echoing out the results. > Very fast. > > I'm trying to envision how to create this page using object oriented > code. > My initial thought was to somehow use a game object, but if I have to > instantiate a game object for every game, this seems like it would have > an enormous amount of overhead and be slow. > > How is this usually done on OO projects ? > > Am I missing something or would you say that if your data sits in a relational > database and your doing a search or mass listing of data then OO code > is not the way to go. > > comments/suggestions/thoughts/ideas/etc ? > > Thanx > Ophir > > > ---- > Ophir Prusak > Internet developer > prutwo at onebox.com | http://www.prusak.com/ > > > From jim at nettmedia.com Fri Jun 7 12:49:20 2002 From: jim at nettmedia.com (Jim Musil) Date: Fri, 07 Jun 2002 12:49:20 -0400 Subject: Encrypt info in an email Message-ID: Hi, What options are good if I want to encrypt just some information sent in an email? For example, let's say I send an order from a website to the store owner, how can I scramble the credit card in a way that the owner can descramble it when he/she receives it. Any ideas? Jim M From andrew at digitalpulp.com Fri Jun 7 12:59:34 2002 From: andrew at digitalpulp.com (Andrew M. Yochum) Date: Fri, 7 Jun 2002 12:59:34 -0400 (EDT) Subject: [nycphp-talk] Encrypt info in an email In-Reply-To: <200206071649.g57GnPP64347@slipdisc.virul.net> Message-ID: You can take a look at the Crypt libraries in PEAR. I've used the HCE_MD5 library for exactly what you're looking for. This allows you to encrypt the data with a password. However, that requires the data be fed through a script on the recipients computer to decode it. If that is a problem, the better option for you might be use PGP to encrypt it for the recipient. Many mail programs support PGP to automagically decrypt an email upon receipt, given the users passphrase for their private key. Andrew On Fri, 7 Jun 2002, Jim Musil wrote: > > Hi, > > What options are good if I want to encrypt just some information sent in an > email? > > For example, let's say I send an order from a website to the store owner, > how can I scramble the credit card in a way that the owner can descramble it > when he/she receives it. > > Any ideas? > > Jim M > > -- Andrew Yochum Digital Pulp, Inc. 212.679.0676x255 andrew at digitalpulp.com From prutwo at onebox.com Fri Jun 7 13:48:20 2002 From: prutwo at onebox.com (ophir prusak) Date: Fri, 07 Jun 2002 10:48:20 -0700 Subject: [nycphp-talk] Object Oriented Question Message-ID: <20020607174820.VCVY4876.mta09.onebox.com@onebox.com> thanx for the code. That's what I currently have more or less. My questions was really - does it make sense to create a game object for every result returned from a sql query ? I'm currently leaning towards no - despite what charles said - especialy for PHP (though Java might be a different story). Any more thoughts about helping me do the work for StationPlay or maybe even starting vgsp.com from scratch with me - http://www.consolemonkey.com/twiki/bin/view.cgi/Stationplay/VideoGameStartingPoint write back ophir ---- Ophir Prusak Internet developer prutwo at onebox.com | http://www.prusak.com/ ---- "Ian Forsyth" wrote: > > class game extends db //in teh db class you have a function db that > intialized connection so there is only on file with connection credentials.. > { > function game($gameid,$type = "single") > { > switch($gameid) > { > case "0" : > $this->getAllGames($type); > break; > default : > $this->getGame($gameid); > } > function getAllGames($type) > { > $q = "select * from games g,reviews r where g.gameid = r.gameid > "; > $q .= " and g.console = '$type'"; > $this->query($q); > } > } > > > -----Original Message----- > > From: ophir prusak [mailto:prutwo at onebox.com] > > Sent: Friday, June 07, 2002 10:48 AM > > To: NYPHP Talk > > Subject: [nycphp-talk] Object Oriented Question > > > > > > > > Hi All, > > > > I've decided to clean up the code on my site, and at the same time > use > > object oriented code. > > I have a few ideas in my head, but I really wanted to get some input > > from others that have built projects in PHP using OO code. > > > > Here's the problem I'm currently trying to solve (I've simplified > it > > a bit and left out un-necessary details). > > My site is a video game site. Currently, my database has: > > A games table which has basic game information for each game (game_id, > > title, console, etc) > > A reviews table which has game_id (foreign key to games table), review > > date, review text, reviewer name and email. > > > > If you look at this URL > > http://ps2.consolemonkey.com/reviews_date.php3?order=rev_id > > you can see a page which shows a list of all the games and the date > for > > the most recent review for that game. > > > > Currently I'm just doing this with a single SQL query (simple join > of > > the two tables) and echoing out the results. > > Very fast. > > > > I'm trying to envision how to create this page using object oriented > > code. > > My initial thought was to somehow use a game object, but if I have > to > > instantiate a game object for every game, this seems like it would > have > > an enormous amount of overhead and be slow. > > > > How is this usually done on OO projects ? > > > > Am I missing something or would you say that if your data sits in > > a relational > > database and your doing a search or mass listing of data then OO > code > > is not the way to go. > > > > comments/suggestions/thoughts/ideas/etc ? > > > > Thanx > > Ophir > > > > > > ---- > > Ophir Prusak > > Internet developer > > prutwo at onebox.com | http://www.prusak.com/ > > > > > > > > > > > From prutwo at onebox.com Fri Jun 7 13:50:38 2002 From: prutwo at onebox.com (ophir prusak) Date: Fri, 07 Jun 2002 10:50:38 -0700 Subject: [nycphp-talk] Object Oriented Question Message-ID: <20020607175039.QXPP4635.mta08.onebox.com@onebox.com> This was not supposed to go to the whole list. my apologies. ---- Ophir Prusak Internet developer prutwo at onebox.com | http://www.prusak.com/ ---- "ophir prusak" wrote: > thanx for the code. > > That's what I currently have more or less. > My questions was really - does it make sense to create a game object > for every result returned from a sql query ? > > I'm currently leaning towards no - despite what charles said - especialy > for PHP (though Java might be a different story). > > Any more thoughts about helping me do the work for StationPlay or maybe > even starting vgsp.com from scratch with me - http://www.consolemonkey.com/twiki/bin/view.cgi/Stationplay/VideoGameStartingPoint > > write back > ophir > > ---- > Ophir Prusak > Internet developer > prutwo at onebox.com | http://www.prusak.com/ > > > > ---- "Ian Forsyth" wrote: > > > > class game extends db //in teh db class you have a function db that > > intialized connection so there is only on file with connection credentials.. > > { > > function game($gameid,$type = "single") > > { > > switch($gameid) > > { > > case "0" : > > $this->getAllGames($type); > > break; > > default : > > $this->getGame($gameid); > > } > > function getAllGames($type) > > { > > $q = "select * from games g,reviews r where g.gameid = r.gameid > > "; > > $q .= " and g.console = '$type'"; > > $this->query($q); > > } > > } > > > > > -----Original Message----- > > > From: ophir prusak [mailto:prutwo at onebox.com] > > > Sent: Friday, June 07, 2002 10:48 AM > > > To: NYPHP Talk > > > Subject: [nycphp-talk] Object Oriented Question > > > > > > > > > > > > Hi All, > > > > > > I've decided to clean up the code on my site, and at the same time > > use > > > object oriented code. > > > I have a few ideas in my head, but I really wanted to get some > input > > > from others that have built projects in PHP using OO code. > > > > > > Here's the problem I'm currently trying to solve (I've simplified > > it > > > a bit and left out un-necessary details). > > > My site is a video game site. Currently, my database has: > > > A games table which has basic game information for each game (game_id, > > > title, console, etc) > > > A reviews table which has game_id (foreign key to games table), > review > > > date, review text, reviewer name and email. > > > > > > If you look at this URL > > > http://ps2.consolemonkey.com/reviews_date.php3?order=rev_id > > > you can see a page which shows a list of all the games and the > date > > for > > > the most recent review for that game. > > > > > > Currently I'm just doing this with a single SQL query (simple join > > of > > > the two tables) and echoing out the results. > > > Very fast. > > > > > > I'm trying to envision how to create this page using object oriented > > > code. > > > My initial thought was to somehow use a game object, but if I have > > to > > > instantiate a game object for every game, this seems like it would > > have > > > an enormous amount of overhead and be slow. > > > > > > How is this usually done on OO projects ? > > > > > > Am I missing something or would you say that if your data sits > in > > > a relational > > > database and your doing a search or mass listing of data then OO > > code > > > is not the way to go. > > > > > > comments/suggestions/thoughts/ideas/etc ? > > > > > > Thanx > > > Ophir > > > > > > > > > ---- > > > Ophir Prusak > > > Internet developer > > > prutwo at onebox.com | http://www.prusak.com/ > > > > > > > > > > > > > > > > > > > From phpny at websapp.com Fri Jun 7 13:59:57 2002 From: phpny at websapp.com (Daniel Kushner) Date: Fri, 7 Jun 2002 13:59:57 -0400 Subject: [nycphp-talk] Object Oriented Question In-Reply-To: <200206071748.g57HmSP65081@slipdisc.virul.net> Message-ID: There's an article in the Dr. Dobb's journal this month addressing that exact problem. Hope to find some time to read it and maybe get a summary up! --Daniel Kushner -----Original Message----- From: ophir prusak [mailto:prutwo at onebox.com] Sent: Friday, June 07, 2002 1:48 PM To: NYPHP Talk Subject: RE: [nycphp-talk] Object Oriented Question thanx for the code. That's what I currently have more or less. My questions was really - does it make sense to create a game object for every result returned from a sql query ? I'm currently leaning towards no - despite what charles said - especialy for PHP (though Java might be a different story). Any more thoughts about helping me do the work for StationPlay or maybe even starting vgsp.com from scratch with me - http://www.consolemonkey.com/twiki/bin/view.cgi/Stationplay/VideoGameStartin gPoint write back ophir ---- Ophir Prusak Internet developer prutwo at onebox.com | http://www.prusak.com/ ---- "Ian Forsyth" wrote: > > class game extends db //in teh db class you have a function db that > intialized connection so there is only on file with connection credentials.. > { > function game($gameid,$type = "single") > { > switch($gameid) > { > case "0" : > $this->getAllGames($type); > break; > default : > $this->getGame($gameid); > } > function getAllGames($type) > { > $q = "select * from games g,reviews r where g.gameid = r.gameid > "; > $q .= " and g.console = '$type'"; > $this->query($q); > } > } > > > -----Original Message----- > > From: ophir prusak [mailto:prutwo at onebox.com] > > Sent: Friday, June 07, 2002 10:48 AM > > To: NYPHP Talk > > Subject: [nycphp-talk] Object Oriented Question > > > > > > > > Hi All, > > > > I've decided to clean up the code on my site, and at the same time > use > > object oriented code. > > I have a few ideas in my head, but I really wanted to get some input > > from others that have built projects in PHP using OO code. > > > > Here's the problem I'm currently trying to solve (I've simplified > it > > a bit and left out un-necessary details). > > My site is a video game site. Currently, my database has: > > A games table which has basic game information for each game (game_id, > > title, console, etc) > > A reviews table which has game_id (foreign key to games table), review > > date, review text, reviewer name and email. > > > > If you look at this URL > > http://ps2.consolemonkey.com/reviews_date.php3?order=rev_id > > you can see a page which shows a list of all the games and the date > for > > the most recent review for that game. > > > > Currently I'm just doing this with a single SQL query (simple join > of > > the two tables) and echoing out the results. > > Very fast. > > > > I'm trying to envision how to create this page using object oriented > > code. > > My initial thought was to somehow use a game object, but if I have > to > > instantiate a game object for every game, this seems like it would > have > > an enormous amount of overhead and be slow. > > > > How is this usually done on OO projects ? > > > > Am I missing something or would you say that if your data sits in > > a relational > > database and your doing a search or mass listing of data then OO > code > > is not the way to go. > > > > comments/suggestions/thoughts/ideas/etc ? > > > > Thanx > > Ophir > > > > > > ---- > > Ophir Prusak > > Internet developer > > prutwo at onebox.com | http://www.prusak.com/ > > > > > > > > > > > From evan.heller at alum.rpi.edu Fri Jun 7 15:20:37 2002 From: evan.heller at alum.rpi.edu (evan heller) Date: Fri, 07 Jun 2002 15:20:37 -0400 Subject: [nycphp-talk] Object Oriented Question References: <200206071750.g57HomP65124@slipdisc.virul.net> Message-ID: <3D010785.996BC8B1@alum.rpi.edu> ophir- I tend to make everything I do now into classes partly because I'm sick and tired of reinventing the wheel everytime I make a new site. Anyhow, for example, I'm building the site: http://www.comicinfosource.com and everything is a class. So for example I have a basic database class that knows how to handle a mysql, odbc or a oracle database and returns all results as an 2 dimensional associative array but when using it all I have to say is such: $db = New DB($username,$database,$databasetype); $db->Connect(); $somesql = "select username,password from users"; $results = $db->Select($somesql); if (is_array($results)) { for ($i=0;$iClose(); Now I know that's more code than just going to the database, however I can now feed that database object to other objects or better yet, not have to worry about transactions,deletes,inserts or whatever depending on the database types, as the database class will handle all of that, plus its easier for others to work with if they would like to help add to your site. On my site I also have bookreviews which is really a class called Bookreviews (a collection of books) with a subclass called Book (which is a generic book class) which has a subclass called Database. As you go higher up the class chain, it becomes more and more abstracted. So the final page may only access a book, or a collection of books based on a search or a category. It becomes very flexible and the best part is I can easily reuse it later on in another program with minimal or (if its well done) no modification at all. A good example is that a friend of mine was able to adapt my book review class system to his site with no changes at all but the types of books and the database were different (from comics books to real books). -Evan -- Evan Heller evan.heller at alum.rpi.edu From jim at nettmedia.com Fri Jun 7 15:47:32 2002 From: jim at nettmedia.com (Jim Musil) Date: Fri, 07 Jun 2002 15:47:32 -0400 Subject: SSL Alternatives Message-ID: What are the ramifications of using an SSL certificate that costs $49/year versus Verisign's $600-800 certs? Jim M From LarryC at indexstock.com Fri Jun 7 16:05:19 2002 From: LarryC at indexstock.com (Larry Chuon) Date: Fri, 7 Jun 2002 16:05:19 -0400 Subject: [nycphp-talk] SSL Alternatives Message-ID: <86713EAB93BD5F40B94A0C8E604C7C91AEB326@index-exchange.indexstock.com> Actually, Verisign only costs $248 per year if you subscribe to the very basic service. You actually are paying for their name. There is no different. $600 and up comes with other services such setting merchant account and fraud protection. I personally use openSSL :) -----Original Message----- From: Jim Musil [mailto:jim at nettmedia.com] Sent: Friday, June 07, 2002 3:48 PM To: NYPHP Talk Subject: [nycphp-talk] SSL Alternatives What are the ramifications of using an SSL certificate that costs $49/year versus Verisign's $600-800 certs? Jim M From adam at ecamp.net Fri Jun 7 16:07:23 2002 From: adam at ecamp.net (Adam) Date: Fri, 7 Jun 2002 16:07:23 -0400 Subject: [nycphp-talk] SSL Alternatives In-Reply-To: <200206071947.g57JlbP66757@slipdisc.virul.net> Message-ID: As long as it is one of the companies trusted in IE and Netscape, it's the same thing. -----Original Message----- From: Jim Musil [mailto:jim at nettmedia.com] Sent: Friday, June 07, 2002 3:48 PM To: NYPHP Talk Subject: [nycphp-talk] SSL Alternatives What are the ramifications of using an SSL certificate that costs $49/year versus Verisign's $600-800 certs? Jim M From gherson at snet.net Fri Jun 7 16:08:27 2002 From: gherson at snet.net (George Herson) Date: Fri, 07 Jun 2002 16:08:27 -0400 Subject: [nycphp-talk] SSL Alternatives References: <200206071947.g57JlbP66757@slipdisc.virul.net> Message-ID: <3D0112BB.90703@snet.net> Name recognition by your users of the various CAs differs of course, with Verisign winning there, but more important is that your cert be recognized by the popular browsers without alerts about an unrecognized CA popping up. The low cost GeoTrust.com meets that requirement and has worked out well for me. (I recommend also getting their "SmartIcon" service, also cheap, so users can click the SSL CA's seal at your site and get reassuring "website identity confirmed" popup.) george Jim Musil wrote: > What are the ramifications of using an SSL certificate that costs $49/year > versus Verisign's $600-800 certs? > > Jim M > > > From nyphp at altunergil.com Fri Jun 7 16:15:20 2002 From: nyphp at altunergil.com (Oktay Altunergil) Date: Fri, 7 Jun 2002 16:15:20 -0400 Subject: [nycphp-talk] SSL Alternatives In-Reply-To: <200206071947.g57JlbP66757@slipdisc.virul.net> References: <200206071947.g57JlbP66757@slipdisc.virul.net> Message-ID: <20020607161520.63655fa4.nyphp@altunergil.com> Some of the cheaper ones such as those from Thawte require an additional level of server configuration because browsers are not configured to trust it automatically. You sort of have to configure apache to verify the legitimacy of the certificate authority itself before verifying that the certificate is authentic. There's plenty of docs on how to do this though. It's not a big problem Oktay Altunergil On Fri, 07 Jun 2002 15:47:37 -0400 Jim Musil wrote: > > What are the ramifications of using an SSL certificate that costs $49/year > versus Verisign's $600-800 certs? > > Jim M > > From ian at plusfour.org Fri Jun 7 16:21:35 2002 From: ian at plusfour.org (Ian Forsyth) Date: Fri, 7 Jun 2002 16:21:35 -0400 Subject: [nycphp-talk] SSL Alternatives In-Reply-To: <200206072007.g57K7TP67006@slipdisc.virul.net> Message-ID: but you can always create your cert with openssl, for free.. there is just the a warning saying not from a trusted source.. or something like that.. http://www.devshed.com/Server_Side/Administration/Certificates/page1.html but if there is money to be spent, and it is a consumer site.. I guess its a god idea to pay for what ever IE and Netscape have as trusted by default.. which it seems are more than a few, not just thawte and verisign.. > -----Original Message----- > From: Adam [mailto:adam at ecamp.net] > Sent: Friday, June 07, 2002 4:07 PM > To: NYPHP Talk > Subject: RE: [nycphp-talk] SSL Alternatives > > > As long as it is one of the companies trusted in IE and Netscape, it's > the same thing. > > -----Original Message----- > From: Jim Musil [mailto:jim at nettmedia.com] > Sent: Friday, June 07, 2002 3:48 PM > To: NYPHP Talk > Subject: [nycphp-talk] SSL Alternatives > > > What are the ramifications of using an SSL certificate that costs > $49/year > versus Verisign's $600-800 certs? > > Jim M > > > > > From ejp at well.com Sat Jun 8 09:51:36 2002 From: ejp at well.com (Edward Potter) Date: Sat, 08 Jun 2002 09:51:36 -0400 Subject: Using Yahoo groups for project management... References: <200206072015.g57KFOP67109@slipdisc.virul.net> Message-ID: <3D020BE8.9080105@well.com> I'm finally getting hungry enough to start actively seeking clients, ecommerce, wireless, hosting, blah, blah, etc. Anyway, I was looking into building some project management tools when I spent some time looking at yahoo groups. It all looks pretty cool. They seem to include every widget you need. I wondering if anyone swears by them or uses one of the competing portals for this time of client tracking. Yep, I could build them all in php, but right now I'm trying to learn all i can about embedding java in the nokia and other crazy things like that. :-) thanks ed From petr at linux.ru Sun Jun 9 01:30:07 2002 From: petr at linux.ru (Petr Pomorov) Date: Sun, 9 Jun 2002 01:30:07 -0400 Subject: [nycphp-talk] Message Boards In-Reply-To: <200205311426.g4VEQAP62096@slipdisc.virul.net> References: <200205311426.g4VEQAP62096@slipdisc.virul.net> Message-ID: <200206090530.g595U7e09867@biggie> There are many many many true :) I have more experience with perl forums, Yabb is a favourite, but as far as PHP is concerned, phpBB http://www.phpbb.com/ and the abovementioned phorum.org come to mind first.... Both easy to install and implement- though i prefer phpBB myself HTH On Friday 31 May 20phorum.org02 10:26 am, you wrote: > I need to find a fairly simple and customizable open-source message board > application written in PHP using either mySQL or flat files. > > Using google and other web sources I have no problem finding hundreds, but > how does one sift through all the junk? > > Can anyone recommend a good one? > > Jim Musil > Senior Developer > Nettmedia > > jim at nettmedia.com From hans at cathcart.org Sun Jun 9 12:08:19 2002 From: hans at cathcart.org (Hans Cathcart) Date: Sun, 9 Jun 2002 12:08:19 -0400 Subject: O'Reilly Open Source Convention/PHP Conference 2 (20% UG discount) Message-ID: O'Reilly is hosting their annual Open Source Convention in San Diego, California this year on July 22-26th, 2002. O'Reilly has sent NYPHP a User Group discount coupon in case anyone wants to attend either the Convention and/or the Conferences (PHP Conf 2, Perl Conf 6, XTech2002). http://conferences.oreilly.com/oscon Save 20% off if you register with the User Group discount code: DSUG also, if you register by June 10, 2002 you will also get the $200 early-bird discount. (Full-time Students 65%, Academic Instructors 50%, Academic Staff 25%, Fed Gov 20%, and Company Team $50 discounts are also available.) During the Tutorial days there are several PHP sessions, including: Introduction to PHP Pragmatic PHP PHP: FSP (Frequently Solved Problems) PHP & PostgreSQL Advanced PHP Getting the Most from MySQL and PHP and also a lot of other Perl, XML, Java, Linux and Apache sessions. enjoy... Hans Cathcart NYPHP Dir. of Communications hans at cathcart.org 917-681-7990 From zaunere at yahoo.com Sun Jun 9 14:18:00 2002 From: zaunere at yahoo.com (Hans Zaunere) Date: Sun, 9 Jun 2002 11:18:00 -0700 (PDT) Subject: [nycphp-talk] Encrypt info in an email In-Reply-To: <200206071649.g57GnPP64347@slipdisc.virul.net> Message-ID: <20020609181800.59146.qmail@web12804.mail.yahoo.com> I would certainly go with PGP, which means using PHP's program execution functions (http://www.php.net/manual/en/function.proc-open.php etc) and probably GPG. However, I would avoid sending sensitive info. through email. If at all possible, simply send a link, where these details can be looked at via the web. That said, PGP is pretty solid. HZ --- Jim Musil wrote: > > Hi, > > What options are good if I want to encrypt just some information sent > in an > email? > > For example, let's say I send an order from a website to the store > owner, > how can I scramble the credit card in a way that the owner can > descramble it > when he/she receives it. > > Any ideas? > > Jim M > > __________________________________________________ Do You Yahoo!? Yahoo! - Official partner of 2002 FIFA World Cup http://fifaworldcup.yahoo.com From zaunere at yahoo.com Sun Jun 9 14:38:28 2002 From: zaunere at yahoo.com (Hans Zaunere) Date: Sun, 9 Jun 2002 11:38:28 -0700 (PDT) Subject: [nycphp-talk] Object Oriented Question In-Reply-To: <200206071447.g57ElWP62726@slipdisc.virul.net> Message-ID: <20020609183828.35367.qmail@web12803.mail.yahoo.com> > Currently I'm just doing this with a single SQL query (simple join of > the two tables) and echoing out the results. > Very fast. The way to go. > > I'm trying to envision how to create this page using object oriented > code. > My initial thought was to somehow use a game object, but if I have to > instantiate a game object for every game, this seems like it would > have > an enormous amount of overhead and be slow. > > How is this usually done on OO projects ? I don't know how to do this in conformance with true OO, but I run into this type of problem a lot (ie, looking at the medical history of an individual, joined from multiple tables and disparat databases). Basically, the best way I've found to handle this, is using PopulateAll(), PopulateByID(), etc type methods. Then when the database returns multiple rows for a single query, I make the properties into arrays, where each element is a row from the DB. > > Am I missing something or would you say that if your data sits in a > relational > database and your doing a search or mass listing of data then OO code > is not the way to go. I think OO is generally a good idea, however you need to be careful not to over do it. My basic premise is to use objects as small, self contained programs (taking advantage of the "global" scope within them). Otherwise, I've spent hours trying to figure how everything should fit together, and then realizing that PHP isn't anywhere near a full OO language. I really would like to see some kind of multiple inheritance (or interfaces as Java calls them I believe), because without, I find that OOP becomes very limited. In an effort to get around this in PHP, I've done what is probably a very bad thing. class ImStatic { function external_functionality() { $this->Result = mysql_query("SELECT * FROM sometable", $this->DB); } } class MyRealClass { var $DB; var $Result; function MyRealClass() { $this->DB = connect_up_database(); } function some_external_functionality() { ImStatic::external_functionality(); } } $myrealobj = new MyRealClass(); $myrealobj->some_external_functionality(); And bam, $myrealobj->Result is filled it. Now, admitingly, there is something wrong feeling about this, however it comes in handy. What I've been doing lately, is building a master class, which is primarily properties and some wrapper functions. Then, I have a couple other classes, that are static, and only contain functions, which end up operating on the master classes' properties. It's a little backwards and awkward, but so far I haven't gotten burned... yet. Anyway, I would not create a new object for every game/review. Use arrays (either internally to an object, or externally). HZ > > comments/suggestions/thoughts/ideas/etc ? > > Thanx > Ophir > > > ---- > Ophir Prusak > Internet developer > prutwo at onebox.com | http://www.prusak.com/ > > > __________________________________________________ Do You Yahoo!? Yahoo! - Official partner of 2002 FIFA World Cup http://fifaworldcup.yahoo.com From ben at tanjero.com Sun Jun 9 21:18:31 2002 From: ben at tanjero.com (Benjamin Stiglitz) Date: Sun, 9 Jun 2002 21:18:31 -0400 Subject: WebObjects-like system Message-ID: Hi everyone. I'm new to the group, just discovered through php.net. This is a sort of survey (sorry, being commercial, but business is the nature of...I'll shut up now). Has anyone here worked with Apple/NeXT's WebObjects, and if so, would you be interested in seeing a framework for PHP app development somewhat like it? Elaborating, what features would you like to see for PHP that WebObjects in Java does not provide? My company is developing such a system for internal use?it has already helped us greatly accelerate application development time?and we've thought of licensing it to other companies. We'd be willing to do a technology demo, both/either online and/or at a meeting. (Speaking of which, where are the time/dates for those posted?) Hope some of you are interested! I look forward to your responses. Thank you, Benjamin Stiglitz Tanjero ben at tanjero.com From nyphp at websapp.com Mon Jun 10 09:13:14 2002 From: nyphp at websapp.com (Daniel Kushner) Date: Mon, 10 Jun 2002 09:13:14 -0400 Subject: Initial Alpha Release of PHP w/ the Zend Engine 2 In-Reply-To: <200206072021.g57KLbP67193@slipdisc.virul.net> Message-ID: Good morning, The first alpha release of PHP w/ Zend Engine 2 is out. Great new features. http://www.php.net/ --Daniel Kushner From zaunere at yahoo.com Mon Jun 10 10:26:15 2002 From: zaunere at yahoo.com (Hans Zaunere) Date: Mon, 10 Jun 2002 07:26:15 -0700 (PDT) Subject: [nycphp-talk] Initial Alpha Release of PHP w/ the Zend Engine 2 In-Reply-To: <200206101315.g5ADFEP15542@slipdisc.virul.net> Message-ID: <20020610142615.64505.qmail@web12802.mail.yahoo.com> I like it! And I could certainly use some of the new features today! HZ --- Daniel Kushner wrote: > Good morning, > > The first alpha release of PHP w/ Zend Engine 2 is out. Great new > features. > http://www.php.net/ > > --Daniel Kushner > > __________________________________________________ Do You Yahoo!? Yahoo! - Official partner of 2002 FIFA World Cup http://fifaworldcup.yahoo.com From zaunere at yahoo.com Mon Jun 10 10:27:06 2002 From: zaunere at yahoo.com (Hans Zaunere) Date: Mon, 10 Jun 2002 07:27:06 -0700 (PDT) Subject: [nycphp-talk] O'Reilly Open Source Convention/PHP Conference 2 In-Reply-To: <200206091609.g59G9dP02862@slipdisc.virul.net> Message-ID: <20020610142706.64612.qmail@web12802.mail.yahoo.com> This would be great. Is anyone planning on going? (I have some frequent flyer miles I think). HZ --- Hans Cathcart wrote: > O'Reilly is hosting their annual Open Source Convention in San Diego, > > California this year on July 22-26th, 2002. > > O'Reilly has sent NYPHP a User Group discount coupon in case anyone > wants to > attend either the Convention and/or the Conferences (PHP Conf 2, Perl > Conf 6, > XTech2002). > > http://conferences.oreilly.com/oscon > > Save 20% off if you register with the User Group discount code: DSUG > also, > if you register by June 10, 2002 you will also get the $200 > early-bird > discount. > > (Full-time Students 65%, Academic Instructors 50%, Academic Staff > 25%, Fed > Gov 20%, and Company Team $50 discounts are also available.) > > During the Tutorial days there are several PHP sessions, including: > > Introduction to PHP > Pragmatic PHP > PHP: FSP (Frequently Solved Problems) > PHP & PostgreSQL > Advanced PHP > Getting the Most from MySQL and PHP > and also a lot of other Perl, XML, Java, Linux and Apache sessions. > > enjoy... > > Hans Cathcart > NYPHP Dir. of Communications > hans at cathcart.org > 917-681-7990 > __________________________________________________ Do You Yahoo!? Yahoo! - Official partner of 2002 FIFA World Cup http://fifaworldcup.yahoo.com From zaunere at yahoo.com Mon Jun 10 10:32:53 2002 From: zaunere at yahoo.com (Hans Zaunere) Date: Mon, 10 Jun 2002 07:32:53 -0700 (PDT) Subject: [nycphp-talk] WebObjects-like system In-Reply-To: <200206100118.g5A1IaP08631@slipdisc.virul.net> Message-ID: <20020610143253.59590.qmail@web12808.mail.yahoo.com> Not speaking for everyone, but I would be very interested, especially since I'm writing what seems to be some similar systems (in PHP). I've never used WebObjects myself, however I seem to remember some people that have (anyone?). Meetings are the 4th Wed. of the month (details at http://nyphp.org). Contact me off list (zaunere at yahoo.com) if you'd like to present at one of our meetings and/or give an online presentation. HZ --- Benjamin Stiglitz wrote: > Hi everyone. I'm new to the group, just discovered through > php.net. > > This is a sort of survey (sorry, being commercial, but business is > the > nature of...I'll shut up now). Has anyone here worked with > Apple/NeXT's > WebObjects, and if so, would you be interested in seeing a framework > for > PHP app development somewhat like it? Elaborating, what features > would > you like to see for PHP that WebObjects in Java does not provide? > > My company is developing such a system for internal use?it has > already > helped us greatly accelerate application development time?and we've > thought of licensing it to other companies. We'd be willing to do a > technology demo, both/either online and/or at a meeting. (Speaking of > > which, where are the time/dates for those posted?) > > Hope some of you are interested! I look forward to your responses. > > Thank you, > Benjamin Stiglitz > Tanjero > ben at tanjero.com > > __________________________________________________ Do You Yahoo!? Yahoo! - Official partner of 2002 FIFA World Cup http://fifaworldcup.yahoo.com From enunez at tiaa-cref.org Mon Jun 10 10:56:30 2002 From: enunez at tiaa-cref.org (Nunez, Eddy) Date: Mon, 10 Jun 2002 10:56:30 -0400 Subject: [nycphp-talk] O'Reilly Open Source Convention/PHP Conference 2 Message-ID: <7CE0EC1FC2D0D411910700508BE38D0F016A34C6@msxnyusr01.msx.ops.tiaa-cref.org> I was planning on going for a few months, but then company did some not-so-funny crap with the training/conference money. Was actually more looking forward to spending some time on Cali beach. It's not fair I tell ya. :^( -EN -----Original Message----- From: Hans Zaunere [mailto:zaunere at yahoo.com] Sent: Monday, June 10, 2002 10:27 AM To: NYPHP Talk Subject: Re: [nycphp-talk] O'Reilly Open Source Convention/PHP Conference 2 This would be great. Is anyone planning on going? (I have some frequent flyer miles I think). HZ --- Hans Cathcart wrote: > O'Reilly is hosting their annual Open Source Convention in San Diego, > > California this year on July 22-26th, 2002. > > O'Reilly has sent NYPHP a User Group discount coupon in case anyone > wants to > attend either the Convention and/or the Conferences (PHP Conf 2, Perl > Conf 6, > XTech2002). > > http://conferences.oreilly.com/oscon > > Save 20% off if you register with the User Group discount code: DSUG > also, > if you register by June 10, 2002 you will also get the $200 > early-bird > discount. > > (Full-time Students 65%, Academic Instructors 50%, Academic Staff > 25%, Fed > Gov 20%, and Company Team $50 discounts are also available.) > > During the Tutorial days there are several PHP sessions, including: > > Introduction to PHP > Pragmatic PHP > PHP: FSP (Frequently Solved Problems) > PHP & PostgreSQL > Advanced PHP > Getting the Most from MySQL and PHP > and also a lot of other Perl, XML, Java, Linux and Apache sessions. > > enjoy... > > Hans Cathcart > NYPHP Dir. of Communications > hans at cathcart.org > 917-681-7990 > __________________________________________________ Do You Yahoo!? Yahoo! - Official partner of 2002 FIFA World Cup http://fifaworldcup.yahoo.com ********************************************************************** This message, including any attachments, contains confidential information intended for a specific individual and purpose, and is protected by law. If you are not the intended recipient, please contact sender immediately by reply e-mail and destroy all copies. You are hereby notified that any disclosure, copying, or distribution of this message, or the taking of any action based on it, is strictly prohibited. TIAA-CREF ********************************************************************** From terran11355 at yahoo.com Mon Jun 10 11:27:29 2002 From: terran11355 at yahoo.com (sean wang) Date: Mon, 10 Jun 2002 08:27:29 -0700 (PDT) Subject: Does anyone know how to do this? Message-ID: <20020610152729.13104.qmail@web9106.mail.yahoo.com> hi, everyone I saw this website ( www.chinese-treasure.com ) by accidently. I found that each item ends time is same as ebay't time, everytime i refreshed pages the ends time are all same as ebay'time. I just want to know how to do this? Does this website use mysql db? I really want to know this!! thanks sean __________________________________________________ Do You Yahoo!? Yahoo! - Official partner of 2002 FIFA World Cup http://fifaworldcup.yahoo.com From jay at trans-city.com Mon Jun 10 11:55:40 2002 From: jay at trans-city.com (Jay Greenspan) Date: Mon, 10 Jun 2002 11:55:40 -0400 Subject: [nycphp-talk] O'Reilly Open Source Convention/PHP Conference 2 In-Reply-To: <200206101427.g5AER9P16184@slipdisc.virul.net> Message-ID: <837561CC-7C8A-11D6-B999-003065C48B4C@trans-city.com> Bought my ticket this morning. Without tutorials, came to $719 with the NYPHP discount. Very nice, Hans C. You saved me almost $200 bucks. -j On Monday, June 10, 2002, at 10:27 AM, Hans Zaunere wrote: > > This would be great. Is anyone planning on going? (I have some > frequent flyer miles I think). > From dkrook at hotmail.com Mon Jun 10 12:06:12 2002 From: dkrook at hotmail.com (D C Krook) Date: Mon, 10 Jun 2002 12:06:12 -0400 Subject: [nycphp-talk] O'Reilly Open Source Convention/PHP Conference 2 Message-ID: I'm going too... and saved lots of money with the early registration heads up and discount. Thanks Hans! >From: Jay Greenspan >Reply-To: talk at nyphp.org >To: NYPHP Talk >Subject: Re: [nycphp-talk] O'Reilly Open Source Convention/PHP Conference 2 >Date: Mon, 10 Jun 2002 11:51:49 -0400 >Received: from [66.114.66.188] by hotmail.com (3.2) with ESMTP id >MHotMailBECE184400984004325A427242BC09880; Mon, 10 Jun 2002 09:01:21 -0700 >Received: from nyphp.org (slipdisc.virul.net [66.114.66.188])by >slipdisc.virul.net (8.11.6/8.11.6) with ESMTP id g5AFpnP16957;Mon, 10 Jun >2002 11:51:49 -0400 (EDT)(envelope-from listmaster at nyphp.org) >From listmaster at nyphp.org Mon, 10 Jun 2002 09:02:12 -0700 >Message-Id: <200206101551.g5AFpnP16957 at slipdisc.virul.net> >X-Paralist-Archived: > >X-List-Software: Paralist 0.6 >List-ID: >List-Owner: >List-Archive: >List-Subscribe: >List-Unsubscribe: >Organization: New York PHP >X-Mailer: Paramail 0.5 > >Bought my ticket this morning. Without tutorials, came to $719 with the >NYPHP discount. Very nice, Hans C. You saved me almost $200 bucks. > >-j > > >On Monday, June 10, 2002, at 10:27 AM, Hans Zaunere wrote: > > > > > This would be great. Is anyone planning on going? (I have some > > frequent flyer miles I think). > > > > _________________________________________________________________ MSN Photos is the easiest way to share and print your photos: http://photos.msn.com/support/worldwide.aspx From heli_travel at yahoo.com Mon Jun 10 12:13:05 2002 From: heli_travel at yahoo.com (LY) Date: Mon, 10 Jun 2002 09:13:05 -0700 (PDT) Subject: [nycphp-talk] Does anyone know how to do this? In-Reply-To: <200206101527.g5AFRXP16747@slipdisc.virul.net> Message-ID: <20020610161305.38155.qmail@web12202.mail.yahoo.com> it open ebay's page, get that time and posted it on they website. syntax like: $str = fopen("http://cgi.ebay.com/ws/eBayISAPI.dll?ViewItem&item=2110024616", "r") then use regular expression to capture the data they want(time). they should have an agreement between each other foring doing this. you can check this out form php books in i/o functions. --- sean wang wrote: > hi, everyone > I saw this website ( www.chinese-treasure.com ) by > accidently. I found that each item ends time is same > as ebay't time, everytime i refreshed pages the ends > time are all same as ebay'time. I just want to know > how to do this? > Does this website use mysql db? > > I really want to know this!! > > thanks > > sean > > > __________________________________________________ > Do You Yahoo!? > Yahoo! - Official partner of 2002 FIFA World Cup > http://fifaworldcup.yahoo.com > __________________________________________________ Do You Yahoo!? Yahoo! - Official partner of 2002 FIFA World Cup http://fifaworldcup.yahoo.com From jim at nettmedia.com Mon Jun 10 13:27:25 2002 From: jim at nettmedia.com (Jim Musil) Date: Mon, 10 Jun 2002 13:27:25 -0400 Subject: .html as .php Message-ID: Hi, Is there a way using .htaccess to have all files with the .html extension execute as .php, but only for one directory. Jim Musil From ian at plusfour.org Mon Jun 10 13:39:46 2002 From: ian at plusfour.org (Ian Forsyth) Date: Mon, 10 Jun 2002 13:39:46 -0400 Subject: MySQL Database permisions.. In-Reply-To: <200206101613.g5AGDAP17179@slipdisc.virul.net> Message-ID: Hi, I am setting up a server for several different accounts. Every account requires a database. I am restricting database access to localhost, and some ips.. I am trying to limit a user to just use one database.. I have put an entry into the mysql.db table an it seems to do nothing.. i have flushed privileges, and done use dbname.. and to no avail the new user i created has access to all databases.. Do have have use GRANT in order to do this correctly? I thought i could just do a manual insert into the mysql.db table.. Ian > -----Original Message----- > From: LY [mailto:heli_travel at yahoo.com] > Sent: Monday, June 10, 2002 12:13 PM > To: NYPHP Talk > Subject: Re: [nycphp-talk] Does anyone know how to do this? > > > it open ebay's page, get that time and posted it on they > website. > syntax like: > $str = > fopen("http://cgi.ebay.com/ws/eBayISAPI.dll?ViewItem&item=2110024616", > "r") > then use regular expression to capture the data they want(time). > they should have an agreement between each other foring doing > this. > you can check this out form php books in i/o functions. > > > > --- sean wang wrote: > > hi, everyone > > I saw this website ( www.chinese-treasure.com ) by > > accidently. I found that each item ends time is same > > as ebay't time, everytime i refreshed pages the ends > > time are all same as ebay'time. I just want to know > > how to do this? > > Does this website use mysql db? > > > > I really want to know this!! > > > > thanks > > > > sean > > > > > > __________________________________________________ > > Do You Yahoo!? > > Yahoo! - Official partner of 2002 FIFA World Cup > > http://fifaworldcup.yahoo.com > > > > > __________________________________________________ > Do You Yahoo!? > Yahoo! - Official partner of 2002 FIFA World Cup > http://fifaworldcup.yahoo.com > > From jahmon at jahmon.com Mon Jun 10 13:52:32 2002 From: jahmon at jahmon.com (jahmon :-)) Date: Mon, 10 Jun 2002 13:52:32 -0400 Subject: [nycphp-talk] MySQL Database permisions.. In-Reply-To: <200206101739.g5AHddP18186@slipdisc.virul.net> References: <200206101739.g5AHddP18186@slipdisc.virul.net> Message-ID: <20020610175232.GA17924@ekovista.com> you don't have to use GRANT for this to work correctly but that's probably the easiest and quickest way. CREATE $database GRANT all privileges on $database.* to $user at localhost identified by '$password'; no need to flush privileges jahmon ;-) On Mon, Jun 10, 2002 at 01:39:39PM -0400, Ian Forsyth wrote: > Hi, > > I am setting up a server for several different accounts. Every account > requires a database. > > I am restricting database access to localhost, and some ips.. > > I am trying to limit a user to just use one database.. I have put an entry > into the mysql.db table an it seems to do nothing.. i have flushed > privileges, and done use dbname.. and to no avail the new user i created has > access to all databases.. > > Do have have use GRANT in order to do this correctly? I thought i could just > do a manual insert into the mysql.db table.. > > Ian > > > -----Original Message----- > > From: LY [mailto:heli_travel at yahoo.com] > > Sent: Monday, June 10, 2002 12:13 PM > > To: NYPHP Talk > > Subject: Re: [nycphp-talk] Does anyone know how to do this? > > > > > > it open ebay's page, get that time and posted it on they > > website. > > syntax like: > > $str = > > fopen("http://cgi.ebay.com/ws/eBayISAPI.dll?ViewItem&item=2110024616", > > "r") > > then use regular expression to capture the data they want(time). > > they should have an agreement between each other foring doing > > this. > > you can check this out form php books in i/o functions. > > > > > > > > --- sean wang wrote: > > > hi, everyone > > > I saw this website ( www.chinese-treasure.com ) by > > > accidently. I found that each item ends time is same > > > as ebay't time, everytime i refreshed pages the ends > > > time are all same as ebay'time. I just want to know > > > how to do this? > > > Does this website use mysql db? > > > > > > I really want to know this!! > > > > > > thanks > > > > > > sean > > > > > > > > > __________________________________________________ > > > Do You Yahoo!? > > > Yahoo! - Official partner of 2002 FIFA World Cup > > > http://fifaworldcup.yahoo.com > > > > > > > > > __________________________________________________ > > Do You Yahoo!? > > Yahoo! - Official partner of 2002 FIFA World Cup > > http://fifaworldcup.yahoo.com > > > > > > -- From prutwo at onebox.com Mon Jun 10 13:59:29 2002 From: prutwo at onebox.com (ophir prusak) Date: Mon, 10 Jun 2002 10:59:29 -0700 Subject: [nycphp-talk] .html as .php Message-ID: <20020610175929.QXRI4694.mta07.onebox.com@onebox.com> I have this line in my .htaccess file for http://www.stationplay.com AddType application/x-httpd-php php php3 phtml php4 html htm keep in mind that something like this will affect everything in that directory and all it's subdirectories. Ophir ---- Ophir Prusak Internet developer prutwo at onebox.com | http://www.prusak.com/ ---- Jim Musil wrote: > > Hi, > > Is there a way using .htaccess to have all files with the .html extension > execute as .php, but only for one directory. > > Jim Musil > > > From hostmaster at chatsrus.com Mon Jun 10 18:38:46 2002 From: hostmaster at chatsrus.com (hostmaster at chatsrus.com) Date: Mon, 10 Jun 2002 15:38:46 -0700 Subject: Best code for Login Message-ID: <001201c210cf$9515be20$b35efea9@w3j5c4> greetin' folks ! ^-^ me and a friend was trying to pick the best way to the most simple and scure code for Login with already existing user and password in Mysql. best regards ! snir 'shalom' gal. www.ChatsRus.com A pig's orgasm lasts for 30 minutes. -------------- next part -------------- An HTML attachment was scrubbed... URL: From vze289hz at verizon.net Mon Jun 10 19:36:17 2002 From: vze289hz at verizon.net (louie) Date: Mon, 10 Jun 2002 16:36:17 -0700 Subject: best code for Login. Message-ID: <00b101c210d7$9e8c40c0$b35efea9@w3j5c4> greetin' folks ! ^-^ me and a friend was trying to pick the best way to the most simple and scure code for Login with already existing user and password in Mysql. best regards ! snir 'shalom' gal. www.ChatsRus.com A pig's orgasm lasts for 30 minutes. -------------- next part -------------- An HTML attachment was scrubbed... URL: From LarryC at indexstock.com Mon Jun 10 17:18:55 2002 From: LarryC at indexstock.com (Larry Chuon) Date: Mon, 10 Jun 2002 17:18:55 -0400 Subject: Question Message-ID: <86713EAB93BD5F40B94A0C8E604C7C91AEB331@index-exchange.indexstock.com> I'm working on a sample code and have some questions. My php and html files are below. I'm running on IIS and MySQL. This code gives me the following error: Notice: Undefined variable: first in d:\\example\\datain.php on line 5 Notice: Undefined variable: last in d:\\example\\datain.php on line 5 Notice: Undefined variable: nickname in d:\\example\\datain.php on line 5 Notice: Undefined variable: email in d:\\example\\datain.php on line 5 Notice: Undefined variable: salary in d:\\example\\datain.php on line 5 Thank you! Information entered. If I add the following lines prior to the insert statement, it works fine. $first = $HTTP_POST_VARS['first']; $last = $HTTP_POST_VARS['last']; $nickname = $HTTP_POST_VARS['nickname']; $email = $HTTP_POST_VARS['email']; $salary = $HTTP_POST_VARS['salary']; Why do I need $HTTP_POST_VARS???? Thanks in advance. -------------------- datain.php datain.html
First name:
Last name:
Nick name:
E-mail:
Salary:
-------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: Ivy.gif Type: image/gif Size: 5665 bytes Desc: not available URL: From louie at zibi.co.il Mon Jun 10 21:08:27 2002 From: louie at zibi.co.il (louie) Date: Mon, 10 Jun 2002 18:08:27 -0700 Subject: best code for Login !. Message-ID: <010901c210e4$7e2902c0$b35efea9@w3j5c4> greetin' folks ! ^-^ me and a friend was trying to pick the best way to the most simple and scure code for Login with already existing user and password in Mysql. best regards ! snir 'shalom' gal. www.ChatsRus.com A pig's orgasm lasts for 30 minutes. -------------- next part -------------- An HTML attachment was scrubbed... URL: From ken_11223 at yahoo.com Mon Jun 10 18:55:37 2002 From: ken_11223 at yahoo.com (ken wu) Date: Mon, 10 Jun 2002 15:55:37 -0700 (PDT) Subject: [nycphp-talk] Question In-Reply-To: <200206102119.g5ALJHP20790@slipdisc.virul.net> Message-ID: <20020610225537.29200.qmail@web12802.mail.yahoo.com> are you running php4.1.2 or above? i know it is slightly different to deal with the form variables if u running such versions of php. For example. u have to echo $HTTP_POST_VARS['first'} which is the form variables. But i know that if u use the php 4.0.6 or below. u don't have to do so. just simply use $first or $last. --- Larry Chuon wrote: > This message contained 1 file(s) and is > available at > http://nyphp.org/list/paralist_archive.html?L_mid=364 > > I'm working on a sample code and have some > questions. My php and html files > are below. I'm running on IIS and MySQL. This code > gives me the following > error: > > > Notice: Undefined variable: first in > d:\\example\\datain.php on line 5 > > Notice: Undefined variable: last in > d:\\example\\datain.php on line 5 > > Notice: Undefined variable: nickname in > d:\\example\\datain.php on line 5 > > Notice: Undefined variable: email in > d:\\example\\datain.php on line 5 > > Notice: Undefined variable: salary in > d:\\example\\datain.php on line 5 > Thank you! Information entered. > > If I add the following lines prior to the insert > statement, it works fine. > $first = $HTTP_POST_VARS['first']; > > $last = $HTTP_POST_VARS['last']; > > $nickname = $HTTP_POST_VARS['nickname']; > > $email = $HTTP_POST_VARS['email']; > > $salary = $HTTP_POST_VARS['salary']; > > Why do I need $HTTP_POST_VARS???? Thanks in advance. > > -------------------- > > datain.php > > > > $db = mysql_connect("172.21.6.25","root","123456"); > > mysql_select_db("learndb",$db); > > $sql="insert into personnel (firstname, lastname, > nick, email, salary) > VALUES > ('$first','$last','$nickname','$email','$salary')"; > > $result = mysql_query($sql); > > echo "Thank you! Information entered.\ "; > > ?> > > > > > datain.html > > > > >
> > First name:
> > Last name:
> > Nick name:
> > E-mail:
> > Salary:
> > > >
> > > > > > > ===== Ken Wu 718-788-0661 168 35 Street Apt 2 Broooklyn, NY 11232-2320 http://www.kenfile.com __________________________________________________ Do You Yahoo!? Yahoo! - Official partner of 2002 FIFA World Cup http://fifaworldcup.yahoo.com From radiox at go.ro Mon Jun 10 19:07:45 2002 From: radiox at go.ro (RADIO X) Date: Tue, 11 Jun 2002 02:07:45 +0300 Subject: Do you know a free hosting for PHP and MySQL? In-Reply-To: <200206102249.g5AMn0P21855@slipdisc.virul.net> Message-ID: <000001c210d3$a248d060$1440e9d5@xenon> Do you? www.radiox.go.ro www.guardoneas.ro From terran11355 at yahoo.com Mon Jun 10 21:12:28 2002 From: terran11355 at yahoo.com (sean wang) Date: Mon, 10 Jun 2002 18:12:28 -0700 (PDT) Subject: [nycphp-talk] Do you know a free hosting for PHP and MySQL? In-Reply-To: <200206102303.g5AN3rP22059@slipdisc.virul.net> Message-ID: <20020611011228.68477.qmail@web9103.mail.yahoo.com> hi, i know the place where you can find both paid web-hosting and free web-hosting. http://www.freewebspace.net/forums/ GoodLuck! sean --- RADIO X wrote: > Do you? > > www.radiox.go.ro > www.guardoneas.ro > > __________________________________________________ Do You Yahoo!? Yahoo! - Official partner of 2002 FIFA World Cup http://fifaworldcup.yahoo.com From zaunere at yahoo.com Mon Jun 10 22:18:08 2002 From: zaunere at yahoo.com (Hans Zaunere) Date: Mon, 10 Jun 2002 19:18:08 -0700 (PDT) Subject: require/include inside a function Message-ID: <20020611021808.51763.qmail@web12808.mail.yahoo.com> I'm using the unserialize_callback_func ini setting, from http://www.php.net/manual/en/function.unserialize.php like so: ini_set('unserialize_callback_func','handlestdclass'); function handlestdclass( $classname ) { require_once("{$classname}/{$classname}.inc"); } Now I may be overlooking something very obvious, but when code is require/included in a function, it is locally scoped inside that function. If that's the case, and no way around it, what good is this directive? Any thoughts would be helpful. Thanks guys, Hans Z __________________________________________________ Do You Yahoo!? Yahoo! - Official partner of 2002 FIFA World Cup http://fifaworldcup.yahoo.com From LarryC at indexstock.com Tue Jun 11 09:41:24 2002 From: LarryC at indexstock.com (Larry Chuon) Date: Tue, 11 Jun 2002 09:41:24 -0400 Subject: [nycphp-talk] Question Message-ID: <86713EAB93BD5F40B94A0C8E604C7C91AEB333@index-exchange.indexstock.com> I use v4.2.1. A colleague of mine forwarded me this which makes sense. Using Register Globals One feature of PHP that can be used to enhance security is configuring PHP with register_globals = off. By turning off the ability for any user-submitted variable to be injected into PHP code, you can reduce the amount of variable poisoning a potential attacker may inflict. They will have to take the additional time to forge submissions, and your internal variables are effectively isolated from user submitted data. While it does slightly increase the amount of effort required to work with PHP, it has been argued that the benefits far outweigh the effort. Example 4-8. Working without register_globals=off Example 4-9. Working with register_globals = off By using this wisely, it's even possible to take preventative measures to warn when forging is being attempted. If you know ahead of time exactly where a variable should be coming from, you can check to see if submitted data is coming from an inappropriate kind of submission. While it doesn't guarantee that data has not been forged, it does require an attacker to guess the right kind of forging. Example 4-10. Detecting simple variable poisoning Of course, simply turning on register globals does not mean code is secure. For every piece of data that is submitted, it should also be checked in other ways. -----Original Message----- From: ken wu [mailto:ken_11223 at yahoo.com] Sent: Monday, June 10, 2002 6:56 PM To: NYPHP Talk Subject: Re: [nycphp-talk] Question are you running php4.1.2 or above? i know it is slightly different to deal with the form variables if u running such versions of php. For example. u have to echo $HTTP_POST_VARS['first'} which is the form variables. But i know that if u use the php 4.0.6 or below. u don't have to do so. just simply use $first or $last. --- Larry Chuon wrote: > This message contained 1 file(s) and is > available at > http://nyphp.org/list/paralist_archive.html?L_mid=364 > > I'm working on a sample code and have some > questions. My php and html files > are below. I'm running on IIS and MySQL. This code > gives me the following > error: > > > Notice: Undefined variable: first in > d:\\example\\datain.php on line 5 > > Notice: Undefined variable: last in > d:\\example\\datain.php on line 5 > > Notice: Undefined variable: nickname in > d:\\example\\datain.php on line 5 > > Notice: Undefined variable: email in > d:\\example\\datain.php on line 5 > > Notice: Undefined variable: salary in > d:\\example\\datain.php on line 5 > Thank you! Information entered. > > If I add the following lines prior to the insert > statement, it works fine. > $first = $HTTP_POST_VARS['first']; > > $last = $HTTP_POST_VARS['last']; > > $nickname = $HTTP_POST_VARS['nickname']; > > $email = $HTTP_POST_VARS['email']; > > $salary = $HTTP_POST_VARS['salary']; > > Why do I need $HTTP_POST_VARS???? Thanks in advance. > > -------------------- > > datain.php > > > > $db = mysql_connect("172.21.6.25","root","123456"); > > mysql_select_db("learndb",$db); > > $sql="insert into personnel (firstname, lastname, > nick, email, salary) > VALUES > ('$first','$last','$nickname','$email','$salary')"; > > $result = mysql_query($sql); > > echo "Thank you! Information entered.\ "; > > ?> > > > > > datain.html > > > > >
> > First name:
> > Last name:
> > Nick name:
> > E-mail:
> > Salary:
> > > >
> > > > > > > ===== Ken Wu 718-788-0661 168 35 Street Apt 2 Broooklyn, NY 11232-2320 http://www.kenfile.com __________________________________________________ Do You Yahoo!? Yahoo! - Official partner of 2002 FIFA World Cup http://fifaworldcup.yahoo.com From delta at rochester.rr.com Tue Jun 11 10:15:31 2002 From: delta at rochester.rr.com (delta) Date: Tue, 11 Jun 2002 10:15:31 -0400 Subject: [nycphp-talk] Question regarding $HTTP_POST_VARS References: <200206102119.g5ALJHP20790@slipdisc.virul.net> Message-ID: <002501c21152$7218bed0$8100fe0a@localdomain> This can be fixed in the PHP.ini file with: register_globals = on It is more secure to leave this off though, and use code like this: $first = $HTTP_POST_VARS['first']; As mentioned by Ken Wu, that works fine. ----- Original Message ----- From: "Larry Chuon" To: "NYPHP Talk" Sent: Monday, June 10, 2002 5:19 PM Subject: [nycphp-talk] Question > This message contained 1 file(s) and is available at http://nyphp.org/list/paralist_archive.html?L_mid=364 > > I'm working on a sample code and have some questions. My php and html files > are below. I'm running on IIS and MySQL. This code gives me the following > error: > > > Notice: Undefined variable: first in d:\\example\\datain.php on line 5 > > Notice: Undefined variable: last in d:\\example\\datain.php on line 5 > > Notice: Undefined variable: nickname in d:\\example\\datain.php on line 5 > > Notice: Undefined variable: email in d:\\example\\datain.php on line 5 > > Notice: Undefined variable: salary in d:\\example\\datain.php on line 5 > Thank you! Information entered. > > If I add the following lines prior to the insert statement, it works fine. > $first = $HTTP_POST_VARS['first']; > > $last = $HTTP_POST_VARS['last']; > > $nickname = $HTTP_POST_VARS['nickname']; > > $email = $HTTP_POST_VARS['email']; > > $salary = $HTTP_POST_VARS['salary']; > > Why do I need $HTTP_POST_VARS???? Thanks in advance. > > -------------------- > > datain.php > > > > $db = mysql_connect("172.21.6.25","root","123456"); > > mysql_select_db("learndb",$db); > > $sql="insert into personnel (firstname, lastname, nick, email, salary) > VALUES ('$first','$last','$nickname','$email','$salary')"; > > $result = mysql_query($sql); > > echo "Thank you! Information entered.\ "; > > ?> > > > > > datain.html > > > > >
> > First name:
> > Last name:
> > Nick name:
> > E-mail:
> > Salary:
> > > >
> > > > > > > > From LarryC at indexstock.com Tue Jun 11 10:21:49 2002 From: LarryC at indexstock.com (Larry Chuon) Date: Tue, 11 Jun 2002 10:21:49 -0400 Subject: [nycphp-talk] Question regarding $HTTP_POST_VARS Message-ID: <86713EAB93BD5F40B94A0C8E604C7C91AEB335@index-exchange.indexstock.com> Thanks you and Ken for your quick response. I leave register_globals = off for now. I think the add'l effort worth the security. -----Original Message----- From: delta [mailto:delta at rochester.rr.com] Sent: Tuesday, June 11, 2002 10:13 AM To: NYPHP Talk Subject: Re: [nycphp-talk] Question regarding $HTTP_POST_VARS This can be fixed in the PHP.ini file with: register_globals = on It is more secure to leave this off though, and use code like this: $first = $HTTP_POST_VARS['first']; As mentioned by Ken Wu, that works fine. ----- Original Message ----- From: "Larry Chuon" To: "NYPHP Talk" Sent: Monday, June 10, 2002 5:19 PM Subject: [nycphp-talk] Question > This message contained 1 file(s) and is available at http://nyphp.org/list/paralist_archive.html?L_mid=364 > > I'm working on a sample code and have some questions. My php and html files > are below. I'm running on IIS and MySQL. This code gives me the following > error: > > > Notice: Undefined variable: first in d:\\example\\datain.php on line 5 > > Notice: Undefined variable: last in d:\\example\\datain.php on line 5 > > Notice: Undefined variable: nickname in d:\\example\\datain.php on line 5 > > Notice: Undefined variable: email in d:\\example\\datain.php on line 5 > > Notice: Undefined variable: salary in d:\\example\\datain.php on line 5 > Thank you! Information entered. > > If I add the following lines prior to the insert statement, it works fine. > $first = $HTTP_POST_VARS['first']; > > $last = $HTTP_POST_VARS['last']; > > $nickname = $HTTP_POST_VARS['nickname']; > > $email = $HTTP_POST_VARS['email']; > > $salary = $HTTP_POST_VARS['salary']; > > Why do I need $HTTP_POST_VARS???? Thanks in advance. > > -------------------- > > datain.php > > > > $db = mysql_connect("172.21.6.25","root","123456"); > > mysql_select_db("learndb",$db); > > $sql="insert into personnel (firstname, lastname, nick, email, salary) > VALUES ('$first','$last','$nickname','$email','$salary')"; > > $result = mysql_query($sql); > > echo "Thank you! Information entered.\ "; > > ?> > > > > > datain.html > > > > >
> > First name:
> > Last name:
> > Nick name:
> > E-mail:
> > Salary:
> > > >
> > > > > > > > From delta at rochester.rr.com Tue Jun 11 10:57:50 2002 From: delta at rochester.rr.com (delta) Date: Tue, 11 Jun 2002 10:57:50 -0400 Subject: [nycphp-talk] SSL Alternatives References: <200206071947.g57JlbP66757@slipdisc.virul.net> Message-ID: <000f01c21158$5b355010$8100fe0a@localdomain> just was looking at some verisign info and found this list of certificates impressive- guess you get your money's worth! i think with Verisign the additional money is related to the value of the reputation. There is extensive backround checks etc with signing with Verisign because they only want to maintain their reputation. Managed PKI for SSL - Supported Servers Advanced Businesslink Ingrian Networks Quarterdeck/StarNine AliBaba (WarpGroup) Intel Red Hat AOL/Navisoft Internet Factory r3 Apache Freeware with SSLeay iPlanet Radnet Aventail Iserver Roxen BEA WebLogic JavaSoft s2 Backweb Lotus SilverStream Software Beyond Software Luckman Silver Stream Brokat Marimba Sirius Software C2Net Apache SSL-US Microsoft Sonic WALL Cacheflow Microsoft FrontPage 98 Sterling Software Compaq Microsoft Visual InterDev 6.0 Stronghold (C2Net) Compuserve/Spry Mirapoint Sun Microsystems Connect - OneServer Mitem Tandem Consensus Nanoteq Tektonic Control Data Systems NetCentric Tempest Software Covalent Netscape Tenon (WebTen) Dascom Netscreen Transarc F5 Netscape Merchant Thawte Consulting Frontier Technologies Nokia Unify FTP Software Novell Unisys GLACI OpenConnect Systems Unwired Planet Gradient Open Market Velocity Software Hummingbird Oracle Volera IBM O'Reilly & Associates Wall Data I/NET Preview Software WebMethods Information Builders Process Software WebSTAR Information Hyperlink Purveyor Zeus V1 Server Managed PKI for SSL - Premium Edition(aka Global Server Certificate 128-bit ) AOL Intel Silver Stream Apache iPlanet Sonic WALL Aventail Lotus O'Reilly WebSite 2.5 BEA WebLogic Microsoft (or higher) C2Net Stronghold Microsoft FrontPage 98 Red Hat Cacheflow Microsoft Visual InterDev 6.0 Tandem Compaq Mirapoint Velocity Software Covalent Nanoteq WebMethods F5 Netscape Zeus Hummingbird Netscreen IBM HTTP Nokia Ingrian Networks ----- Original Message ----- From: "Jim Musil" To: "NYPHP Talk" Sent: Friday, June 07, 2002 3:47 PM Subject: [nycphp-talk] SSL Alternatives > > What are the ramifications of using an SSL certificate that costs $49/year > versus Verisign's $600-800 certs? > > Jim M > > > From delta at rochester.rr.com Tue Jun 11 11:02:56 2002 From: delta at rochester.rr.com (delta) Date: Tue, 11 Jun 2002 11:02:56 -0400 Subject: verisign's managed pki for ssl Message-ID: <003201c21159$11f4e9a0$8100fe0a@localdomain> sorry the info looks better like this... Managed PKI for SSL - Supported Servers Advanced Businesslink Ingrian Networks Quarterdeck/StarNine AliBaba (WarpGroup) Intel Red Hat AOL/Navisoft Internet Factory r3 Apache Freeware with SSLeay iPlanet Radnet Aventail Iserver Roxen BEA WebLogic JavaSoft s2 Backweb Lotus SilverStream Software Beyond Software Luckman Silver Stream Brokat Marimba Sirius Software C2Net Apache SSL-US Microsoft Sonic WALL Cacheflow Microsoft FrontPage 98 Sterling Software Compaq Microsoft Visual InterDev 6.0 Stronghold (C2Net) Compuserve/Spry Mirapoint Sun Microsystems Connect - OneServer Mitem Tandem Consensus Nanoteq Tektonic Control Data Systems NetCentric Tempest Software Covalent Netscape Tenon (WebTen) Dascom Netscreen Transarc F5 Netscape Merchant Thawte Consulting Frontier Technologies Nokia Unify FTP Software Novell Unisys GLACI OpenConnect Systems Unwired Planet Gradient Open Market Velocity Software Hummingbird Oracle Volera IBM O'Reilly & Associates Wall Data I/NET Preview Software WebMethods Information Builders Process Software WebSTAR Information Hyperlink Purveyor Zeus V1 Server Managed PKI for SSL - Premium Edition1 AOL Intel Silver Stream Apache iPlanet Sonic WALL Aventail Lotus O'Reilly WebSite 2.5 BEA WebLogic Microsoft (or higher) C2Net Stronghold Microsoft FrontPage 98 Red Hat Cacheflow Microsoft Visual InterDev 6.0 Tandem Compaq Mirapoint Velocity Software Covalent Nanoteq WebMethods F5 Netscape Zeus Hummingbird Netscreen IBM HTTP Nokia Ingrian Networks 1 Previously referred to as Global Server Certificate 128-bit -------------- next part -------------- An HTML attachment was scrubbed... URL: From enunez at tiaa-cref.org Tue Jun 11 12:12:30 2002 From: enunez at tiaa-cref.org (Nunez, Eddy) Date: Tue, 11 Jun 2002 10:12:30 -0600 Subject: [nycphp-talk] require/include inside a function Message-ID: <7CE0EC1FC2D0D411910700508BE38D0F016A34C7@msxnyusr01.msx.ops.tiaa-cref.org> I believe functions and class definitions are globally scoped. I think the local scoping only applies to variables. I exec'd this bit of code and it supports my statement: ----------------------------------------------------------------------- function definer() { include_once("./foo.inc"); function func_foo() { echo 'foo was here'; } } echo ( class_exists( 'foo' ) ) ? 'foo is out there!' : 'foo not there.'; print "
"; echo ( function_exists( 'func_foo' ) ) ? 'func foo is out there!' : 'func foo not there.'; print "
"; definer(); echo ( class_exists( 'foo' ) ) ? 'foo is out there!' : 'foo not there.'; print "
"; echo ( function_exists( 'func_foo' ) ) ? 'func foo is out there!' : 'func foo not there.'; ----------------------------------------------------------------------- Output: foo not there. func foo not there. foo is out there! func foo is out there! ----------------------------------------------------------------------- Hope this helps. -Eddy -----Original Message----- From: Hans Zaunere [mailto:zaunere at yahoo.com] Sent: Monday, June 10, 2002 10:18 PM To: NYPHP Talk Subject: [nycphp-talk] require/include inside a function I'm using the unserialize_callback_func ini setting, from http://www.php.net/manual/en/function.unserialize.php like so: ini_set('unserialize_callback_func','handlestdclass'); function handlestdclass( $classname ) { require_once("{$classname}/{$classname}.inc"); } Now I may be overlooking something very obvious, but when code is require/included in a function, it is locally scoped inside that function. If that's the case, and no way around it, what good is this directive? Any thoughts would be helpful. Thanks guys, Hans Z __________________________________________________ Do You Yahoo!? Yahoo! - Official partner of 2002 FIFA World Cup http://fifaworldcup.yahoo.com ********************************************************************** This message, including any attachments, contains confidential information intended for a specific individual and purpose, and is protected by law. If you are not the intended recipient, please contact sender immediately by reply e-mail and destroy all copies. You are hereby notified that any disclosure, copying, or distribution of this message, or the taking of any action based on it, is strictly prohibited. TIAA-CREF ********************************************************************** From dev at thebinarylab.com Wed Jun 12 17:41:14 2002 From: dev at thebinarylab.com (John Ensign) Date: Wed, 12 Jun 2002 15:41:14 -0600 Subject: [nycphp-talk] Encrypt info in an email In-Reply-To: <200206071649.g57GnPP64347@slipdisc.virul.net> Message-ID: I would use PGP, odds are client is on win, and he/she can install a ns pretty outlook integrated pgp client right into the mail client to auto decrypt. As for encrypting the original mail on the server, here is a link with source. http://cvs.horde.org/co.php/imp/pgp.php?r=2.26 As well, the book "Web Application Developement with PHP" by Rathskiller, has a fully worked PGP class.... code is clean, tight, and understandable to boot. ) Hope this helps..... john -----Original Message----- From: Jim Musil [mailto:jim at nettmedia.com] Sent: Friday, June 07, 2002 10:49 AM To: NYPHP Talk Subject: [nycphp-talk] Encrypt info in an email Hi, What options are good if I want to encrypt just some information sent in an email? For example, let's say I send an order from a website to the store owner, how can I scramble the credit card in a way that the owner can descramble it when he/she receives it. Any ideas? Jim M From soazine at erols.com Wed Jun 12 20:02:12 2002 From: soazine at erols.com (Phil Powell) Date: Wed, 12 Jun 2002 20:02:12 -0400 Subject: Creatng a PHP chatroom Message-ID: <005b01c2126d$921a2f40$53bd6444@scandinawa1bo6> I am intrested in creating a chatroom entirely in PHP involving streaming text. Where can someone help me to find such a means of doing so? Thanx Phil http://valsignalandet.com -------------- next part -------------- An HTML attachment was scrubbed... URL: From kayraotaner at yahoo.com Wed Jun 12 20:15:13 2002 From: kayraotaner at yahoo.com (Kayra Otaner) Date: Wed, 12 Jun 2002 17:15:13 -0700 (PDT) Subject: [nycphp-talk] Creatng a PHP chatroom In-Reply-To: <200206130002.g5D02iP54564@slipdisc.virul.net> Message-ID: <20020613001513.91343.qmail@web10101.mail.yahoo.com> http://www.phpwizard.net/projects/phpIRC/ --- Phil Powell wrote: > I am intrested in creating a chatroom entirely in PHP involving streaming text. Where can > someone help me to find such a means of doing so? > > Thanx > Phil > http://valsignalandet.com > > > __________________________________________________ Do You Yahoo!? Yahoo! - Official partner of 2002 FIFA World Cup http://fifaworldcup.yahoo.com From soazine at erols.com Wed Jun 12 20:45:45 2002 From: soazine at erols.com (Phil Powell) Date: Wed, 12 Jun 2002 20:45:45 -0400 Subject: [nycphp-talk] Creatng a PHP chatroom References: <200206130015.g5D0FHP54670@slipdisc.virul.net> Message-ID: <006601c21273$a7b80830$53bd6444@scandinawa1bo6> Augh! The Windows .zip version is not available! But thanx, looks good! Phil ----- Original Message ----- From: "Kayra Otaner" To: "NYPHP Talk" Sent: Wednesday, June 12, 2002 8:15 PM Subject: Re: [nycphp-talk] Creatng a PHP chatroom > > http://www.phpwizard.net/projects/phpIRC/ > > --- Phil Powell wrote: > > I am intrested in creating a chatroom entirely in PHP involving streaming text. Where can > > someone help me to find such a means of doing so? > > > > Thanx > > Phil > > http://valsignalandet.com > > > > > > > > > __________________________________________________ > Do You Yahoo!? > Yahoo! - Official partner of 2002 FIFA World Cup > http://fifaworldcup.yahoo.com > > From tomatdolemite at hotmail.com Wed Jun 12 22:27:12 2002 From: tomatdolemite at hotmail.com (Tom O'Neill) Date: Wed, 12 Jun 2002 21:27:12 -0500 Subject: [nycphp-talk] Creatng a PHP chatroom References: <200206130046.g5D0kYP54915@slipdisc.virul.net> Message-ID: Winzip can unpack a tar.... ----- Original Message ----- From: "Phil Powell" To: "NYPHP Talk" Sent: Wednesday, June 12, 2002 7:46 PM Subject: Re: [nycphp-talk] Creatng a PHP chatroom > Augh! The Windows .zip version is not available! But thanx, looks good! > > Phil > > ----- Original Message ----- > From: "Kayra Otaner" > To: "NYPHP Talk" > Sent: Wednesday, June 12, 2002 8:15 PM > Subject: Re: [nycphp-talk] Creatng a PHP chatroom > > > > > > http://www.phpwizard.net/projects/phpIRC/ > > > > --- Phil Powell wrote: > > > I am intrested in creating a chatroom entirely in PHP involving > streaming text. Where can > > > someone help me to find such a means of doing so? > > > > > > Thanx > > > Phil > > > http://valsignalandet.com > > > > > > > > > > > > > > > __________________________________________________ > > Do You Yahoo!? > > Yahoo! - Official partner of 2002 FIFA World Cup > > http://fifaworldcup.yahoo.com > > > > > From ejp at well.com Thu Jun 13 09:16:48 2002 From: ejp at well.com (Edward Potter) Date: Thu, 13 Jun 2002 09:16:48 -0400 Subject: [nycphp-talk] Creatng a PHP chatroom References: <200206130046.g5D0kYP54915@slipdisc.virul.net> Message-ID: <3D089B40.3060708@well.com> I think every language has it's strengths and weaknesses. Building ecommerce, site prototyping, forms processing, etc is what php does really well, I think chat room construction would probably be more fun to code in Java, however here's a bunch of php chat applications... http://php.resourceindex.com/Complete_Scripts/Chat/ - e Phil Powell wrote: > Augh! The Windows .zip version is not available! But thanx, looks good! > > Phil > > ----- Original Message ----- > From: "Kayra Otaner" > To: "NYPHP Talk" > Sent: Wednesday, June 12, 2002 8:15 PM > Subject: Re: [nycphp-talk] Creatng a PHP chatroom > > > >>http://www.phpwizard.net/projects/phpIRC/ >> >>--- Phil Powell wrote: >> >>>I am intrested in creating a chatroom entirely in PHP involving >>> > streaming text. Where can > >>>someone help me to find such a means of doing so? >>> >>>Thanx >>>Phil >>>http://valsignalandet.com >>> >>> >>> >>> >> >>__________________________________________________ >>Do You Yahoo!? >>Yahoo! - Official partner of 2002 FIFA World Cup >>http://fifaworldcup.yahoo.com >> >> >> > > > From beef at interport.net Thu Jun 13 11:35:35 2002 From: beef at interport.net (Wellington Fan) Date: Thu, 13 Jun 2002 11:35:35 -0400 Subject: Timezone weirdness In-Reply-To: <200206111500.g5BF0iP33389@slipdisc.virul.net> Message-ID: Folks, Sometimes I just don't understand time... I ran this on a server: ------------------------------------------- TZ offset HR: '.date('O'); echo '
'.strftime('%Z'); ?> ------------------------------------------- and I get: ------------------------------------------- TZ offset HR: +0400 Eastern Daylight Time ------------------------------------------- I don't understand; if strftime('%Z') reports 'EDT', how does that jive with date('O') reporting +0400, which to my understanding would put the server TZ around Kabul? Thanks! -- Wellington From beef at interport.net Thu Jun 13 10:33:07 2002 From: beef at interport.net (Wellington Fan) Date: Thu, 13 Jun 2002 10:33:07 -0400 Subject: Timezone weirdness In-Reply-To: <200206111500.g5BF0iP33389@slipdisc.virul.net> Message-ID: Folks, Sometimes I just don't understand time... I ran this on a server: ------------------------------------------- TZ offset HR: '.date('O'); echo '
'.strftime('%Z'); ?> ------------------------------------------- and I get: ------------------------------------------- TZ offset HR: +0400 Eastern Daylight Time ------------------------------------------- I don't understand; if strftime('%Z') reports 'EDT', how does that jive with date('O') reporting +0400, which to my understanding would put the server TZ around Kabul? Thanks! -- Wellington From delta at rochester.rr.com Thu Jun 13 14:58:53 2002 From: delta at rochester.rr.com (delta) Date: Thu, 13 Jun 2002 14:58:53 -0400 Subject: [nycphp-talk]Web Application Development with PHP by Ratschiller References: <200206122136.g5CLafP53360@slipdisc.virul.net> Message-ID: <001601c2130c$5cc2f0d0$8100fe0a@localdomain> thanks for the tip on the book Web Application Development with PHP by Tobias Ratschiller - found www.amazon.com has it listed for 27.99 but there's also priced starting as low as $8.48 thanks again for the tip ----- Original Message ----- From: "John Ensign" To: "NYPHP Talk" Sent: Wednesday, June 12, 2002 5:36 PM Subject: RE: [nycphp-talk] Encrypt info in an email > I would use PGP, odds are client is on win, and he/she can install a ns > pretty outlook integrated pgp client right into the mail client to auto > decrypt. As for encrypting the original mail on the server, here is a link > with source. > > http://cvs.horde.org/co.php/imp/pgp.php?r=2.26 > > As well, the book "Web Application Developement with PHP" by Rathskiller, > has a fully worked PGP class.... code is clean, tight, and understandable to > boot. ) > > > Hope this helps..... > > john > > -----Original Message----- > From: Jim Musil [mailto:jim at nettmedia.com] > Sent: Friday, June 07, 2002 10:49 AM > To: NYPHP Talk > Subject: [nycphp-talk] Encrypt info in an email > > > > Hi, > > What options are good if I want to encrypt just some information sent in an > email? > > For example, let's say I send an order from a website to the store owner, > how can I scramble the credit card in a way that the owner can descramble it > when he/she receives it. > > Any ideas? > > Jim M > > > > > From ken_11223 at yahoo.com Thu Jun 13 19:49:18 2002 From: ken_11223 at yahoo.com (ken wu) Date: Thu, 13 Jun 2002 16:49:18 -0700 (PDT) Subject: [nycphp-talk]Web Application Development with PHP by Ratschiller In-Reply-To: <200206131856.g5DIuaP65603@slipdisc.virul.net> Message-ID: <20020613234918.18535.qmail@web12808.mail.yahoo.com> hey. guys. wanna get the copy of some newest book? here is the link http://blacksun.box.sk/books.html enjoy it ^_^ --- delta wrote: > thanks for the tip on the book Web Application > Development with PHP by > Tobias Ratschiller - found www.amazon.com has it > listed for 27.99 but > there's also priced starting as low as $8.48 > thanks again for the tip > ----- Original Message ----- > From: "John Ensign" > To: "NYPHP Talk" > Sent: Wednesday, June 12, 2002 5:36 PM > Subject: RE: [nycphp-talk] Encrypt info in an email > > > > I would use PGP, odds are client is on win, and > he/she can install a ns > > pretty outlook integrated pgp client right into > the mail client to auto > > decrypt. As for encrypting the original mail on > the server, here is a > link > > with source. > > > > http://cvs.horde.org/co.php/imp/pgp.php?r=2.26 > > > > As well, the book "Web Application Developement > with PHP" by Rathskiller, > > has a fully worked PGP class.... code is clean, > tight, and understandable > to > > boot. ) > > > > > > Hope this helps..... > > > > john > > > > -----Original Message----- > > From: Jim Musil [mailto:jim at nettmedia.com] > > Sent: Friday, June 07, 2002 10:49 AM > > To: NYPHP Talk > > Subject: [nycphp-talk] Encrypt info in an email > > > > > > > > Hi, > > > > What options are good if I want to encrypt just > some information sent in > an > > email? > > > > For example, let's say I send an order from a > website to the store owner, > > how can I scramble the credit card in a way that > the owner can descramble > it > > when he/she receives it. > > > > Any ideas? > > > > Jim M > > > > > > > > > > > > ===== Ken Wu 718-788-0661 168 35 Street Apt 2 Broooklyn, NY 11232-2320 http://www.kenfile.com __________________________________________________ Do You Yahoo!? Yahoo! - Official partner of 2002 FIFA World Cup http://fifaworldcup.yahoo.com From zaunere at yahoo.com Thu Jun 13 21:19:16 2002 From: zaunere at yahoo.com (Hans Zaunere) Date: Thu, 13 Jun 2002 18:19:16 -0700 (PDT) Subject: [nycphp-talk] Question In-Reply-To: <200206111341.g5BDfZP32403@slipdisc.virul.net> Message-ID: <20020614011916.68996.qmail@web12802.mail.yahoo.com> register_globals is certainly the issue here, as later versions come with it off by default. And I HIGHLY recommend working your code with register_globals off. Although it may be a quick fix to turn it on now, register_globals is deprecated and will be nonexistent soon, not to mention the security and performance implications. HZ --- Larry Chuon wrote: > I use v4.2.1. A colleague of mine forwarded me this which makes > sense. > > Using Register Globals > One feature of PHP that can be used to enhance security is > configuring PHP > with register_globals = off. > By turning off the ability for any user-submitted variable to be > injected > into PHP code, you can reduce > the amount of variable poisoning a potential attacker may inflict. > They will > have to take the additional > time to forge submissions, and your internal variables are > effectively > isolated from user submitted data. > While it does slightly increase the amount of effort required to work > with > PHP, it has been argued that > the benefits far outweigh the effort. > Example 4-8. Working without register_globals=off > if ($username) { // can be forged by a user in get/post/cookies > $good_login = 1; > } > if ($good_login == 1) { // can be forged by a user in > get/post/cookies, > fpassthru ("/highly/sensitive/data/index.html"); > } > ?> > Example 4-9. Working with register_globals = off > if($HTTP_COOKIE_VARS['username']){ > // can only come from a cookie, forged or otherwise > $good_login = 1; > fpassthru ("/highly/sensitive/data/index.html"); > } > ?> > By using this wisely, it's even possible to take preventative > measures to > warn when forging is being > attempted. If you know ahead of time exactly where a variable should > be > coming from, you can check to > see if submitted data is coming from an inappropriate kind of > submission. > While it doesn't guarantee that > data has not been forged, it does require an attacker to guess the > right > kind of forging. > Example 4-10. Detecting simple variable poisoning > if ($HTTP_COOKIE_VARS['username'] && > !$HTTP_POST_VARS['username'] && > !$HTTP_GET_VARS['username'] ) { > // Perform other checks to validate the user name... > $good_login = 1; > fpassthru ("/highly/sensitive/data/index.html"); > } else { > mail("admin at example.com", "Possible breakin attempt", > $HTTP_SERVER_VARS['REMOTE_ADDR']); > echo "Security violation, admin has been alerted."; > exit; > } > ?> > Of course, simply turning on register globals does not mean code is > secure. > For every piece of data that is > submitted, it should also be checked in other ways. > > -----Original Message----- > From: ken wu [mailto:ken_11223 at yahoo.com] > Sent: Monday, June 10, 2002 6:56 PM > To: NYPHP Talk > Subject: Re: [nycphp-talk] Question > > > are you running php4.1.2 or above? i know it is > slightly different to deal with the form variables if > u running such versions of php. For example. u have > to echo $HTTP_POST_VARS['first'} which is the form > variables. But i know that if u use the php 4.0.6 or > below. u don't have to do so. just simply use $first > or $last. > > > > --- Larry Chuon wrote: > > This message contained 1 file(s) and is > > available at > > > http://nyphp.org/list/paralist_archive.html?L_mid=364 > > > > I'm working on a sample code and have some > > questions. My php and html files > > are below. I'm running on IIS and MySQL. This code > > gives me the following > > error: > > > > > > Notice: Undefined variable: first in > > d:\\example\\datain.php on line 5 > > > > Notice: Undefined variable: last in > > d:\\example\\datain.php on line 5 > > > > Notice: Undefined variable: nickname in > > d:\\example\\datain.php on line 5 > > > > Notice: Undefined variable: email in > > d:\\example\\datain.php on line 5 > > > > Notice: Undefined variable: salary in > > d:\\example\\datain.php on line 5 > > Thank you! Information entered. > > > > If I add the following lines prior to the insert > > statement, it works fine. > > $first = $HTTP_POST_VARS['first']; > > > > $last = $HTTP_POST_VARS['last']; > > > > $nickname = $HTTP_POST_VARS['nickname']; > > > > $email = $HTTP_POST_VARS['email']; > > > > $salary = $HTTP_POST_VARS['salary']; > > > > Why do I need $HTTP_POST_VARS???? Thanks in advance. > > > > -------------------- > > > > datain.php > > > > > > > > > $db = mysql_connect("172.21.6.25","root","123456"); > > > > mysql_select_db("learndb",$db); > > > > $sql="insert into personnel (firstname, lastname, > > nick, email, salary) > > VALUES > > ('$first','$last','$nickname','$email','$salary')"; > > > > $result = mysql_query($sql); > > > > echo "Thank you! Information entered.\ "; > > > > ?> > > > > > > > > > > datain.html > > > > > > > > > >
> > > > First name:
> > > > Last name:
> > > > Nick name:
> > > > E-mail:
> > > > Salary:
> > > > > > > >
> > > > > > > > > > > > > > > > > ===== > Ken Wu > > 718-788-0661 > 168 35 Street Apt 2 > Broooklyn, NY 11232-2320 > > http://www.kenfile.com > > __________________________________________________ > Do You Yahoo!? > Yahoo! - Official partner of 2002 FIFA World Cup > http://fifaworldcup.yahoo.com > __________________________________________________ Do You Yahoo!? Yahoo! - Official partner of 2002 FIFA World Cup http://fifaworldcup.yahoo.com From zaunere at yahoo.com Thu Jun 13 21:23:36 2002 From: zaunere at yahoo.com (Hans Zaunere) Date: Thu, 13 Jun 2002 18:23:36 -0700 (PDT) Subject: [nycphp-talk] Do you know a free hosting for PHP and MySQL? In-Reply-To: <200206102303.g5AN3rP22059@slipdisc.virul.net> Message-ID: <20020614012336.70960.qmail@web12806.mail.yahoo.com> NYPHP will be providing free space for development purposes, although I can't promise a timeframe. I'll post developments as they happen. HZ --- RADIO X wrote: > Do you? > > www.radiox.go.ro > www.guardoneas.ro > > __________________________________________________ Do You Yahoo!? Yahoo! - Official partner of 2002 FIFA World Cup http://fifaworldcup.yahoo.com From zaunere at yahoo.com Thu Jun 13 21:27:00 2002 From: zaunere at yahoo.com (Hans Zaunere) Date: Thu, 13 Jun 2002 18:27:00 -0700 (PDT) Subject: [nycphp-talk] require/include inside a function In-Reply-To: <200206111612.g5BGCqP34225@slipdisc.virul.net> Message-ID: <20020614012700.69593.qmail@web12802.mail.yahoo.com> Yeah, exactly right. Drat. Thanks, HZ --- "Nunez, Eddy" wrote: > > I believe functions and class definitions are globally scoped. > I think the local scoping only applies to variables. > > I exec'd this bit of code and it supports my statement: > ----------------------------------------------------------------------- > function definer() { > include_once("./foo.inc"); > function func_foo() { echo 'foo was here'; } > } > > echo ( class_exists( 'foo' ) ) > ? 'foo is out there!' : 'foo not there.'; print "
"; > echo ( function_exists( 'func_foo' ) ) > ? 'func foo is out there!' : 'func foo not there.'; print "
"; > > definer(); > > echo ( class_exists( 'foo' ) ) > ? 'foo is out there!' : 'foo not there.'; print "
"; > echo ( function_exists( 'func_foo' ) ) > ? 'func foo is out there!' : 'func foo not there.'; > ----------------------------------------------------------------------- > Output: > foo not there. > func foo not there. > foo is out there! > func foo is out there! > ----------------------------------------------------------------------- > > Hope this helps. > -Eddy > > -----Original Message----- > From: Hans Zaunere [mailto:zaunere at yahoo.com] > Sent: Monday, June 10, 2002 10:18 PM > To: NYPHP Talk > Subject: [nycphp-talk] require/include inside a function > > > > I'm using the unserialize_callback_func ini setting, from > http://www.php.net/manual/en/function.unserialize.php like so: > > ini_set('unserialize_callback_func','handlestdclass'); > > function handlestdclass( $classname ) { > require_once("{$classname}/{$classname}.inc"); > } > > Now I may be overlooking something very obvious, but when code is > require/included in a function, it is locally scoped inside that > function. If that's the case, and no way around it, what good is > this > directive? > > Any thoughts would be helpful. Thanks guys, > > Hans Z > > __________________________________________________ > Do You Yahoo!? > Yahoo! - Official partner of 2002 FIFA World Cup > http://fifaworldcup.yahoo.com > > > ********************************************************************** > This message, including any attachments, contains confidential > information intended for a specific individual and purpose, and is > protected by law. If you are not the intended recipient, please > contact sender immediately by reply e-mail and destroy all copies. > You are hereby notified that any disclosure, copying, or distribution > of this message, or the taking of any action based on it, is strictly > prohibited. > TIAA-CREF > ********************************************************************** > __________________________________________________ Do You Yahoo!? Yahoo! - Official partner of 2002 FIFA World Cup http://fifaworldcup.yahoo.com From zaunere at yahoo.com Thu Jun 13 21:37:40 2002 From: zaunere at yahoo.com (Hans Zaunere) Date: Thu, 13 Jun 2002 18:37:40 -0700 (PDT) Subject: [nycphp-talk] Timezone weirdness In-Reply-To: <200206131750.g5DHouP64862@slipdisc.virul.net> Message-ID: <20020614013740.70768.qmail@web12802.mail.yahoo.com> > > I ran this on a server: > ------------------------------------------- > echo '
TZ offset HR: '.date('O'); > echo '
'.strftime('%Z'); > ?> > ------------------------------------------- > > and I get: > > ------------------------------------------- > TZ offset HR: +0400 > Eastern Daylight Time > ------------------------------------------- Odd. I ran this exact code on FreeBSD and Linux boxes and it worked as expected, -0400. What platform is this? If *nix check that your TZ setting is correct (man tzsetup I think). If it is, I can only see this as a bug. Check bugs.php.net for this, noting your PHP version and platform. HZ > > I don't understand; if strftime('%Z') reports 'EDT', how does that > jive with > date('O') reporting +0400, which to my understanding would put the > server TZ > around Kabul? > > Thanks! > > -- > Wellington > > __________________________________________________ Do You Yahoo!? Yahoo! - Official partner of 2002 FIFA World Cup http://fifaworldcup.yahoo.com From soazine at erols.com Thu Jun 13 21:37:41 2002 From: soazine at erols.com (Phil Powell) Date: Thu, 13 Jun 2002 21:37:41 -0400 Subject: [nycphp-talk] Creatng a PHP chatroom References: <200206131729.g5DHTQP64610@slipdisc.virul.net> Message-ID: <00a401c21344$13016e80$53bd6444@scandinawa1bo6> More fun to code in Java.. provided you know how to get a servlet to talk to an applet or whatever else out there is more modern than an applet.. I am clueless at this! Phil ----- Original Message ----- From: "Edward Potter" To: "NYPHP Talk" Sent: Thursday, June 13, 2002 1:29 PM Subject: Re: [nycphp-talk] Creatng a PHP chatroom > I think every language has it's strengths and weaknesses. Building > ecommerce, site prototyping, forms processing, etc is what php does > really well, I think chat room construction would probably be more fun > to code in Java, however here's a bunch of php chat applications... > > http://php.resourceindex.com/Complete_Scripts/Chat/ > > - e > > > > Phil Powell wrote: > > > Augh! The Windows .zip version is not available! But thanx, looks good! > > > > Phil > > > > ----- Original Message ----- > > From: "Kayra Otaner" > > To: "NYPHP Talk" > > Sent: Wednesday, June 12, 2002 8:15 PM > > Subject: Re: [nycphp-talk] Creatng a PHP chatroom > > > > > > > >>http://www.phpwizard.net/projects/phpIRC/ > >> > >>--- Phil Powell wrote: > >> > >>>I am intrested in creating a chatroom entirely in PHP involving > >>> > > streaming text. Where can > > > >>>someone help me to find such a means of doing so? > >>> > >>>Thanx > >>>Phil > >>>http://valsignalandet.com > >>> > >>> > >>> > >>> > >> > >>__________________________________________________ > >>Do You Yahoo!? > >>Yahoo! - Official partner of 2002 FIFA World Cup > >>http://fifaworldcup.yahoo.com > >> > >> > >> > > > > > > > > > From zaunere at yahoo.com Thu Jun 13 21:41:49 2002 From: zaunere at yahoo.com (Hans Zaunere) Date: Thu, 13 Jun 2002 18:41:49 -0700 (PDT) Subject: [nycphp-talk] best code for Login !. In-Reply-To: <200206102249.g5AMn0P21855@slipdisc.virul.net> Message-ID: <20020614014149.37394.qmail@web12804.mail.yahoo.com> How would this work: $myparadigm = new Paradigm; $myparadigm->Authorize('username','password'); if( $myparadigm->Result === LOGGED_IN ) header('Location: http://me.com/protected.php'); else header('Location: http://me.com/login.php'); I'm working on delivering this as a web service. I'll have beta code up within the next few days (I had it done, but didn't like it). HZ --- louie wrote: > greetin' folks ! ^-^ > > me and a friend was trying to pick > the best way to the most simple and scure code > for Login > with already existing user and password in Mysql. > > > best regards ! > snir 'shalom' gal. > www.ChatsRus.com > > A pig's orgasm lasts for 30 minutes. > > > __________________________________________________ Do You Yahoo!? Yahoo! - Official partner of 2002 FIFA World Cup http://fifaworldcup.yahoo.com From dkrook at hotmail.com Thu Jun 13 23:00:09 2002 From: dkrook at hotmail.com (D C Krook) Date: Thu, 13 Jun 2002 23:00:09 -0400 Subject: Job: SysAd, human rights, open source and free software.. in DC Message-ID: Damn, This would be my dream job if not for the Linux guru part (and the ap't lease I just signed..). I couldn't imagine a better use for one's LAMP skills, so please pass it on: Abstracted from: http://shr.aaas.org/sysad/ "We're looking for someone who loves free software, wants to support human rights, and is eager to travel some of the most difficult places in the world. We work to apply science to human rights. One way we do that is by building information management systems and doing statistical analysis of large-scale human rights atrocities. We've done projects in Guatemala, Honduras, Haiti, South Africa, Kosovo, Cambodia, and Sri Lanka. We work with non-governmental organizations, UN missions, truth commissions, and tribunals. We think that freedom is pretty important, and we are deeply concerned about how copyright enforcement legislation might be used to repress human rights organizations. We have a long-standing interest in the use of cryptography to promote human rights. These interests (and many other observations too numerous to discuss here) have led us to conclude that open source and free software promotes human rights values, and so we are trying to do all our work in open source and free software. Skills Required: You need to be very comfortable with GNU/Linux systems. In particular, some of the skills you should have include a mastery of GNU/Linux installations, boot loaders, and init scripts; a wide knowledge of system demons; experience installing, configuring, and deploying free software office & productivity applications; script experience (perl, Python, shell); and at minimum, a working understanding of SQL, free software implementations of SQL back ends (MySQL, PostgreSQL), and of rapid ways to provide UIs to SQL systems (glade, PHP/HTML). Things that would help but aren't essential would be a working knowledge of make/autoconf, C/C++, Apache, PHP, Java, and javascript. Knowing something about statistics and statistical graphics under GNU/Linux (e.g., R) would be helpful. Do you have an opinion about vi(m?) versus (Xe|e)macs?" ======================================= D C Krook http://krook.net/ || http://krook.info/ _________________________________________________________________ Send and receive Hotmail on your mobile device: http://mobile.msn.com From rainman at deroo.net Fri Jun 14 08:11:46 2002 From: rainman at deroo.net (Raymond DeRoo) Date: Fri, 14 Jun 2002 08:11:46 -0400 Subject: [nycphp-talk] best code for Login !. In-Reply-To: <200206140141.g5E1fqP69545@slipdisc.virul.net> References: <200206140141.g5E1fqP69545@slipdisc.virul.net> Message-ID: <200206141211.g5ECBj1G026283@base.deroo.net> Hans-- > How would this work: > > $myparadigm = new Paradigm; > $myparadigm->Authorize('username','password'); > if( $myparadigm->Result === LOGGED_IN ) > header('Location: http://me.com/protected.php'); > else > header('Location: http://me.com/login.php'); I used to use this type of approach. However I found that more and more clients have files which they want protected, not just pages. A such I've moved towards mod_auth_mysql or mod_auth_ldap (depending up on size and availability). I realize that I can (and have) write a page that will get a file on the file-system and pass it through to the user. However the added URL complexity tends to confuse the most users. .r From kevin at sycoward.com Fri Jun 14 10:19:27 2002 From: kevin at sycoward.com (Kevin) Date: Fri, 14 Jun 2002 10:19:27 -0400 Subject: [nycphp-talk] best code for Login !. In-Reply-To: <200206141211.g5ECBmP76361@slipdisc.virul.net> Message-ID: I have used the approach of storing md5 encrypted passwords in the database, with no copy of the real password. Then when the user logs in with a password, md5 that and check it against the encrypted password in the database. I use a random password generator for when users lose their passwords, and send it to them via email. Its not all that original, but its secure enough, and has worked for me. Good luck From beef at interport.net Fri Jun 14 10:19:38 2002 From: beef at interport.net (Wellington Fan) Date: Fri, 14 Jun 2002 10:19:38 -0400 Subject: [nycphp-talk] Timezone weirdness In-Reply-To: <200206140137.g5E1biP69478@slipdisc.virul.net> Message-ID: Yes! I also ran on a different server and got the results you describe below. The first (bad) box is PHP 4.04pl1 on WinNT. The second (good) box is PHP 4.1.2 on FreeBSD. I'll poke around bugs and report back to the list... Thanks! -- WF > -----Original Message----- > From: Hans Zaunere [mailto:zaunere at yahoo.com] > Sent: Thursday, June 13, 2002 9:38 PM > To: NYPHP Talk > Subject: Re: [nycphp-talk] Timezone weirdness > > > Odd. I ran this exact code on FreeBSD and Linux boxes and it worked as > expected, -0400. What platform is this? If *nix check that your TZ > setting is correct (man tzsetup I think). If it is, I can only see > this as a bug. Check bugs.php.net for this, noting your PHP version > and platform. > > HZ From ian at plusfour.org Fri Jun 14 12:16:06 2002 From: ian at plusfour.org (Ian Forsyth) Date: Fri, 14 Jun 2002 12:16:06 -0400 Subject: HTTP_REFERER In-Reply-To: <200206141420.g5EEKqP77748@slipdisc.virul.net> Message-ID: Hi, wierd firewall happening.. I worked on this site that had a splash page to it, in the home page there is a little animation, then click here to enter the site.. so I put some conditional logic in the index page saying $refer = getenv('HTTP_REFERER'); if(!strpos($refer,"mysite.com")) { splashpage(); } else { homepage(); } I never had a problem till, some one at BigBank.com went to look at the site from their office and they went in an infinte loop always going to the splash page, and this happened at several computers on the same network at bigbank.com .. for some reason the http_referer from the client could not be captured.. did this happen because some particular firewall filtering? Whats up with that? Ian From andrew at digitalpulp.com Fri Jun 14 09:45:20 2002 From: andrew at digitalpulp.com (Andrew M. Yochum) Date: Fri, 14 Jun 2002 09:45:20 -0400 (EDT) Subject: [nycphp-talk] HTTP_REFERER In-Reply-To: <200206141616.g5EGFxP79022@slipdisc.virul.net> Message-ID: On Fri, 14 Jun 2002, Ian Forsyth wrote: > I never had a problem till, some one at BigBank.com went to look at the site > from their office and they went in an infinte loop always going to the > splash page, and this happened at several computers on the same network at > bigbank.com .. for some reason the http_referer from the client could not be > captured.. > > did this happen because some particular firewall filtering? Whats up with > that? Sounds like a proxy server, most likely, intercepting the requests and suppressing the Referer header being sent by the client. Also, unfortunately, the Referer header can't be relied on. Not all clients support it, and some give the option of disabling it for security/privacy concerns. See: http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.36 and http://www.w3.org/Protocols/rfc2616/rfc2616-sec15.html#sec15.1.3 Andrew From jim at nettmedia.com Fri Jun 14 14:28:37 2002 From: jim at nettmedia.com (Jim Musil) Date: Fri, 14 Jun 2002 14:28:37 -0400 Subject: Good Manhattan Source for Ethernet Cable Message-ID: Hi, Can anyone recommend a good source for raw UTP cat5 ethernet cable? Preferably somewhere near madison square garden... Jim From brent at landover.com Fri Jun 14 15:12:56 2002 From: brent at landover.com (Brent Baisley) Date: Fri, 14 Jun 2002 15:12:56 -0400 Subject: [nycphp-talk] Good Manhattan Source for Ethernet Cable In-Reply-To: <200206141828.g5EIShP80469@slipdisc.virul.net> Message-ID: I've got two boxes of cable left over from a move/renovation we did about 2.5 years ago. I suppose there is a few hundred feet left in each box (yellow), they were originally 1000 feet each. Anyway, the company/address on the side of the box is: Midtown Electric Supply 157 West 18th Street http://www.midtownelectric.com > > Hi, > > Can anyone recommend a good source for raw UTP cat5 ethernet cable? > > Preferably somewhere near madison square garden... > > Jim > -- Brent Baisley Systems Architect Landover Associates, Inc. Search & Advisory Services for Advanced Technology Environments p: 212.759.6400/800.759.0577 From jhise at linuxforbusiness.org Fri Jun 14 18:20:07 2002 From: jhise at linuxforbusiness.org (Jeremy Hise) Date: 14 Jun 2002 18:20:07 -0400 Subject: Oracle NLS_LANG problem Message-ID: <1024093210.3194.102.camel@localhost.localdomain> Hi All: I'm running oracle on NT and connecting via the oracle client on RH 6.2 Kernel version 2.2.14-5.0 ... Oracle 8.1.6 The PHP error I'm getting is: Warning: OCIStmtExecute: ORA-06550: line 1, column 30: PLS-00553: character set name is not recognized ORA-06550: line 0, column 0: PL/SQL: Compilation unit analysis terminated in /development/jhise/dbmerge_src/class/login.pclass on line 178 I've been looking all over the place and all the pages I've found say to correctly set up the NLS_LANG env variable...which I do. I've stopped and started apache...even rebooted the whole machine...doesn't seem as though any of it makes any difference. Anyway have any insight? Thanks! jhise From jhise at linuxforbusiness.org Fri Jun 14 18:25:21 2002 From: jhise at linuxforbusiness.org (Jeremy Hise) Date: 14 Jun 2002 18:25:21 -0400 Subject: [nycphp-talk] Oracle NLS_LANG problem: ADD In-Reply-To: <200206142221.g5EMLOP83048@slipdisc.virul.net> References: <200206142221.g5EMLOP83048@slipdisc.virul.net> Message-ID: <1024093523.3233.104.camel@localhost.localdomain> On line 178 I'm also calling a stored procedure that generates a value, which is bound to a PHP variable for use. On Fri, 2002-06-14 at 18:21, Jeremy Hise wrote: > Hi All: > > I'm running oracle on NT and connecting via the oracle client on RH 6.2 > Kernel version 2.2.14-5.0 ... Oracle 8.1.6 > > The PHP error I'm getting is: > > Warning: OCIStmtExecute: ORA-06550: line 1, column 30: PLS-00553: > character set name is not recognized ORA-06550: line 0, column 0: > PL/SQL: Compilation unit analysis terminated in > /development/jhise/dbmerge_src/class/login.pclass on line 178 > > I've been looking all over the place and all the pages I've found say to > correctly set up the NLS_LANG env variable...which I do. I've stopped > and started apache...even rebooted the whole machine...doesn't seem as > though any of it makes any difference. > > Anyway have any insight? > > Thanks! > > jhise > > > > > > > From zaunere at yahoo.com Fri Jun 14 22:03:42 2002 From: zaunere at yahoo.com (Hans Zaunere) Date: Fri, 14 Jun 2002 19:03:42 -0700 (PDT) Subject: [nycphp-talk] best code for Login !. In-Reply-To: <200206141211.g5ECBmP76361@slipdisc.virul.net> Message-ID: <20020615020342.55356.qmail@web12805.mail.yahoo.com> --- Raymond DeRoo wrote: > Hans-- > > > How would this work: > > > > $myparadigm = new Paradigm; > > $myparadigm->Authorize('username','password'); > > if( $myparadigm->Result === LOGGED_IN ) > > header('Location: http://me.com/protected.php'); > > else > > header('Location: http://me.com/login.php'); > > I used to use this type of approach. However I found that more and > more > clients have files which they want protected, not just pages. A such > I've > moved towards mod_auth_mysql or mod_auth_ldap (depending up on size > and > availability). This certainly is an issue; ie this only protects URLs that are parsed by PHP, even when used in a auto_prepend scheme. However, for normal site protection (member's area, for instance) I find this gives much more flexibility and ease of setup/maintainence than mod_* schemes. > I realize that I can (and have) write a page that will > get a file on the file-system and pass it through to the user. > However the added URL complexity tends to confuse the most users. I've done something similar to handle protected files (ie tarballs). Generally I use either a script or virtual URL scheme which then maps a request to a randomly generated (md5 works well) filesystem path. With the help of MySQL these mappings have proven easy to implement, and very secure, since the user never can see what the actual filename is. I'm working on getting this in a deliverable format, so hopefully it'll be publicly useful some time soon. HZ __________________________________________________ Do You Yahoo!? Yahoo! - Official partner of 2002 FIFA World Cup http://fifaworldcup.yahoo.com From zaunere at yahoo.com Fri Jun 14 22:27:52 2002 From: zaunere at yahoo.com (Hans Zaunere) Date: Fri, 14 Jun 2002 19:27:52 -0700 (PDT) Subject: [nycphp-talk] Oracle NLS_LANG problem: ADD In-Reply-To: <200206142226.g5EMQbP83111@slipdisc.virul.net> Message-ID: <20020615022752.90754.qmail@web12804.mail.yahoo.com> I might be able to help on this one. If you don't know already, consider http://orafaq.com and http://oradoc.photo.net invaluable. On orafaq.com somewhere, there is a directory of every ORA-* error message, in addition to the search ability. I have the URL at work and will post Monday. Anyway, although you say you're using the Oracle client, I'm assuming this is running from Apache/PHP (as opposed to the actual Oracle client). If running Apache, you need to make sure that the proper Oracle environment is actually available via Apache and permissions for the Apache user. I generally setup the environment in the apachectl script in some way. This ensures that Apache itself actually has the proper environment, and cane be confirmed with a phpinfo() call. Also, be sure Apache has access to the Oracle client resource, which are generally installed as a different user. Let me know if this helps, and if not, any more details on the situation (I use 8i client libs on RH 6.2 to connect to a NT server). HZ --- Jeremy Hise wrote: > On line 178 I'm also calling a stored procedure that generates a > value, > which is bound to a PHP variable for use. > > On Fri, 2002-06-14 at 18:21, Jeremy Hise wrote: > > Hi All: > > > > I'm running oracle on NT and connecting via the oracle client on RH > 6.2 > > Kernel version 2.2.14-5.0 ... Oracle 8.1.6 > > > > The PHP error I'm getting is: > > > > Warning: OCIStmtExecute: ORA-06550: line 1, column 30: PLS-00553: > > character set name is not recognized ORA-06550: line 0, column 0: > > PL/SQL: Compilation unit analysis terminated in > > /development/jhise/dbmerge_src/class/login.pclass on line 178 > > > > I've been looking all over the place and all the pages I've found > say to > > correctly set up the NLS_LANG env variable...which I do. I've > stopped > > and started apache...even rebooted the whole machine...doesn't seem > as > > though any of it makes any difference. > > > > Anyway have any insight? > > > > Thanks! > > > > jhise > > > > > > > > > > > > > > > > > > __________________________________________________ Do You Yahoo!? Yahoo! - Official partner of 2002 FIFA World Cup http://fifaworldcup.yahoo.com From liquidm3 at hotmail.com Sun Jun 16 19:13:31 2002 From: liquidm3 at hotmail.com (Ted Shieh) Date: Sun, 16 Jun 2002 19:13:31 -0400 Subject: Zend Encoder, microCODE, POBS Message-ID: I have some code that I need to deliver to a client in obfuscated form. Any comments about microCODE ( http://www.microcode.de/index.php3?LANGUAGE=english ) or POBS ( http://pobs.mywalhalla.net/ )? Zend Encoder is little bit too expensive for me. Ted Place a free classified ad with LiquidMarkets http://www.liquidmarkets.com/m.php?m=ads _________________________________________________________________ MSN Photos is the easiest way to share and print your photos: http://photos.msn.com/support/worldwide.aspx From zaunere at yahoo.com Mon Jun 17 13:15:42 2002 From: zaunere at yahoo.com (Hans Zaunere) Date: Mon, 17 Jun 2002 10:15:42 -0700 (PDT) Subject: ISS Advisory: Remote Compromise Vulnerability in ApacheHTTP Server Message-ID: <20020617171542.88407.qmail@web12802.mail.yahoo.com> FYI... > Internet Security Systems Security Advisory > June 17, 2002 > > Remote Compromise Vulnerability in Apache HTTP Server > > Synopsis: > > ISS X-Force has discovered a serious vulnerability in the default > version of Apache HTTP Server. Apache is the most popular Web server > and > is used on over half of all Web servers on the Internet. It may be > possible for remote attackers to exploit this vulnerability to > compromise Apache Web servers. Successful exploitation may lead to > modified Web content, denial of service, or further compromise. > > Affected Versions: > > Apache 1.x > > Note: Many commercial Web Application Servers such as Oracle 9ias and > IBM Websphere use Apache HTTP Server to process HTTP requests. > Additional products that bundle Apache HTTP Server for Windows may be > affected. > > Description: > > The Apache HTTP Server is maintained by the Apache Software > Foundation. > Apache is an extremely popular open-source Web server. Netcraft > (http://www.netcraft.com) reports that as of May 2002, Apache > accounts > for over 63% of all active Web sites. Apache?s installed base is > larger > than all other Web servers combined. > > The Apache Project is an open-source and volunteer collaboration > aimed > to create and maintain a free, feature-rich, powerful, and secure Web > server implementation. Apache is well regarded as the best, freely > available Web server. > > Apache contains a flawed mechanism meant to calculate the size of > "chunked" encoding. Chunked encoding is part of the HTTP Protocol > Specification used for accepting data from Web users. When data is > sent > from the user, the Web server needs to allocate a memory buffer of a > certain size to hold the submitted data. When the size of the data > being > submitted is unknown, the client or Web browser will communicate with > the server by creating "chunks" of data of a negotiated size. > > The Apache HTTP Server has a software flaw that misinterprets the > size > of incoming data chunks. This error may lead to a signal race, heap > overflow, and to exploitation of malicious code. > > X-Force has verified that this issue is exploitable on Apache for > Windows (Win32) version 1.3.24. Apache 1.x for Unix contains the same > source code, but X-Force believes that successful exploitation on > most > Unix platforms is unlikely. > > Recommendations: > > Internet Scanner X-Press Update 6.12 includes a check, > ApacheChunkedEncodingBo, to detect installations of Apache HTTP > Server > for Win32. XPU 6.12 is available from the ISS Download Center at: > http://www.iss.net/download. For questions about downloading and > installing this XPU, email support at iss.net. > > Detection support for this attack will be included in future X-Press > Updates for RealSecure Network Sensor 6.x and 7.0. These XPUs will be > available from the ISS Download Center, and this alert will be > updated > when these updates become available. > > ISS X-Force has developed a patch for this issue. Follow the > instructions below, or contact your vendor for assistance: > > To apply a source code patch to your Apache package: > > 1. Locate your source directory and navigate into the "main" sub- > directory. > 2. Verify that "http_protocol.c" is present in the current directory. > 3. To update your http_protocol.c file, create a file named > "apache_patch.diff", containing the following text: > > - --- http_protocol.c.vuln Fri Jun 14 16:12:50 2002 > +++ http_protocol.c Fri Jun 14 16:13:47 2002 > @@ -2171,7 +2171,7 @@ > > /* Otherwise, we are in the midst of reading a chunk of data */ > > - - len_to_read = (r->remaining > bufsiz) ? bufsiz : r->remaining; > + len_to_read = (r->remaining > (unsigned int)bufsiz) ? bufsiz : > r-> > remaining; > > len_read = ap_bread(r->connection->client, buffer, > len_to_read); > if (len_read <= 0) { > > 4. Apply the source code update using the "patch" command, or a > similar > utility. > 5. Build new binaries and reinstall. > > The Apache Server Project has been notified and will make a formal > patch > available soon. Please refer to the Apache Server Project?s homepage > for > more information: http://httpd.apache.org/ > > Additional Information: > > http://www.iss.net/security_center > http://www.apache.org > http://httpd.apache.org/ > > Credits: > > This vulnerability was discovered and researched by Neel Mehta of the > ISS X-Force. > __________________________________________________ Do You Yahoo!? Yahoo! - Official partner of 2002 FIFA World Cup http://fifaworldcup.yahoo.com From matthew_van_horn at yahoo.com Mon Jun 17 20:39:42 2002 From: matthew_van_horn at yahoo.com (Matthew Van Horn) Date: 18 Jun 2002 09:39:42 +0900 Subject: linux hosting with php-xslt Message-ID: <1024360782.4798.36.camel@katana.mattvanhorn.com> I'm having a crisis - does anyone know of a linux virtual host provider that has php compiled with xslt support? Can someone walk me through putting my own compiled version in my home directory (assuming it's not supported at the host) and using that? I would need to have sources for PHP and Sablotron, but what about expat? and could I compile on my machine, and then move it to their machine? Honestly, I don't know much about any of this and I am in over my head. There is some money involved, so I would be willing to pay some money for help, or even a temporary host (3 weeks) that meets my requirements (Linux/Apache/MySQL/PHP with XSLT(sablotron)) Thanks Matt Van Horn From ian at plusfour.org Mon Jun 17 21:21:53 2002 From: ian at plusfour.org (Ian Forsyth) Date: Mon, 17 Jun 2002 21:21:53 -0400 Subject: [nycphp-talk] linux hosting with php-xslt In-Reply-To: <200206180039.g5I0dpP23265@slipdisc.virul.net> Message-ID: phpwebhosting.com has xml/xslt support with mysql and some other useful extensions.. http://venus.phpwebhosting.com/phphoststest.phtml > -----Original Message----- > From: Matthew Van Horn [mailto:matthew_van_horn at yahoo.com] > Sent: Monday, June 17, 2002 8:40 PM > To: NYPHP Talk > Subject: [nycphp-talk] linux hosting with php-xslt > > > I'm having a crisis - does anyone know of a linux virtual host provider > that has php compiled with xslt support? > > Can someone walk me through putting my own compiled version in my home > directory (assuming it's not supported at the host) and using that? > > I would need to have sources for PHP and Sablotron, but what about > expat? and could I compile on my machine, and then move it to their > machine? Honestly, I don't know much about any of this and I am in over > my head. There is some money involved, so I would be willing to pay some > money for help, or even a temporary host (3 weeks) that meets my > requirements (Linux/Apache/MySQL/PHP with XSLT(sablotron)) > > Thanks > Matt Van Horn > > > > > From delta at rochester.rr.com Mon Jun 17 23:57:18 2002 From: delta at rochester.rr.com (delta) Date: Mon, 17 Jun 2002 23:57:18 -0400 Subject: [nycphp-talk] linux hosting with php-xslt References: <200206180039.g5I0dpP23265@slipdisc.virul.net> Message-ID: <002101c2167c$3e1b7da0$8100fe0a@localdomain> i was out at www.phpbuilder.com and found some good tips and info about sablotron...also on this website found a link to Step by step instructions for installing Sablotron/Expat/PHP_SABLOT etc at http://www.shanx.com/php/xsl/getXsl.htm hope this helps, regards, delta ----- Original Message ----- From: "Matthew Van Horn" To: "NYPHP Talk" Sent: Monday, June 17, 2002 8:39 PM Subject: [nycphp-talk] linux hosting with php-xslt > I'm having a crisis - does anyone know of a linux virtual host provider > that has php compiled with xslt support? > > Can someone walk me through putting my own compiled version in my home > directory (assuming it's not supported at the host) and using that? > > I would need to have sources for PHP and Sablotron, but what about > expat? and could I compile on my machine, and then move it to their > machine? Honestly, I don't know much about any of this and I am in over > my head. There is some money involved, so I would be willing to pay some > money for help, or even a temporary host (3 weeks) that meets my > requirements (Linux/Apache/MySQL/PHP with XSLT(sablotron)) > > Thanks > Matt Van Horn > > > > > From matthew_van_horn at yahoo.com Tue Jun 18 07:57:09 2002 From: matthew_van_horn at yahoo.com (Matthew Van Horn) Date: 18 Jun 2002 20:57:09 +0900 Subject: [nycphp-talk] linux hosting with php-xslt In-Reply-To: <200206180355.g5I3t2P24561@slipdisc.virul.net> References: <200206180355.g5I3t2P24561@slipdisc.virul.net> Message-ID: <1024401429.3362.2.camel@katana.mattvanhorn.com> Thanks for the info, but I have it working on my machine just fine - it's just that my machine is in Japan (with me), and behind a router, firewall, and a TOS that prevents me from serving it to the world. So I just need a host with a similar setup to mine. THe previous response about phpwebhosting.com seems like it will work, I am gonna venture the $10 or so it takes to find out, I think. On Tue, 2002-06-18 at 12:55, delta wrote: > i was out at www.phpbuilder.com and found some good tips and info about > sablotron...also on this website found a link to Step by step instructions > for installing Sablotron/Expat/PHP_SABLOT etc at > > http://www.shanx.com/php/xsl/getXsl.htm > > hope this helps, > regards, > delta > > > ----- Original Message ----- > From: "Matthew Van Horn" > To: "NYPHP Talk" > Sent: Monday, June 17, 2002 8:39 PM > Subject: [nycphp-talk] linux hosting with php-xslt > > > > I'm having a crisis - does anyone know of a linux virtual host provider > > that has php compiled with xslt support? > > > > Can someone walk me through putting my own compiled version in my home > > directory (assuming it's not supported at the host) and using that? > > > > I would need to have sources for PHP and Sablotron, but what about > > expat? and could I compile on my machine, and then move it to their > > machine? Honestly, I don't know much about any of this and I am in over > > my head. There is some money involved, so I would be willing to pay some > > money for help, or even a temporary host (3 weeks) that meets my > > requirements (Linux/Apache/MySQL/PHP with XSLT(sablotron)) > > > > Thanks > > Matt Van Horn > > > > > > > > > > > From zaunere at yahoo.com Tue Jun 18 09:42:46 2002 From: zaunere at yahoo.com (Hans Zaunere) Date: Tue, 18 Jun 2002 06:42:46 -0700 (PDT) Subject: [nycphp-talk] UPDATED Advisory: Remote Compromise Vulnerability in Apache HTTP Server In-Reply-To: <200206171715.g5HHFmP20172@slipdisc.virul.net> Message-ID: <20020618134246.93594.qmail@web12808.mail.yahoo.com> Some updated info. follows. Basically, this vulnerability is only seen as exploitable on Windows and 64bit UNICES. That said, there is a REAL patch (not an ISS marketing tool *snicker*) from Apache at http://www.apache.org/dist/httpd/patches/apply_to_1.3.24/ And there is an 1.3.25 release eminent. The CERT advisory follows. But before we get to that, I'd like to quickly rant about ISS. There has been a lot of hub-bub about ISS rushing this announcement out the door, while Apache was expecting to make an announcement when they had a solid patch/release ready. And on top of that, ISS pretends to have a remedy for it. Funny how Microsoft has become a major partner with ISS, pushing their secure IIS solutions. And it's funny how the ISS announcement says basically "buy our [security scanner] product, and you'll be fine!" Frankly, it pisses me off. Anyway, the CERT advisory is below: >CERT Advisory CA-2002-17 Apache Web Server Chunk Handling Vulnerability > > Original release date: June 17, 2002 > Last revised: -- > Source: CERT/CC > > A complete revision history can be found at the end of this file. > >Systems Affected > > * Web servers based on Apache code versions 1.3 through 1.3.24 > * Web servers based on Apache code versions 2.0 through 2.0.36 > >Overview > > There is a remotely exploitable vulnerability in the handling of large > chunks of data in web servers that are based on Apache source code. > This vulnerability is present by default in configurations of Apache > web servers versions 1.3 through 1.3.24 and versions 2.0 through > 2.0.36. The impact of this vulnerability is dependent upon the > software version and the hardware platform the server is running on. > >I. Description > > Apache is a popular web server that includes support for chunk-encoded > data according to the HTTP 1.1 standard as described in RFC2616. There > is a vulnerability in the handling of certain chunk-encoded HTTP > requests that may allow remote attackers to execute arbitrary code. > > The Apache Software Foundation has published an advisory describing > the details of this vulnerability. This advisory is available on their > web site at > > http://httpd.apache.org/info/security_bulletin_20020617.txt > >II. Impact > > For Apache versions 1.3 through 1.3.24 inclusive, this vulnerability > may allow the execution of arbitrary code by remote attackers. Several > sources have reported that this vulnerability can be used by intruders > to execute arbitrary code on Windows platforms. Additionally, the > Apache Software Foundation has reported that a similar attack may > allow the execution of arbitrary code on 64-bit UNIX systems. > > For Apache versions 2.0 through 2.0.36 inclusive, the condition > causing the vulnerability is correctly detected and causes the child > process to exit. Depending on a variety of factors, including the > threading model supported by the vulnerable system, this may lead to a > denial-of-service attack against the Apache web server. > >III. Solution > >Apply a patch from your vendor > > Apply a patch from your vendor to correct this vulnerability. The > CERT/CC has been informed by the Apache Software Foundation that the > patch provided in the ISS advisory on this topic does not completely > correct this vulnerability. More information about vendor-specific > patches can be found in the vendor section of this document. Because > the publication of this advisory was unexpectedly accelerated, > statements from all of the affected vendors were not available at > publication time. As additional information from vendors becomes > available, this document will be updated. > >Upgrade to the latest version > > The Apache Software Foundation has released two new versions of Apache > that correct this vulnerability. System administrators can prevent the > vulnerability from being exploited by upgrading to Apache version > 1.3.25 or 2.0.39. The new versions of Apache will be available from > their web site at > > http://httpd.apache.org/ > >Appendix A. - Vendor Information > > This appendix contains information provided by vendors for this > advisory. As vendors report new information to the CERT/CC, we will > update this section and note the changes in our revision history. If a > particular vendor is not listed below, we have not received their > comments. > >Apache Software Foundation > > New versions of the Apache software are available from: > > http://httpd.apache.org/ > >Conectiva Linux > > The Apache webserver shipped with Conectiva Linux is vulnerable to > this problem. New packages fixing this problem will be announced to > our mailing list after an official fix becomes available. > >Cray, Inc. > > Cray, Inc. does not distribute Apache with any of its operating > systems. > >IBM Corporation > > IBM makes the Apache Server availble for AIX customers as a software > package under the AIX-Linux Affinity initiative. This package is > included on the AIX Toolbox for Linux Applications CD, and can be > downloaded via the IBM Linux Affinity website. The currently available > version of Apache Server is susceptible to the vulnerability described > here. We will update our Apache Server offering shortly to version > 1.3.23, including the patch for this vulnerability; this update will > be made available for downloading by accessing this URL: > > http://www-1.ibm.com/servers/aix/products/aixos/linux/download. > html > > and following the instructions presented there. > > Please note that Apache Server, and all Linux Affinity software, is > offered on an "as-is" basis. IBM does not own the source code for this > software, nor has it developed and fully tested this code. IBM does > not support these software packages. > >Lotus > > We have verified that the Lotus Domino web server is not vulnerable to > this type of problem. Also, we do not ship Apache code with any Lotus > products. > >Microsoft Corporation > > Microsoft does not ship the Apache web server. > >Network Appliance > > NetApp systems are not vulnerable to this problem. > >RedHat Inc. > > Red Hat distributes Apache 1.3 versions in all Red Hat Linux > distributions, and as part of Stronghold. However we do not distribute > Apache for Windows. We are currently investigating the issue and will > work on producing errata packages when an official fix for the problem > is made available. When these updates are complete they will be > available from the URL below. At the same time users of the Red Hat > Network will be able to update their systems using the 'up2date' tool. > > http://rhn.redhat.com/errata/RHSA-2002-103.html > >Unisphere Networks > > The Unisphere Networks SDX-300 Service Deployment System (aka. SSC) > uses Apache 1.3.24. We are releasing Version 3.0 using Apache 1.3.25 > soon, and will be issuing a patch release for SSC Version 2.0.3 in the > very near future. > _________________________________________________________________ > > The CERT/CC thanks Mark Litchfield for reporting this vulnerability to > the Apache Software Foundation, and Mark Cox for reporting this > vulnerability to the CERT/CC. > _________________________________________________________________ > > Author: Cory F. Cohen > ______________________________________________________________________ > > This document is available from: > http://www.cert.org/advisories/CA-2002-17.html > ______________________________________________________________________ > >CERT/CC Contact Information > > Email: cert at cert.org > Phone: +1 412-268-7090 (24-hour hotline) > Fax: +1 412-268-6989 > Postal address: > CERT Coordination Center > Software Engineering Institute > Carnegie Mellon University > Pittsburgh PA 15213-3890 > U.S.A. > > CERT/CC personnel answer the hotline 08:00-17:00 EST(GMT-5) / > EDT(GMT-4) Monday through Friday; they are on call for emergencies > during other hours, on U.S. holidays, and on weekends. > >Using encryption > > We strongly urge you to encrypt sensitive information sent by email. > Our public PGP key is available from > http://www.cert.org/CERT_PGP.key > > If you prefer to use DES, please call the CERT hotline for more > information. > >Getting security information > > CERT publications and other security information are available from > our web site > http://www.cert.org/ > > To subscribe to the CERT mailing list for advisories and bulletins, > send email to majordomo at cert.org. Please include in the body of your > message > > subscribe cert-advisory > > * "CERT" and "CERT Coordination Center" are registered in the U.S. > Patent and Trademark Office. > ______________________________________________________________________ > > NO WARRANTY > Any material furnished by Carnegie Mellon University and the Software > Engineering Institute is furnished on an "as is" basis. Carnegie > Mellon University makes no warranties of any kind, either expressed or > implied as to any matter including, but not limited to, warranty of > fitness for a particular purpose or merchantability, exclusivity or > results obtained from use of the material. Carnegie Mellon University > does not make any warranty of any kind with respect to freedom from > patent, trademark, or copyright infringement. > _________________________________________________________________ > > Conditions for use, disclaimers, and sponsorship information > > Copyright 2002 Carnegie Mellon University. > > Revision History >June 17, 2002: Initial release --- Hans Zaunere wrote: > > FYI... > > > > Internet Security Systems Security Advisory > > June 17, 2002 > > > > Remote Compromise Vulnerability in Apache HTTP Server > > > > Synopsis: > > > > ISS X-Force has discovered a serious vulnerability in the default > > version of Apache HTTP Server. Apache is the most popular Web > server > > and > > is used on over half of all Web servers on the Internet. It may be > > possible for remote attackers to exploit this vulnerability to > > compromise Apache Web servers. Successful exploitation may lead to > > modified Web content, denial of service, or further compromise. > > > > Affected Versions: > > > > Apache 1.x > > > > Note: Many commercial Web Application Servers such as Oracle 9ias > and > > IBM Websphere use Apache HTTP Server to process HTTP requests. > > Additional products that bundle Apache HTTP Server for Windows may > be > > affected. > > > > Description: > > > > The Apache HTTP Server is maintained by the Apache Software > > Foundation. > > Apache is an extremely popular open-source Web server. Netcraft > > (http://www.netcraft.com) reports that as of May 2002, Apache > > accounts > > for over 63% of all active Web sites. Apache?s installed base is > > larger > > than all other Web servers combined. > > > > The Apache Project is an open-source and volunteer collaboration > > aimed > > to create and maintain a free, feature-rich, powerful, and secure > Web > > server implementation. Apache is well regarded as the best, freely > > available Web server. > > > > Apache contains a flawed mechanism meant to calculate the size of > > "chunked" encoding. Chunked encoding is part of the HTTP Protocol > > Specification used for accepting data from Web users. When data is > > sent > > from the user, the Web server needs to allocate a memory buffer of > a > > certain size to hold the submitted data. When the size of the data > > being > > submitted is unknown, the client or Web browser will communicate > with > > the server by creating "chunks" of data of a negotiated size. > > > > The Apache HTTP Server has a software flaw that misinterprets the > > size > > of incoming data chunks. This error may lead to a signal race, heap > > overflow, and to exploitation of malicious code. > > > > X-Force has verified that this issue is exploitable on Apache for > > Windows (Win32) version 1.3.24. Apache 1.x for Unix contains the > same > > source code, but X-Force believes that successful exploitation on > > most > > Unix platforms is unlikely. > > > > Recommendations: > > > > Internet Scanner X-Press Update 6.12 includes a check, > > ApacheChunkedEncodingBo, to detect installations of Apache HTTP > > Server > > for Win32. XPU 6.12 is available from the ISS Download Center at: > > http://www.iss.net/download. For questions about downloading and > > installing this XPU, email support at iss.net. > > > > Detection support for this attack will be included in future > X-Press > > Updates for RealSecure Network Sensor 6.x and 7.0. These XPUs will > be > > available from the ISS Download Center, and this alert will be > > updated > > when these updates become available. > > > > ISS X-Force has developed a patch for this issue. Follow the > > instructions below, or contact your vendor for assistance: > > > > To apply a source code patch to your Apache package: > > > > 1. Locate your source directory and navigate into the "main" sub- > > directory. > > 2. Verify that "http_protocol.c" is present in the current > directory. > > 3. To update your http_protocol.c file, create a file named > > "apache_patch.diff", containing the following text: > > > > - --- http_protocol.c.vuln Fri Jun 14 16:12:50 2002 > > +++ http_protocol.c Fri Jun 14 16:13:47 2002 > > @@ -2171,7 +2171,7 @@ > > > > /* Otherwise, we are in the midst of reading a chunk of data > */ > > > > - - len_to_read = (r->remaining > bufsiz) ? bufsiz : > r->remaining; > > + len_to_read = (r->remaining > (unsigned int)bufsiz) ? bufsiz : > > r-> > > remaining; > > > > len_read = ap_bread(r->connection->client, buffer, > > len_to_read); > > if (len_read <= 0) { > > > > 4. Apply the source code update using the "patch" command, or a > > similar > > utility. > > 5. Build new binaries and reinstall. > > > > The Apache Server Project has been notified and will make a formal > > patch > > available soon. Please refer to the Apache Server Project?s > homepage > > for > > more information: http://httpd.apache.org/ > > > > Additional Information: > > > > http://www.iss.net/security_center > > http://www.apache.org > > http://httpd.apache.org/ > > > > Credits: > > > > This vulnerability was discovered and researched by Neel Mehta of > the > > ISS X-Force. > > > > __________________________________________________ > Do You Yahoo!? > Yahoo! - Official partner of 2002 FIFA World Cup > http://fifaworldcup.yahoo.com > __________________________________________________ Do You Yahoo!? Yahoo! - Official partner of 2002 FIFA World Cup http://fifaworldcup.yahoo.com From zaunere at yahoo.com Tue Jun 18 09:46:35 2002 From: zaunere at yahoo.com (Hans Zaunere) Date: Tue, 18 Jun 2002 06:46:35 -0700 (PDT) Subject: Guide to FreeHosting Message-ID: <20020618134635.18212.qmail@web12802.mail.yahoo.com> Great resource. Thanks Navin and Evolt! I've attached the same info in a nice .txt file as well. HZ > From: "N.a.v.i.n ....D.h.a.n.u.k.a" > To: thelist at lists.evolt.org > Subject: [thelist] Guide to FreeHosting > Date: Tue, 18 Jun 2002 06:30:54 -0700 (PDT) > > Hi, > > Some Free WebHosting Tips : > > "I don't need much space, and all I need is a host with no > advertisements. A > decent amount of transfer would be good enough for me." > > http://www.liquid2k.com/ (recommended) > http://www.brinkster.com/ (recommended) > http://www.demented.org/ > http://www.cfm-resources.com/ > http://www.digitalrice.com/ > > "I desperately need PHP and a decent amount of space (maybe 15-25 > MB). I > would be willing to accept a few ads (banner or pop-under, but not > both!), > but I would definitely prefer it if the host had no-ads. I need as > much > transfer as possible. MySQL is optional." > > http://www.host.sk/ (no-ads) > http://www.php50.com/ (pop-up) > http://www.t35.com/ (pop-up) > http://www.clawz.com/ (banner) > http://www.tripod.co.uk/ (pop-up, MySQL included) > "I need a host that will accept large files and provides quite a > large > amount of transfer. I do need FTP, but no scripting languages are > necessary. > Ads should be kept to a minimum, as I am keeping my entire site here > as > well." > > http://www.freewebsites.com/ > http://www.gizba.com/ > http://www.webavenue.org/ > http://www.hut.ru/ > http://www.web1000.com/ > > "I don't care about space or ads or transfer. 5-10 MB space, a pop-up > + > banners, 300 MB a month transfer would even be enough. All I need is > reliability. A host that is not likely to go down soon, and a host > that has > minimal downtime. Do you know of any hosts?" > > http://www.geocities.com/ > http://www.angelfire.com/ > http://www.tripod.com/ > http://www.topcities.com/ > > "I desperately need CGI for an Ikonboard or YaBB I am looking to > host. I > don't mind ads, as long as they aren't too annoying. I just need 10 > MB of > space, and the host must have FTP. Please recommend some hosts!" > > http://www.netfirms.com/ > http://www.spaceports.com/ > http://www.4gigs.com/ > http://free.prohosting.com/ (only if board doesn't require SMTP) > http://www.clawz.com/ > http://www.amzweb.net/signup.php > http://www.hut.ru/ > > "I really need 20-30 MB of space, a fair amount of transfer, and ASP. > FTP > would be nice, but it's not required. Thanks!" > > http://www.brinkster.com/ (no FTP, and no ads) > http://www.raketnet.nl/ > http://www.cfm-resources.com/ > http://www.aspfreeserver.com/ > http://www.websamba.com/ > > "I am looking for a host that offers at least 15 MB space and 1 GB > transfer, > as well as PHP/MySQL and CGI. Do you know of any hosts?" > > http://www.amzweb.net/signup.php (also offers ASP) > http://www.spaceports.com/ > http://www.digitalrice.com/ (only 5 MB space) > http://www.portland.co.uk/ (only 100 MB transfer) > > "I need 20-30 MB of space with PHP and MySQL. FTP is a necessity. > Keep the > ads to a minimum, but I wouldn't mind a pop-up or a banner. I also > would > like at least 1 GB of transfer. I might need it for a forum, like > phpBB or > IBForums, so I would appreciate it if they allowed forums." > > http://www.host.sk/ (no ads) > http://www.spaceports.com/ > http://www.tripod.co.uk/ > http://www.multimania.com/ > http://www.amzweb.net/signup.php > http://www.web1000.com/ (use at your own risk!) > > "I need at least 20 MB of space, with somewhere around a gig of > transfer. > FTP would be cool, but what I'm really looking for is domain hosting. > PHP or > CGI would be helpful. " > > http://www.webavenue.org/ (no ads) > http://www.ghs20.com/ (no ads) > http://www.host.sk/ (no ads) > http://www.amzweb.net/signup.php > http://www.netfirms.com/ > http://www.fateback.com/ > > "I have a free Opensource Project. Where can i host it ?" > http://www.sourceforge.net > http://savannah.gnu.org > http://www.berlios.de > > Best Regards > N.D. __________________________________________________ Do You Yahoo!? Yahoo! - Official partner of 2002 FIFA World Cup http://fifaworldcup.yahoo.com -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: freeweb.txt URL: From zaunere at yahoo.com Tue Jun 18 09:56:59 2002 From: zaunere at yahoo.com (Hans Zaunere) Date: Tue, 18 Jun 2002 06:56:59 -0700 (PDT) Subject: NYPHP Updates and News Message-ID: <20020618135659.14631.qmail@web12804.mail.yahoo.com> Hello all, Our next monthly meeting is about a week away, and I'd like to start planning some things. First, I have had some offers for presentations/seminars/exhibits at our next meeting. If you intend to present at our next meeting, PLEASE contact me off-list ASAP (hans at nyphp.org) with what you are planning so I can include it in the announcements and make sure we have enough time for everything. If you haven't planned on presenting anything, remember that anyone is welcome to present just about anything; just give us a fair warning so we can prepare. I myself will try to exhibit some software I'm working on, but I'm going camping and have a wedding (not mine), so it's going to be a rough few days. Lastly, we have had an offer to colocate a box for NYPHP and Open Source projects. While I have a box to put there, I'd like something with a little more guts, so please contact me directly (hans at nyphp.org) if this is something you can help with. Also, we would be a mirror for Mozilla (great party by the by!) so this would be great! Thanks everyone, Hans Z. __________________________________________________ Do You Yahoo!? Yahoo! - Official partner of 2002 FIFA World Cup http://fifaworldcup.yahoo.com From charles at softwareprototypes.com Tue Jun 18 13:38:51 2002 From: charles at softwareprototypes.com (charles at softwareprototypes.com) Date: Tue, 18 Jun 2002 13:38:51 -0400 Subject: Per-/con-ceptual problems with object orientation code loading Message-ID: <11910-220026218173851250@softwareprototypes.com> Hi people, while I was talking with the grand-poobah of Community Connect at the Job Fair last Thursday (never heard from 'em, [don't expect to, {tough shit, I'm becoming a Dog Groomer, < B.S. & > $,}]) about object orientation, he made a couple of comments which, with my usual "esprit d'escalier" didn't get around to retorting until after we'd all gone out the door. First: The problem with loading an object class is that people don't know how to break up a class to save their gonads and keep trying to define a class as a single file which results in a lot of unused code being loaded and inter-piled uselessly. Ever thought of breaking up the code into one __directory__ per class containing one file for the static object definition (the Class and instance variables that all the methods will depend on,) and one file per method with an "IncludeOnce" pragma of the static definition? (Sorry if I'm showing my "Ada" but I learned about Pragmas reading the DND "Green Book.") When I was working for the CGI Group on the Common Departmental Financial System for Supply and Services Canada, I had to write a CM system to track every friggin' component (ConfigurationItem,) all the specs, APIs, window layouts, Netron CAP COBOL code fragments, test scripts, environment pathes, migration strategies, piece of hardware, software, chair & desk and human resource spread across 3,849,674 square miles (9,970,610 square km), of which 291,576 square miles (755,180 square km) are inland water. Now there's a sparse Set for you. :-) You can then create "load sets" which include "IncludeOnce" pragmas for only the methods you will actually be using. That means that you can keep the foot print "lean and mean" by including the "load set" instead of loading the whole class. This would take care of 99% of the objections to the ridiculously broad foot print that Smalltalk and Java source code (mis-)management have. Next: Paths are great and should be used to full advantage. You should also use your NFS machines/servers to the fullest. You should use your DNS to implement subdomains for development and test and have ONE box for running test & QA and ONE box for development. These can even be re-using the same box in addition to the induvudual developper's boxes. Production machines/servers ONLY know production paths. They execute code, access data bases and serve pages from/in the production environment. They are "www." boxen. Test machines/servers know about test paths AND production paths. They execute code, access data bases and serve pages from/in the production environment AND the test environment. They are "tst." subdomain boxen. Development machines/servers know about test paths AND production paths. They execute code, access data bases and serve pages from/in the production environment AND the test environment AND the development environment. They are "dev." subdomain boxen. Individual developer's boxes know about development paths AND test paths AND production paths. They execute code, access data bases and serve pages from/in the production environment AND the test environment AND the development environment and their own box. They are "." subdomain boxen. Last: Just because the code has to be attached to the object that's actually involved doesn't mean that it doesn't require and can't intermingle execution with code from other objects. Some objects are ONLY there to provide services (like StateMachines, StateEngines, DialogManagers, etc.) The same principles of optimization still apply: 1) Don't execute any instructions or allocate any storage you don't absolutely need to. (Make it fast) (This is the WORST offender and a measure of how lousy programmers are at designing efficient algorithms. M$ Windows makes me weep. At least the Mac only let you fill a TERec (TextEditing pane model object) with a maximum of 4K Bytes. Windows would acept megabytes of data even though it could only show one or two K of it. What a waste of time. Bill Gates owes me HOURS!) 2) Never execute any code twice when you can cache the result. (Make it faster) 3) Never cache a result you won't reuse. (Make it smaller.) -Charles-A. Got a dog you need clipped? Let it get shaggier until I've finished my course in August. From brent at landover.com Tue Jun 18 15:28:13 2002 From: brent at landover.com (Brent Baisley) Date: Tue, 18 Jun 2002 15:28:13 -0400 Subject: Object Oriented Programming question Message-ID: Most of my experience has been in scripting and procedural programming and I am now trying to get my brain around class files and such. I have a question about whether I'm heading down the right road or not. I've tried looking into PEAR, but I think it's a bit too much for me right now, I need more foundation to really understand what's going on. I've setup a "settings" file that I would like to contain "default" values like the mysql login name, password and database. One of the functions in my class file is a db connection function. I've set it up to accept the login name, password and database as parameters that can be passed. What I would like to do is use default values set in the settings file if parameters aren't passed. I tried using the syntax for setting a default value for a parameter if a value isn't passed, but I guess you can't use variables in this since I get errors. I want to only pass values to the function if I don't want to use the default values. Would like something like this: function db_connect($db_user = $dflt_user, $db_pswd = $dflt_pswd, $db_dbname = $dflt_dbname); Any enlightenment would be appreciated. -- Brent Baisley Systems Architect Landover Associates, Inc. Search & Advisory Services for Advanced Technology Environments p: 212.759.6400/800.759.0577 From eshepard at slower.net Tue Jun 18 16:16:55 2002 From: eshepard at slower.net (Eliot Shepard) Date: Tue, 18 Jun 2002 16:16:55 -0400 (EDT) Subject: [nycphp-talk] Per-/con-ceptual problems with object orientation code loading In-Reply-To: <200206181734.g5IHYXP30570@slipdisc.virul.net> Message-ID: > The problem with loading an object class is that people don't know > how to break up a class to save their gonads and keep trying to > define a class as a single file which results in a lot of unused code > being loaded and inter-piled uselessly. Not if you use an shared memory compiled-code cache like Zend Accelerator or PHP Accelerator (http://www.php-accelerator.co.uk). Cuts out both load from disk and compilation. Latter is a great free product BTW. > Ever thought of breaking up the code into one __directory__ per class > containing one file for the static object definition (the Class and > instance variables that all the methods will depend on,) and one file > per method with an "IncludeOnce" pragma of the static definition? > (Sorry if I'm showing my "Ada" but I learned about Pragmas reading > the DND "Green Book.") Sounds like a maintenance and usefulness nightmare, which would undercut a lot of the benefits of OO design. It also would seem to have bad worst-case performance (where you need a lot of the class' functionality.) If your classes are too big, you might be at the point where you can abstract stuff out into a base class or generalized utility functions. That's the trigger I look for. > The same principles of optimization still apply: > 1) Don't execute any instructions or allocate any storage you don't > absolutely need to. (Make it fast) (This is the WORST offender and a > measure of how lousy programmers are at designing efficient > algorithms. M$ Windows makes me weep. At least the Mac only let you > fill a TERec (TextEditing pane model object) with a maximum of 4K > Bytes. Windows would acept megabytes of data even though it could > only show one or two K of it. What a waste of time. Bill Gates owes > me HOURS!) > 2) Never execute any code twice when you can cache the result. (Make > it faster) > 3) Never cache a result you won't reuse. (Make it smaller.) 4) Never overconcern yourself with optimality before profiling. 5) Never create the potential for bugs by trying to make every code path optimal. Just some thoughts. Thanks for an entertaining post. Eliot -- Eliot Shepard http://slower.net/ From charles at softwareprototypes.com Tue Jun 18 16:48:36 2002 From: charles at softwareprototypes.com (charles at softwareprototypes.com) Date: Tue, 18 Jun 2002 16:48:36 -0400 Subject: [nycphp-talk] Object Oriented Programming answer Message-ID: <233410-220026218204836156@softwareprototypes.com> Hello Brent, the object instance you are creating with your "settings file" is an Environment object and I would create an Environment Class and a method to fill it from that file (or from another source, [now you could use that method to connect the environment variable over a socket to your local machine... lets say] :-) and other methods to to set/get a DBConnection instance variable to permit any other method in any class to use the connection. Environment class class method new -> answers a new initialized instance of the Environment get used to thinking of instantiation as occurring in context and the code having to validate the context before answering a) raising an error/exception and answer nil b) the instance instance variables dbUser, dbPasswd, dbName, ... instance method load ($stream) -> sets values from source stream (file, socket, parm, lottery ticket, ESP, whatever.) loadFile ($fileName) -> open the file named fileName & call load($source) with $source set to whatever you're connected to. ($value) -> sets and answers the value of the instvar () -> gets the value of the instVar Say your instVars are dbUser, dbPwd, dbName You should instantiate the Environment Class at the beginning of your session or run-unit or unit_of_work (there's a dozern aliases for this.) $env = Environmenr new; /* check for an error */ $env loadFile($yourFileNameOrALitteral); ... function db_connect( $db_user = $env.dbUser(), $db_pswd = $env.dbPwd(), $db_dbname = $env.dbName() ); ... In addition, you could write your Environment. methods to use lazy evaluation and, if there in no value for already set, say from reconnecting to a session, you could then call loadFile() from within the Environment.() method, uh, OOP-speek, sorry, function. The idea is that you now have an single object which has the responsability for getting and setting all environment valueand the rest of your code doesn't have to worry about or care if it gets the vaues from a default, a file, a session or if it pulls off a Kresgin and reads the guy's inseam. From webmaster at localnotion.com Tue Jun 18 16:46:37 2002 From: webmaster at localnotion.com (webmaster at localnotion.com) Date: Tue, 18 Jun 2002 20:46:37 +0000 Subject: include() called twice Message-ID: <1024433197.3d0f9c2dedfcb@webmail.localnotion.com> Howdy, I want the following code to see if a file is present, 6then include it if it is. I use3d the @ to supress an error if the file is not present. It works, but mysteriously writes the file to the page TWICE. I tried require() instead and the same results. Why is this? Thanks. $file-location = /path/to/file/; if (@readfile($file-location) != FALSE) { include($file-location); } ------------------------------------------------- This mail sent through IMP: http://horde.org/imp/ From nyphp at jimbishop.org Tue Jun 18 17:10:38 2002 From: nyphp at jimbishop.org (nyphp at jimbishop.org) Date: Tue, 18 Jun 2002 14:10:38 -0700 (PDT) Subject: [nycphp-talk] include called twice In-Reply-To: <200206182046.g5IKkjP32182@slipdisc.virul.net> Message-ID: when you use @readfile to test for the file, it actually loads the file. use is_file(/path/to/file) instead. > I want the following code to see if a file is present, 6then include it if it > is. I use3d the @ to supress an error if the file is not present. It works, but > mysteriously writes the file to the page TWICE. I tried require() instead and > the same results. Why is this? Thanks. > > $file-location = /path/to/file/; > > if (@readfile($file-location) != FALSE) { > include($file-location); > } > > > ------------------------------------------------- > This mail sent through IMP: http://horde.org/imp/ > > || jim.bishop || i heart n y || http://www.jimbishop.org/tidbytes/ From charles at softwareprototypes.com Tue Jun 18 17:22:07 2002 From: charles at softwareprototypes.com (charles at softwareprototypes.com) Date: Tue, 18 Jun 2002 17:22:07 -0400 Subject: [nycphp-talk] Per-/con-ceptual problems with object orientation code loading Message-ID: <6350-22002621821227828@softwareprototypes.com> ARRRGH! YOU DON'T EVEN UNDERSTAND THE PROBLEM!!!! I'D FIRE YOU ON THE SPOT! IF MY CODE LOADS ONE FRIGGIN' BYTE THAT ISN'T NEEDED, IT WASTES A BYTE IN RAM AND THE TIME IT TOOK TO LOAD IT. DO YOU UNDERSTRAND THAT? OF THOSE, THE TIME IS THE MOST PRECIOUS. When you can point me to a store that sells time, then you can start telling me I'm SCREAMING at you because I'm HYSTERICAL. The Zend accelerator is NOT magic. It doesn't use persistence so you still incurr that first hit and if you swap out or otherwise run out of RAM, you incurr that first hit again and again and again. If you REALLY run out of RAM and swap space due to memory contention because you've got too many pages being hit too many times, you are SO SCREWED! You have just set your system up to fail at precisely the WORST possible time. Load-units are only a nightmare if your code is not organized. They are NOT the concern of the coder/developper. If the code IS organized, then the optimizations occur BELOW the packaging and the coder/developper doesn't even know about it. Nobody will know exactly what's used most until its actually deployed and its possible to gather up some usage stats. Then you gather up code unto load-units. That's NOT the codes worry. The system tuner can optimize load-units according to what's really encountered and the developper just codes one method at a time and doesn't have to worry about tuning in the larger view. There may be inter-application contentions that he can't do anything about. Abstracting doesn't work if theres ONLY ONE CLASS. Subclassing doesn't help in those conditions either. The Object class will have thousands of methods if you can't trim it to only what the application needs. Concern yourself with writing optinal code because the crap you spew will return to haunt you on the unemployment line. Make every code path as clean as you can and never waste the user's time. Your code will run X millions of time. Take a minute more to write something which will run z% faster because, z% multiplied by X million times a month can make the difference between needing another expensive server, which will not make your employer happy, or worse, having a site that's unusable, that users will bitch about and not come back to. -Charles-A. From nyphp at websapp.com Tue Jun 18 17:32:37 2002 From: nyphp at websapp.com (Daniel Kushner) Date: Tue, 18 Jun 2002 17:32:37 -0400 Subject: [nycphp-talk] Per-/con-ceptual problems with object orientation code loading In-Reply-To: <200206182117.g5ILHoP32435@slipdisc.virul.net> Message-ID: Here: buy some time... http://www.washingtonpost.com/wp-dyn/articles/A61282-2002Jun16.html --Daniel -----Original Message----- From: charles at softwareprototypes.com [mailto:charles at softwareprototypes.com] Sent: Tuesday, June 18, 2002 5:18 PM To: NYPHP Talk Subject: Re: [nycphp-talk] Per-/con-ceptual problems with object orientation code loading ARRRGH! YOU DON'T EVEN UNDERSTAND THE PROBLEM!!!! I'D FIRE YOU ON THE SPOT! IF MY CODE LOADS ONE FRIGGIN' BYTE THAT ISN'T NEEDED, IT WASTES A BYTE IN RAM AND THE TIME IT TOOK TO LOAD IT. DO YOU UNDERSTRAND THAT? OF THOSE, THE TIME IS THE MOST PRECIOUS. When you can point me to a store that sells time, then you can start telling me I'm SCREAMING at you because I'm HYSTERICAL. The Zend accelerator is NOT magic. It doesn't use persistence so you still incurr that first hit and if you swap out or otherwise run out of RAM, you incurr that first hit again and again and again. If you REALLY run out of RAM and swap space due to memory contention because you've got too many pages being hit too many times, you are SO SCREWED! You have just set your system up to fail at precisely the WORST possible time. Load-units are only a nightmare if your code is not organized. They are NOT the concern of the coder/developper. If the code IS organized, then the optimizations occur BELOW the packaging and the coder/developper doesn't even know about it. Nobody will know exactly what's used most until its actually deployed and its possible to gather up some usage stats. Then you gather up code unto load-units. That's NOT the codes worry. The system tuner can optimize load-units according to what's really encountered and the developper just codes one method at a time and doesn't have to worry about tuning in the larger view. There may be inter-application contentions that he can't do anything about. Abstracting doesn't work if theres ONLY ONE CLASS. Subclassing doesn't help in those conditions either. The Object class will have thousands of methods if you can't trim it to only what the application needs. Concern yourself with writing optinal code because the crap you spew will return to haunt you on the unemployment line. Make every code path as clean as you can and never waste the user's time. Your code will run X millions of time. Take a minute more to write something which will run z% faster because, z% multiplied by X million times a month can make the difference between needing another expensive server, which will not make your employer happy, or worse, having a site that's unusable, that users will bitch about and not come back to. -Charles-A. From eshepard at slower.net Tue Jun 18 17:40:23 2002 From: eshepard at slower.net (Eliot Shepard) Date: Tue, 18 Jun 2002 17:40:23 -0400 (EDT) Subject: [nycphp-talk] Per-/con-ceptual problems with object orientation code loading In-Reply-To: <200206182117.g5ILHoP32435@slipdisc.virul.net> Message-ID: > IF MY CODE LOADS ONE FRIGGIN' BYTE THAT ISN'T NEEDED, IT WASTES A > BYTE IN RAM AND THE TIME IT TOOK TO LOAD IT. DO YOU UNDERSTRAND THAT? Experience is the skill of prioritizing one cost against others in order to maximize efficiency, in my opinion. You can go ahead writing conceptually optimal machine code to your heart's desire. I'll just get more done than you. :^) > ARRRGH! Clearly you're going to write your code just the way you like. That's fine. It's a great big open free world where all you need is a text editor. Ain't it something? But if you've no interest in hearing responses to your thoughts, my preference would be that you troll somewhere else. > YOU DON'T EVEN UNDERSTAND THE PROBLEM!!!! I'D FIRE YOU ON THE SPOT! First you'd have to be my boss, and based on the tenor of your note, I'm not too worried about that happening anytime soon. Cheers! Eliot -- Eliot Shepard http://slower.net/ From ian at plusfour.org Tue Jun 18 17:43:04 2002 From: ian at plusfour.org (Ian Forsyth) Date: Tue, 18 Jun 2002 17:43:04 -0400 Subject: apache log file utilities In-Reply-To: <200206182117.g5ILHoP32435@slipdisc.virul.net> Message-ID: Hi, does any one know of some sort of log file miniturizer? I was just wondering if someone has already written something that allows one to delete traffic by date.. ? From zaunere at yahoo.com Tue Jun 18 22:52:38 2002 From: zaunere at yahoo.com (Hans Zaunere) Date: Tue, 18 Jun 2002 19:52:38 -0700 (PDT) Subject: Apache vulnerability testing Message-ID: <20020619025238.42918.qmail@web12801.mail.yahoo.com> This might come in handy for detecting the Apache vulnerability. Thanks to Dave Aitel on NYLUG-Talk. HZ --- Dave Aitel wrote: > Subject: [nylug-talk] Apache vuln > > For those of you testing your apache boxes I have a test script up at > http://www.immunitysec.com/spike.html > > If you ARN'T testing your apache, then you probably should. :> > > -dave > __________________________________________________ Do You Yahoo!? Yahoo! - Official partner of 2002 FIFA World Cup http://fifaworldcup.yahoo.com From andrew at digitalpulp.com Tue Jun 18 16:39:52 2002 From: andrew at digitalpulp.com (Andrew M. Yochum) Date: Tue, 18 Jun 2002 16:39:52 -0400 (EDT) Subject: [nycphp-talk] apache log file utilities In-Reply-To: <200206182142.g5ILgoP32673@slipdisc.virul.net> Message-ID: Hi Ian, Have a look at logrotate. Its a pretty standard way of cycling out old log files after a given amount of time. The idea is that you keep somthing like 4 weeks of data, and every week they get rotated to the next number so you get files like access_log -> current log access_log.1 -> last weeks access_log.2 -> 2 weeks ago access_log.3 -> 3 weeks ago access_log.4 -> 4 weeks ago After a log file goes beyond your maximum number to hold, it gets dumped. There are options to gzip past log files to save on space, too. Keeps those nasty files from filling up your var partition too fast. Hope that helps. Andrew On Tue, 18 Jun 2002, Ian Forsyth wrote: > Hi, > > does any one know of some sort of log file miniturizer? I was just wondering > if someone has already written something that allows one to delete traffic > by date.. ? > > From petr at linux.ru Wed Jun 19 03:21:47 2002 From: petr at linux.ru (Petr Pomorov) Date: Wed, 19 Jun 2002 03:21:47 -0400 Subject: what do you call this? $dollar $dollar. Message-ID: <200206190721.g5J7LlA02359@biggie> Hi all, what do you call this in English? $dollar=1 $dollar.=2 $dollar.=3 Best regards. From ktuskey at exostream.com Wed Jun 19 03:28:02 2002 From: ktuskey at exostream.com (Kyle Tuskey) Date: Wed, 19 Jun 2002 03:28:02 -0400 Subject: [nycphp-talk] what do you call this? $dollar $dollar. In-Reply-To: <200206190717.g5J7HNP37527@slipdisc.virul.net> Message-ID: <000801c21762$d8ac9ca0$e1072744@win2kbox> Concatenation Kyle Tuskey eXostream Communications -----Original Message----- From: Petr Pomorov [mailto:petr at linux.ru] Sent: Wednesday, June 19, 2002 3:17 AM To: NYPHP Talk Subject: [nycphp-talk] what do you call this? $dollar $dollar. Hi all, what do you call this in English? $dollar=1 $dollar.=2 $dollar.=3 Best regards. From gherson at snet.net Wed Jun 19 05:44:15 2002 From: gherson at snet.net (George Herson) Date: Wed, 19 Jun 2002 05:44:15 -0400 Subject: session problem References: <200206190440.g5J4eTP36097@slipdisc.virul.net> Message-ID: <3D10526F.5000204@snet.net> When i click an link to move to another page on my site, a new session is being created, and i don't know why. (I've had sessions working before, even in this program that's now giving me problems.) On the page the click brings me to, $PHPSESSID's value is predefined to the original session id, so PHP remembers its value. But when i re-start the session, PHP creates a new session with a new id, and any variables registered to the session are forgotten. I've tried manually assigning this session id to the session, as shown below, but still, as soon as I call session_start() a new session is created. What am i doing wrong? On the page I hyperlink to: . . . ob_start(); $zerothsessid=$PHPSESSID; session_id( $PHPSESSID ); $firstsessid=session_id(); session_start(); // Starts a brand new session. $secondsessid=session_id(); // This assigns a new value. . . . echo "zerothsessid=$zerothsessid
\ "; echo "firstsessid=$firstsessid
\ "; echo "secondsessid=$secondsessid
\ "; ob_end_flush(); ?> In my output I'll have, for example: zerothsessid=782e68bc3beabe79b50e3b1b0d32ba9c firstsessid=782e68bc3beabe79b50e3b1b0d32ba9c secondsessid=11dae9d39bc2b72a5783569472bd2532 From http://www.php.net/manual/en/function.session-id.php: "string session_id ( [string id]) ... If id is specified, it will replace the current session id. session_id() needs to be called before session_start() for that purpose." About one in 15 tries this will work, i.e., all of $zerothsessid, $firstsessid, and $secondsessid are the same value. My mod_php is 4.0.5. thanks, george From gherson at snet.net Wed Jun 19 07:22:07 2002 From: gherson at snet.net (George Herson) Date: Wed, 19 Jun 2002 07:22:07 -0400 Subject: session problem Message-ID: <3D10695F.3070202@snet.net> The last attempt obviously got cut off (where i had three dots, one per line) so resending... When i click an
link to move to another page on my site, a new session is being created, and i don't know why. (I've had sessions working before, even in this program that's now giving me problems.) On the page the click brings me to, $PHPSESSID's value is predefined to the original session id, so PHP remembers its value. But when i re-start the session, PHP creates a new session with a new id, and any variables registered to the session are forgotten. I've tried manually assigning this session id to the session, as shown below, but still, as soon as I call session_start() a new session is created. What am i doing wrong? On the page I hyperlink to: . . . ob_start(); $zerothsessid=$PHPSESSID; session_id( $PHPSESSID ); $firstsessid=session_id(); session_start(); // Starts a brand new session. $secondsessid=session_id(); // This assigns a new value. . . . echo "zerothsessid=$zerothsessid
\ "; echo "firstsessid=$firstsessid
\ "; echo "secondsessid=$secondsessid
\ "; ob_end_flush(); ?> In my output I'll have, for example: zerothsessid=782e68bc3beabe79b50e3b1b0d32ba9c firstsessid=782e68bc3beabe79b50e3b1b0d32ba9c secondsessid=11dae9d39bc2b72a5783569472bd2532 From http://www.php.net/manual/en/function.session-id.php: "string session_id ( [string id]) ... If id is specified, it will replace the current session id. session_id() needs to be called before session_start() for that purpose." About one in 15 tries this will work, i.e., all of $zerothsessid, $firstsessid, and $secondsessid are the same value. My mod_php is 4.0.5. Its configure command, according to phpinfo(): './configure' '--with-pgsql=/var/lib/pgsql' '--with-apxs' Other settings: session.use_trans_sid 1 1 Session Support enabled Directive Local Value Master Value session.auto_start Off Off session.cache_expire 180 180 session.cache_limiter nocache nocache session.cookie_domain no value no value session.cookie_lifetime 0 0 session.cookie_path / / session.cookie_secure Off Off session.entropy_file /dev/urandom /dev/urandom session.entropy_length 16 16 session.gc_maxlifetime 600 600 session.gc_probability 20 20 session.name PHPSESSID PHPSESSID session.referer_check 1 1 session.save_handler files files session.save_path /tmp /tmp session.serialize_handler php php session.use_cookies On On thanks, george From jonbaer at digitalanywhere.com Wed Jun 19 08:56:48 2002 From: jonbaer at digitalanywhere.com (Jon Baer) Date: Wed, 19 Jun 2002 08:56:48 -0400 Subject: [nycphp-talk] what do you call this? $dollar $dollar. References: <200206190717.g5J7HNP37527@slipdisc.virul.net> Message-ID: <3D107F90.3040601@digitalanywhere.com> Petr Pomorov wrote: >Hi all, what do you call this in English? >$dollar=1 >$dollar.=2 >$dollar.=3 >Best regards. > > > Unemployement :-) From luis at response-marketing.com Wed Jun 19 09:12:46 2002 From: luis at response-marketing.com (Luis Silvestre) Date: Wed, 19 Jun 2002 09:12:46 -0400 Subject: [nycphp-talk] what do you call this? $dollar $dollar. In-Reply-To: <200206190717.g5J7HNP37527@slipdisc.virul.net> Message-ID: it's an example of the english term "concatentation operator" -----Original Message----- From: Petr Pomorov [mailto:petr at linux.ru] Sent: Wednesday, June 19, 2002 3:17 AM To: NYPHP Talk Subject: [nycphp-talk] what do you call this? $dollar $dollar. Hi all, what do you call this in English? $dollar=1 $dollar.=2 $dollar.=3 Best regards. From zaunere at yahoo.com Wed Jun 19 10:29:10 2002 From: zaunere at yahoo.com (Hans Zaunere) Date: Wed, 19 Jun 2002 07:29:10 -0700 (PDT) Subject: testers wanted - phpguardian.com (source protection) Message-ID: <20020619142910.9578.qmail@web12801.mail.yahoo.com> There's been some talk lately of source protection. This package looks very nice after a quick glance. > From: "ade_inovica" > > Hi there > > We're just about ready to release an application called phpguardian - > an application which will protect php source code. We are really > keen to get some people to try it, so if anyone is interested, > please visit http://www.phpguardian.com and go to the download link > > All the best to everyone! > > Ade __________________________________________________ Do You Yahoo!? Yahoo! - Official partner of 2002 FIFA World Cup http://fifaworldcup.yahoo.com From gherson at snet.net Wed Jun 19 11:43:54 2002 From: gherson at snet.net (George Herson) Date: Wed, 19 Jun 2002 11:43:54 -0400 Subject: [nycphp-talk] session problem References: <200206191122.g5JBMiP39558@slipdisc.virul.net> Message-ID: <3D10A6BA.5060304@snet.net> Never mind :) The problem was my session.referer_check = 1 setting in php.ini. PHP considers one of my own domains foreign and was killing the session for that reason (without mentioning this in the php error log, though i did get a few "PHP Warning: Failed to write session data (files). Please verify that the current setting of session.save_path is correct (/tmp) in Unknown on line 0"). Wow this stuff can be time-consuming. george George Herson wrote: > The last attempt obviously got cut off (where i had three dots, one per line) so > resending... > > When i click an
link to move to another page on my site, a new session is > being created, and i don't know why. (I've had sessions working before, even in > this program that's now giving me problems.) On the page the click brings me to, > $PHPSESSID's value is predefined to the original session id, so PHP remembers > its value. But when i re-start the session, PHP creates a new session with a > new id, and any variables registered to the session are forgotten. > > I've tried manually assigning this session id to the session, as shown below, > but still, as soon as I call session_start() a new session is created. What am > i doing wrong? > From jhise at linuxforbusiness.org Wed Jun 19 13:18:25 2002 From: jhise at linuxforbusiness.org (Jeremy Hise) Date: 19 Jun 2002 13:18:25 -0400 Subject: [nycphp-talk] Oracle NLS_LANG problem: ADD In-Reply-To: <200206150227.g5F2RuP85842@slipdisc.virul.net> References: <200206150227.g5F2RuP85842@slipdisc.virul.net> Message-ID: <1024507108.3875.16.camel@localhost.localdomain> Ok. I figured out the problem. For some reason, the Oracle on NT (where the database actually was) had: ORA_NLS33=$ORACLE_HOME/ocommon/nls/admin/data But on the RH box, the oracle install script had set it to: ORA_NLS33=$ORACLE_HOME/ocommon/nls/admin/oracle So, I went and simple changed the /oracle to /data And my day just got a hell of a lot better. As the great Homer says: WHOOOOOOOOOOO HOOOOOOOOOOOO I do have the following in my apachectl script: export ORACLE_BASE=/ora8/m01/app/oracle export ORACLE_HOME=$ORACLE_BASE/product/8.1.6 export PATH=$PATH:$ORACLE_HOME/bin export LD_LIBRARY_PATH=$ORACLE_HOME/lib:/lib:/usr export ORACLE_SID=ora8 export ORACLE_TERM=vt100 export ORA_NLS33=$ORACLE_HOME/ocommon/nls/admin/data export NLS_LANG=AMERICAN_AMERICA.WE8ISO8859P1 I really hope this helps others. Thanks! Jeremy On Fri, 2002-06-14 at 22:27, Hans Zaunere wrote: > > I might be able to help on this one. > > If you don't know already, consider http://orafaq.com and > http://oradoc.photo.net invaluable. On orafaq.com somewhere, there is > a directory of every ORA-* error message, in addition to the search > ability. I have the URL at work and will post Monday. > > Anyway, although you say you're using the Oracle client, I'm assuming > this is running from Apache/PHP (as opposed to the actual Oracle > client). > > If running Apache, you need to make sure that the proper Oracle > environment is actually available via Apache and permissions for the > Apache user. I generally setup the environment in the apachectl script > in some way. This ensures that Apache itself actually has the proper > environment, and cane be confirmed with a phpinfo() call. Also, be > sure Apache has access to the Oracle client resource, which are > generally installed as a different user. > > Let me know if this helps, and if not, any more details on the > situation (I use 8i client libs on RH 6.2 to connect to a NT server). > > HZ > > > > > --- Jeremy Hise wrote: > > On line 178 I'm also calling a stored procedure that generates a > > value, > > which is bound to a PHP variable for use. > > > > On Fri, 2002-06-14 at 18:21, Jeremy Hise wrote: > > > Hi All: > > > > > > I'm running oracle on NT and connecting via the oracle client on RH > > 6.2 > > > Kernel version 2.2.14-5.0 ... Oracle 8.1.6 > > > > > > The PHP error I'm getting is: > > > > > > Warning: OCIStmtExecute: ORA-06550: line 1, column 30: PLS-00553: > > > character set name is not recognized ORA-06550: line 0, column 0: > > > PL/SQL: Compilation unit analysis terminated in > > > /development/jhise/dbmerge_src/class/login.pclass on line 178 > > > > > > I've been looking all over the place and all the pages I've found > > say to > > > correctly set up the NLS_LANG env variable...which I do. I've > > stopped > > > and started apache...even rebooted the whole machine...doesn't seem > > as > > > though any of it makes any difference. > > > > > > Anyway have any insight? > > > > > > Thanks! > > > > > > jhise > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > __________________________________________________ > Do You Yahoo!? > Yahoo! - Official partner of 2002 FIFA World Cup > http://fifaworldcup.yahoo.com > > > From zaunere at yahoo.com Wed Jun 19 13:48:01 2002 From: zaunere at yahoo.com (Hans Zaunere) Date: Wed, 19 Jun 2002 10:48:01 -0700 (PDT) Subject: [nycphp-talk] Oracle NLS_LANG problem: ADD In-Reply-To: <200206191719.g5JHJtP42872@slipdisc.virul.net> Message-ID: <20020619174801.38792.qmail@web12801.mail.yahoo.com> And oh, here's that link: http://www.oracle-error.com Sorry about that, and alas it doesn't seem to have your particular error message, but hopefully it'll be useful at somepoint to someone. That's great you got it working. I know Oracle can be a real beast, I can only imagine the cross-platform issues that would arise. HZ --- Jeremy Hise wrote: > Ok. I figured out the problem. > > For some reason, the Oracle on NT (where the database actually was) > had: > ORA_NLS33=$ORACLE_HOME/ocommon/nls/admin/data > > But on the RH box, the oracle install script had set it to: > ORA_NLS33=$ORACLE_HOME/ocommon/nls/admin/oracle > > So, I went and simple changed the /oracle to /data > > And my day just got a hell of a lot better. > > As the great Homer says: > WHOOOOOOOOOOO HOOOOOOOOOOOO > > I do have the following in my apachectl script: > > export ORACLE_BASE=/ora8/m01/app/oracle > export ORACLE_HOME=$ORACLE_BASE/product/8.1.6 > export PATH=$PATH:$ORACLE_HOME/bin > export LD_LIBRARY_PATH=$ORACLE_HOME/lib:/lib:/usr > export ORACLE_SID=ora8 > export ORACLE_TERM=vt100 > export ORA_NLS33=$ORACLE_HOME/ocommon/nls/admin/data > export NLS_LANG=AMERICAN_AMERICA.WE8ISO8859P1 > > > I really hope this helps others. > > Thanks! > > Jeremy > > > On Fri, 2002-06-14 at 22:27, Hans Zaunere wrote: > > > > I might be able to help on this one. > > > > If you don't know already, consider http://orafaq.com and > > http://oradoc.photo.net invaluable. On orafaq.com somewhere, there > is > > a directory of every ORA-* error message, in addition to the search > > ability. I have the URL at work and will post Monday. > > > > Anyway, although you say you're using the Oracle client, I'm > assuming > > this is running from Apache/PHP (as opposed to the actual Oracle > > client). > > > > If running Apache, you need to make sure that the proper Oracle > > environment is actually available via Apache and permissions for > the > > Apache user. I generally setup the environment in the apachectl > script > > in some way. This ensures that Apache itself actually has the > proper > > environment, and cane be confirmed with a phpinfo() call. Also, be > > sure Apache has access to the Oracle client resource, which are > > generally installed as a different user. > > > > Let me know if this helps, and if not, any more details on the > > situation (I use 8i client libs on RH 6.2 to connect to a NT > server). > > > > HZ > > > > > > > > > > --- Jeremy Hise wrote: > > > On line 178 I'm also calling a stored procedure that generates a > > > value, > > > which is bound to a PHP variable for use. > > > > > > On Fri, 2002-06-14 at 18:21, Jeremy Hise wrote: > > > > Hi All: > > > > > > > > I'm running oracle on NT and connecting via the oracle client > on RH > > > 6.2 > > > > Kernel version 2.2.14-5.0 ... Oracle 8.1.6 > > > > > > > > The PHP error I'm getting is: > > > > > > > > Warning: OCIStmtExecute: ORA-06550: line 1, column 30: > PLS-00553: > > > > character set name is not recognized ORA-06550: line 0, column > 0: > > > > PL/SQL: Compilation unit analysis terminated in > > > > /development/jhise/dbmerge_src/class/login.pclass on line 178 > > > > > > > > I've been looking all over the place and all the pages I've > found > > > say to > > > > correctly set up the NLS_LANG env variable...which I do. I've > > > stopped > > > > and started apache...even rebooted the whole machine...doesn't > seem > > > as > > > > though any of it makes any difference. > > > > > > > > Anyway have any insight? > > > > > > > > Thanks! > > > > > > > > jhise > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > __________________________________________________ > > Do You Yahoo!? > > Yahoo! - Official partner of 2002 FIFA World Cup > > http://fifaworldcup.yahoo.com > > > > > > > > > > __________________________________________________ Do You Yahoo!? Yahoo! - Official partner of 2002 FIFA World Cup http://fifaworldcup.yahoo.com From charles at softwareprototypes.com Wed Jun 19 12:02:13 2002 From: charles at softwareprototypes.com (charles at softwareprototypes.com) Date: Wed, 19 Jun 2002 12:02:13 -0400 Subject: .= is the catenation assignment operator Message-ID: <230770-22002631916213140@softwareprototypes.com> If you want to be picky, its "catenation", the "con" is redundant (I'm a linguistics major, I know these things. :-) And if you really want to be picky, ".=" is the catenation asignment operator. -Ch-A. > From: "Kyle Tuskey" > Organization: New York PHP > Reply-To: talk at nyphp.org > Date: Wed, 19 Jun 2002 03:27:10 -0400 > To: NYPHP Talk > Subject: RE: [nycphp-talk] what do you call this? $dollar $dollar. > > Concatenation > > > Kyle Tuskey > eXostream Communications > > -----Original Message----- > From: Petr Pomorov [mailto:petr at linux.ru] > Sent: Wednesday, June 19, 2002 3:17 AM > To: NYPHP Talk > Subject: [nycphp-talk] what do you call this? $dollar $dollar. > > Hi all, what do you call this in English? > $dollar=1 > $dollar.=2 > $dollar.=3 > Best regards. > > > From charles at softwareprototypes.com Wed Jun 19 12:10:07 2002 From: charles at softwareprototypes.com (charles at softwareprototypes.com) Date: Wed, 19 Jun 2002 12:10:07 -0400 Subject: [nycphp-talk] testers wanted - phpguardian.com Message-ID: <101930-22002631916107328@softwareprototypes.com> uh, php runs on the server side. It never gets off of the server because that's pointless. Just who are we shielding the code from exactly? - Ourselves? Get real. - The "competition"? It entirely defeats the purpose and spirit of open source. - "Crackers?" They just stress test your back-up and recovery procedures. Use CVS or SourceSafe or some other file versioning system and put checked-out copies of the the files in a tree under a shared directory or under the various home directories. This abomination entirely defeats the purpose and spirit of open source. I say ignore it. If you're really in a snit, boycott it. Its a __bad__ idea. ON par with charging for your OS. -Ch-A. > From: Hans Zaunere > Organization: New York PHP > Reply-To: talk at nyphp.org > Date: Wed, 19 Jun 2002 10:29:14 -0400 > To: NYPHP Talk > Subject: [nycphp-talk] testers wanted - phpguardian.com > > > There's been some talk lately of source protection. This package looks > very nice after a quick glance. > >> From: "ade_inovica" >> >> Hi there >> >> We're just about ready to release an application called phpguardian - >> an application which will protect php source code. We are really >> keen to get some people to try it, so if anyone is interested, >> please visit http://www.phpguardian.com and go to the download link >> >> All the best to everyone! >> >> Ade > > > __________________________________________________ > Do You Yahoo!? > Yahoo! - Official partner of 2002 FIFA World Cup > http://fifaworldcup.yahoo.com > From zaunere at yahoo.com Wed Jun 19 14:45:38 2002 From: zaunere at yahoo.com (Hans Zaunere) Date: Wed, 19 Jun 2002 11:45:38 -0700 (PDT) Subject: [nycphp-talk] Object Oriented Programming question In-Reply-To: <200206181928.g5IJSIP31525@slipdisc.virul.net> Message-ID: <20020619184538.19785.qmail@web12804.mail.yahoo.com> --- Brent Baisley wrote: > I've setup a "settings" file that I would like to contain "default" > values like the mysql login name, password and database. I of course don't know your complete situation, but I would do the inverse: a settings file contains the normal values, and default settings are hardcoded. > One of the functions in my class file is a db connection function. > I've set it up to accept the login name, password and database as > parameters that can be passed. > > What I would like to do is use default values set in the settings > file if parameters aren't passed. OK, if you say so :) class SettingsFile { var $DB_User = NULL; var $DB_Password = NULL; var $DB_DB = NULL; function HandleSettingsFile() { $filehandle = fopen(blahblah); $this->DB_User = parseblahblah($filehandle); $this->DB_Password = parseblahblah($filehandle); $this->DB_DB = parseblahblah($filehandle); } } class MyDBStuff extends SettingsFile { var $DB_Handle = NULL; function DB_Connect( $user = NULL, $password = NULL, $db = NULL ) { if( $user !== NULL ) $this->DB_User = $user; if( $password !== NULL ) $this->DB_Password = $password; if( $db !== NULL ) $this->DB_DB = $db; $dbhandle = connectblah($this->DB_User,$this->DB_Password,$this->DB_DB); } } $dbstuff = new MyDBStuff; if( $I_HAVE_A_SETTINGS_FILE === 1 ) { $dbstuff->HandleSettingsFile(); $dbstuff->DB_Connect(); } else $dbstuff->DB_Connect('user','password','a_db'); > I tried using the syntax for setting a default > value for a parameter if a value isn't passed, but I guess you can't > use variables in this since I get errors. Right.. only constants work with that. > I want to only pass values to the function if I don't want to use the > default values. The heart of my lousy example is the $this->DB_Connect method. Personally, I would avoid this all together, since if anyone is including your code, they can see what your login/password/db name is. Instead, I would only NOT use default values if something from the settings file was supplied. There is a fine line here between the two, but there is a different. I always hardwire my password/login info at the top include file; then if someone needs to supply something different down the road, they can, yet they can never see what my defaults are. parseblahblah, HZ __________________________________________________ Do You Yahoo!? Yahoo! - Official partner of 2002 FIFA World Cup http://fifaworldcup.yahoo.com From jim at alliedtours.com Wed Jun 19 16:00:27 2002 From: jim at alliedtours.com (Jim Suto) Date: Wed, 19 Jun 2002 16:00:27 -0400 Subject: [nycphp-talk] .= is the catenation assignment operator In-Reply-To: <200206191759.g5JHxrP43269@slipdisc.virul.net> Message-ID: > its "catenation", > the "con" is redundant (I'm a linguistics major, I know these >things. :-) > >And if you really want to be picky, > ".=" is the catenation asignment operator. >-Ch-A. And if you really, really want to be picky, you would spell assignment with a double "s". :) Jim From zaunere at yahoo.com Wed Jun 19 16:12:45 2002 From: zaunere at yahoo.com (Hans Zaunere) Date: Wed, 19 Jun 2002 13:12:45 -0700 (PDT) Subject: [nycphp-talk] what do you call this? $dollar $dollar. In-Reply-To: <200206190717.g5J7HNP37527@slipdisc.virul.net> Message-ID: <20020619201245.11280.qmail@web12808.mail.yahoo.com> --- Petr Pomorov wrote: > Hi all, what do you call this in English? > $dollar=1 > $dollar.=2 > $dollar.=3 > Best regards. Bad programming? Oh, not to beat a dead horse, but that really should be: $dollar = '1'; $dollar .= '2'; $dollar .= '3'; where $dollar will now be '123' Since the concatenating assignment operator (http://www.php.net/manual/en/language.operators.string.php) is for strings, and makes no sense with ints. For ints: $dollar = 1; $dollar += 2; $dollar += 3; and now $dollar is 6 by way of the combined operators. http://www.php.net/manual/en/language.operators.assignment.php Also note the important distinction about references in the last paragraph (as noted in my references presentation, when using .= made PHP loop endlessly). HZ __________________________________________________ Do You Yahoo!? Yahoo! - Official partner of 2002 FIFA World Cup http://fifaworldcup.yahoo.com From petr at linux.ru Wed Jun 19 16:48:59 2002 From: petr at linux.ru (Petr Pomorov) Date: Wed, 19 Jun 2002 16:48:59 -0400 Subject: [nycphp-talk] what do you call this? $dollar $dollar. In-Reply-To: <200206192012.g5JKCoP44606@slipdisc.virul.net> References: <200206192012.g5JKCoP44606@slipdisc.virul.net> Message-ID: <200206192049.g5JKn0p02316@biggie> Thanks Hans i allways forget what the damn thing is called From jim at nettmedia.com Wed Jun 19 16:50:10 2002 From: jim at nettmedia.com (Jim Musil) Date: Wed, 19 Jun 2002 16:50:10 -0400 Subject: POST method not passing on a cgi-version of PHP 4.1.2 Message-ID: Hi, I've run across a client who is using a cgi-version of php and for some reason it will not allow me to submit data from a form via POST. Submitting via GET works great, POST gives nothing. I realize this is vague, but I'm hoping someone else has run across the same problem. Jim From kenschwartz at nyc.rr.com Wed Jun 19 18:03:56 2002 From: kenschwartz at nyc.rr.com (Kenneth Schwartz) Date: Wed, 19 Jun 2002 18:03:56 -0400 Subject: browser issue? Message-ID: <002a01c217dd$35bee770$e354c118@kenschwartz> I have my first PHP site up in production right now (I've developed ColdFusion for years and recently jumped on the PHP bandwagon) and I've got a funny problem I'm wondering if anyone out there can assist me with. The main client tested all of my scripts when they were in beta and everything was fine. He was using his home box at the time. Now that we went to production and he is using his work machine, the script is erroring out. I'm not having any problems when I hit the production site, none of my colleagues are, and we've checked it out with numerous friends who can all use the page successfully across a wide variety of browsers and platforms. This client appears to be the only one using IE 6.0. Any potential problems there or anyone have an idea of what I should pursue? His security settings are all apparently nornal. Thanks Kenneth Schwartz -------------- next part -------------- An HTML attachment was scrubbed... URL: From ktuskey at exostream.com Wed Jun 19 19:55:56 2002 From: ktuskey at exostream.com (Kyle Tuskey) Date: Wed, 19 Jun 2002 19:55:56 -0400 Subject: [nycphp-talk] testers wanted - phpguardian.com In-Reply-To: <200206191759.g5JHxrP43271@slipdisc.virul.net> Message-ID: <000501c217ec$daada910$e1072744@win2kbox> I don't necessarily think this product is amazing, but I think saying that code obfuscation isn't needed because "it isn't open source friendly" is a bold statement. Some of us develop commercial redistributable software that needs obfuscation to protect the code. It is also a valuable tool for certain contracting circumstances. I do feel that the zend encoder is the best obfuscator on the market, but then again I'm jaded since I know zeev and support his company. -- Kyle -----Original Message----- From: charles at softwareprototypes.com [mailto:charles at softwareprototypes.com] Sent: Wednesday, June 19, 2002 2:00 PM To: NYPHP Talk Subject: Re: [nycphp-talk] testers wanted - phpguardian.com uh, php runs on the server side. It never gets off of the server because that's pointless. Just who are we shielding the code from exactly? - Ourselves? Get real. - The "competition"? It entirely defeats the purpose and spirit of open source. - "Crackers?" They just stress test your back-up and recovery procedures. Use CVS or SourceSafe or some other file versioning system and put checked-out copies of the the files in a tree under a shared directory or under the various home directories. This abomination entirely defeats the purpose and spirit of open source. I say ignore it. If you're really in a snit, boycott it. Its a __bad__ idea. ON par with charging for your OS. -Ch-A. > From: Hans Zaunere > Organization: New York PHP > Reply-To: talk at nyphp.org > Date: Wed, 19 Jun 2002 10:29:14 -0400 > To: NYPHP Talk > Subject: [nycphp-talk] testers wanted - phpguardian.com > > > There's been some talk lately of source protection. This package looks > very nice after a quick glance. > >> From: "ade_inovica" >> >> Hi there >> >> We're just about ready to release an application called phpguardian - >> an application which will protect php source code. We are really >> keen to get some people to try it, so if anyone is interested, >> please visit http://www.phpguardian.com and go to the download link >> >> All the best to everyone! >> >> Ade > > > __________________________________________________ > Do You Yahoo!? > Yahoo! - Official partner of 2002 FIFA World Cup > http://fifaworldcup.yahoo.com > From charles at softwareprototypes.com Wed Jun 19 23:46:51 2002 From: charles at softwareprototypes.com (charles at softwareprototypes.com) Date: Wed, 19 Jun 2002 23:46:51 -0400 Subject: [nycphp-talk] testers wanted - phpguardian.com Message-ID: <31770-22002642034651375@softwareprototypes.com> Kyle, at the risk of lacking subtility, if I loosed some extremely sophisticated search engines (and I've written AI code and articles for AI Expert) on the intenet on a hundred PCs and let those search enines run for a year, do you thing I could find a SINGLE fuckin' competitor of yours who'd even want to see your fuckin' code? Really now. You're just fuckin' your clients over and fooling yourself. Try it with a free-ware, GPLed release of the previous version of your product and you'll be disgusted at the complete and utter lack of interest EXCEPT by your existing client base, maybe, if you're lucky. Code obfuscation is pointless and you'd be surprised how it HURTS you and HELPS your competitors since they have to reverse engineer with a clever way of doing what they see your code doing without your own prejudices. They probably come up with shit you never thought of. Much more clever than anything you came up with in the first place. (I made a MISTAKE reverse engineering an expert system inference engine and ended up with a complete enterprise modeling engine which then went nowhere because the managers of the firm were great real-estate sales men but couldn't manage an MIS project at gun point. Utter dick-heads.) Obfuscation is a mechanical process and if YOU can obfuscate it, it can be UN-obfuscated almost as fast as you can muddy the waters. (there were viri written for M$ XL BEFORE XL was even available on CD-ROM.) And by ditching the variable and function names, (unless the DDE/OLE maps are available,) the un-obfuscation gets rid of your own internal slants and just shows things as they really are. Stop with the code obfuscation BS. The business and the money is NOT in the product but in the process of building the product. HOW your company got the product spec in the first place is much more important than the product to because life is a moving target and whatever you deliver TODAY is obsolete before you even deliver it. Obfuscation is for long-term losers. phpguardian is a sham, a waste of time and money and utterly counter-productive. AND NOBODY needs it. -Ch-A. > From: "Kyle Tuskey" > Organization: New York PHP > Reply-To: talk at nyphp.org > Date: Wed, 19 Jun 2002 19:55:06 -0400 > To: NYPHP Talk > Subject: RE: [nycphp-talk] testers wanted - phpguardian.com > > I don't necessarily think this product is amazing, but I think saying > that code obfuscation isn't needed because "it isn't open source > friendly" is a bold statement. Some of us develop commercial > redistributable software that needs obfuscation to protect the code. It > is also a valuable tool for certain contracting circumstances. I do > feel that the zend encoder is the best obfuscator on the market, but > then again I'm jaded since I know zeev and support his company. > > > -- Kyle > > > > -----Original Message----- > From: charles at softwareprototypes.com > [mailto:charles at softwareprototypes.com] > Sent: Wednesday, June 19, 2002 2:00 PM > To: NYPHP Talk > Subject: Re: [nycphp-talk] testers wanted - phpguardian.com > > uh, php runs on the server side. It never gets off of the server > because that's pointless. > > Just who are we shielding the code from exactly? > > - Ourselves? Get real. > - The "competition"? It entirely defeats the purpose and spirit of > open source. > - "Crackers?" They just stress test your back-up and recovery > procedures. > > Use CVS or SourceSafe or some other file versioning system and put > checked-out copies of the the files in a tree under a shared > directory or under the various home directories. > > This abomination entirely defeats the purpose and spirit of open > source. I say ignore it. If you're really in a snit, boycott it. > > Its a __bad__ idea. ON par with charging for your OS. > > -Ch-A. > >> From: Hans Zaunere >> Organization: New York PHP >> Reply-To: talk at nyphp.org >> Date: Wed, 19 Jun 2002 10:29:14 -0400 >> To: NYPHP Talk >> Subject: [nycphp-talk] testers wanted - phpguardian.com >> >> >> There's been some talk lately of source protection. This package > looks >> very nice after a quick glance. >> >>> From: "ade_inovica" >>> >>> Hi there >>> >>> We're just about ready to release an application called > phpguardian - >>> an application which will protect php source code. We are really >>> keen to get some people to try it, so if anyone is interested, >>> please visit http://www.phpguardian.com and go to the download link >>> >>> All the best to everyone! >>> >>> Ade >> >> >> __________________________________________________ >> Do You Yahoo!? >> Yahoo! - Official partner of 2002 FIFA World Cup >> http://fifaworldcup.yahoo.com >> > > > > > From ktuskey at exostream.com Wed Jun 19 23:50:12 2002 From: ktuskey at exostream.com (Kyle Tuskey) Date: Wed, 19 Jun 2002 23:50:12 -0400 Subject: [nycphp-talk] testers wanted - phpguardian.com In-Reply-To: <200206200342.g5K3gYP49377@slipdisc.virul.net> Message-ID: <000b01c2180d$946d7cc0$e1072744@win2kbox> Charles, I don't respond to people who are narrow minded and need to curse to make a point. Protecting code is a valid practice. I'm sorry you don't agree, but please don't bring it to an infantile level. Thanks. Kyle -----Original Message----- From: charles at softwareprototypes.com [mailto:charles at softwareprototypes.com] Sent: Wednesday, June 19, 2002 11:43 PM To: NYPHP Talk Subject: Re: [nycphp-talk] testers wanted - phpguardian.com Kyle, at the risk of lacking subtility, if I loosed some extremely sophisticated search engines (and I've written AI code and articles for AI Expert) on the intenet on a hundred PCs and let those search enines run for a year, do you thing I could find a SINGLE fuckin' competitor of yours who'd even want to see your fuckin' code? Really now. You're just fuckin' your clients over and fooling yourself. Try it with a free-ware, GPLed release of the previous version of your product and you'll be disgusted at the complete and utter lack of interest EXCEPT by your existing client base, maybe, if you're lucky. Code obfuscation is pointless and you'd be surprised how it HURTS you and HELPS your competitors since they have to reverse engineer with a clever way of doing what they see your code doing without your own prejudices. They probably come up with shit you never thought of. Much more clever than anything you came up with in the first place. (I made a MISTAKE reverse engineering an expert system inference engine and ended up with a complete enterprise modeling engine which then went nowhere because the managers of the firm were great real-estate sales men but couldn't manage an MIS project at gun point. Utter dick-heads.) Obfuscation is a mechanical process and if YOU can obfuscate it, it can be UN-obfuscated almost as fast as you can muddy the waters. (there were viri written for M$ XL BEFORE XL was even available on CD-ROM.) And by ditching the variable and function names, (unless the DDE/OLE maps are available,) the un-obfuscation gets rid of your own internal slants and just shows things as they really are. Stop with the code obfuscation BS. The business and the money is NOT in the product but in the process of building the product. HOW your company got the product spec in the first place is much more important than the product to because life is a moving target and whatever you deliver TODAY is obsolete before you even deliver it. Obfuscation is for long-term losers. phpguardian is a sham, a waste of time and money and utterly counter-productive. AND NOBODY needs it. -Ch-A. > From: "Kyle Tuskey" > Organization: New York PHP > Reply-To: talk at nyphp.org > Date: Wed, 19 Jun 2002 19:55:06 -0400 > To: NYPHP Talk > Subject: RE: [nycphp-talk] testers wanted - phpguardian.com > > I don't necessarily think this product is amazing, but I think saying > that code obfuscation isn't needed because "it isn't open source > friendly" is a bold statement. Some of us develop commercial > redistributable software that needs obfuscation to protect the code. It > is also a valuable tool for certain contracting circumstances. I do > feel that the zend encoder is the best obfuscator on the market, but > then again I'm jaded since I know zeev and support his company. > > > -- Kyle > > > > -----Original Message----- > From: charles at softwareprototypes.com > [mailto:charles at softwareprototypes.com] > Sent: Wednesday, June 19, 2002 2:00 PM > To: NYPHP Talk > Subject: Re: [nycphp-talk] testers wanted - phpguardian.com > > uh, php runs on the server side. It never gets off of the server > because that's pointless. > > Just who are we shielding the code from exactly? > > - Ourselves? Get real. > - The "competition"? It entirely defeats the purpose and spirit of > open source. > - "Crackers?" They just stress test your back-up and recovery > procedures. > > Use CVS or SourceSafe or some other file versioning system and put > checked-out copies of the the files in a tree under a shared > directory or under the various home directories. > > This abomination entirely defeats the purpose and spirit of open > source. I say ignore it. If you're really in a snit, boycott it. > > Its a __bad__ idea. ON par with charging for your OS. > > -Ch-A. > >> From: Hans Zaunere >> Organization: New York PHP >> Reply-To: talk at nyphp.org >> Date: Wed, 19 Jun 2002 10:29:14 -0400 >> To: NYPHP Talk >> Subject: [nycphp-talk] testers wanted - phpguardian.com >> >> >> There's been some talk lately of source protection. This package > looks >> very nice after a quick glance. >> >>> From: "ade_inovica" >>> >>> Hi there >>> >>> We're just about ready to release an application called > phpguardian - >>> an application which will protect php source code. We are really >>> keen to get some people to try it, so if anyone is interested, >>> please visit http://www.phpguardian.com and go to the download link >>> >>> All the best to everyone! >>> >>> Ade >> >> >> __________________________________________________ >> Do You Yahoo!? >> Yahoo! - Official partner of 2002 FIFA World Cup >> http://fifaworldcup.yahoo.com >> > > > > > From jchristian at hotshed.com Thu Jun 20 00:16:24 2002 From: jchristian at hotshed.com (John Christian) Date: Thu, 20 Jun 2002 14:16:24 +1000 Subject: [nycphp-talk] testers wanted - phpguardian.com In-Reply-To: <200206200342.g5K3gYP49377@slipdisc.virul.net> Message-ID: <005d01c21811$3d7fc6d0$3901a8c0@user> Charles, You are obviously not in a position where you have non stop DoS attempts, gumby hackers trying to penetrate your servers or employees wanting to walk away with a cut-and-paste of your source! While Obfuscation is not the holy grail of internet security - its certainly a stepping stone to separate the wannabes from the serious attacks and save unneeded stress. You wouldn't post your root password on your website, but its possible someone could tap that information or bypass it altogether - same principles apply at all levels of security - best practices. For $us250 - I think only someone who has got nothing to loose wouldn't consider the option! That's just my 2 cents John -----Original Message----- From: charles at softwareprototypes.com [mailto:charles at softwareprototypes.com] Sent: Thursday, 20 June 2002 1:43 PM To: NYPHP Talk Subject: Re: [nycphp-talk] testers wanted - phpguardian.com Kyle, at the risk of lacking subtility, if I loosed some extremely sophisticated search engines (and I've written AI code and articles for AI Expert) on the intenet on a hundred PCs and let those search enines run for a year, do you thing I could find a SINGLE fuckin' competitor of yours who'd even want to see your fuckin' code? Really now. You're just fuckin' your clients over and fooling yourself. Try it with a free-ware, GPLed release of the previous version of your product and you'll be disgusted at the complete and utter lack of interest EXCEPT by your existing client base, maybe, if you're lucky. Code obfuscation is pointless and you'd be surprised how it HURTS you and HELPS your competitors since they have to reverse engineer with a clever way of doing what they see your code doing without your own prejudices. They probably come up with shit you never thought of. Much more clever than anything you came up with in the first place. (I made a MISTAKE reverse engineering an expert system inference engine and ended up with a complete enterprise modeling engine which then went nowhere because the managers of the firm were great real-estate sales men but couldn't manage an MIS project at gun point. Utter dick-heads.) Obfuscation is a mechanical process and if YOU can obfuscate it, it can be UN-obfuscated almost as fast as you can muddy the waters. (there were viri written for M$ XL BEFORE XL was even available on CD-ROM.) And by ditching the variable and function names, (unless the DDE/OLE maps are available,) the un-obfuscation gets rid of your own internal slants and just shows things as they really are. Stop with the code obfuscation BS. The business and the money is NOT in the product but in the process of building the product. HOW your company got the product spec in the first place is much more important than the product to because life is a moving target and whatever you deliver TODAY is obsolete before you even deliver it. Obfuscation is for long-term losers. phpguardian is a sham, a waste of time and money and utterly counter-productive. AND NOBODY needs it. -Ch-A. > From: "Kyle Tuskey" > Organization: New York PHP > Reply-To: talk at nyphp.org > Date: Wed, 19 Jun 2002 19:55:06 -0400 > To: NYPHP Talk > Subject: RE: [nycphp-talk] testers wanted - phpguardian.com > > I don't necessarily think this product is amazing, but I think saying > that code obfuscation isn't needed because "it isn't open source > friendly" is a bold statement. Some of us develop commercial > redistributable software that needs obfuscation to protect the code. It > is also a valuable tool for certain contracting circumstances. I do > feel that the zend encoder is the best obfuscator on the market, but > then again I'm jaded since I know zeev and support his company. > > > -- Kyle > > > > -----Original Message----- > From: charles at softwareprototypes.com > [mailto:charles at softwareprototypes.com] > Sent: Wednesday, June 19, 2002 2:00 PM > To: NYPHP Talk > Subject: Re: [nycphp-talk] testers wanted - phpguardian.com > > uh, php runs on the server side. It never gets off of the server > because that's pointless. > > Just who are we shielding the code from exactly? > > - Ourselves? Get real. > - The "competition"? It entirely defeats the purpose and spirit of > open source. > - "Crackers?" They just stress test your back-up and recovery > procedures. > > Use CVS or SourceSafe or some other file versioning system and put > checked-out copies of the the files in a tree under a shared directory > or under the various home directories. > > This abomination entirely defeats the purpose and spirit of open > source. I say ignore it. If you're really in a snit, boycott it. > > Its a __bad__ idea. ON par with charging for your OS. > > -Ch-A. > >> From: Hans Zaunere >> Organization: New York PHP >> Reply-To: talk at nyphp.org >> Date: Wed, 19 Jun 2002 10:29:14 -0400 >> To: NYPHP Talk >> Subject: [nycphp-talk] testers wanted - phpguardian.com >> >> >> There's been some talk lately of source protection. This package > looks >> very nice after a quick glance. >> >>> From: "ade_inovica" >>> >>> Hi there >>> >>> We're just about ready to release an application called > phpguardian - >>> an application which will protect php source code. We are really >>> keen to get some people to try it, so if anyone is interested, >>> please visit http://www.phpguardian.com and go to the download link >>> >>> All the best to everyone! >>> >>> Ade >> >> >> __________________________________________________ >> Do You Yahoo!? >> Yahoo! - Official partner of 2002 FIFA World Cup >> http://fifaworldcup.yahoo.com >> > > > > > From charles at softwareprototypes.com Thu Jun 20 01:08:05 2002 From: charles at softwareprototypes.com (charles at softwareprototypes.com) Date: Thu, 20 Jun 2002 01:08:05 -0400 Subject: [nycphp-talk] testers wanted - phpguardian.com Message-ID: <99510-220026420585406@softwareprototypes.com> Kyle, my dear man, I have no problem with you or with much of anything else. My mind is as broad as the ocean. And I don't let language upset me. I was emphasising to get your attention. And I did, didn't I? Sorry if you got offended (they're only words, your face is not smarting and your car alarm didn't go off,) but my point still remains. Your alleged need to obfuacate is based on a fallacy. Obfuscation is fundamentally, thoroughly, deeply and irremediably counter-productive. Its so easy to defeat, you would be utterly crestfallen. I KNOW this from having worked both sides of that street. I have had code classified on me by NATO that would not have remotely interested anyone in the then Soviet Union under the wildest and most remote of circumstances. (I don't know anyone who'd be remotely interested in the supply chain for ammunition for the Frigate mounted Bofors Phalanx gun.) And I have written about and published techniques in trade journals, useful code fragments and entire programs to universal yawns. Nobody cared then. Nobody cares now. (Well, maybe, except for the eponymous dialog definition, specification, documentation and test-planning technique. That one even got written about itself.) Until you can show me, or anyone else, ANYONE who has ever been financially damaged by having code revealed, you're, uh, not to further offend your sensibilities, just whistling the the dark. The product is a bad idea on the wrong platform and an utter waste of cycles to implement, execute and deploy. It has no market except for deluded fools who think anyone actually cares and it has no future. Sorry if you thought it was a neat hack, and I'm sure it was, but its like a glow-in-the-dark brassiere, completely useless. I won't mention other comparisons that spring, unbidden, to my lips. I bet it screws up acceleration engines too unless you merely mapped the source code and eliminated variable names and function names. You should see the Smalltalk decompiler one day. You'll be in for a rude awakening. (Worse than my [expletive deleted] phraseology. :-) -Ch-A. > From: "Kyle Tuskey" > Organization: New York PHP > Reply-To: talk at nyphp.org > Date: Wed, 19 Jun 2002 23:49:21 -0400 > To: NYPHP Talk > Subject: RE: [nycphp-talk] testers wanted - phpguardian.com > > > Charles, > > I don't respond to people who are narrow minded and need to curse to > make a point. Protecting code is a valid practice. I'm sorry you don't > agree, but please don't bring it to an infantile level. Thanks. > > Kyle From louie at zibi.co.il Thu Jun 20 04:09:12 2002 From: louie at zibi.co.il (louie) Date: Thu, 20 Jun 2002 01:09:12 -0700 Subject: [nycphp-talk] testers wanted - phpguardian.com References: <200206200349.g5K3nLP49464@slipdisc.virul.net> Message-ID: <001801c21831$c37230a0$b35efea9@w3j5c4> greetings ! protecting code in open source is kinda lame, every line of code sould be publish. knowlage sharing, and coding expirance is the only plus in Advance web development. is used to code in asp. now i'm using LAMP to almost any project i got. i do think php is going to overcome anythin' out there. and zeev rocks ^-^ (but just cuz he's from israel.) chap chap, louie. -Marilyn Monroe had six toes. ----- Original Message ----- From: "Kyle Tuskey" To: "NYPHP Talk" Sent: Wednesday, June 19, 2002 8:49 PM Subject: RE: [nycphp-talk] testers wanted - phpguardian.com > > Charles, > > I don't respond to people who are narrow minded and need to curse to > make a point. Protecting code is a valid practice. I'm sorry you don't > agree, but please don't bring it to an infantile level. Thanks. > > Kyle > > > > > -----Original Message----- > From: charles at softwareprototypes.com > [mailto:charles at softwareprototypes.com] > Sent: Wednesday, June 19, 2002 11:43 PM > To: NYPHP Talk > Subject: Re: [nycphp-talk] testers wanted - phpguardian.com > > Kyle, at the risk of lacking subtility, > > if I loosed some extremely sophisticated search engines (and I've > written AI code and articles for AI Expert) on the intenet on a > hundred PCs and let those search enines run for a year, do you thing > I could find a SINGLE fuckin' competitor of yours who'd even want to > see your fuckin' code? Really now. > > You're just fuckin' your clients over and fooling yourself. Try it > with a free-ware, GPLed release of the previous version of your > product and you'll be disgusted at the complete and utter lack of > interest EXCEPT by your existing client base, maybe, if you're lucky. > > Code obfuscation is pointless and you'd be surprised how it HURTS you > and HELPS your competitors since they have to reverse engineer with a > clever way of doing what they see your code doing without your own > prejudices. > > They probably come up with shit you never thought of. Much more > clever than anything you came up with in the first place. (I made a > MISTAKE reverse engineering an expert system inference engine and > ended up with a complete enterprise modeling engine which then went > nowhere because the managers of the firm were great real-estate sales > men but couldn't manage an MIS project at gun point. Utter > dick-heads.) > > Obfuscation is a mechanical process and if YOU can obfuscate it, it > can be UN-obfuscated almost as fast as you can muddy the waters. > (there were viri written for M$ XL BEFORE XL was even available on > CD-ROM.) And by ditching the variable and function names, (unless the > DDE/OLE maps are available,) the un-obfuscation gets rid of your own > internal slants and just shows things as they really are. > > Stop with the code obfuscation BS. > > The business and the money is NOT in the product but in the process > of building the product. HOW your company got the product spec in the > first place is much more important than the product to because life > is a moving target and whatever you deliver TODAY is obsolete before > you even deliver it. > > Obfuscation is for long-term losers. phpguardian is a sham, a waste > of time and money and utterly counter-productive. AND NOBODY needs it. > > -Ch-A. > > > From: "Kyle Tuskey" > > Organization: New York PHP > > Reply-To: talk at nyphp.org > > Date: Wed, 19 Jun 2002 19:55:06 -0400 > > To: NYPHP Talk > > Subject: RE: [nycphp-talk] testers wanted - phpguardian.com > > > > I don't necessarily think this product is amazing, but I think > saying > > that code obfuscation isn't needed because "it isn't open source > > friendly" is a bold statement. Some of us develop commercial > > redistributable software that needs obfuscation to protect the > code. It > > is also a valuable tool for certain contracting circumstances. I do > > feel that the zend encoder is the best obfuscator on the market, but > > then again I'm jaded since I know zeev and support his company. > > > > > > -- Kyle > > > > > > > > -----Original Message----- > > From: charles at softwareprototypes.com > > [mailto:charles at softwareprototypes.com] > > Sent: Wednesday, June 19, 2002 2:00 PM > > To: NYPHP Talk > > Subject: Re: [nycphp-talk] testers wanted - phpguardian.com > > > > uh, php runs on the server side. It never gets off of the server > > because that's pointless. > > > > Just who are we shielding the code from exactly? > > > > - Ourselves? Get real. > > - The "competition"? It entirely defeats the purpose and spirit of > > open source. > > - "Crackers?" They just stress test your back-up and recovery > > procedures. > > > > Use CVS or SourceSafe or some other file versioning system and put > > checked-out copies of the the files in a tree under a shared > > directory or under the various home directories. > > > > This abomination entirely defeats the purpose and spirit of open > > source. I say ignore it. If you're really in a snit, boycott it. > > > > Its a __bad__ idea. ON par with charging for your OS. > > > > -Ch-A. > > > >> From: Hans Zaunere > >> Organization: New York PHP > >> Reply-To: talk at nyphp.org > >> Date: Wed, 19 Jun 2002 10:29:14 -0400 > >> To: NYPHP Talk > >> Subject: [nycphp-talk] testers wanted - phpguardian.com > >> > >> > >> There's been some talk lately of source protection. This package > > looks > >> very nice after a quick glance. > >> > >>> From: "ade_inovica" > >>> > >>> Hi there > >>> > >>> We're just about ready to release an application called > > phpguardian - > >>> an application which will protect php source code. We are really > >>> keen to get some people to try it, so if anyone is interested, > >>> please visit http://www.phpguardian.com and go to the download > link > >>> > >>> All the best to everyone! > >>> > >>> Ade > >> > >> > >> __________________________________________________ > >> Do You Yahoo!? > >> Yahoo! - Official partner of 2002 FIFA World Cup > >> http://fifaworldcup.yahoo.com > >> > > > > > > > > > > > > > > > > > From prutwo at onebox.com Thu Jun 20 09:01:32 2002 From: prutwo at onebox.com (ophir prusak) Date: Thu, 20 Jun 2002 06:01:32 -0700 Subject: [nycphp-talk] testers wanted - phpguardian.com Message-ID: <20020620130132.ONHP318.mta10.onebox.com@onebox.com> In a perfect world : 1. No one would use software they didn't pay for or use it beyond the licesnse agreement they purchased. 2. Everyone could distribute source code with their application. But, we don't live in a perfect world. We live in a world where the majority of napster users honestly think they're not doing anything wrong. We live in a world where most people don't think much of copying a program from a friend, or downloading a crack, serial, etc. I'm a strong believer of open source, and I think it makes sense (even business sense) for many types of software and projects. I'm also a strong beleiver in people getting paid for their work. When I'm doing a project there's a difference if I'm selling my (source) code or I'm selling a solution. As long as their are people using software they didn't pay for (or in a way/amount they didn't pay for) - we'll need ways to help protect people who write software from being abused. This includes products like Zend Encoder (and others). ---- "louie" wrote: > greetings ! > > protecting code in open source is kinda lame, > every line of code sould be publish. > knowlage sharing, and coding expirance > is the only plus in Advance web development. > is used to code in asp. > now i'm using LAMP to almost any project i got. > i do think php is going to overcome anythin' out there. > and zeev rocks ^-^ (but just cuz he's from israel.) > > chap chap, > louie. > > -Marilyn Monroe had six toes. > > > ----- Original Message ----- > From: "Kyle Tuskey" > To: "NYPHP Talk" > Sent: Wednesday, June 19, 2002 8:49 PM > Subject: RE: [nycphp-talk] testers wanted - phpguardian.com > > > > > > Charles, > > > > I don't respond to people who are narrow minded and need to curse > to > > make a point. Protecting code is a valid practice. I'm sorry you > don't > > agree, but please don't bring it to an infantile level. Thanks. > > > > Kyle > > > > > > > > > > -----Original Message----- > > From: charles at softwareprototypes.com > > [mailto:charles at softwareprototypes.com] > > Sent: Wednesday, June 19, 2002 11:43 PM > > To: NYPHP Talk > > Subject: Re: [nycphp-talk] testers wanted - phpguardian.com > > > > Kyle, at the risk of lacking subtility, > > > > if I loosed some extremely sophisticated search engines (and I've > > written AI code and articles for AI Expert) on the intenet on a > > hundred PCs and let those search enines run for a year, do you thing > > I could find a SINGLE fuckin' competitor of yours who'd even want > to > > see your fuckin' code? Really now. > > > > You're just fuckin' your clients over and fooling yourself. Try it > > with a free-ware, GPLed release of the previous version of your > > product and you'll be disgusted at the complete and utter lack of > > interest EXCEPT by your existing client base, maybe, if you're lucky. > > > > Code obfuscation is pointless and you'd be surprised how it HURTS > you > > and HELPS your competitors since they have to reverse engineer with > a > > clever way of doing what they see your code doing without your own > > prejudices. > > > > They probably come up with shit you never thought of. Much more > > clever than anything you came up with in the first place. (I made > a > > MISTAKE reverse engineering an expert system inference engine and > > ended up with a complete enterprise modeling engine which then went > > nowhere because the managers of the firm were great real-estate sales > > men but couldn't manage an MIS project at gun point. Utter > > dick-heads.) > > > > Obfuscation is a mechanical process and if YOU can obfuscate it, > it > > can be UN-obfuscated almost as fast as you can muddy the waters. > > (there were viri written for M$ XL BEFORE XL was even available on > > CD-ROM.) And by ditching the variable and function names, (unless > the > > DDE/OLE maps are available,) the un-obfuscation gets rid of your > own > > internal slants and just shows things as they really are. > > > > Stop with the code obfuscation BS. > > > > The business and the money is NOT in the product but in the process > > of building the product. HOW your company got the product spec in > the > > first place is much more important than the product to because life > > is a moving target and whatever you deliver TODAY is obsolete before > > you even deliver it. > > > > Obfuscation is for long-term losers. phpguardian is a sham, a waste > > of time and money and utterly counter-productive. AND NOBODY needs > it. > > > > -Ch-A. > > > > > From: "Kyle Tuskey" > > > Organization: New York PHP > > > Reply-To: talk at nyphp.org > > > Date: Wed, 19 Jun 2002 19:55:06 -0400 > > > To: NYPHP Talk > > > Subject: RE: [nycphp-talk] testers wanted - phpguardian.com > > > > > > I don't necessarily think this product is amazing, but I think > > saying > > > that code obfuscation isn't needed because "it isn't open source > > > friendly" is a bold statement. Some of us develop commercial > > > redistributable software that needs obfuscation to protect the > > code. It > > > is also a valuable tool for certain contracting circumstances. > I do > > > feel that the zend encoder is the best obfuscator on the market, > but > > > then again I'm jaded since I know zeev and support his company. > > > > > > > > > -- Kyle > > > > > > > > > > > > -----Original Message----- > > > From: charles at softwareprototypes.com > > > [mailto:charles at softwareprototypes.com] > > > Sent: Wednesday, June 19, 2002 2:00 PM > > > To: NYPHP Talk > > > Subject: Re: [nycphp-talk] testers wanted - phpguardian.com > > > > > > uh, php runs on the server side. It never gets off of the server > > > because that's pointless. > > > > > > Just who are we shielding the code from exactly? > > > > > > - Ourselves? Get real. > > > - The "competition"? It entirely defeats the purpose and spirit > of > > > open source. > > > - "Crackers?" They just stress test your back-up and recovery > > > procedures. > > > > > > Use CVS or SourceSafe or some other file versioning system and > put > > > checked-out copies of the the files in a tree under a shared > > > directory or under the various home directories. > > > > > > This abomination entirely defeats the purpose and spirit of open > > > source. I say ignore it. If you're really in a snit, boycott it. > > > > > > Its a __bad__ idea. ON par with charging for your OS. > > > > > > -Ch-A. > > > > > >> From: Hans Zaunere > > >> Organization: New York PHP > > >> Reply-To: talk at nyphp.org > > >> Date: Wed, 19 Jun 2002 10:29:14 -0400 > > >> To: NYPHP Talk > > >> Subject: [nycphp-talk] testers wanted - phpguardian.com > > >> > > >> > > >> There's been some talk lately of source protection. This package > > > looks > > >> very nice after a quick glance. > > >> > > >>> From: "ade_inovica" > > >>> > > >>> Hi there > > >>> > > >>> We're just about ready to release an application called > > > phpguardian - > > >>> an application which will protect php source code. We are really > > > >>> keen to get some people to try it, so if anyone is interested, > > > >>> please visit http://www.phpguardian.com and go to the download > > link > > >>> > > >>> All the best to everyone! > > >>> > > >>> Ade > > >> > > >> > > >> __________________________________________________ > > >> Do You Yahoo!? > > >> Yahoo! - Official partner of 2002 FIFA World Cup > > >> http://fifaworldcup.yahoo.com > > >> > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > From jhise at linuxforbusiness.org Thu Jun 20 09:42:00 2002 From: jhise at linuxforbusiness.org (Jeremy Hise) Date: 20 Jun 2002 09:42:00 -0400 Subject: PHP Versions and GLOBALS Message-ID: <1024580522.3094.8.camel@localhost.localdomain> Hi All: I have an app that runs fine on php4.0.4 but acts all funky on php4.0.6. Places in .4 that use $GLOBALS[varname] suddenly require that I do $GLOBALS[HTTP_POST_VARS][varname]. I think I remember something about this but I'm not sure and I can't really find anything on the php site. Do any of you know what the story is with regards to how GLOBALS work between these versions? Thank you! Jeremy From oktay at datapipe.com Thu Jun 20 10:16:47 2002 From: oktay at datapipe.com (Oktay Altunergil) Date: Thu, 20 Jun 2002 10:16:47 -0400 Subject: [nycphp-talk] testers wanted - phpguardian.com In-Reply-To: <200206200342.g5K3gYP49377@slipdisc.virul.net> References: <200206200342.g5K3gYP49377@slipdisc.virul.net> Message-ID: <20020620101647.6e2c715e.oktay@datapipe.com> At work I cannot code some apps in PHP because the code will be copied by customers/competitors and used on other servers. I personally could not care less and would love to have all of my code open sourced. However this is a business, and any kind of distinct features you have make the difference between you and your competitors. Granted, they can reverse engineer or just get your idea and design an even better system than you could ever do myself. But that is not the point. In the business world, open source fans are not the people who make decisions. It's the management who decides what you can and cannot do. For this reason I am actually interested in the product mentioned. Now I'm not an expert at this but the product seems to do key based encyrption. This is a few steps ahead of mangling the code to make it unreadable by humans. On the other hand, for PHP to parse to code it has to be decrypted and if PHP can decrypt it so can you. I would like more information about this in the FAQ if the developers are tuned in. Oktay Altunergil On Wed, 19 Jun 2002 23:42:34 -0400 charles at softwareprototypes.com wrote: > Kyle, at the risk of lacking subtility, > > if I loosed some extremely sophisticated search engines (and I've > written AI code and articles for AI Expert) on the intenet on a > hundred PCs and let those search enines run for a year, do you thing > I could find a SINGLE fuckin' competitor of yours who'd even want to > see your fuckin' code? Really now. > > You're just fuckin' your clients over and fooling yourself. Try it > with a free-ware, GPLed release of the previous version of your > product and you'll be disgusted at the complete and utter lack of > interest EXCEPT by your existing client base, maybe, if you're lucky. > > Code obfuscation is pointless and you'd be surprised how it HURTS you > and HELPS your competitors since they have to reverse engineer with a > clever way of doing what they see your code doing without your own > prejudices. > > They probably come up with shit you never thought of. Much more > clever than anything you came up with in the first place. (I made a > MISTAKE reverse engineering an expert system inference engine and > ended up with a complete enterprise modeling engine which then went > nowhere because the managers of the firm were great real-estate sales > men but couldn't manage an MIS project at gun point. Utter > dick-heads.) > > Obfuscation is a mechanical process and if YOU can obfuscate it, it > can be UN-obfuscated almost as fast as you can muddy the waters. > (there were viri written for M$ XL BEFORE XL was even available on > CD-ROM.) And by ditching the variable and function names, (unless the > DDE/OLE maps are available,) the un-obfuscation gets rid of your own > internal slants and just shows things as they really are. > > Stop with the code obfuscation BS. > > The business and the money is NOT in the product but in the process > of building the product. HOW your company got the product spec in the > first place is much more important than the product to because life > is a moving target and whatever you deliver TODAY is obsolete before > you even deliver it. > > Obfuscation is for long-term losers. phpguardian is a sham, a waste > of time and money and utterly counter-productive. AND NOBODY needs it. > > -Ch-A. > > > From: "Kyle Tuskey" > > Organization: New York PHP > > Reply-To: talk at nyphp.org > > Date: Wed, 19 Jun 2002 19:55:06 -0400 > > To: NYPHP Talk > > Subject: RE: [nycphp-talk] testers wanted - phpguardian.com > > > > I don't necessarily think this product is amazing, but I think > saying > > that code obfuscation isn't needed because "it isn't open source > > friendly" is a bold statement. Some of us develop commercial > > redistributable software that needs obfuscation to protect the > code. It > > is also a valuable tool for certain contracting circumstances. I do > > feel that the zend encoder is the best obfuscator on the market, but > > then again I'm jaded since I know zeev and support his company. > > > > > > -- Kyle > > > > > > > > -----Original Message----- > > From: charles at softwareprototypes.com > > [mailto:charles at softwareprototypes.com] > > Sent: Wednesday, June 19, 2002 2:00 PM > > To: NYPHP Talk > > Subject: Re: [nycphp-talk] testers wanted - phpguardian.com > > > > uh, php runs on the server side. It never gets off of the server > > because that's pointless. > > > > Just who are we shielding the code from exactly? > > > > - Ourselves? Get real. > > - The "competition"? It entirely defeats the purpose and spirit of > > open source. > > - "Crackers?" They just stress test your back-up and recovery > > procedures. > > > > Use CVS or SourceSafe or some other file versioning system and put > > checked-out copies of the the files in a tree under a shared > > directory or under the various home directories. > > > > This abomination entirely defeats the purpose and spirit of open > > source. I say ignore it. If you're really in a snit, boycott it. > > > > Its a __bad__ idea. ON par with charging for your OS. > > > > -Ch-A. > > > >> From: Hans Zaunere > >> Organization: New York PHP > >> Reply-To: talk at nyphp.org > >> Date: Wed, 19 Jun 2002 10:29:14 -0400 > >> To: NYPHP Talk > >> Subject: [nycphp-talk] testers wanted - phpguardian.com > >> > >> > >> There's been some talk lately of source protection. This package > > looks > >> very nice after a quick glance. > >> > >>> From: "ade_inovica" > >>> > >>> Hi there > >>> > >>> We're just about ready to release an application called > > phpguardian - > >>> an application which will protect php source code. We are really > >>> keen to get some people to try it, so if anyone is interested, > >>> please visit http://www.phpguardian.com and go to the download > link > >>> > >>> All the best to everyone! > >>> > >>> Ade > >> > >> > >> __________________________________________________ > >> Do You Yahoo!? > >> Yahoo! - Official partner of 2002 FIFA World Cup > >> http://fifaworldcup.yahoo.com > >> > > > > > > > > > > > > > From nyphp at altunergil.com Thu Jun 20 10:17:23 2002 From: nyphp at altunergil.com (Oktay Altunergil) Date: Thu, 20 Jun 2002 10:17:23 -0400 Subject: [nycphp-talk] testers wanted - phpguardian.com In-Reply-To: <200206200342.g5K3gYP49377@slipdisc.virul.net> References: <200206200342.g5K3gYP49377@slipdisc.virul.net> Message-ID: <20020620101723.0da6af05.nyphp@altunergil.com> my 2 cents on this.. At work I cannot code some apps in PHP because the code will be copied by customers/competitors and used on other servers. I personally could not care less and would love to have all of my code open sourced. However this is a business, and any kind of distinct features you have make the difference between you and your competitors. Granted, they can reverse engineer or just get your idea and design an even better system than you could ever do myself. But that is not the point. In the business world, open source fans are not the people who make decisions. It's the management who decides what you can and cannot do. For this reason I am actually interested in the product mentioned. Now I'm not an expert at this but the product seems to do key based encyrption. This is a few steps ahead of mangling the code to make it unreadable by humans. On the other hand, for PHP to parse to code it has to be decrypted and if PHP can decrypt it so can you. I would like more information about this in the FAQ if the developers are tuned in. Oktay Altunergil On Wed, 19 Jun 2002 23:42:34 -0400 charles at softwareprototypes.com wrote: > Kyle, at the risk of lacking subtility, > > if I loosed some extremely sophisticated search engines (and I've > written AI code and articles for AI Expert) on the intenet on a > hundred PCs and let those search enines run for a year, do you thing > I could find a SINGLE fuckin' competitor of yours who'd even want to > see your fuckin' code? Really now. > > You're just fuckin' your clients over and fooling yourself. Try it > with a free-ware, GPLed release of the previous version of your > product and you'll be disgusted at the complete and utter lack of > interest EXCEPT by your existing client base, maybe, if you're lucky. > > Code obfuscation is pointless and you'd be surprised how it HURTS you > and HELPS your competitors since they have to reverse engineer with a > clever way of doing what they see your code doing without your own > prejudices. > > They probably come up with shit you never thought of. Much more > clever than anything you came up with in the first place. (I made a > MISTAKE reverse engineering an expert system inference engine and > ended up with a complete enterprise modeling engine which then went > nowhere because the managers of the firm were great real-estate sales > men but couldn't manage an MIS project at gun point. Utter > dick-heads.) > > Obfuscation is a mechanical process and if YOU can obfuscate it, it > can be UN-obfuscated almost as fast as you can muddy the waters. > (there were viri written for M$ XL BEFORE XL was even available on > CD-ROM.) And by ditching the variable and function names, (unless the > DDE/OLE maps are available,) the un-obfuscation gets rid of your own > internal slants and just shows things as they really are. > > Stop with the code obfuscation BS. > > The business and the money is NOT in the product but in the process > of building the product. HOW your company got the product spec in the > first place is much more important than the product to because life > is a moving target and whatever you deliver TODAY is obsolete before > you even deliver it. > > Obfuscation is for long-term losers. phpguardian is a sham, a waste > of time and money and utterly counter-productive. AND NOBODY needs it. > > -Ch-A. > > > From: "Kyle Tuskey" > > Organization: New York PHP > > Reply-To: talk at nyphp.org > > Date: Wed, 19 Jun 2002 19:55:06 -0400 > > To: NYPHP Talk > > Subject: RE: [nycphp-talk] testers wanted - phpguardian.com > > > > I don't necessarily think this product is amazing, but I think > saying > > that code obfuscation isn't needed because "it isn't open source > > friendly" is a bold statement. Some of us develop commercial > > redistributable software that needs obfuscation to protect the > code. It > > is also a valuable tool for certain contracting circumstances. I do > > feel that the zend encoder is the best obfuscator on the market, but > > then again I'm jaded since I know zeev and support his company. > > > > > > -- Kyle > > > > > > > > -----Original Message----- > > From: charles at softwareprototypes.com > > [mailto:charles at softwareprototypes.com] > > Sent: Wednesday, June 19, 2002 2:00 PM > > To: NYPHP Talk > > Subject: Re: [nycphp-talk] testers wanted - phpguardian.com > > > > uh, php runs on the server side. It never gets off of the server > > because that's pointless. > > > > Just who are we shielding the code from exactly? > > > > - Ourselves? Get real. > > - The "competition"? It entirely defeats the purpose and spirit of > > open source. > > - "Crackers?" They just stress test your back-up and recovery > > procedures. > > > > Use CVS or SourceSafe or some other file versioning system and put > > checked-out copies of the the files in a tree under a shared > > directory or under the various home directories. > > > > This abomination entirely defeats the purpose and spirit of open > > source. I say ignore it. If you're really in a snit, boycott it. > > > > Its a __bad__ idea. ON par with charging for your OS. > > > > -Ch-A. > > > >> From: Hans Zaunere > >> Organization: New York PHP > >> Reply-To: talk at nyphp.org > >> Date: Wed, 19 Jun 2002 10:29:14 -0400 > >> To: NYPHP Talk > >> Subject: [nycphp-talk] testers wanted - phpguardian.com > >> > >> > >> There's been some talk lately of source protection. This package > > looks > >> very nice after a quick glance. > >> > >>> From: "ade_inovica" > >>> > >>> Hi there > >>> > >>> We're just about ready to release an application called > > phpguardian - > >>> an application which will protect php source code. We are really > >>> keen to get some people to try it, so if anyone is interested, > >>> please visit http://www.phpguardian.com and go to the download > link > >>> > >>> All the best to everyone! > >>> > >>> Ade > >> > >> > >> __________________________________________________ > >> Do You Yahoo!? > >> Yahoo! - Official partner of 2002 FIFA World Cup > >> http://fifaworldcup.yahoo.com > >> > > > > > > > > > > > > > From gherson at snet.net Thu Jun 20 10:51:14 2002 From: gherson at snet.net (George Herson) Date: Thu, 20 Jun 2002 10:51:14 -0400 Subject: [nycphp-talk] testers wanted - phpguardian.com References: <200206201417.g5KEHRP56576@slipdisc.virul.net> Message-ID: <3D11EBE2.1090203@snet.net> Oktay Altunergil wrote: > my 2 cents on this.. > > At work I cannot code some apps in PHP because the code will be copied by > customers/competitors and used on other servers. I personally could not care > less and would love to have all of my code open sourced. However this is a > business, and any kind of distinct features you have make the difference > between you and your competitors. Granted, they can reverse engineer or just > get your idea and design an even better system than you could ever do myself. > But that is not the point. In the business world, open source fans are not > the people who make decisions. It's the management who decides what you can > and cannot do. For this reason I am actually interested in the product > mentioned. > > Now I'm not an expert at this but the product seems to do key based > encyrption. This is a few steps ahead of mangling the code to make it > unreadable by humans. On the other hand, for PHP to parse to code it has to > be decrypted and if PHP can decrypt it so can you. Key-based encryption means a key is required for decryption, so neither PHP nor a human will be able to decrypt w/o it. (Short of a brute force attack, assuming any of the common, good algorithms (DES, RSA) are used). My take on the code encryption controversy, such as it is, is that since a significanct percentage of consulting customers are dead-beatish (late or no pay), anything you can do to create an incentive for eventual payment, such as making modification to delivered code v. difficult, is a good thing. And that's just one application for code-encryption technology, so to say it is never useful is silly, IMO. cheers, george > I would like more > information about this in the FAQ if the developers are tuned in. > > Oktay Altunergil > From markjia at yahoo.com Thu Jun 20 11:00:13 2002 From: markjia at yahoo.com (Mark Jia) Date: Thu, 20 Jun 2002 08:00:13 -0700 (PDT) Subject: [nycphp-talk] browser issue? In-Reply-To: <200206192214.g5JMEjP45930@slipdisc.virul.net> Message-ID: <20020620150013.41470.qmail@web10007.mail.yahoo.com> Do you setup the error log file? what does it say? Mark Kenneth Schwartz wrote: I have my first PHP site up in production right now (I've developed ColdFusion for years and recently jumped on the PHP bandwagon) and I've got a funny problem I'm wondering if anyone out there can assist me with. The main client tested all of my scripts when they were in beta and everything was fine. He was using his home box at the time. Now that we went to production and he is using his work machine, the script is erroring out. I'm not having any problems when I hit the production site, none of my colleagues are, and we've checked it out with numerous friends who can all use the page successfully across a wide variety of browsers and platforms. This client appears to be the only one using IE 6.0. Any potential problems there or anyone have an idea of what I should pursue? His security settings are all apparently nornal. Thanks Kenneth Schwartz --------------------------------- Do You Yahoo!? Sign-up for Video Highlights of 2002 FIFA World Cup -------------- next part -------------- An HTML attachment was scrubbed... URL: From LarryC at indexstock.com Thu Jun 20 12:22:20 2002 From: LarryC at indexstock.com (Larry Chuon) Date: Thu, 20 Jun 2002 12:22:20 -0400 Subject: Load Balancer Message-ID: <86713EAB93BD5F40B94A0C8E604C7C91AEB3A2@index-exchange.indexstock.com> I'm using Cisco Local Director now. It doesn't serve my purpose. There new product CSS will not achieve what I am looking to do either. However, it does have a feature that allow me to write customize Perl script to monitor the performance on my server farm. I feel that spending $$$ on such feature is a waste of money. May be there is an open source software that enable me to do this. Does anybody know of any load balancer software? I need an LB that can load balance services and threads (and CPU time if possible) on my servers. -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: Ivy.gif Type: image/gif Size: 5665 bytes Desc: not available URL: From prutwo at onebox.com Thu Jun 20 12:34:40 2002 From: prutwo at onebox.com (ophir prusak) Date: Thu, 20 Jun 2002 09:34:40 -0700 Subject: [nycphp-talk] Load Balancer Message-ID: <20020620163440.XHFP7375.mta06.onebox.com@onebox.com> Zeus has a product that aint open source but it is software based: http://www.zeus.com/products/zlb/ ---- Ophir Prusak Internet developer prutwo at onebox.com | http://www.prusak.com/ ---- Larry Chuon wrote: > This message contained 1 file(s) and is available at http://nyphp.org/list/paralist_archive.html?L_mid=464 > > I'm using Cisco Local Director now. It doesn't serve my purpose. > There new > product CSS will not achieve what I am looking to do either. However, > it > does have a feature that allow me to write customize Perl script to > monitor > the performance on my server farm. I feel that spending $$$ on such > feature > is a waste of money. May be there is an open source software that > enable me > to do this. Does anybody know of any load balancer software? I need > an LB > that can load balance services and threads (and CPU time if possible) > on my > servers. > > > > > > > From ben at tanjero.com Thu Jun 20 12:35:32 2002 From: ben at tanjero.com (Benjamin Stiglitz) Date: Thu, 20 Jun 2002 12:35:32 -0400 Subject: [nycphp-talk] PHP Versions and GLOBALS In-Reply-To: <200206201343.g5KDhTP56162@slipdisc.virul.net> Message-ID: The register_globals setting in php.ini is no longer on by default in PHP 4.0.6+, as it poses a security risk. See http://www.php.net/manual/en/security.registerglobals.php Thank you, Benjamin Stiglitz Tanjero ben at tanjero.com On Thursday, June 20, 2002, at 09:43 AM, Jeremy Hise wrote: > Hi All: > > I have an app that runs fine on php4.0.4 but acts all funky on php4.0.6. > Places in .4 that use $GLOBALS[varname] suddenly require that I do > $GLOBALS[HTTP_POST_VARS][varname]. > > I think I remember something about this but I'm not sure and I can't > really find anything on the php site. > > Do any of you know what the story is with regards to how GLOBALS work > between these versions? > > Thank you! > > Jeremy > > > > > > > From adam at ecamp.net Thu Jun 20 13:05:54 2002 From: adam at ecamp.net (Adam) Date: Thu, 20 Jun 2002 13:05:54 -0400 Subject: [nycphp-talk] Load Balancer In-Reply-To: <200206201634.g5KGYnP58287@slipdisc.virul.net> Message-ID: Mod_backhand works wonders... Backhand.org -----Original Message----- From: ophir prusak [mailto:prutwo at onebox.com] Sent: Thursday, June 20, 2002 12:35 PM To: NYPHP Talk Subject: Re: [nycphp-talk] Load Balancer Zeus has a product that aint open source but it is software based: http://www.zeus.com/products/zlb/ ---- Ophir Prusak Internet developer prutwo at onebox.com | http://www.prusak.com/ ---- Larry Chuon wrote: > This message contained 1 file(s) and is available at http://nyphp.org/list/paralist_archive.html?L_mid=464 > > I'm using Cisco Local Director now. It doesn't serve my purpose. > There new > product CSS will not achieve what I am looking to do either. However, > it > does have a feature that allow me to write customize Perl script to > monitor > the performance on my server farm. I feel that spending $$$ on such > feature > is a waste of money. May be there is an open source software that > enable me > to do this. Does anybody know of any load balancer software? I need > an LB > that can load balance services and threads (and CPU time if possible) > on my > servers. > > > > > > > From steven at sohh.com Thu Jun 20 16:09:16 2002 From: steven at sohh.com (Steven Samuel) Date: Thu, 20 Jun 2002 13:09:16 -0700 Subject: [nycphp-talk] Load Balancer In-Reply-To: <200206201634.g5KGYnP58287@slipdisc.virul.net> Message-ID: Not sure if this would help but it's increased my CPU performance. Try PHP Acceralator. http://www.php-accelerator.co.uk/ -----Original Message----- From: ophir prusak [mailto:prutwo at onebox.com] Sent: Thursday, June 20, 2002 9:35 AM To: NYPHP Talk Subject: Re: [nycphp-talk] Load Balancer Zeus has a product that aint open source but it is software based: http://www.zeus.com/products/zlb/ ---- Ophir Prusak Internet developer prutwo at onebox.com | http://www.prusak.com/ ---- Larry Chuon wrote: > This message contained 1 file(s) and is available at http://nyphp.org/list/paralist_archive.html?L_mid=464 > > I'm using Cisco Local Director now. It doesn't serve my purpose. > There new > product CSS will not achieve what I am looking to do either. However, > it > does have a feature that allow me to write customize Perl script to > monitor > the performance on my server farm. I feel that spending $$$ on such > feature > is a waste of money. May be there is an open source software that > enable me > to do this. Does anybody know of any load balancer software? I need > an LB > that can load balance services and threads (and CPU time if possible) > on my > servers. > > > > > > > From charles at softwareprototypes.com Thu Jun 20 13:29:06 2002 From: charles at softwareprototypes.com (charles at softwareprototypes.com) Date: Thu, 20 Jun 2002 13:29:06 -0400 Subject: Getin' paranoid with php code protection Message-ID: <43110-22002642017296500@softwareprototypes.com> Who's paying who for what, when and where seems to be something nobody has touched on in this code obfuscation discussion. 1) Who paid for the development? Somebody else or yourself? If you did code-for-hire, its not your call and not your problem. If its your code, read on. 2) How much did it cost? How much is it worth, now in a week, in a year? If it cost a lot (>$10k,) to develop its probably tied into some domain specific experience and would cost that much again to integrate it into another site. If its less, if not worth stealing, or protecting by making the maintainance of it more difficult. Specially since its machine code (even VM code) so its trivial to disassemble, map variable and function names onto and if you've got a DDE/OLE type convention, its dishearteningly easy to recover everything but stack/frame temp var names. 3) Why was it developed? 4) Why would anyone want steal it? How is whoever owns the code making money off of this code? Are you selling your code or could/should you use any code that escapes as free advertising for your coding skills. 5) How vulnerable is it anyway? You haven't told me how is the thief supposed to steal these php pages since php runs on the server and those pages should be spewing html out to the client. 5a) Having php code on anything but the server-side is, uh, silly, because it won't get executed and therefore I certainly wouldn't want to steal a page which was written to have some php code making its way out of the server because the writer obviously didn't know what he was doing. 5b) If you're worried about somebody FTPing into your box, remember, you can password protect subdirectories, make them belong to another user, make the files non-world visible but group accessible. If someone does steal your pages (that a stupid concept since your publishing them on your web site for everyone to access,) he'd have to also duplicate your database schema and your database content. That gets a bit harder to pull off and is prosecutable. Complusion: Stealing code is not that easy and not that simple. Stealing code and getting it to work is orders of magnitude more complicated. Unless your php code could be turned outright into a shrink-wrappable solution for a broad class of problems, I wouldn't worry about it getting loose. Why would you be writing a "shirk"-ware app in php? C++ would give you that kind of control while saddling you with the responsability for maintainance, updates, correctness, training and support. You're right, " We live in a world where the majority of Napster users honestly think they're not doing anything wrong." And you know what? They're right. As galling as it might seem to you to hear this, since you're NOT living in a perfect world, using a business model which requires that everybody play by rules that can't be enforced is stupid, leads to oppression, coercion, supression, censorship. All the things we hate and chafe at the very suggestion of. Find some other, more reality-based, way to make a buck. Rent out your skills and your ability to learn adapt and code. You have nothing else thats truly your own. The distance between past and future is a user-illusion, a dream-thin shock-wave. Be a shock-wave rider or wipe out. Those are the choices. -Ch-A. From jhise at nextsource.com Thu Jun 20 13:27:52 2002 From: jhise at nextsource.com (Jeremy Hise) Date: 20 Jun 2002 13:27:52 -0400 Subject: [nycphp-talk] PHP Versions and GLOBALS In-Reply-To: <200206201635.g5KGZcP58308@slipdisc.virul.net> References: <200206201635.g5KGZcP58308@slipdisc.virul.net> Message-ID: <1024594087.4529.42.camel@localhost.localdomain> Hey. That looks like it may be it. Thanks a lot! Jeremy On Thu, 2002-06-20 at 12:35, Benjamin Stiglitz wrote: > The register_globals setting in php.ini is no longer on by default in > PHP 4.0.6+, as it poses a security risk. > See http://www.php.net/manual/en/security.registerglobals.php > > Thank you, > Benjamin Stiglitz > Tanjero > ben at tanjero.com > > On Thursday, June 20, 2002, at 09:43 AM, Jeremy Hise wrote: > > > Hi All: > > > > I have an app that runs fine on php4.0.4 but acts all funky on php4.0.6. > > Places in .4 that use $GLOBALS[varname] suddenly require that I do > > $GLOBALS[HTTP_POST_VARS][varname]. > > > > I think I remember something about this but I'm not sure and I can't > > really find anything on the php site. > > > > Do any of you know what the story is with regards to how GLOBALS work > > between these versions? > > > > Thank you! > > > > Jeremy > > > > > > > > > > > > > > > > > > From louie at zibi.co.il Thu Jun 20 17:24:24 2002 From: louie at zibi.co.il (louie) Date: Thu, 20 Jun 2002 14:24:24 -0700 Subject: [nycphp-talk] Getin' paranoid with php code protection References: <200206201724.g5KHOmP58958@slipdisc.virul.net> Message-ID: <003301c218a0$e4812ca0$b35efea9@w3j5c4> greetings ! see the big picture !!! well, lets clear things, napster user i believe know that they doing something wrong ! but they are not stealing! they are price adjusters, music disk's should be way cheaper than what it is right now, and thanks to napster price did drop down. the only people who makes the big bucks are not and never will be the artists. the only person with the fat bank account are the manager/record companies. i also believe that each of you can pick at least one computer Application that should be cheaper to the public for using and license. As for coding/programs I believe that as employee in the tech world you make less money than what you should make only cuz a lot of programs are not free or open source. i can give an example: the team that develop win XP they got money for there coding time and maybe some bonus. but microsoft is the company that makes the money of there hard work. think, is out there was a program that is free to the public and can help you with your web application, you still need the knowledge, to implant the program in to your source, and if you NOT a programmer, probably you will need to hire one to do so. witch give money to the php community, if you still feel like its stealing, pay pal to the program owner to show your gratitude. look what heppen to SEGA with the dream case, since #dcisos and the UTOPIA. chap chap louie. -"Never trust a program unless you have the source." ----- Original Message ----- From: To: "NYPHP Talk" Sent: Thursday, June 20, 2002 10:24 AM Subject: [nycphp-talk] Getin' paranoid with php code protection > Who's paying who for what, when and where seems to be something > nobody has touched on in this code obfuscation discussion. > > 1) Who paid for the development? > > Somebody else or yourself? If you did code-for-hire, its not your > call and not your problem. If its your code, read on. > > 2) How much did it cost? How much is it worth, now in a week, in a > year? > > If it cost a lot (>$10k,) to develop its probably tied into some > domain specific experience and would cost that much again to > integrate it into another site. If its less, if not worth stealing, > or protecting by making the maintainance of it more difficult. > > Specially since its machine code (even VM code) so its trivial to > disassemble, map variable and function names onto and if you've got a > DDE/OLE type convention, its dishearteningly easy to recover > everything but stack/frame temp var names. > > 3) Why was it developed? > > 4) Why would anyone want steal it? > > How is whoever owns the code making money off of this code? Are you > selling your code or could/should you use any code that escapes as > free advertising for your coding skills. > > 5) How vulnerable is it anyway? > > You haven't told me how is the thief supposed to steal these php > pages since php runs on the server and those pages should be spewing > html out to the client. > > 5a) Having php code on anything but the server-side is, uh, silly, > because it won't get executed and therefore I certainly wouldn't want > to steal a page which was written to have some php code making its > way out of the server because the writer obviously didn't know what > he was doing. > > 5b) If you're worried about somebody FTPing into your box, remember, > you can password protect subdirectories, make them belong to another > user, make the files non-world visible but group accessible. If > someone does steal your pages (that a stupid concept since your > publishing them on your web site for everyone to access,) he'd have > to also duplicate your database schema and your database content. > That gets a bit harder to pull off and is prosecutable. > > Complusion: > > Stealing code is not that easy and not that simple. Stealing code and > getting it to work is orders of magnitude more complicated. > > Unless your php code could be turned outright into a shrink-wrappable > solution for a broad class of problems, I wouldn't worry about it > getting loose. > > Why would you be writing a "shirk"-ware app in php? C++ would give > you that kind of control while saddling you with the responsability > for maintainance, updates, correctness, training and support. > > You're right, " We live in a world where the majority of Napster > users honestly think they're not doing anything wrong." > > And you know what? They're right. > > As galling as it might seem to you to hear this, since you're NOT > living in a perfect world, using a business model which requires that > everybody play by rules that can't be enforced is stupid, leads to > oppression, coercion, supression, censorship. All the things we hate > and chafe at the very suggestion of. > > Find some other, more reality-based, way to make a buck. > > Rent out your skills and your ability to learn adapt and code. You > have nothing else thats truly your own. > > The distance between past and future is a user-illusion, a dream-thin > shock-wave. Be a shock-wave rider or wipe out. Those are the choices. > > -Ch-A. > > > > From nyphp at websapp.com Thu Jun 20 14:51:17 2002 From: nyphp at websapp.com (Daniel Kushner) Date: Thu, 20 Jun 2002 14:51:17 -0400 Subject: InformationWeek Marketing Move IBM To Open Manhattan Linux Showroom June 19, Message-ID: FYI: http://www.informationweek.com/story/IWK20020619S0003 From zaunere at yahoo.com Thu Jun 20 15:13:00 2002 From: zaunere at yahoo.com (Hans Zaunere) Date: Thu, 20 Jun 2002 12:13:00 -0700 (PDT) Subject: [nycphp-talk] InformationWeek Marketing Move IBM To Open Manhattan Linux Showroom June 19, In-Reply-To: <200206201853.g5KIrRP60217@slipdisc.virul.net> Message-ID: <20020620191300.25573.qmail@web12805.mail.yahoo.com> --- Daniel Kushner wrote: > FYI: > > http://www.informationweek.com/story/IWK20020619S0003 And similarly: [watch the wrap] http://computerworld.com/softwaretopics/os/linux/story/0,10801,72128,00.html Very exciting IMO, as I pointed out on NYLUG-Talk. HZ __________________________________________________ Do You Yahoo!? Yahoo! - Official partner of 2002 FIFA World Cup http://fifaworldcup.yahoo.com From j_r_sanchez at yahoo.com Thu Jun 20 16:27:40 2002 From: j_r_sanchez at yahoo.com (jose sanchez) Date: Thu, 20 Jun 2002 13:27:40 -0700 (PDT) Subject: formmail script Message-ID: <20020620202740.653.qmail@web11702.mail.yahoo.com> Hello: Has anyone written a formmail script in php that I can use? Or please guide me to where I can find one... Thanks. ===== "An ounce of gold cannot buy an ounce of time." - Anonymous www.whmicro.com __________________________________________________ Do You Yahoo!? Yahoo! - Official partner of 2002 FIFA World Cup http://fifaworldcup.yahoo.com From ktuskey at exostream.com Thu Jun 20 16:34:02 2002 From: ktuskey at exostream.com (Kyle Tuskey) Date: Thu, 20 Jun 2002 16:34:02 -0400 Subject: [nycphp-talk] formmail script In-Reply-To: <200206202027.g5KKRjP61591@slipdisc.virul.net> Message-ID: <001701c21899$d07cfbf0$e1072744@win2kbox> Jose, I would think that would be an incredibly quick script to write. If you don't want to take the time though, try sniffing around in a script repository like hotscripts.com. Kyle -----Original Message----- From: jose sanchez [mailto:j_r_sanchez at yahoo.com] Sent: Thursday, June 20, 2002 4:28 PM To: NYPHP Talk Subject: [nycphp-talk] formmail script Hello: Has anyone written a formmail script in php that I can use? Or please guide me to where I can find one... Thanks. ===== "An ounce of gold cannot buy an ounce of time." - Anonymous www.whmicro.com __________________________________________________ Do You Yahoo!? Yahoo! - Official partner of 2002 FIFA World Cup http://fifaworldcup.yahoo.com From brian at preston-campbell.com Thu Jun 20 16:41:12 2002 From: brian at preston-campbell.com (Preston-Campbell) Date: Thu, 20 Jun 2002 16:41:12 -0400 Subject: [nycphp-talk] formmail script References: <200206202027.g5KKRjP61591@slipdisc.virul.net> Message-ID: <3D123DE8.FB7BEBE9@preston-campbell.com> http://www.hotscripts.com should have several form processors. Formmail has become a spammer's best friend as of late. It would probably be advisable to find one with decent security features for that same reason. Brian jose sanchez wrote: > Hello: > > Has anyone written a formmail script in php that I can > use? Or please guide me to where I can find one... > > Thanks. > > ===== > "An ounce of gold cannot buy an ounce of time." > - Anonymous > > www.whmicro.com > > __________________________________________________ > Do You Yahoo!? > Yahoo! - Official partner of 2002 FIFA World Cup > http://fifaworldcup.yahoo.com From tom at supertom.com Thu Jun 20 16:48:06 2002 From: tom at supertom.com (tom at supertom.com) Date: Thu, 20 Jun 2002 16:48:06 -0400 Subject: [nycphp-talk] formmail script In-Reply-To: <200206202027.g5KKRjP61591@slipdisc.virul.net> Message-ID: Can't speak for it, but here's formmail.php: http://www.lumbroso.com/scripts/ Supposely supports all of the same features and syntax as formmail.pl Tom -----Original Message----- From: jose sanchez [mailto:j_r_sanchez at yahoo.com] Sent: Thursday, June 20, 2002 4:28 PM To: NYPHP Talk Subject: [nycphp-talk] formmail script Hello: Has anyone written a formmail script in php that I can use? Or please guide me to where I can find one... Thanks. ===== "An ounce of gold cannot buy an ounce of time." - Anonymous www.whmicro.com __________________________________________________ Do You Yahoo!? Yahoo! - Official partner of 2002 FIFA World Cup http://fifaworldcup.yahoo.com From nyphp at jimbishop.org Thu Jun 20 17:11:09 2002 From: nyphp at jimbishop.org (nyphp at jimbishop.org) Date: Thu, 20 Jun 2002 14:11:09 -0700 (PDT) Subject: [nycphp-talk] formmail script In-Reply-To: <200206202052.g5KKqlP61991@slipdisc.virul.net> Message-ID: > Has anyone written a formmail script in php that I can > use? Or please guide me to where I can find one... i've used this one: http://lwest.free.fr/doc/php/lib/index.php3?page=mail&lang=en and it has been good. From ian at plusfour.org Thu Jun 20 17:57:55 2002 From: ian at plusfour.org (Ian Forsyth) Date: Thu, 20 Jun 2002 17:57:55 -0400 Subject: nice and easy sendmail interface.. In-Reply-To: <200206202111.g5KLBEP62290@slipdisc.virul.net> Message-ID: Does any one no of an equivalent to qmailadmin (http://mail.inter7.com/cgi-bin/qmailadmin login with domain of test.com and password test) for sendmail? Currently I am using http://webmin.com which has a bunch of sendmail modules, though I do not know much about setting up alias/forwards, and such across multiple domains and am looking for a very simple interface that would allow me to do so. Or if such an interface does not exist/ I would certainly appreciate some urls having some getting started with sendmail with multiple domains type information.. Or.. should i just install qmail? is it a superior package? Ian. From nyphp at altunergil.com Thu Jun 20 18:01:21 2002 From: nyphp at altunergil.com (Oktay Altunergil) Date: Thu, 20 Jun 2002 18:01:21 -0400 Subject: [nycphp-talk] formmail script In-Reply-To: <200206202037.g5KKbjP61751@slipdisc.virul.net> References: <200206202037.g5KKbjP61751@slipdisc.virul.net> Message-ID: <20020620180121.61a9f069.nyphp@altunergil.com> For the record, formmail.pl from Matt's Script Archive has been the spammers' best friend.I have not heard anything about other formmail variants being vulnerable, though as well they might be. Formmail.pl actually has a drop in replacement as part of a project hosted on sourceforge. Matt himself encourages people to use this replacement. PS: These are both PERL scripts. Oktay Altunergil On Thu, 20 Jun 2002 16:37:45 -0400 Preston-Campbell wrote: > http://www.hotscripts.com should have several form processors. Formmail > has become a spammer's best friend as of late. It would probably be > advisable to find one with decent security features for that same > reason. > > Brian > > jose sanchez wrote: > > > Hello: > > > > Has anyone written a formmail script in php that I can > > use? Or please guide me to where I can find one... > > > > Thanks. > > > > ===== > > "An ounce of gold cannot buy an ounce of time." > > - Anonymous > > > > www.whmicro.com > > > > __________________________________________________ > > Do You Yahoo!? > > Yahoo! - Official partner of 2002 FIFA World Cup > > http://fifaworldcup.yahoo.com > > From gherson at snet.net Thu Jun 20 18:23:03 2002 From: gherson at snet.net (George Herson) Date: Thu, 20 Jun 2002 18:23:03 -0400 Subject: [nycphp-talk] nice and easy sendmail interface.. References: <200206202157.g5KLvfP63015@slipdisc.virul.net> Message-ID: <3D1255C7.3080307@snet.net> From what i know (a few days investigation), qmail is a superior package. I would go with it unless you need functionality that only sendmail has. qmail has been v. solid for me since set up. Set up wasn't that easy, though. Qmail's author, Dan Bernstein, or "DJB", has a reputation for great code that is not great re: friendliness and documentation, and I think that's true of qmail. There are supposed to be a couple of good, proprietary books on it, however. Might also try newsgroup alt.comp.mail.qmail when/if you get stuck. george Ian Forsyth wrote: > Does any one no of an equivalent to qmailadmin > (http://mail.inter7.com/cgi-bin/qmailadmin login with domain of test.com and > password test) for sendmail? > > Currently I am using http://webmin.com which has a bunch of sendmail > modules, though I do not know much about setting up alias/forwards, and such > across multiple domains and am looking for a very simple interface that > would allow me to do so. > > Or if such an interface does not exist/ I would certainly appreciate some > urls having some getting started with sendmail with multiple domains type > information.. > > Or.. should i just install qmail? is it a superior package? > > Ian. > > > From ktuskey at exostream.com Thu Jun 20 18:38:40 2002 From: ktuskey at exostream.com (Kyle Tuskey) Date: Thu, 20 Jun 2002 18:38:40 -0400 Subject: [nycphp-talk] nice and easy sendmail interface.. In-Reply-To: <200206202223.g5KMNeP63532@slipdisc.virul.net> Message-ID: <001901c218ab$39e469a0$e1072744@win2kbox> We run qmail for at eXostream for our customers. It is a great piece of software. DJB knows how to program and has security on his mind at all times. As for sendmail, though it has fixed it's large security holes, it's fundamental design is weak and insecure. I would not recommend unless absolutely necessary. Also, you can use one of the qmail binaries to simulate the sendmail binary. Kyle -----Original Message----- From: George Herson [mailto:gherson at snet.net] Sent: Thursday, June 20, 2002 6:24 PM To: NYPHP Talk Subject: Re: [nycphp-talk] nice and easy sendmail interface.. From what i know (a few days investigation), qmail is a superior package. I would go with it unless you need functionality that only sendmail has. qmail has been v. solid for me since set up. Set up wasn't that easy, though. Qmail's author, Dan Bernstein, or "DJB", has a reputation for great code that is not great re: friendliness and documentation, and I think that's true of qmail. There are supposed to be a couple of good, proprietary books on it, however. Might also try newsgroup alt.comp.mail.qmail when/if you get stuck. george Ian Forsyth wrote: > Does any one no of an equivalent to qmailadmin > (http://mail.inter7.com/cgi-bin/qmailadmin login with domain of test.com and > password test) for sendmail? > > Currently I am using http://webmin.com which has a bunch of sendmail > modules, though I do not know much about setting up alias/forwards, and such > across multiple domains and am looking for a very simple interface that > would allow me to do so. > > Or if such an interface does not exist/ I would certainly appreciate some > urls having some getting started with sendmail with multiple domains type > information.. > > Or.. should i just install qmail? is it a superior package? > > Ian. > > > From louie at zibi.co.il Fri Jun 21 04:01:28 2002 From: louie at zibi.co.il (louie) Date: Fri, 21 Jun 2002 01:01:28 -0700 Subject: [nycphp-talk] formmail script References: <200206202201.g5KM1PP63095@slipdisc.virul.net> Message-ID: <002501c218f9$d96392a0$b35efea9@w3j5c4> greetings ! try this one http://www.boaddrink.com later louie ----- Original Message ----- From: "Oktay Altunergil" To: "NYPHP Talk" Sent: Thursday, June 20, 2002 3:01 PM Subject: Re: [nycphp-talk] formmail script > For the record, formmail.pl from Matt's Script Archive has been the spammers' best friend.I have not heard anything about other formmail variants being vulnerable, though as well they might be. Formmail.pl actually has a drop in replacement as part of a project hosted on sourceforge. Matt himself encourages people to use this replacement. > > PS: These are both PERL scripts. > > Oktay Altunergil > > On Thu, 20 Jun 2002 16:37:45 -0400 > Preston-Campbell wrote: > > > http://www.hotscripts.com should have several form processors. Formmail > > has become a spammer's best friend as of late. It would probably be > > advisable to find one with decent security features for that same > > reason. > > > > Brian > > > > jose sanchez wrote: > > > > > Hello: > > > > > > Has anyone written a formmail script in php that I can > > > use? Or please guide me to where I can find one... > > > > > > Thanks. > > > > > > ===== > > > "An ounce of gold cannot buy an ounce of time." > > > - Anonymous > > > > > > www.whmicro.com > > > > > > __________________________________________________ > > > Do You Yahoo!? > > > Yahoo! - Official partner of 2002 FIFA World Cup > > > http://fifaworldcup.yahoo.com > > > > > > > From zaunere at yahoo.com Fri Jun 21 09:16:04 2002 From: zaunere at yahoo.com (Hans Zaunere) Date: Fri, 21 Jun 2002 06:16:04 -0700 (PDT) Subject: [nycphp-talk] POST method not passing on a cgi-version of PHP 4.1.2 In-Reply-To: <200206192050.g5JKoFP45018@slipdisc.virul.net> Message-ID: <20020621131604.62223.qmail@web12808.mail.yahoo.com> --- Jim Musil wrote: > > Hi, > > I've run across a client who is using a cgi-version of php and for > some > reason it will not allow me to submit data from a form via POST. > Submitting > via GET works great, POST gives nothing. > > I realize this is vague, but I'm hoping someone else has run across > the same > problem. Vague is an understatement. :) But consider some of these settings: track_vars, variable_order, and of course register_globals might be biting you. Do the POST vars show up in phpinfo() ? or print_r($GLOBALS); Also take a look at the value of 'cfg_file_path' to see the config file situation. HZ > > Jim > > __________________________________________________ Do You Yahoo!? Yahoo! - Official partner of 2002 FIFA World Cup http://fifaworldcup.yahoo.com From zaunere at yahoo.com Fri Jun 21 09:19:21 2002 From: zaunere at yahoo.com (Hans Zaunere) Date: Fri, 21 Jun 2002 06:19:21 -0700 (PDT) Subject: [nycphp-talk] PHP Versions and GLOBALS In-Reply-To: <200206201343.g5KDhTP56162@slipdisc.virul.net> Message-ID: <20020621131921.87215.qmail@web12804.mail.yahoo.com> --- Jeremy Hise wrote: > Hi All: > > I have an app that runs fine on php4.0.4 but acts all funky on > php4.0.6. > Places in .4 that use $GLOBALS[varname] suddenly require that I do > $GLOBALS[HTTP_POST_VARS][varname]. This is certainly a register_globals and/or track_vars issue. Also, never use, for example, $_POST[varname] but rather $_POST['varname'] Take a look at http://www.php.net/manual/en/language.types.array.php under the heading "Array do's and don'ts" HZ > > I think I remember something about this but I'm not sure and I can't > really find anything on the php site. > > Do any of you know what the story is with regards to how GLOBALS work > between these versions? > > Thank you! > > Jeremy > > > > > __________________________________________________ Do You Yahoo!? Yahoo! - Official partner of 2002 FIFA World Cup http://fifaworldcup.yahoo.com From zaunere at yahoo.com Fri Jun 21 09:36:05 2002 From: zaunere at yahoo.com (Hans Zaunere) Date: Fri, 21 Jun 2002 06:36:05 -0700 (PDT) Subject: [nycphp-talk] nice and easy sendmail interface.. In-Reply-To: <200206202157.g5KLvfP63015@slipdisc.virul.net> Message-ID: <20020621133605.19273.qmail@web12801.mail.yahoo.com> --- Ian Forsyth wrote: > Does any one no of an equivalent to qmailadmin > (http://mail.inter7.com/cgi-bin/qmailadmin login with domain of > test.com and > password test) for sendmail? Simply, no, or at least not that are publicly floating around. qmail is a very clean package, and was designed with virtual hosting in mind. > Currently I am using http://webmin.com which has a bunch of sendmail > modules, though I do not know much about setting up alias/forwards, > and such > across multiple domains and am looking for a very simple interface > that > would allow me to do so. Nothing concerning sendmail is simple :) > Or if such an interface does not exist/ I would certainly appreciate > some > urls having some getting started with sendmail with multiple domains > type > information.. Google for 'sendmail virtual hosting'. Basically you'll need to edit the /etc/mail/local-host-names, /etc/mail/virtualusertable, and possibly the sendmail.cf/mc files themselves. And in the end, when working with sendmail, I've found the best reference to be: 1) a 70 year old sendmail admin who has done it their whole life. 2) the o'reilly book (in that order). > Or.. should i just install qmail? is it a superior package? It's hard to call one superior than the other - sendmail is the 800 pound gorilla, while qmail is the chimpanzee. Some argue that sendmail has more features and is faster - while this may be true, 99% of those features are useless to the average user, and performance is negligable. qmail is certainly the more modern and well put together package. pure-ftpd vs wu-ftpd? HZ __________________________________________________ Do You Yahoo!? Yahoo! - Official partner of 2002 FIFA World Cup http://fifaworldcup.yahoo.com From Arno.Vanmosel at wwecorp.com Fri Jun 21 11:35:18 2002 From: Arno.Vanmosel at wwecorp.com (Arno Vanmosel) Date: Fri, 21 Jun 2002 11:35:18 -0400 Subject: CMS Systems Message-ID: <7101D732D17CD311AEFF00508B55857203F72818@NT-EXCH-TOWER2> I'm looking for a PHP CMS System that is highly configurable for our site/member usage. We currently run a CMS that I wrote a year ago, but this lacked some options, a year went by and are ready to build something large. So instead of writing it I thought that there must be a CMS out there that does this all ... I just modify it and I'm done ... This CMS would be used by a clan/squad site (50 + members) and it should include: Calendars, Polls, Schedules, easy document publishing with history feature, Image gallery, Message board, Forum, Email handling, Admin with email the group feature, email a friend, Password Protected areas, etc... (MSQL Support) Certain members are allowed to publish, some don't. I know that there are "some" out there, but I don't want to go with another Nuke ... Any Ideas? ..... There are so many out there .... I got lost! Thanks ... Arno -------------- next part -------------- An HTML attachment was scrubbed... URL: From Arno.Vanmosel at wwecorp.com Fri Jun 21 12:48:22 2002 From: Arno.Vanmosel at wwecorp.com (Arno Vanmosel) Date: Fri, 21 Jun 2002 12:48:22 -0400 Subject: CMS Systems Message-ID: <7101D732D17CD311AEFF00508B55857203F7281A@NT-EXCH-TOWER2> I'm looking for a PHP CMS System that is highly configurable for our site/member usage. We currently run a CMS that I wrote a year ago, but this lacked some options, a year went by and are ready to build something large. So instead of writing it I thought that there must be a CMS out there that does this all ... I just modify it and I'm done ... This CMS would be used by a clan/squad site (50 + members) and it should include: Calendars, Polls, Schedules, easy document publishing with history feature, Image gallery, Message board, Forum, Email handling, Admin with email the group feature, email a friend, Password Protected areas, etc... (MSQL Support) Certain members are allowed to publish, some don't. I know that there are "some" out there, but I don't want to go with another Nuke ... Any Ideas? ..... There are so many out there .... I got lost! Thanks ... Arno -------------- next part -------------- An HTML attachment was scrubbed... URL: From soazine at pop.mail.rcn.net Fri Jun 21 13:55:11 2002 From: soazine at pop.mail.rcn.net (soazine@pop.erols.com) Date: Fri, 21 Jun 2002 13:55:11 -0400 Subject: PHP as Enterprise Level - any large companies using PHP? Message-ID: Could someone confirm if PHP is being used as an Enterprise Level Application anywhere, or if any large companies use PHP in their development and application development solutions? My ColdFusion friend refuses to believe that PHP can be used that way because of its structure vs ColdFusion MX. Thanx Phil -------------------------------------------------------------------- mail2web - Check your email from the web at http://mail2web.com/ . From JMKing at ipro.org Fri Jun 21 14:04:18 2002 From: JMKing at ipro.org (Jaz-Michael King) Date: Fri, 21 Jun 2002 14:04:18 -0400 Subject: [nycphp-talk] CMS Systems Message-ID: I'm currently using Sitellite from www.simian.ca, it's a great framework, definitely worth checking out. j ****************************** Jaz-Michael King Online Services Manager IPRO http://ipro.org ****************************** >>> Arno Vanmosel 06/21/02 01:01PM >>> I'm looking for a PHP CMS System that is highly configurable for our site/member usage. We currently run a CMS that I wrote a year ago, but this lacked some options, a year went by and are ready to build something large. So instead of writing it I thought that there must be a CMS out there that does this all ... I just modify it and I'm done .. This CMS would be used by a clan/squad site (50 + members) and it should include: Calendars, Polls, Schedules, easy document publishing with history feature, Image gallery, Message board, Forum, Email handling, Admin with email the group feature, email a friend, Password Protected areas, etc... (MSQL Support) Certain members are allowed to publish, some don't. I know that there are "some" out there, but I don't want to go with another Nuke ... Any Ideas? ..... There are so many out there .... I got lost! Thanks ... Arno From zinfany at hotmail.com Fri Jun 21 15:59:57 2002 From: zinfany at hotmail.com (zinfany) Date: Fri, 21 Jun 2002 15:59:57 -0400 Subject: [nycphp-talk] CMS Systems References: <200206211701.g5LH1NP83182@slipdisc.virul.net> Message-ID: My favorites are PHP-Nuke and Post-Nuke. Both have all the things you are looking for. See http://www.phpnuke.org or http://www.postnuke.com ----- Original Message ----- From: "Arno Vanmosel" To: "NYPHP Talk" Sent: Friday, June 21, 2002 1:01 PM Subject: [nycphp-talk] CMS Systems > > > I'm looking for a PHP CMS System that is highly configurable for our > site/member usage. > We currently run a CMS that I wrote a year ago, but this lacked some > options, a year went > by and are ready to build something large. So instead of writing it I > thought that there > must be a CMS out there that does this all ... I just modify it and I'm done > .. > > This CMS would be used by a clan/squad site (50 + members) and it should > include: > Calendars, Polls, Schedules, easy document publishing with history feature, > Image gallery, > Message board, Forum, Email handling, Admin with email the group feature, > email a friend, > Password Protected areas, etc... (MSQL Support) > Certain members are allowed to publish, some don't. > > I know that there are "some" out there, but I don't want to go with another > Nuke ... > Any Ideas? ..... There are so many out there .... I got lost! > > Thanks ... > > Arno > > > > From ktuskey at exostream.com Fri Jun 21 16:07:59 2002 From: ktuskey at exostream.com (Kyle Tuskey) Date: Fri, 21 Jun 2002 16:07:59 -0400 Subject: [nycphp-talk] CMS Systems In-Reply-To: <200206211956.g5LJukP86492@slipdisc.virul.net> Message-ID: <000c01c2195f$5716e160$e1072744@win2kbox> PHPNuke is horrid bloatware. I remember zeev told me they used it to test high loads because of how poorly it was coded. I've heard postnuke is a little better, but still nothing amazing. Kyle -----Original Message----- From: zinfany [mailto:zinfany at hotmail.com] Sent: Friday, June 21, 2002 3:57 PM To: NYPHP Talk Subject: Re: [nycphp-talk] CMS Systems My favorites are PHP-Nuke and Post-Nuke. Both have all the things you are looking for. See http://www.phpnuke.org or http://www.postnuke.com ----- Original Message ----- From: "Arno Vanmosel" To: "NYPHP Talk" Sent: Friday, June 21, 2002 1:01 PM Subject: [nycphp-talk] CMS Systems > > > I'm looking for a PHP CMS System that is highly configurable for our > site/member usage. > We currently run a CMS that I wrote a year ago, but this lacked some > options, a year went > by and are ready to build something large. So instead of writing it I > thought that there > must be a CMS out there that does this all ... I just modify it and I'm done > .. > > This CMS would be used by a clan/squad site (50 + members) and it should > include: > Calendars, Polls, Schedules, easy document publishing with history feature, > Image gallery, > Message board, Forum, Email handling, Admin with email the group feature, > email a friend, > Password Protected areas, etc... (MSQL Support) > Certain members are allowed to publish, some don't. > > I know that there are "some" out there, but I don't want to go with another > Nuke ... > Any Ideas? ..... There are so many out there .... I got lost! > > Thanks ... > > Arno > > > > From petr at linux.ru Fri Jun 21 22:42:48 2002 From: petr at linux.ru (Petr Pomorov) Date: Fri, 21 Jun 2002 22:42:48 -0400 Subject: [nycphp-talk] testers wanted - phpguardian.com In-Reply-To: <200206201301.g5KD1cP55691@slipdisc.virul.net> References: <200206201301.g5KD1cP55691@slipdisc.virul.net> Message-ID: <200206220242.g5M2gnm02421@biggie> This would probably be a good time to name this thread a flame and end it :) However, the voice of Free Software Advocates has not been heard, so allow me :) Frankly, the United Nations making a release of an upcoming drinking water shortage in the whole world was a final nail into the closed source advocates coffin. Why? Because there are multiple and effective technologies out there to solve the problems of pollution, ineffective technology, etc, that are hidden from the public by intellectual property owners. It's a well proven fact- i'm sure you're aware of the multiple plots to prevent the creation of an alternative combustion engine as an example . just google "combustion engine conspiracy" http://www.google.com/search?q=combustion+engine+conspiracy Just like there are multiple excellent drugs available out there that are not being tested, and the formulas for which will never be published. Why? Because it's not in the best interestes of those proud intellectual rights holders. Individualism is one thing, but getting humanity on the brinks of extinction while making 1% of the Globe's population ridiculously rich is another. I run my web development business entirely based on Free Software (with chunks of Open Source thrown in) and publish my own bits of code under the GNU license (poorly done as they are). I make money providing the -service-, not the code. There are many fine articles out there proving my point- that making code proprietary is not the best business model, and in fact prevents you from making money. http://www.opensource.org/advocacy/case_for_business.html as one example And if all human knowledge were shared the same way, we would be riding cars running on hydrogen , global hunger would be eliminated, and there would be no illiteracy and.... But hey, we'll all get the gist of my point- that OPEN knowledge and technology is the only solution to human problems and that sharing it is the best thing to do- in 30 years max. That's when it will finaly and totally hit the fan. To me, freedom is more important than making a buck. But , i manage to earn my living thanks to Free Software. Case closed? From liquidm3 at hotmail.com Sat Jun 22 18:25:57 2002 From: liquidm3 at hotmail.com (Ted Shieh) Date: Sat, 22 Jun 2002 18:25:57 -0400 Subject: [nycphp-talk] testers wanted - phpguardian.com Message-ID: I'm always delighted when other people choose to open-source their code, though I wouldn't want to force them to do so anymore than I myself would want to be forced to open-source my code. I would be interested in seeing what open source code has been released by our most ardent open source fans, who seem to be, apparently, charles at softwareprototypes.com, louie at zibi.co.il, and Petr Pomorov. Personally, I think that open source is a great thing, but code protection can useful in some situations (particularly those in which a product, rather than service, is being sold) to ensure that the programmer is properly compensated for his/her efforts. My main contribution to open source so far has been phpSQLGen, which is now at version 0.2. This version includes a class called TableMaker which uses PEAR's HTML_Table class to display data from either an ADOdb result set or an array. Also new in this version: I've packaged the SQL generation functions in a SQLGen class. You can read more about it at http://www.liquidmarkets.com/m.php?m=XForum&file=viewthread&tid=2 or http://sourceforge.net/projects/phpsqlgen/ Ted Place a free classified ad at http://www.liquidmarkets.com/m.php?m=ads _________________________________________________________________ MSN Photos is the easiest way to share and print your photos: http://photos.msn.com/support/worldwide.aspx From ian at plusfour.org Sat Jun 22 20:11:21 2002 From: ian at plusfour.org (Ian Forsyth) Date: Sat, 22 Jun 2002 20:11:21 -0400 Subject: eval(); In-Reply-To: <200206222226.g5MMQ7P19026@slipdisc.virul.net> Message-ID: I am setting a basic CMS type thing. Speediness aside, I am storing any all content in the db. Basically i am trying to store php in the db that I want to do and eval(); on. To get started I inserted the following into the db - echo "hello"; and am doing the following for the result set $str = eval($row['content']); question- Storing the value in $str does nothing and output buffering didn't seem to work; how can i control where the eval gets spit out? I have read about doing addslashes and stripslashes, but that does not seem to work in my case.... regards, Ian From ktuskey at exostream.com Sat Jun 22 20:30:44 2002 From: ktuskey at exostream.com (Kyle Tuskey) Date: Sat, 22 Jun 2002 20:30:44 -0400 Subject: [nycphp-talk] eval; In-Reply-To: <200206230011.g5N0B8P20975@slipdisc.virul.net> Message-ID: <002501c21a4d$364c4fd0$e1072744@win2kbox> You don't need to eval(), in fact you shouldn't use it as it is a waste of code and resources. $str = $row["content"]; // this will work Why even assign it to a new var in the first place unless you plan on editing one and want a copy. Kyle -----Original Message----- From: Ian Forsyth [mailto:ian at plusfour.org] Sent: Saturday, June 22, 2002 8:11 PM To: NYPHP Talk Subject: [nycphp-talk] eval; I am setting a basic CMS type thing. Speediness aside, I am storing any all content in the db. Basically i am trying to store php in the db that I want to do and eval(); on. To get started I inserted the following into the db - echo "hello"; and am doing the following for the result set $str = eval($row['content']); question- Storing the value in $str does nothing and output buffering didn't seem to work; how can i control where the eval gets spit out? I have read about doing addslashes and stripslashes, but that does not seem to work in my case.... regards, Ian From ktuskey at exostream.com Sat Jun 22 21:09:21 2002 From: ktuskey at exostream.com (Kyle Tuskey) Date: Sat, 22 Jun 2002 21:09:21 -0400 Subject: [nycphp-talk] eval; In-Reply-To: <200206230011.g5N0B8P20975@slipdisc.virul.net> Message-ID: <002601c21a52$9b817bf0$e1072744@win2kbox> I think I misread your problem, so you can disregard my previous response. As for $str, eval() doesn't necessarily return a value. If you need to handle output buffer control, look into the ob_* functions. I'd also like to suggest that you find a better way to do this. Using eval() on code from a db isn't the most efficient way of doing what you want. Kyle -----Original Message----- From: Ian Forsyth [mailto:ian at plusfour.org] Sent: Saturday, June 22, 2002 8:11 PM To: NYPHP Talk Subject: [nycphp-talk] eval; I am setting a basic CMS type thing. Speediness aside, I am storing any all content in the db. Basically i am trying to store php in the db that I want to do and eval(); on. To get started I inserted the following into the db - echo "hello"; and am doing the following for the result set $str = eval($row['content']); question- Storing the value in $str does nothing and output buffering didn't seem to work; how can i control where the eval gets spit out? I have read about doing addslashes and stripslashes, but that does not seem to work in my case.... regards, Ian From charles at softwareprototypes.com Sun Jun 23 00:31:48 2002 From: charles at softwareprototypes.com (charles at softwareprototypes.com) Date: Sun, 23 Jun 2002 00:31:48 -0400 Subject: Finishing with the open-versus source debate. Message-ID: <43410-220026023431480@softwareprototypes.com> Hello, you bring about a very good point. What have WE done for or with open source. What is the measure of our contribution? If we can ever get the project to the next step, I hope to provide a sound O-O footing for OpenBiblio. Some history: I also hope to provide some enhancements to phpwiki with some dialog and transaction processing and state machine/transition engine plugins. When I started in Smalltalk in the late eighties until the late nineties when Digitalk found a way hide the source code ALL my code was open source. Smalltalk products didn't ship as anything BUT because they have to be integrated into an image file which the VM then loads and runs with. This led to some tighter and neater code. You KNEW everybody would be seeing it. Code I wrote that was used in a course I tried to give on Compuserve. That was simply too early in my own evolution and in Smalltalk's acceptance (more the failure thereof,) to get widely used or disseminated. Code I wrote for converting TIFF and GIF images to/from images that were internal to Smalltalk. Code I wrote for convolving images (edge detection, shade smoothing, contrast enhancing and other image manipulation code,) was all open source. Code I developped for the Government of Canada (expert systems, expert applications, some in Smalltalk and some using "standard" expert system shells a.k.a. inference engines.) Code I wrote for and wrote about in Smalltalk report, Byte Magazine, Computer Language Magazine, AI Expert. Code I wrote for various other projects was all open source and the client got the source along with the product. Actually, it wasn't until I hit the United States in '95 that people began locking up my code and tying my tongue with confidentiality agreements. That's also when I started seeing code that was inexcusably lousy, amateurish and fragile. The project's I had worked on before had had some pretty poor code but nothing so universaly lousy as what was being developped and "shirk"-wrapped for general consumption. I'm ashamed of some of the comments I have written and read in commercial code or that the code itself was so sloppy. When I was working in Montreal in 1984, I had to maintain an accounting package written by McCormack and Dodge. It was in COBOL and we had the source code. We'd find and fix bugs and submit them for inclusion into the package and our efforts were apppreciated and acknowleged. In fact, NOBODY who's going to lay out significant money ($100k+) for software is NOT going to get the source code. Its NOT happening. You may have to sign non-competition agreements but you're getting the source code or they're NOT making the sale. Likewise, you're NOT getting code on a mainframe unless you have the source code and it gets subjected to "code efficiency" peer-review, process "weight" aanlysis for performance metrics and capacity planning, data base access method (DBAM) review and a complete security audit. Your code is not getting installed unless they can compile the source with their own compilers. Its NOT happening. We in the PC arena seem to have problems and issues that were solved decades ago on mainframes. Its only the PC arena which refuses to listen and arrogantly assumes that nothing will go wrong with the code when all evidence gathered from all experience in everything else is that "Shit Happens!" The help desk advice of "re-install and retry" would get you a ticket on a bus in a mainframe shop. -Charles-A. P.S. Some MORE history: Closed-source did not exist at all as a concept until a whiney Bill Gates published something in Byte magazine in the mid-to-late seventies. Aactually, he bought an ad, ranting that people were ripping off his BASIC interpreter (that he himself had ripped off without paying royalties of acknowledging the originators) and it was costing him money in lost sales. That's who closed source has been good to. He's worth hundred's of billions of dollars and you're worth squat. Closed source doesn't exist except on PCs. ("Big Iron" get the source and compiles it with its own trusted compilers in a series of development, test, QA, Integration and, finally, production environments.) Its called trying to sell me a pig-in-a-poke and it ain't happening. It shouldn't happen to anybody. From liquidm3 at hotmail.com Sun Jun 23 17:59:18 2002 From: liquidm3 at hotmail.com (Ted Shieh) Date: Sun, 23 Jun 2002 17:59:18 -0400 Subject: [nycphp-talk] Finishing with the open-versus source debate. Message-ID: Charles, That's great that you have written so much open source code. But it's not clear to me where on the web I could go to view and download it. softwareprototypes.com would seem to me to be a natural place where you could place your open source code, as coding samples for potential clients to examine. Many clients lack the necessary background to evaluate code quality, but sometimes clients do have a technical background, or at least a team member with a technical background. Even if the code is in Smalltalk, I'd think it would be a plus for potential clients to have a chance to evaluate your understanding of algorithms and OOP. Ted >From: charles at softwareprototypes.com >Reply-To: talk at nyphp.org >To: NYPHP Talk >Subject: [nycphp-talk] Finishing with the open-versus source debate. >Date: Sun, 23 Jun 2002 00:27:34 -0400 > >Hello, > >you bring about a very good point. > >What have WE done for or with open source. What is the measure of our >contribution? > >If we can ever get the project to the next step, I hope to provide a >sound O-O footing for OpenBiblio. > >Some history: > >I also hope to provide some enhancements to phpwiki with some dialog >and transaction processing and state machine/transition engine >plugins. > >When I started in Smalltalk in the late eighties until the late >nineties when Digitalk found a way hide the source code ALL my code >was open source. Smalltalk products didn't ship as anything BUT >because they have to be integrated into an image file which the VM >then loads and runs with. > >This led to some tighter and neater code. You KNEW everybody would be >seeing it. > >Code I wrote that was used in a course I tried to give on Compuserve. >That was simply too early in my own evolution and in Smalltalk's >acceptance (more the failure thereof,) to get widely used or >disseminated. > >Code I wrote for converting TIFF and GIF images to/from images that >were internal to Smalltalk. > >Code I wrote for convolving images (edge detection, shade smoothing, >contrast enhancing and other image manipulation code,) was all open >source. > >Code I developped for the Government of Canada (expert systems, >expert applications, some in Smalltalk and some using "standard" >expert system shells a.k.a. inference engines.) > >Code I wrote for and wrote about in Smalltalk report, Byte Magazine, >Computer Language Magazine, AI Expert. > >Code I wrote for various other projects was all open source and the >client got the source along with the product. > >Actually, it wasn't until I hit the United States in '95 that people >began locking up my code and tying my tongue with confidentiality >agreements. That's also when I started seeing code that was >inexcusably lousy, amateurish and fragile. > >The project's I had worked on before had had some pretty poor code >but nothing so universaly lousy as what was being developped and >"shirk"-wrapped for general consumption. I'm ashamed of some of the >comments I have written and read in commercial code or that the code >itself was so sloppy. > >When I was working in Montreal in 1984, I had to maintain an >accounting package written by McCormack and Dodge. It was in COBOL >and we had the source code. We'd find and fix bugs and submit them >for inclusion into the package and our efforts were apppreciated and >acknowleged. > >In fact, NOBODY who's going to lay out significant money ($100k+) for >software is NOT going to get the source code. Its NOT happening. You >may have to sign non-competition agreements but you're getting the >source code or they're NOT making the sale. > >Likewise, you're NOT getting code on a mainframe unless you have the >source code and it gets subjected to "code efficiency" peer-review, >process "weight" aanlysis for performance metrics and capacity >planning, data base access method (DBAM) review and a complete >security audit. Your code is not getting installed unless they can >compile the source with their own compilers. Its NOT happening. > >We in the PC arena seem to have problems and issues that were solved >decades ago on mainframes. Its only the PC arena which refuses to >listen and arrogantly assumes that nothing will go wrong with the >code when all evidence gathered from all experience in everything >else is that "Shit Happens!" > >The help desk advice of "re-install and retry" would get you a ticket >on a bus in a mainframe shop. > >-Charles-A. > >P.S. > >Some MORE history: > >Closed-source did not exist at all as a concept until a whiney Bill >Gates published something in Byte magazine in the mid-to-late >seventies. Aactually, he bought an ad, ranting that people were >ripping off his BASIC interpreter (that he himself had ripped off >without paying royalties of acknowledging the originators) and it was >costing him money in lost sales. That's who closed source has been >good to. He's worth hundred's of billions of dollars and you're worth >squat. > >Closed source doesn't exist except on PCs. ("Big Iron" get the source >and compiles it with its own trusted compilers in a series of >development, test, QA, Integration and, finally, production >environments.) > >Its called trying to sell me a pig-in-a-poke and it ain't happening. >It shouldn't happen to anybody. > > Place a free classified ad with LiquidMarkets http://www.liquidmarkets.com/m.php?m=ads _________________________________________________________________ Join the world?s largest e-mail service with MSN Hotmail. http://www.hotmail.com From charles at softwareprototypes.com Sun Jun 23 20:15:54 2002 From: charles at softwareprototypes.com (charles at softwareprototypes.com) Date: Sun, 23 Jun 2002 20:15:54 -0400 Subject: No subject Message-ID: <239420-22002612401554281@softwareprototypes.com> Hello Ted, another argument for OpenSource is that not all software is meant to last forever. SoftwarePrototypes.com is moribund, in case you hadn't noticed, and was never meant to be a repository for any of my software. Its moribund because despite the fact that everybody knows the prototyoes ave money in the developmnent stage, nobody buys 'em because they ALL always assume that everything will be okay. Remember all of my open source stuff was writen before the birth of the web. Some of it is older than most of the people reading this. Some of it was written over twenty-five, Oh shit!, almost thirty, (I've gotten old,) years ago. That almost a two hundred and ten in dog/internet years. :-) The first piece of software that I ever wrote (a payroll system) is STILL RUNNING in at least one municipality that I know of. But I have learned so much since then that I could do a much better job of it. However the software belonged to (Cogebec, a since defunct system house,) and I am NOT going to touch it. I'd rewrite it for the public domain but the calculation enines and the pre- & post-tax allocations and calculations are so ideosyncratic that I'd need a re-immersion into the domain before attempting it again. If I wanted to set up something like that on SoftwarePrototypes.com I'd have to re-implement all of it (in php?) since the software platform I was using (Digitalk Smalltalk /V, /V286, /V PM, /V Win, VisualSmalltalk Enterprise,) is also defunct. (Man I feel old.) Some of the stuff in VisualWorks and Visualge Smalltalk would land me in jail for violating conditions of employment and confidentiality agreements. -Charles-A. > From: "Ted Shieh" > Organization: New York PHP > Reply-To: talk at nyphp.org > Date: Sun, 23 Jun 2002 17:59:29 -0400 > To: NYPHP Talk > Subject: Re: [nycphp-talk] Finishing with the open-versus source debate. > > Charles, > > That's great that you have written so much open source code. But it's not > clear to me where on the web I could go to view and download it. > softwareprototypes.com would seem to me to be a natural place where you > could place your open source code, as coding samples for potential clients > to examine. Many clients lack the necessary background to evaluate code > quality, but sometimes clients do have a technical background, or at least a > team member with a technical background. Even if the code is in Smalltalk, > I'd think it would be a plus for potential clients to have a chance to > evaluate your understanding of algorithms and OOP. > > Ted From kayraotaner at yahoo.com Sun Jun 23 21:20:56 2002 From: kayraotaner at yahoo.com (Kayra Otaner) Date: Sun, 23 Jun 2002 18:20:56 -0700 (PDT) Subject: [nycphp-talk] eval; In-Reply-To: <200206230011.g5N0B8P20975@slipdisc.virul.net> Message-ID: <20020624012056.91111.qmail@web10101.mail.yahoo.com> Did you try to start output buffering in the code that you used in eval function? I think it may work. Simply replace your code with output buffered version : ob_start(); echo "hello"; $output = ob_get_contents(); ob_end_clean(); and then echo $output for echoing content of your php code stored in database. Kayra Otaner --- Ian Forsyth wrote: > I am setting a basic CMS type thing. > > Speediness aside, I am storing any all content in the db. > > Basically i am trying to store php in the db that I want to do and eval(); > on. To get started I inserted the following into the db - > > echo "hello"; > > and am doing the following for the result set > > $str = eval($row['content']); > > question- > > Storing the value in $str does nothing and output buffering didn't seem to > work; how can i control where the eval gets spit out? > > I have read about doing addslashes and stripslashes, but that does not seem > to work in my case.... > > regards, > Ian > > __________________________________________________ Do You Yahoo!? Yahoo! - Official partner of 2002 FIFA World Cup http://fifaworldcup.yahoo.com From soazine at erols.com Sun Jun 23 23:55:24 2002 From: soazine at erols.com (Phil Powell) Date: Sun, 23 Jun 2002 23:55:24 -0400 Subject: Help! Can't include PHP file in Message-ID: <010c01c21b32$f8ac4770$53bd6444@scandinawa1bo6> I have to include a PHP file as a server-side include into an .shtml file, however I constantly get this error no matter what I do: [an error occurred while processing this directive] Please, any ideas? This is kind of an emergency!! Thanx Phil -------------- next part -------------- An HTML attachment was scrubbed... URL: From robl at emerchant.ca Tue Jun 25 00:10:53 2002 From: robl at emerchant.ca (Robert Lanciault) Date: Tue, 25 Jun 2002 00:10:53 -0400 Subject: [nycphp-talk] Help! Can't include PHP file in References: <200206240356.g5O3u2P52230@slipdisc.virul.net> Message-ID: <001301c21bfe$5ec35d20$77010a0a@internal.theonlinecreator.net> There was a post a couple weeks back about an online book site. Does anyone have the link on file ----- Original Message ----- From: "Phil Powell" To: "NYPHP Talk" Sent: Sunday, June 23, 2002 11:56 PM Subject: [nycphp-talk] Help! Can't include PHP file in > I have to include a PHP file as a server-side include into an .shtml file, however I constantly get this error no matter what I do: > > [an error occurred while processing this directive] > > Please, any ideas? This is kind of an emergency!! > > Thanx > Phil > > > From ken_11223 at yahoo.com Mon Jun 24 00:56:05 2002 From: ken_11223 at yahoo.com (ken wu) Date: Sun, 23 Jun 2002 21:56:05 -0700 (PDT) Subject: [nycphp-talk] Help! Can't include PHP file in In-Reply-To: <200206240356.g5O3u2P52230@slipdisc.virul.net> Message-ID: <20020624045605.9084.qmail@web12805.mail.yahoo.com> oh. did u check up your apache error logs? Experience tells me that there are often valuable clues to any kind of errors.... good luck ~~~ --- Phil Powell wrote: > I have to include a PHP file as a server-side > include into an .shtml file, however I constantly > get this error no matter what I do: > > [an error occurred while processing this directive] > > Please, any ideas? This is kind of an emergency!! > > Thanx > Phil > > ===== Ken Wu 718-788-0661 168 35 Street Apt 2 Broooklyn, NY 11232-2320 http://www.kenfile.com __________________________________________________ Do You Yahoo!? Yahoo! - Official partner of 2002 FIFA World Cup http://fifaworldcup.yahoo.com From soazine at erols.com Mon Jun 24 05:31:40 2002 From: soazine at erols.com (Phil Powell) Date: Mon, 24 Jun 2002 05:31:40 -0400 Subject: [nycphp-talk] Help! Can't include PHP file in References: <200206240456.g5O4uCP53290@slipdisc.virul.net> Message-ID: <002b01c21b61$f2604bd0$53bd6444@scandinawa1bo6> Cannot check my apache server logs.. this is on a remote server that is not my own. Sorry Phil ----- Original Message ----- From: "ken wu" To: "NYPHP Talk" Sent: Monday, June 24, 2002 12:56 AM Subject: Re: [nycphp-talk] Help! Can't include PHP file in > oh. did u check up your apache error logs? Experience > tells me that there are often valuable clues to any > kind of errors.... > > good luck ~~~ > > > > --- Phil Powell wrote: > > I have to include a PHP file as a server-side > > include into an .shtml file, however I constantly > > get this error no matter what I do: > > > > [an error occurred while processing this directive] > > > > Please, any ideas? This is kind of an emergency!! > > > > Thanx > > Phil > > > > > > > ===== > Ken Wu > > 718-788-0661 > 168 35 Street Apt 2 > Broooklyn, NY 11232-2320 > > http://www.kenfile.com > > __________________________________________________ > Do You Yahoo!? > Yahoo! - Official partner of 2002 FIFA World Cup > http://fifaworldcup.yahoo.com > From ian at plusfour.org Mon Jun 24 11:36:20 2002 From: ian at plusfour.org (Ian Forsyth) Date: Mon, 24 Jun 2002 11:36:20 -0400 Subject: [nycphp-talk] eval; In-Reply-To: <200206240121.g5O1KxP49568@slipdisc.virul.net> Message-ID: Thanks, that worked perfectly. So in my code I do.. eval($row['content']); then in the space where I want the content to be echoed, i do echo $output; regards Ian > -----Original Message----- > From: Kayra Otaner [mailto:kayraotaner at yahoo.com] > Sent: Sunday, June 23, 2002 9:21 PM > To: NYPHP Talk > Subject: Re: [nycphp-talk] eval; > > > Did you try to start output buffering in the code that you used > in eval function? I think it may > work. Simply replace your code with output buffered version : > > ob_start(); > echo "hello"; > $output = ob_get_contents(); > ob_end_clean(); > > and then echo $output for echoing content of your php code stored > in database. > > Kayra Otaner > > > --- Ian Forsyth wrote: > > I am setting a basic CMS type thing. > > > > Speediness aside, I am storing any all content in the db. > > > > Basically i am trying to store php in the db that I want to do > and eval(); > > on. To get started I inserted the following into the db - > > > > echo "hello"; > > > > and am doing the following for the result set > > > > $str = eval($row['content']); > > > > question- > > > > Storing the value in $str does nothing and output buffering > didn't seem to > > work; how can i control where the eval gets spit out? > > > > I have read about doing addslashes and stripslashes, but that > does not seem > > to work in my case.... > > > > regards, > > Ian > > > > > > > __________________________________________________ > Do You Yahoo!? > Yahoo! - Official partner of 2002 FIFA World Cup > http://fifaworldcup.yahoo.com > > From petr at linux.ru Mon Jun 24 17:16:23 2002 From: petr at linux.ru (Petr Pomorov) Date: Mon, 24 Jun 2002 17:16:23 -0400 Subject: [nycphp-talk] Help! Can't include PHP file in In-Reply-To: <200206240933.g5O9X0P58298@slipdisc.virul.net> References: <200206240933.g5O9X0P58298@slipdisc.virul.net> Message-ID: <200206242116.g5OLGO102318@biggie> Is it apache? /the server/ On Monday 24 June 2002 05:33 am, you wrote: > Cannot check my apache server logs.. this is on a remote server that is not > my own. > > Sorry > Phil > ----- Original Message ----- > From: "ken wu" > To: "NYPHP Talk" > Sent: Monday, June 24, 2002 12:56 AM > Subject: Re: [nycphp-talk] Help! Can't include PHP file in > > > oh. did u check up your apache error logs? Experience > > tells me that there are often valuable clues to any > > kind of errors.... > > > > good luck ~~~ > > > > --- Phil Powell wrote: > > > I have to include a PHP file as a server-side > > > include into an .shtml file, however I constantly > > > get this error no matter what I do: > > > > > > [an error occurred while processing this directive] > > > > > > Please, any ideas? This is kind of an emergency!! > > > > > > Thanx > > > Phil > > > > ===== > > Ken Wu > > > > 718-788-0661 > > 168 35 Street Apt 2 > > Broooklyn, NY 11232-2320 > > > > http://www.kenfile.com > > > > __________________________________________________ > > Do You Yahoo!? > > Yahoo! - Official partner of 2002 FIFA World Cup > > http://fifaworldcup.yahoo.com From ian at plusfour.org Mon Jun 24 17:24:57 2002 From: ian at plusfour.org (Ian Forsyth) Date: Mon, 24 Jun 2002 17:24:57 -0400 Subject: [nycphp-talk] Help! Can't include PHP file in In-Reply-To: <200206242111.g5OLBsP87730@slipdisc.virul.net> Message-ID: what about > -----Original Message----- > From: Petr Pomorov [mailto:petr at linux.ru] > Sent: Monday, June 24, 2002 5:12 PM > To: NYPHP Talk > Subject: Re: [nycphp-talk] Help! Can't include PHP file in > > > Is it apache? /the server/ > On Monday 24 June 2002 05:33 am, you wrote: > > Cannot check my apache server logs.. this is on a remote server > that is not > > my own. > > > > Sorry > > Phil > > ----- Original Message ----- > > From: "ken wu" > > To: "NYPHP Talk" > > Sent: Monday, June 24, 2002 12:56 AM > > Subject: Re: [nycphp-talk] Help! Can't include PHP file in > > > > > oh. did u check up your apache error logs? Experience > > > tells me that there are often valuable clues to any > > > kind of errors.... > > > > > > good luck ~~~ > > > > > > --- Phil Powell wrote: > > > > I have to include a PHP file as a server-side > > > > include into an .shtml file, however I constantly > > > > get this error no matter what I do: > > > > > > > > [an error occurred while processing this directive] > > > > > > > > Please, any ideas? This is kind of an emergency!! > > > > > > > > Thanx > > > > Phil > > > > > > ===== > > > Ken Wu > > > > > > 718-788-0661 > > > 168 35 Street Apt 2 > > > Broooklyn, NY 11232-2320 > > > > > > http://www.kenfile.com > > > > > > __________________________________________________ > > > Do You Yahoo!? > > > Yahoo! - Official partner of 2002 FIFA World Cup > > > http://fifaworldcup.yahoo.com > > From ian at plusfour.org Tue Jun 25 10:12:00 2002 From: ian at plusfour.org (Ian Forsyth) Date: Tue, 25 Jun 2002 10:12:00 -0400 Subject: mysql command line In-Reply-To: <200206242124.g5OLOhP87928@slipdisc.virul.net> Message-ID: Is there any utility out there that allows you to import selective records from a mysqldump.sql file? for instance.. On June 12 I made a back up of the database on june 13 i deleted products having a compandy_id = 20, on june 14 we needed those products back, and lots of other products where updated so i can't just dump the table and replace it.. so is there any thing already made that would allow me to import the records from the product table that have a company_id = 20 from a mysqldump.sql file (meaning it has create table and insert statements, its no tab seperated)... Ian From sklar at sklar.com Tue Jun 25 10:24:51 2002 From: sklar at sklar.com (David Sklar) Date: Tue, 25 Jun 2002 10:24:51 -0400 Subject: [nycphp-talk] mysql command line In-Reply-To: <200206251412.g5PEC7P02786@slipdisc.virul.net> Message-ID: Some possibilities: 1. grep (just pick out the lines you care about) 2. emacs (or your favorite editor) to edit the dump file 3. create a dummy database, load the dumpfile into the dummy database, and then pull out the data from there with something like "INSERT INTO actual_db.table SELECT * FROM dummy_db.table WHERE company_id = 20" -dave > -----Original Message----- > From: Ian Forsyth [mailto:ian at plusfour.org] > Sent: Tuesday, June 25, 2002 10:12 AM > To: NYPHP Talk > Subject: [nycphp-talk] mysql command line > > > > Is there any utility out there that allows you to import selective records > from a mysqldump.sql file? > > for instance.. > > On June 12 I made a back up of the database on june 13 i deleted products > having a compandy_id = 20, on june 14 we needed those products back, and > lots of other products where updated so i can't just dump the table and > replace it.. > > so is there any thing already made that would allow me to import > the records > from the product table that have a company_id = 20 from a > mysqldump.sql file > (meaning it has create table and insert statements, its no tab > seperated)... > > Ian > From nyphp at altunergil.com Tue Jun 25 10:24:48 2002 From: nyphp at altunergil.com (Oktay Altunergil) Date: Tue, 25 Jun 2002 10:24:48 -0400 Subject: [nycphp-talk] mysql command line In-Reply-To: <200206251412.g5PEC7P02786@slipdisc.virul.net> References: <200206251412.g5PEC7P02786@slipdisc.virul.net> Message-ID: <20020625102448.4c66d754.nyphp@altunergil.com> I recommend creating a seperate database and importing all records into that temp database. Rung a few sql statements ( DELETE FROM blah WHERE company_id <> 20 ) to end up with just what you want. Then take a dump of that database with the -t switch (do not include CREATE TABLE statements) and import that into your real database. Hoping you will only have to do this kind of thing one or two times during your lifetime, there should be no need to look for software that does this. Having said that, an application that can read the SQL statements and represent them in a format that you can work with (select/delete portions etc) shouldn't be too hard to code for people who can actually code that kind of stuff (not me). Oktay Altunergil On Tue, 25 Jun 2002 10:12:07 -0400 Ian Forsyth wrote: > > Is there any utility out there that allows you to import selective records > from a mysqldump.sql file? > > for instance.. > > On June 12 I made a back up of the database on june 13 i deleted products > having a compandy_id = 20, on june 14 we needed those products back, and > lots of other products where updated so i can't just dump the table and > replace it.. > > so is there any thing already made that would allow me to import the records > from the product table that have a company_id = 20 from a mysqldump.sql file > (meaning it has create table and insert statements, its no tab seperated)... > > Ian > > From ian at plusfour.org Tue Jun 25 10:44:22 2002 From: ian at plusfour.org (Ian Forsyth) Date: Tue, 25 Jun 2002 10:44:22 -0400 Subject: [nycphp-talk] mysql command line In-Reply-To: <200206251424.g5PEOsP02975@slipdisc.virul.net> Message-ID: That is a great idea.. making a seperate table.. thanks.. Ian > -----Original Message----- > From: Oktay Altunergil [mailto:nyphp at altunergil.com] > Sent: Tuesday, June 25, 2002 10:25 AM > To: NYPHP Talk > Subject: Re: [nycphp-talk] mysql command line > > > I recommend creating a seperate database and importing all > records into that temp database. Rung a few sql statements ( > DELETE FROM blah WHERE company_id <> 20 ) to end up with just > what you want. Then take a dump of that database with the -t > switch (do not include CREATE TABLE statements) and import that > into your real database. Hoping you will only have to do this > kind of thing one or two times during your lifetime, there should > be no need to look for software that does this. Having said that, > an application that can read the SQL statements and represent > them in a format that you can work with (select/delete portions > etc) shouldn't be too hard to code for people who can actually > code that kind of stuff (not me). > > Oktay Altunergil > > On Tue, 25 Jun 2002 10:12:07 -0400 > Ian Forsyth wrote: > > > > > Is there any utility out there that allows you to import > selective records > > from a mysqldump.sql file? > > > > for instance.. > > > > On June 12 I made a back up of the database on june 13 i > deleted products > > having a compandy_id = 20, on june 14 we needed those products back, and > > lots of other products where updated so i can't just dump the table and > > replace it.. > > > > so is there any thing already made that would allow me to > import the records > > from the product table that have a company_id = 20 from a > mysqldump.sql file > > (meaning it has create table and insert statements, its no tab > seperated)... > > > > Ian > > > > > > From drydell at worldnet.att.net Tue Jun 25 16:16:28 2002 From: drydell at worldnet.att.net (David Rydell) Date: Tue, 25 Jun 2002 16:16:28 -0400 Subject: [nycphp-talk] PHP Versions and GLOBALS Message-ID: <011f01c21c85$311e69a0$656b580c@david> if you have lots of scripts expecting register_globals=on, just prepend them with code like this and you'll never need to worry about it... if ($GLOBALS) reset ($GLOBALS); while (list ($key, $value) = each ($GLOBALS)) { ${$key} = $value; } } if ($HTTP_SERVER_VARS) reset ($HTTP_SERVER_VARS); while (list ($key, $value) = each ($HTTP_SERVER_VARS)) { ${$key} = $value; } } if ($HTTP_GET_VARS) reset ($HTTP_GET_VARS); while (list ($key, $value) = each ($HTTP_GET_VARS)) { ${$key} = $value; } } if ($HTTP_POST_VARS) reset ($HTTP_POST_VARS); while (list ($key, $value) = each ($HTTP_POST_VARS)) { ${$key} = $value; } } From drydell at att.net Tue Jun 25 16:41:47 2002 From: drydell at att.net (David Rydell) Date: Tue, 25 Jun 2002 16:41:47 -0400 Subject: [nycphp-talk] PHP Versions and GLOBALS Message-ID: <013201c21c88$ba296440$656b580c@david> if you have lots of scripts expecting register_globals=on, just prepend them with code like this and you'll never need to worry about it... if ($GLOBALS) { reset ($GLOBALS); while (list ($key, $value) = each ($GLOBALS)) { ${$key} = $value; } } if ($HTTP_SERVER_VARS) { reset ($HTTP_SERVER_VARS); while (list ($key, $value) = each ($HTTP_SERVER_VARS)) { ${$key} = $value; } } if ($HTTP_GET_VARS) { reset ($HTTP_GET_VARS); while (list ($key, $value) = each ($HTTP_GET_VARS)) { ${$key} = $value; } } if ($HTTP_POST_VARS) { reset ($HTTP_POST_VARS); while (list ($key, $value) = each ($HTTP_POST_VARS)) { ${$key} = $value; } } From jhise at linuxforbusiness.org Tue Jun 25 17:43:56 2002 From: jhise at linuxforbusiness.org (Jeremy Hise) Date: 25 Jun 2002 17:43:56 -0400 Subject: Apache Rendering Message-ID: <1025041441.2720.14.camel@localhost.localdomain> Hi! I've got a very strange problem. I'm running PHP on Apache on intel86 and some of my webpages suddenly stop rendering...at different pages. I look at the source and there are no errors or anything. Nothing complains even when I turn up the PHP error reporting all the way. Have any of you ever run into a problem like this before? Thank you, jhise From jbishop at jimbishop.org Tue Jun 25 17:45:51 2002 From: jbishop at jimbishop.org (jim.bishop) Date: Tue, 25 Jun 2002 14:45:51 -0700 (PDT) Subject: [nycphp-talk] mysql command line In-Reply-To: <200206251412.g5PEC7P02786@slipdisc.virul.net> Message-ID: > Is there any utility out there that allows you to import selective records > from a mysqldump.sql file? if you still have the original file, i saw this perl util on freshmeat a couple of days ago: http://freshmeat.net/projects/mysqldiff/?topic_id=66%2C45%2C67 i downloaded it, but haven't had occasion to use it yet. jim.bishop || jim.bishop || i heart n y || http://www.jimbishop.org/tidbytes/ From nyphp at jimbishop.org Tue Jun 25 17:53:17 2002 From: nyphp at jimbishop.org (nyphp at jimbishop.org) Date: Tue, 25 Jun 2002 14:53:17 -0700 (PDT) Subject: [nycphp-talk] Apache Rendering In-Reply-To: <200206252145.g5PLjZP15242@slipdisc.virul.net> Message-ID: > I've got a very strange problem. I'm running PHP on Apache on intel86 > and some of my webpages suddenly stop rendering...at different pages. > I look at the source and there are no errors or anything. Nothing > complains even when I turn up the PHP error reporting all the way. > > Have any of you ever run into a problem like this before? my isp had the same problem the other day. they restarted apache and everything magically began to work again. no idea why. jim.bishop From zaunere at yahoo.com Tue Jun 25 21:10:40 2002 From: zaunere at yahoo.com (Hans Zaunere) Date: Tue, 25 Jun 2002 18:10:40 -0700 (PDT) Subject: MEETING - Open NYPHP Meeting Tomorrow Message-ID: <20020626011040.57708.qmail@web12806.mail.yahoo.com> Hello all, The monthly NYPHP meeting will be tomorrow in Manhattan, at our usual location at 6:30pm. Details are available at http://nyphp.org. Tomorrow's meeting focus will be open Q&A, networking, and adhoc talks/presentations. An LCD projector is available with web access, and a large portion of the meeting will be available for informal breakout discussions. As I'm sure many know, the PC Expo is in session, and contains a Web Services exhibit floor. While many may be tired after the expo (I was today), I hope that you will still attend tomorrow's meeting, as there will be much to talk about. Hope to see everyone there! Regards, Hans Z. __________________________________________________ Do You Yahoo!? Yahoo! - Official partner of 2002 FIFA World Cup http://fifaworldcup.yahoo.com From zaunere at yahoo.com Tue Jun 25 21:13:05 2002 From: zaunere at yahoo.com (Hans Zaunere) Date: Tue, 25 Jun 2002 18:13:05 -0700 (PDT) Subject: NYPHP Library - Don't Forget Your Books Please! Message-ID: <20020626011305.4527.qmail@web12801.mail.yahoo.com> As a reminder, if you have a borrowed book from the NYPHP Library, please don't forget to return it at tomorrow's meeting! Meeting time and location details can be found at http://nyphp.org. If you are unable to attend tomorrow, and have a borrowed book, please contact library at nyphp.org as soon as possible. Thank you, Hans Z. __________________________________________________ Do You Yahoo!? Yahoo! - Official partner of 2002 FIFA World Cup http://fifaworldcup.yahoo.com From petr at linux.ru Wed Jun 26 04:56:18 2002 From: petr at linux.ru (Petr Pomorov) Date: Wed, 26 Jun 2002 04:56:18 -0400 Subject: RedHat 7.3 Distro Message-ID: <200206260856.g5Q8uJg02689@biggie> Anyone got the latest RedHat distro on CD they could loan me at the meeting for a couple of days to make a copy? I just need the CDs. Thanks. From LarryC at indexstock.com Wed Jun 26 10:21:33 2002 From: LarryC at indexstock.com (Larry Chuon) Date: Wed, 26 Jun 2002 10:21:33 -0400 Subject: [nycphp-talk] MEETING - Open NYPHP Meeting Tomorrow Message-ID: <86713EAB93BD5F40B94A0C8E604C7C91AEB3D4@index-exchange.indexstock.com> Sorry, I won't make it to our meeting again today. My employer needs me for the softball game, not that it makes any differences if I am there or not. Good luck. Hopefully someone share the minutes. Larry Chuon, IT Director Indexstock Imagery, Inc. http://www.photostogo.com http://www.indexstock.com http://www.webspice.com p: 212.929.4644 f: 212.633.1914 -----Original Message----- From: Hans Zaunere [mailto:zaunere at yahoo.com] Sent: Tuesday, June 25, 2002 9:11 PM To: NYPHP Talk Subject: [nycphp-talk] MEETING - Open NYPHP Meeting Tomorrow Hello all, The monthly NYPHP meeting will be tomorrow in Manhattan, at our usual location at 6:30pm. Details are available at http://nyphp.org. Tomorrow's meeting focus will be open Q&A, networking, and adhoc talks/presentations. An LCD projector is available with web access, and a large portion of the meeting will be available for informal breakout discussions. As I'm sure many know, the PC Expo is in session, and contains a Web Services exhibit floor. While many may be tired after the expo (I was today), I hope that you will still attend tomorrow's meeting, as there will be much to talk about. Hope to see everyone there! Regards, Hans Z. __________________________________________________ Do You Yahoo!? Yahoo! - Official partner of 2002 FIFA World Cup http://fifaworldcup.yahoo.com From jon at corporatelords.org Wed Jun 26 11:44:34 2002 From: jon at corporatelords.org (Jon Britton) Date: Wed, 26 Jun 2002 11:44:34 -0400 Subject: [nycphp-talk] RedHat 7.3 Distro In-Reply-To: <200206260851.g5Q8peP22032@slipdisc.virul.net> References: <200206260851.g5Q8peP22032@slipdisc.virul.net> Message-ID: <20020626154434.GA16911@breakwindows.com> On Wed, Jun 26, 2002 at 04:51:40AM -0400, Petr Pomorov wrote: > Anyone got the latest RedHat distro on CD they could loan me at the meeting > for a couple of days to make a copy? I just need the CDs. > Thanks. I think there are 3 CD's? That's all I have (RH7.3, x86 only)...I'm pretty sure I'll be at the meeting, so I'll burn off copies for you. - Jon -- Steve Jobs is like the bastard child of Ayn Rand and Horatio Alger starring in a David Lynch movie. From tom at supertom.com Thu Jun 27 10:25:14 2002 From: tom at supertom.com (tom at supertom.com) Date: Thu, 27 Jun 2002 10:25:14 -0400 Subject: MySQL question In-Reply-To: <200206202027.g5KKRjP61591@slipdisc.virul.net> Message-ID: I know this is off topic as it is a MySQL question, but I figured that this PHP list may have the answer (I'm using PHP, if that helps!). I'm storing both HTML and text in a field, and I now want to search that field. My question is: Is it possible to have MySQL ignore the HTML somehow? I know that I could grab the data out of the db, then use PHP's strip_tags and find the text that way, but that takes the performance benefits of the db right out of the equation. An example of this would be: If the user searches for the word 'size', I don't want them pulling back a row that contains '' Any suggestions on how to do this with just MySQL? Thanks, Tom From brian at preston-campbell.com Thu Jun 27 12:20:09 2002 From: brian at preston-campbell.com (Preston-Campbell) Date: Thu, 27 Jun 2002 12:20:09 -0400 Subject: [nycphp-talk] MySQL question References: <200206271429.g5RETxP37442@slipdisc.virul.net> Message-ID: <001501c21df6$83ff4460$a77cfea9@p1n1w5> it is possible to use regex in MySQL queries so you could eliminate anything between < and > for example. MySQL by Paul Dubois covers this subject quite well. Brian ----- Original Message ----- From: To: "NYPHP Talk" Sent: Thursday, June 27, 2002 10:29 AM Subject: [nycphp-talk] MySQL question > I know this is off topic as it is a MySQL question, but I figured that this > PHP list may have the answer (I'm using PHP, if that helps!). > > I'm storing both HTML and text in a field, and I now want to search that > field. My question is: Is it possible to have MySQL ignore the HTML > somehow? I know that I could grab the data out of the db, then use PHP's > strip_tags and find the text that way, but that takes the performance > benefits of the db right out of the equation. > > An example of this would be: > > If the user searches for the word 'size', I don't want them pulling back a > row that contains '' > > Any suggestions on how to do this with just MySQL? > > Thanks, > > Tom > > > From tom at supertom.com Thu Jun 27 13:18:26 2002 From: tom at supertom.com (tom at supertom.com) Date: Thu, 27 Jun 2002 13:18:26 -0400 Subject: [nycphp-talk] MySQL question In-Reply-To: <200206271620.g5RGKPP38487@slipdisc.virul.net> Message-ID: That is a very good idea! I will give that a try! Thanks, Tom -----Original Message----- From: Preston-Campbell [mailto:brian at preston-campbell.com] Sent: Thursday, June 27, 2002 12:20 PM To: NYPHP Talk Subject: Re: [nycphp-talk] MySQL question it is possible to use regex in MySQL queries so you could eliminate anything between < and > for example. MySQL by Paul Dubois covers this subject quite well. Brian ----- Original Message ----- From: To: "NYPHP Talk" Sent: Thursday, June 27, 2002 10:29 AM Subject: [nycphp-talk] MySQL question > I know this is off topic as it is a MySQL question, but I figured that this > PHP list may have the answer (I'm using PHP, if that helps!). > > I'm storing both HTML and text in a field, and I now want to search that > field. My question is: Is it possible to have MySQL ignore the HTML > somehow? I know that I could grab the data out of the db, then use PHP's > strip_tags and find the text that way, but that takes the performance > benefits of the db right out of the equation. > > An example of this would be: > > If the user searches for the word 'size', I don't want them pulling back a > row that contains '' > > Any suggestions on how to do this with just MySQL? > > Thanks, > > Tom > > > From jay at trans-city.com Thu Jun 27 13:42:53 2002 From: jay at trans-city.com (Jay Greenspan) Date: Thu, 27 Jun 2002 13:42:53 -0400 Subject: [nycphp-talk] MySQL question In-Reply-To: <200206271620.g5RGKPP38487@slipdisc.virul.net> Message-ID: Here's the basics with some pretty lame regex: mysql> create table size_test(afield varchar(255)); mysql> insert into size_test values(' blah blah '); mysql> insert into size_test values(' blah blah the size is'); mysql> select afield from size_test where afield regexp '>.*size.*'; +------------------------------------+ | afield | +------------------------------------+ | blah blah the size is | +------------------------------------+ 1 row in set (0.00 sec) -j On 6/27/02 12:20 PM, "Preston-Campbell" wrote: > it is possible to use regex in MySQL queries so you could eliminate anything > between < and > for example. > > MySQL by Paul Dubois covers this subject quite well. From zaunere at yahoo.com Thu Jun 27 15:39:21 2002 From: zaunere at yahoo.com (Hans Zaunere) Date: Thu, 27 Jun 2002 12:39:21 -0700 (PDT) Subject: PHP and Javascript/HTML Message-ID: <20020627193921.71800.qmail@web12805.mail.yahoo.com> I have a co-worker who will be working with me on a couple pages. He knows a little about Javascript and PHP and will be doing mostly frontend work, including taking a static HTML page and marking it up with PHP, so dynamic tables/etc can be generated from DB data that I supply (so I don't have to - YES!). Does anyone have resources that they've found particularly useful for implementing PHP in HTML/Javascript/layout/generation/etc. I'd like to stay away from templates/"supply a couple vars and out comes a table"/class systems - just good old fashioned HTML markup with PHP. Thanks, HZ __________________________________________________ Do You Yahoo!? Yahoo! - Official partner of 2002 FIFA World Cup http://fifaworldcup.yahoo.com From jonbaer at digitalanywhere.com Thu Jun 27 15:44:55 2002 From: jonbaer at digitalanywhere.com (Jon Baer) Date: Thu, 27 Jun 2002 15:44:55 -0400 Subject: [nycphp-talk] PHP and Javascript/HTML References: <200206271939.g5RJdQP40258@slipdisc.virul.net> Message-ID: <3D1B6B37.1060204@digitalanywhere.com> Hmm, not sure if it applies but Ive found this little hidden resource extremely helpful: http://ashleyit.com/rs/ Remote scripting w/ PHP works very nicely :-) - Jon Hans Zaunere wrote: >I have a co-worker who will be working with me on a couple pages. He >knows a little about Javascript and PHP and will be doing mostly >frontend work, including taking a static HTML page and marking it up >with PHP, so dynamic tables/etc can be generated from DB data that I >supply (so I don't have to - YES!). > >Does anyone have resources that they've found particularly useful for >implementing PHP in HTML/Javascript/layout/generation/etc. I'd like to >stay away from templates/"supply a couple vars and out comes a >table"/class systems - just good old fashioned HTML markup with PHP. > > >Thanks, > >HZ > > >__________________________________________________ >Do You Yahoo!? >Yahoo! - Official partner of 2002 FIFA World Cup >http://fifaworldcup.yahoo.com > > > From ktuskey at exostream.com Thu Jun 27 17:08:02 2002 From: ktuskey at exostream.com (Kyle Tuskey) Date: Thu, 27 Jun 2002 17:08:02 -0400 Subject: Meeting In-Reply-To: <200206271948.g5RJmVP40346@slipdisc.virul.net> Message-ID: <001e01c21e1e$b99691a0$e1072744@win2kbox> Just wanted to say I had a good time at the meeting. It was nice and more personal than I expected. For those of you that need my contact info, it is below. See everyone at the next one. Kyle Tuskey ktuskey at exostream.com AIM: artguru From evan.heller at alum.rpi.edu Thu Jun 27 22:45:01 2002 From: evan.heller at alum.rpi.edu (evan heller) Date: Thu, 27 Jun 2002 22:45:01 -0400 Subject: [nycphp-talk] PHP and Javascript/HTML References: <200206271948.g5RJmVP40346@slipdisc.virul.net> Message-ID: <3D1BCDAD.768CAC72@alum.rpi.edu> Well, a weird way of doing it is to have the page use the javascript include method to include a javascript file such as: but instead of returning a php page, it rather creates a javascript page which contains things like document.write("
some text from a database"); then all you have to do is tell your user to include the javascript bits wherever needed and walla...it should work across most browsers and is great method of getting data. HTMLGear.com uses it extensively if you want like Wired.com headlines or guest books or whatever. -Evan Jon Baer wrote: > > Hmm, not sure if it applies but Ive found this little hidden resource > extremely helpful: > > http://ashleyit.com/rs/ > > Remote scripting w/ PHP works very nicely :-) > > - Jon > > Hans Zaunere wrote: > > >I have a co-worker who will be working with me on a couple pages. He > >knows a little about Javascript and PHP and will be doing mostly > >frontend work, including taking a static HTML page and marking it up > >with PHP, so dynamic tables/etc can be generated from DB data that I > >supply (so I don't have to - YES!). > > > >Does anyone have resources that they've found particularly useful for > >implementing PHP in HTML/Javascript/layout/generation/etc. I'd like to > >stay away from templates/"supply a couple vars and out comes a > >table"/class systems - just good old fashioned HTML markup with PHP. > > > > > >Thanks, > > > >HZ > > > > > >__________________________________________________ > >Do You Yahoo!? > >Yahoo! - Official partner of 2002 FIFA World Cup > >http://fifaworldcup.yahoo.com > > > > > > -- Evan Heller evan.heller at alum.rpi.edu From dkrook at hotmail.com Fri Jun 28 10:18:06 2002 From: dkrook at hotmail.com (D C Krook) Date: Fri, 28 Jun 2002 10:18:06 -0400 Subject: [nycphp-talk] PHP and Javascript/HTML Message-ID: Heh, that's the way we hack around TeamSite, which doesn't allow for dynamic content in its templates. It's a good way to include something like a common navigation box shared across a series of articles. It also comes in pretty handy if you are using Atomz search for your site and would like to use your dynamic elements in the static wrapper template that you provide them which resides on their servers. >From: evan heller >Reply-To: talk at nyphp.org >To: NYPHP Talk >Subject: Re: [nycphp-talk] PHP and Javascript/HTML >Date: Thu, 27 Jun 2002 22:46:02 -0400 >Received: from hotmail.com ([65.54.237.23]) by hotmail.com with Microsoft >SMTPSVC(5.0.2195.4905); Thu, 27 Jun 2002 19:50:09 -0700 >Received: from slipdisc.virul.net ([66.114.66.188]) by hotmail.com with >Microsoft SMTPSVC(5.0.2195.4905); Thu, 27 Jun 2002 19:47:02 -0700 >Received: from nyphp.org (slipdisc.virul.net [66.114.66.188])by >slipdisc.virul.net (8.11.6/8.11.6) with ESMTP id g5S2k2P44169;Thu, 27 Jun >2002 22:46:02 -0400 (EDT)(envelope-from listmaster at nyphp.org) >Message-Id: <200206280246.g5S2k2P44169 at slipdisc.virul.net> >X-Paralist-Archived: > >X-List-Software: Paralist 0.6 >List-ID: >List-Owner: >List-Archive: >List-Subscribe: >List-Unsubscribe: >Organization: New York PHP >X-Mailer: Paramail 0.5 >Return-Path: listmaster at nyphp.org >X-OriginalArrivalTime: 28 Jun 2002 02:47:02.0768 (UTC) >FILETIME=[14F50700:01C21E4E] > >Well, a weird way of doing it is to have the page >use the javascript include method to include a >javascript file such as: > > >but instead of returning a php page, it rather >creates a javascript page which contains >things like document.write("
some text from a >database"); then all you have to do is tell your >user to >include the javascript bits wherever needed and >walla...it should work across most browsers and is >great method of getting >data. HTMLGear.com uses it extensively if you want >like Wired.com headlines or guest books or >whatever. > >-Evan > >Jon Baer wrote: > > > > Hmm, not sure if it applies but Ive found this little hidden resource > > extremely helpful: > > > > http://ashleyit.com/rs/ > > > > Remote scripting w/ PHP works very nicely :-) > > > > - Jon > > > > Hans Zaunere wrote: > > > > >I have a co-worker who will be working with me on a couple pages. He > > >knows a little about Javascript and PHP and will be doing mostly > > >frontend work, including taking a static HTML page and marking it up > > >with PHP, so dynamic tables/etc can be generated from DB data that I > > >supply (so I don't have to - YES!). > > > > > >Does anyone have resources that they've found particularly useful for > > >implementing PHP in HTML/Javascript/layout/generation/etc. I'd like to > > >stay away from templates/"supply a couple vars and out comes a > > >table"/class systems - just good old fashioned HTML markup with PHP. > > > > > > > > >Thanks, > > > > > >HZ > > > > > > > > >__________________________________________________ > > >Do You Yahoo!? > > >Yahoo! - Official partner of 2002 FIFA World Cup > > >http://fifaworldcup.yahoo.com > > > > > > > > > > >-- > >Evan Heller >evan.heller at alum.rpi.edu ======================================= D C Krook http://krook.net/ || http://krook.info/ _________________________________________________________________ Join the world?s largest e-mail service with MSN Hotmail. http://www.hotmail.com From ian at plusfour.org Fri Jun 28 10:26:33 2002 From: ian at plusfour.org (Ian Forsyth) Date: Fri, 28 Jun 2002 10:26:33 -0400 Subject: using exec or backticks In-Reply-To: <200206280246.g5S2k2P44169@slipdisc.virul.net> Message-ID: I am trying to do a mysqldump using php.. $command = "mysqldump -h localhost -u ian --password=something --opt adatabase > db.sql"; $result = `$command`; or exec("mysqldump -h localhost -u ian --password=something --opt adatabase > db.sql"); but on red-hat or mac os X (aka freebsd) i get nothing.. not even an empty file named db.sql.. On my windows machine even is my login was incorrect, a file was still generated.. which leads me to believe, for linux, is it an issue of permissions? $a = array(); $int = 1; $c = "ls"; exec($c,$a,$int); print_r($a); on both linux and windows. I get the same results from the above.. so it must be permissions.. should i try running it as a cgi? Ian.. From rainman at deroo.net Fri Jun 28 14:17:27 2002 From: rainman at deroo.net (Raymond DeRoo) Date: Fri, 28 Jun 2002 14:17:27 -0400 Subject: [nycphp-talk] using exec or backticks In-Reply-To: <200206281426.g5SEQJP50406@slipdisc.virul.net> References: <200206281426.g5SEQJP50406@slipdisc.virul.net> Message-ID: <200206281817.g5SIHK1G027552@base.deroo.net> Ian-- > $command = "mysqldump -h localhost -u ian --password=something --opt > adatabase > db.sql"; > $result = `$command`; > > or exec("mysqldump -h localhost -u ian --password=something --opt adatabase > > > db.sql"); Can the user your httpd runs as execute mysqldump? Even if it can, I doubt that mysqldump is in the path of the environment your httpd runs as. Try specifying the complete path to mysqldump and see if that works. .r From cthorn at wt.net Fri Jun 28 15:04:19 2002 From: cthorn at wt.net (Chauncey Thorn) Date: Fri, 28 Jun 2002 14:04:19 -0500 Subject: [nycphp-talk] using exec or backticks References: <200206281426.g5SEQJP50406@slipdisc.virul.net> Message-ID: <3D1CB333.9C327152@wt.net> How are you doing? Permissions needed for web server "user" to dump a file. somewhere under web root chown -R root.nobody dirname/ chmod -R g+w dirname/ Ian Forsyth wrote: > I am trying to do a mysqldump using php.. > > $command = "mysqldump -h localhost -u ian --password=something --opt > adatabase > db.sql"; > $result = `$command`; > > or exec("mysqldump -h localhost -u ian --password=something --opt adatabase > > db.sql"); > > but on red-hat or mac os X (aka freebsd) i get nothing.. not even an empty > file named db.sql.. > > On my windows machine even is my login was incorrect, a file was still > generated.. > > which leads me to believe, for linux, is it an issue of permissions? > > $a = array(); > $int = 1; > $c = "ls"; > exec($c,$a,$int); > print_r($a); > > on both linux and windows. I get the same results from the above.. so it > must be permissions.. should i try running it as a cgi? > > Ian.. -- Chauncey Thorn Internet: cthorn at wt.net Linux Administrator - MCP http://PCCS-Linux.COM -------------------------------------------------------------- "Views expressed by this individual may differ from your own..." From seth at ghiek.com Fri Jun 28 20:38:25 2002 From: seth at ghiek.com (Seth) Date: Fri, 28 Jun 2002 20:38:25 -0400 Subject: [nycphp-talk] using exec or backticks References: <200206290032.g5T0WVP62294@slipdisc.virul.net> Message-ID: <014401c21f05$481db840$0602a8c0@GHIEKJT5HZPBAD> Ian -- fwiw, I have a .php script that will dump an entire database out as an ascii, comma-delimited file to the directory of your choice. It runs from the web, generally from within my Admin section. spirits, seth ----- Original Message ----- From: "Chauncey Thorn" To: "NYPHP Talk" Sent: Friday, June 28, 2002 8:32 PM Subject: Re: [nycphp-talk] using exec or backticks > How are you doing? > > Permissions needed for web server "user" to dump a file. > > somewhere under web root > chown -R root.nobody dirname/ > chmod -R g+w dirname/ > > > > Ian Forsyth wrote: > > > I am trying to do a mysqldump using php.. > > > > $command = "mysqldump -h localhost -u ian --password=something --opt > > adatabase > db.sql"; > > $result = `$command`; > > > > or exec("mysqldump -h localhost -u ian --password=something --opt adatabase > > > db.sql"); > > > > but on red-hat or mac os X (aka freebsd) i get nothing.. not even an empty > > file named db.sql.. > > > > On my windows machine even is my login was incorrect, a file was still > > generated.. > > > > which leads me to believe, for linux, is it an issue of permissions? > > > > $a = array(); > > $int = 1; > > $c = "ls"; > > exec($c,$a,$int); > > print_r($a); > > > > on both linux and windows. I get the same results from the above.. so it > > must be permissions.. should i try running it as a cgi? > > > > Ian.. > > -- > Chauncey Thorn Internet: cthorn at wt.net > Linux Administrator - MCP http://PCCS-Linux.COM > -------------------------------------------------------------- > "Views expressed by this individual may differ from your own..." > > > > > > From jkapron at NewAgeWeb.com Sat Jun 29 03:34:33 2002 From: jkapron at NewAgeWeb.com (Jerry Kapron) Date: Sat, 29 Jun 2002 03:34:33 -0400 Subject: procmail and book(s) References: <200206290045.g5T0jqP62421@slipdisc.virul.net> Message-ID: <3D1D6308.33D4BF6A@NewAgeWeb.com> in case someone noticed that I'm keeping a library book for more than 2 months already (i think).. now I know that the Visual QuickPro Guide - PHP Advanced is too *visual* for me.. I also hate to see 'four pages' at the same time when I open a book, and when I flip a page..things look totally different.. I tried to get into this book a few times already - it just doesn't work .. I wanted to return it last wednesday but I got stuck at work.. however, when I read the new O'Reilly PHP book on the train after work I feel like I'm becoming a better person..it gets me relaxed and fed with the right information to move ahead .. please consider this an extra brief review of two books insted .. also, does anybody here know procmail like the back of their hand? this is kinda off topic but i'm sure that there are others who would like to learn more about it.. -jerry