From 1j0lkq002 at sneakemail.com Wed Dec 1 00:06:29 2004 From: 1j0lkq002 at sneakemail.com (inforequest) Date: Wed, 01 Dec 2004 00:06:29 -0500 Subject: [nycphp-talk] C for PHP resources In-Reply-To: References: <8E425F56-434C-11D9-98BB-0003938BDF32@localnotion.com> Message-ID: <16416-02880@sneakemail.com> David Mintz dmintz-at-davidmintz.org |nyphp dev/internal group use| wrote: >On Tue, 30 Nov 2004, Matthew Terenzio wrote: > > > >>So what are the best resources/books for me from those who have >>conquered this world? >> >> > >I would get "The C Progamming Language" by Kernighan and Ritchie if I were >in your shoes. Indeed I might be, when I decide to give it a shot myself >(-: > >--- >David Mintz http://davidmintz.org/ >$world =~ s|]*>.+||is; >_______________________________________________ > > Yeah, you can't go wrong with 2nd edition or better (prior to that K&R "C" was not ANSI C). It's a reference book, though, not a tutorial/trainer. Do I still recall page 49 was the operands listing?? -=john andrews From jlacey at att.net Wed Dec 1 01:41:10 2004 From: jlacey at att.net (John Lacey) Date: Tue, 30 Nov 2004 23:41:10 -0700 Subject: [nycphp-talk] 4 and 5 on the same development box (again) In-Reply-To: References: Message-ID: <41AD6786.6000504@att.net> David Mintz wrote: > This came up a few months back and I can't seem to locate the thread in > the archives (It seems that when you google "whatever > site:lists.nyphp.org" you strike out no matter what 'whatever' is. But I > digress...) > > Suppose you don't mind restarting Apache to switch between 4 and 5. Is > there any reason why one couldn't install php5 in something like > /usr/local/php5 and write a second httpd.conf to work with it, then maybe > write a shell script for restarting using the appropriate config? > > I've read Adam Trachtenberg's recipes for setting up PHP 5 as a CGI and > using it alongside PHP4. (Great book that "Upgrading to PHP 5", btw, thank > you Adam). Makes sense. There was also another recipe proposed by G. > Schlossnagle on this list -- one of the posts I can't seem to find -- that > involved mod_proxy and so on, which I'd love to have another look at if > someone could point the way. But I was wondering about the scenario > described above. > Here's an August post John Coggeshall wrote with regard to mod_proxy: http://lists.nyphp.org/pipermail/talk/2004-August/011613.html and the link to the instructions from the above post: http://wiki.coggeshall.org/Main/RunningPHP4AndPHP5Concurrently HTH, John From codebowl at gmail.com Wed Dec 1 08:04:15 2004 From: codebowl at gmail.com (Joseph Crawford) Date: Wed, 1 Dec 2004 08:04:15 -0500 Subject: [nycphp-talk] C for PHP resources In-Reply-To: <16416-02880@sneakemail.com> References: <8E425F56-434C-11D9-98BB-0003938BDF32@localnotion.com> <16416-02880@sneakemail.com> Message-ID: <8d9a4280041201050420ab52aa@mail.gmail.com> for learning C i loved the book C How to Program by Deitel & Deitel it's a bit pricy but worth every penny IMO ISBN: 0130895725 -- Joseph Crawford Jr. Codebowl Solutions codebowl at gmail.com For a GMail account contact me OFF-LIST From joshmccormack at travelersdiary.com Wed Dec 1 08:51:18 2004 From: joshmccormack at travelersdiary.com (Josh McCormack) Date: Wed, 01 Dec 2004 08:51:18 -0500 Subject: [nycphp-talk] C for PHP resources In-Reply-To: <16416-02880@sneakemail.com> References: <8E425F56-434C-11D9-98BB-0003938BDF32@localnotion.com> <16416-02880@sneakemail.com> Message-ID: <41ADCC56.4060200@travelersdiary.com> I've been slowing working my way through this tutorial: http://computer.howstuffworks.com/c.htm which I had a friend look over who knows C, and he said it looked good. Josh inforequest wrote: > David Mintz dmintz-at-davidmintz.org |nyphp dev/internal group use| wrote: > >> On Tue, 30 Nov 2004, Matthew Terenzio wrote: >> >> >> >>> So what are the best resources/books for me from those who have >>> conquered this world? >>> >> >> >> I would get "The C Progamming Language" by Kernighan and Ritchie if I >> were >> in your shoes. Indeed I might be, when I decide to give it a shot myself >> (-: >> >> --- >> David Mintz http://davidmintz.org/ >> $world =~ s|]*>.+||is; >> _______________________________________________ >> >> > > > Yeah, you can't go wrong with 2nd edition or better (prior to that K&R > "C" was not ANSI C). > It's a reference book, though, not a tutorial/trainer. > > Do I still recall page 49 was the operands listing?? > > -=john andrews > > _______________________________________________ > New York PHP Talk > Supporting AMP Technology (Apache/MySQL/PHP) > http://lists.nyphp.org/mailman/listinfo/talk > http://www.newyorkphp.org > From dmintz at davidmintz.org Wed Dec 1 10:31:51 2004 From: dmintz at davidmintz.org (David Mintz) Date: Wed, 1 Dec 2004 10:31:51 -0500 (EST) Subject: [nycphp-talk] 4 and 5 on the same development box (again) In-Reply-To: <41AD6786.6000504@att.net> References: <41AD6786.6000504@att.net> Message-ID: On Tue, 30 Nov 2004, John Lacey wrote: > > Here's an August post John Coggeshall wrote with regard to mod_proxy: > http://lists.nyphp.org/pipermail/talk/2004-August/011613.html > > and the link to the instructions from the above post: > http://wiki.coggeshall.org/Main/RunningPHP4AndPHP5Concurrently > > HTH, > John Ahhh, no wonder. My brain was lying to me about who had posted that. Thanks. Meanwhile I decided to just do it -- my thanks to csynder for the tips. Had hideous problems with 'make' until I gave up `--with-xsl`. It said: ext/dom/document.lo(.text+0x2914): In function `zif_dom_document_validate': /home/david/downloads/php-5.0.2/ext/dom/document.c:1752: undefined reference to `xmlNewValidCtxt' ext/dom/document.lo(.text+0x294f):/home/david/downloads/php-5.0.2/ext/dom/document.c:1764: undefined reference to `xmlFreeValidCtxt' ext/dom/document.lo(.text+0x2eac): In function `dom_load_html': /home/david/downloads/php-5.0.2/ext/dom/document.c:1978: undefined reference to `htmlCreateMemoryParserCtxt' collect2: ld returned 1 exit status make: *** [sapi/cli/php] Error 1 and yes I checked libxslt version, it's 1.0.27. Perhaps I'll next try upgrading it anyway and see if that brings any joy. Thanks, --- David Mintz http://davidmintz.org/ $world =~ s|]*>.+||is; From adam at trachtenberg.com Wed Dec 1 12:08:41 2004 From: adam at trachtenberg.com (Adam Maccabee Trachtenberg) Date: Wed, 1 Dec 2004 12:08:41 -0500 (EST) Subject: [nycphp-talk] 4 and 5 on the same development box (again) In-Reply-To: References: <41AD6786.6000504@att.net> Message-ID: On Wed, 1 Dec 2004, David Mintz wrote: > ext/dom/document.lo(.text+0x2914): In function > `zif_dom_document_validate': > /home/david/downloads/php-5.0.2/ext/dom/document.c:1752: undefined > reference to `xmlNewValidCtxt' > ext/dom/document.lo(.text+0x294f):/home/david/downloads/php-5.0.2/ext/dom/document.c:1764: > undefined reference to `xmlFreeValidCtxt' > ext/dom/document.lo(.text+0x2eac): In function `dom_load_html': > /home/david/downloads/php-5.0.2/ext/dom/document.c:1978: undefined > reference to `htmlCreateMemoryParserCtxt' > collect2: ld returned 1 exit status > make: *** [sapi/cli/php] Error 1 > > and yes I checked libxslt version, it's 1.0.27. Perhaps I'll next try > upgrading it anyway and see if that brings any joy. While you're at it, check to see what version of libxml2 you're running. Make sure you're running a 2.6.x series, you'll be happier. The current version is probably best. -adam -- adam at trachtenberg.com author of o'reilly's "upgrading to php 5" and "php cookbook" avoid the holiday rush, buy your copies today! From tom at supertom.com Wed Dec 1 12:09:43 2004 From: tom at supertom.com (Tom) Date: Wed, 01 Dec 2004 12:09:43 -0500 Subject: [nycphp-talk] Wiki recommendations? Message-ID: <1101920982.24531.11.camel@tmelendez.int.bascom.com> Hey everyone, I'm evaluating wikis for use in our organization, and I'd like to get your opinions. There aren't too many requirements: - User Authenication - Ability to Upload Files Nice to haves would be: - Wiki syntax WYSIWYG editor - WikiPage Sidebar (pmwiki does this well) - author information printed on the page (this can probably just be included with a wiki variable, if it isn't there by default) We are not married to the idea of a wiki, a good document management server would also suffice. We are really just looking for a way to organize our documentation effectively. Thanks in advance! Tom www.liphp.org From wfan at VillageVoice.com Wed Dec 1 12:20:14 2004 From: wfan at VillageVoice.com (Fan, Wellington) Date: Wed, 1 Dec 2004 12:20:14 -0500 Subject: [nycphp-talk] Deleting/overwriting a remote file Message-ID: <1448FB4565D489478642386D50D3FB770551F34C@VVNTMAIL.vvny.villagevoice.com> Hello Listies, I am running PHP 4.3.4, and allow_url_fopen "ON" I can use fopen( 'ftp://FILE', 'w' ) to create & write a file. I cannot however overwrite the file if it exists. I recieve this warning: Warning: fopen(ftp://FILE): failed to open stream: FTP server reports 213.... 213 appears to be a FTP success code -- "File Status", so it doesn't seem like any help there. I do *NOT* have the FTP functions enabled, nor is that an option right now. I have tried to unlink() the file beforehand, with no success -- the docs say that's PHP 5.0.0 and later anyway. Suggestions? -- Wellington From adam at trachtenberg.com Wed Dec 1 12:28:21 2004 From: adam at trachtenberg.com (Adam Maccabee Trachtenberg) Date: Wed, 1 Dec 2004 12:28:21 -0500 (EST) Subject: [nycphp-talk] Deleting/overwriting a remote file In-Reply-To: <1448FB4565D489478642386D50D3FB770551F34C@VVNTMAIL.vvny.villagevoice.com> References: <1448FB4565D489478642386D50D3FB770551F34C@VVNTMAIL.vvny.villagevoice.com> Message-ID: On Wed, 1 Dec 2004, Fan, Wellington wrote: > I have tried to unlink() the file beforehand, with no success -- the docs > say that's PHP 5.0.0 and later anyway. > > Suggestions? Using the ftp extension? http://www.php.net/ftp -adam -- adam at trachtenberg.com author of o'reilly's "upgrading to php 5" and "php cookbook" avoid the holiday rush, buy your copies today! From ajai at bitblit.net Wed Dec 1 13:42:05 2004 From: ajai at bitblit.net (Ajai Khattri) Date: Wed, 01 Dec 2004 13:42:05 -0500 Subject: [nycphp-talk] Wiki recommendations? In-Reply-To: <1101920982.24531.11.camel@tmelendez.int.bascom.com> References: <1101920982.24531.11.camel@tmelendez.int.bascom.com> Message-ID: <41AE107D.5060402@bitblit.net> Tom wrote: >Hey everyone, > >I'm evaluating wikis for use in our organization, and I'd like to get >your opinions. > >There aren't too many requirements: >- User Authenication >- Ability to Upload Files > >Nice to haves would be: >- Wiki syntax WYSIWYG editor >- WikiPage Sidebar (pmwiki does this well) >- author information printed on the page (this can probably just be >included with a wiki variable, if it isn't there by default) > >We are not married to the idea of a wiki, a good document management >server would also suffice. We are really just looking for a way to >organize our documentation effectively. > I am using the latest version of phpwiki - I chose it for its simple interface rather than its features: http://phpwiki.sourceforge.net/phpwiki/ If you are looking for something to do issue tracking as well as have a wiki you may want to look at trac (its next on my list of evaluations): http://www.edgewall.com/trac/ Finally, there's the one used on wikipedia.org: http://wikipedia.sourceforge.net/ -- Aj. Systems Administrator / Developer From 1j0lkq002 at sneakemail.com Wed Dec 1 14:48:21 2004 From: 1j0lkq002 at sneakemail.com (inforequest) Date: Wed, 01 Dec 2004 14:48:21 -0500 Subject: [nycphp-talk] Wiki recommendations? In-Reply-To: <41AE107D.5060402@bitblit.net> References: <1101920982.24531.11.camel@tmelendez.int.bascom.com> <41AE107D.5060402@bitblit.net> Message-ID: <29420-99996@sneakemail.com> Ajai Khattri ajai-at-bitblit.net |nyphp dev/internal group use| wrote: > I am using the latest version of phpwiki - I chose it for its simple > interface rather than its features: > http://phpwiki.sourceforge.net/phpwiki/ > > If you are looking for something to do issue tracking as well as have > a wiki you may want to look at trac (its next on my list of evaluations): > http://www.edgewall.com/trac/ > > Finally, there's the one used on wikipedia.org: > http://wikipedia.sourceforge.net/ I really like mediawiki (the wikipedia one), although I can't answer your questions as I basically just use it for content creation/management. -=john andrews From wfan at VillageVoice.com Wed Dec 1 15:06:58 2004 From: wfan at VillageVoice.com (Fan, Wellington) Date: Wed, 1 Dec 2004 15:06:58 -0500 Subject: [nycphp-talk] Deleting/overwriting a remote file Message-ID: <1448FB4565D489478642386D50D3FB770551F34D@VVNTMAIL.vvny.villagevoice.com> Adam, I don't have the ftp extension enbaled, and I probably won't be able to. Other suggestions? > Using the ftp extension? http://www.php.net/ftp > > -adam From mogmios at mlug.missouri.edu Wed Dec 1 15:49:51 2004 From: mogmios at mlug.missouri.edu (Michael) Date: Wed, 01 Dec 2004 12:49:51 -0800 Subject: [nycphp-talk] Wiki recommendations? In-Reply-To: <1101920982.24531.11.camel@tmelendez.int.bascom.com> References: <1101920982.24531.11.camel@tmelendez.int.bascom.com> Message-ID: <41AE2E6F.3080102@mlug.missouri.edu> I've tried several wikis and MediaWiki seems to bb the most professional looking which I think is important. It's not to hard to extend either. There has been some talk of rewriting the user authentication backend so that it's easy to replace with alternate methods of authentication (and to port other popular PHP apps to the same interface) but I've yet to see any actual code put towards that effort. I don't know of any wiki software that already has such a user auth api. -- Michael http://kavlon.org From adam at trachtenberg.com Wed Dec 1 15:50:37 2004 From: adam at trachtenberg.com (Adam Maccabee Trachtenberg) Date: Wed, 1 Dec 2004 15:50:37 -0500 (EST) Subject: [nycphp-talk] Deleting/overwriting a remote file In-Reply-To: <1448FB4565D489478642386D50D3FB770551F34D@VVNTMAIL.vvny.villagevoice.com> References: <1448FB4565D489478642386D50D3FB770551F34D@VVNTMAIL.vvny.villagevoice.com> Message-ID: On Wed, 1 Dec 2004, Fan, Wellington wrote: > I don't have the ftp extension enbaled, and I probably won't be able to. > Other suggestions? Oops. Missed that part of your post. What about cURL? -adam -- adam at trachtenberg.com author of o'reilly's "upgrading to php 5" and "php cookbook" avoid the holiday rush, buy your copies today! From dmintz at davidmintz.org Wed Dec 1 16:59:54 2004 From: dmintz at davidmintz.org (David Mintz) Date: Wed, 1 Dec 2004 16:59:54 -0500 (EST) Subject: [nycphp-talk] 4 and 5 on the same development box (again) In-Reply-To: References: <41AD6786.6000504@att.net> Message-ID: On Wed, 1 Dec 2004, Adam Maccabee Trachtenberg wrote: > On Wed, 1 Dec 2004, David Mintz wrote: > > > ext/dom/document.lo(.text+0x2914): In function > > `zif_dom_document_validate': > > /home/david/downloads/php-5.0.2/ext/dom/document.c:1752: undefined > > reference to `xmlNewValidCtxt' > > > > and yes I checked libxslt version, it's 1.0.27. Perhaps I'll next try > > upgrading it anyway and see if that brings any joy. > > While you're at it, check to see what version of libxml2 you're > running. Make sure you're running a 2.6.x series, you'll be > happier. The current version is probably best. > > -adam I did check that and upgraded from shoulda-been-new-enough to most recent, just to please the gods. Maybe that's what worked because the damn thing finally built and installed just fine with --with-xsl ! But I was also mucking about with other things too. Searching for something to kvetch about: it works, but I'm not sure what I did right (-: I was trying to change one thing at a time, but I guess I should also have taken copious notes. Thanks much, --- David Mintz http://davidmintz.org/ From wfan at VillageVoice.com Wed Dec 1 17:26:34 2004 From: wfan at VillageVoice.com (Fan, Wellington) Date: Wed, 1 Dec 2004 17:26:34 -0500 Subject: [nycphp-talk] Deleting/overwriting a remote file Message-ID: <1448FB4565D489478642386D50D3FB770551F351@VVNTMAIL.vvny.villagevoice.com> > Oops. Missed that part of your post. What about cURL? Hmmm...seemed likely, but couldn't see any CURLOPTS that would perform an FTP DELETE. I saw CURLOPT_CUSTOMREQUEST that might allow me to build a HTTP DELETE, but there's no webserver on my target machine. Anyway, no big deal. My client has decided to do things differently so this is no longer an issue. Thanks for your help. And BTW, the PHP Cookbook is great! -- WF From tom at supertom.com Wed Dec 1 17:29:22 2004 From: tom at supertom.com (Tom) Date: Wed, 01 Dec 2004 17:29:22 -0500 Subject: [nycphp-talk] Wiki recommendations? In-Reply-To: <29420-99996@sneakemail.com> References: <1101920982.24531.11.camel@tmelendez.int.bascom.com> <41AE107D.5060402@bitblit.net> <29420-99996@sneakemail.com> Message-ID: <1101940161.25683.10.camel@tmelendez.int.bascom.com> Hi guys, Thanks for the feedback. For the last two days I've been installing and testing out wikis and I would agree that hands down mediawiki takes the cake. It installed in 30 seconds, and has tons of features. In my testing, I would say the close runners up were PMwiki and Dokuwiki, for those of you keeping score! Thanks again for the help! Tom www.liphp.org On Wed, 2004-12-01 at 14:48, inforequest wrote: > Ajai Khattri ajai-at-bitblit.net |nyphp dev/internal group use| wrote: > > > I am using the latest version of phpwiki - I chose it for its simple > > interface rather than its features: > > http://phpwiki.sourceforge.net/phpwiki/ > > > > If you are looking for something to do issue tracking as well as have > > a wiki you may want to look at trac (its next on my list of evaluations): > > http://www.edgewall.com/trac/ > > > > Finally, there's the one used on wikipedia.org: > > http://wikipedia.sourceforge.net/ > > > > I really like mediawiki (the wikipedia one), although I can't answer > your questions as I basically just use it for content creation/management. > > -=john andrews > > > > _______________________________________________ > New York PHP Talk > Supporting AMP Technology (Apache/MySQL/PHP) > http://lists.nyphp.org/mailman/listinfo/talk > http://www.newyorkphp.org -- ==== ======================== Tom Melendez Senior Software Developer BASCOM Global Internet Services, Inc. Phone : 631-434-6600 Fax : 631-434-7800 Email : tmelendez at bascom.com Web : http://www.bascom.com ======================== From adam at trachtenberg.com Wed Dec 1 19:38:58 2004 From: adam at trachtenberg.com (Adam Maccabee Trachtenberg) Date: Wed, 1 Dec 2004 19:38:58 -0500 (EST) Subject: [nycphp-talk] Deleting/overwriting a remote file In-Reply-To: <1448FB4565D489478642386D50D3FB770551F351@VVNTMAIL.vvny.villagevoice.com> References: <1448FB4565D489478642386D50D3FB770551F351@VVNTMAIL.vvny.villagevoice.com> Message-ID: On Wed, 1 Dec 2004, Fan, Wellington wrote: > Hmmm...seemed likely, but couldn't see any CURLOPTS that would perform an > FTP DELETE. I saw CURLOPT_CUSTOMREQUEST that might allow me to build a HTTP > DELETE, but there's no webserver on my target machine. I believe the cURL default FTP behavior is to overwrite, which I think was what you wanted. > Anyway, no big deal. My client has decided to do things differently so this > is no longer an issue. Perfect. :) > Thanks for your help. And BTW, the PHP Cookbook is great! No problem. Glad you like the book. -adam -- adam at trachtenberg.com author of o'reilly's "upgrading to php 5" and "php cookbook" avoid the holiday rush, buy your copies today! From 1j0lkq002 at sneakemail.com Wed Dec 1 22:04:07 2004 From: 1j0lkq002 at sneakemail.com (inforequest) Date: Wed, 01 Dec 2004 22:04:07 -0500 Subject: [nycphp-talk] Wiki recommendations? In-Reply-To: <1101940161.25683.10.camel@tmelendez.int.bascom.com> References: <1101920982.24531.11.camel@tmelendez.int.bascom.com> <41AE107D.5060402@bitblit.net> <29420-99996@sneakemail.com> <1101940161.25683.10.camel@tmelendez.int.bascom.com> Message-ID: <10320-38760@sneakemail.com> Tom tom-at-supertom.com |nyphp dev/internal group use| wrote: >mediawiki ...installed in 30 seconds > > Hmmm... and I was under the impression my systems guy was really good. Maybe I need to rethink what I have been paying him ;-) -=john andrews From amir.aavani at gmail.com Thu Dec 2 00:01:27 2004 From: amir.aavani at gmail.com (Amir Aavani) Date: Thu, 2 Dec 2004 08:31:27 +0330 Subject: [nycphp-talk] About XML in PHP Message-ID: dear friends i have a question about XML support in PHP. is there any class or function or etc that allow the program to generate an XML file(stream).I mean that it can add new node or new element or atrribute by its input parameters. for example if in its input, there is a 'login' message , it can add a node 'Login' to its output XML, and in otherwise add a node 'not login' or something like this. i know that there are some parser function or classes in PHP but with none of them you can't add a new node to the output XML. thanks Amir From jonbaer at jonbaer.net Thu Dec 2 00:55:58 2004 From: jonbaer at jonbaer.net (Jon Baer) Date: Thu, 02 Dec 2004 00:55:58 -0500 Subject: [nycphp-talk] About XML in PHP In-Reply-To: References: Message-ID: <41AEAE6E.3090300@jonbaer.net> im not sure you really want a parser function as much as you want to manipulate + outout the dom .. check out dom functions: http://www.php.net/dom example: (you can also load/modify/etc) createElement("foo"); $foo = $doc->appendChild($foo); $bar = $doc->createElement("bar", "NYPHP Talk"); $bar = $foo->appendChild($bar); echo $doc->saveXML(); ?> output: NYPHP Talk - jon Amir Aavani wrote: > dear friends > i have a question about XML support in PHP. is there any class or > function or etc that allow the program to generate an XML > file(stream).I mean that it can add new node or new element or > atrribute by its input parameters. > for example if in its input, there is a 'login' message , it can add a > node 'Login' to its output XML, and in otherwise add a node 'not > login' or something like this. > i know that there are some parser function or classes in PHP but with > none of them you can't add a new node to the output XML. > thanks > Amir pgp key: http://www.jonbaer.net/jonbaer.asc fingerprint: F438 A47E C45E 8B27 F68C 1F9B 41DB DB8B 9A0C AF47 From hans at cyberxdesigns.com Thu Dec 2 08:50:23 2004 From: hans at cyberxdesigns.com (Hans C. Kaspersetz) Date: Thu, 02 Dec 2004 08:50:23 -0500 Subject: [nycphp-talk] Wiki recommendations? In-Reply-To: <10320-38760@sneakemail.com> References: <1101920982.24531.11.camel@tmelendez.int.bascom.com> <41AE107D.5060402@bitblit.net> <29420-99996@sneakemail.com> <1101940161.25683.10.camel@tmelendez.int.bascom.com> <10320-38760@sneakemail.com> Message-ID: <41AF1D9F.7090108@cyberxdesigns.com> What did he do, charge you for a couple of hours? Hans inforequest wrote: > Tom tom-at-supertom.com |nyphp dev/internal group use| wrote: > >> mediawiki ...installed in 30 seconds >> >> > Hmmm... and I was under the impression my systems guy was really good. > Maybe I need to rethink what I have been paying him ;-) > > > -=john andrews > From jsiegel1 at optonline.net Thu Dec 2 09:06:02 2004 From: jsiegel1 at optonline.net (Jeff Siegel) Date: Thu, 02 Dec 2004 09:06:02 -0500 Subject: [nycphp-talk] Top 20 IT Mistakes Message-ID: <41AF214A.3030509@optonline.net> This is from: http://www.infoworld.com/article/04/11/19/47FEtop20_5.html Mistake No. 18: "18. Underestimating PHP IT managers who look only as far as J2EE and .Net when developing scalable Web apps are making a mistake by not taking a second look at scripting languages -- particularly PHP. This scripting language has been around for a decade now, and millions of Yahoo pages are served by PHP each day. Discussion of PHP scalability reached a high-water mark in June, when the popular social-networking site Friendster finally beat nagging performance woes by migrating from J2EE to PHP. In a comment attached to a Weblog post about Friendster?s switch to PHP, Rasmus Lerdorf, inventor of PHP, explained the architectural secret of PHP?s capability of scaling: ?Scalability is gained by using a shared-nothing architecture where you can scale horizontally infinitely.? The stateless ?shared-nothing? architecture of PHP means that each request is handled independently of all others, and simple horizontal scaling means adding more boxes. Any bottlenecks are limited to scaling a back-end database. Languages such as PHP might not be the right solution for everyone, but pre-emptively pushing scripting languages aside when there are proven scalability successes is a mistake. " ------------- Jeff S. From prusak at gmail.com Thu Dec 2 09:53:27 2004 From: prusak at gmail.com (Ophir Prusak) Date: Thu, 2 Dec 2004 09:53:27 -0500 Subject: [nycphp-talk] Wiki recommendations? In-Reply-To: <1101920982.24531.11.camel@tmelendez.int.bascom.com> References: <1101920982.24531.11.camel@tmelendez.int.bascom.com> Message-ID: A couple of year ago I was evaluating wiki's and decided to go with twiki (perl based, flat files). I'm not familiar with today's offerings, but at the time twiki had many features others did not. www.twiki.org On Wed, 01 Dec 2004 12:09:43 -0500, Tom wrote: > Hey everyone, > > I'm evaluating wikis for use in our organization, and I'd like to get > your opinions. > > There aren't too many requirements: > - User Authenication > - Ability to Upload Files > > Nice to haves would be: > - Wiki syntax WYSIWYG editor > - WikiPage Sidebar (pmwiki does this well) > - author information printed on the page (this can probably just be > included with a wiki variable, if it isn't there by default) > > We are not married to the idea of a wiki, a good document management > server would also suffice. We are really just looking for a way to > organize our documentation effectively. > > Thanks in advance! > > Tom > www.liphp.org > > _______________________________________________ > New York PHP Talk > Supporting AMP Technology (Apache/MySQL/PHP) > http://lists.nyphp.org/mailman/listinfo/talk > http://www.newyorkphp.org > From 1j0lkq002 at sneakemail.com Thu Dec 2 10:38:17 2004 From: 1j0lkq002 at sneakemail.com (inforequest) Date: Thu, 02 Dec 2004 10:38:17 -0500 Subject: [nycphp-talk] Wiki recommendations? In-Reply-To: <41AF1D9F.7090108@cyberxdesigns.com> References: <1101920982.24531.11.camel@tmelendez.int.bascom.com> <41AE107D.5060402@bitblit.net> <29420-99996@sneakemail.com> <1101940161.25683.10.camel@tmelendez.int.bascom.com> <10320-38760@sneakemail.com> <41AF1D9F.7090108@cyberxdesigns.com> Message-ID: <20667-96518@sneakemail.com> Hans C. Kaspersetz hans-at-cyberxdesigns.com |nyphp dev/internal group use| wrote: > What did he do, charge you for a couple of hours? > > Hans > inforequest wrote: > >> Tom tom-at-supertom.com |nyphp dev/internal group use| wrote: >> >>> mediawiki ...installed in 30 seconds >>> >>> >> Hmmm... and I was under the impression my systems guy was really >> good. Maybe I need to rethink what I have been paying him ;-) >> >> >> -=john andrews > Haha it was you, Hans, and I was only kidding :-o From dcech at phpwerx.net Thu Dec 2 10:58:04 2004 From: dcech at phpwerx.net (Dan Cech) Date: Thu, 02 Dec 2004 10:58:04 -0500 Subject: [nycphp-talk] Validating Email Addresses Message-ID: <41AF3B8C.5000300@phpwerx.net> Hi All, I've come up against an interesting little problem, and wondered if anyone had any input for me. I'm trying to validate email addresses like: Joe Bloggs Thus far the best I've come up with is: $preg = '/^(?:("?)([^"<]+)\1 <)?(([\w.-]+)@((?:[a-z0-9-]+\.)+[a-z0-9]{1,4}))(?:>?)$/i'; Which results in: Array ( [0] => Joe Bloggs [1] => [2] => Joe Bloggs [3] => joe at example.com [4] => joe [5] => example.com ) Does anyone have any input on this? Dan Cech From prusak at gmail.com Thu Dec 2 11:01:32 2004 From: prusak at gmail.com (Ophir Prusak) Date: Thu, 2 Dec 2004 11:01:32 -0500 Subject: [nycphp-talk] mysource cms Message-ID: I just heard about this CMS on the wwwac list called MySource by squiz.net. It's PHP/MySQL based. I have *never* seen such a polished flash presentation for an open source cms. http://www.squiz.net/home/monkey_movie The product itself looks pretty impressive. Does anyone know anything about this? Or is the a secret known only to those down under (it seems to be an Australian company). Ophir From james at surgam.net Thu Dec 2 11:19:23 2004 From: james at surgam.net (James B. Wetterau Jr.) Date: Thu, 02 Dec 2004 11:19:23 -0500 Subject: [nycphp-talk] Validating Email Addresses Message-ID: <41AF408B.2070706@surgam.net> Dan Cech says: > Hi All, > > I've come up against an interesting little problem, and wondered if > anyone had any input for me. ... To validate any potentially valid email address (including those that use old fashion conventions, multiple subnet parts (e.g. joe.smith at retail.sales.east.us.example.com), or other stuff that you don't see frequently requires a pretty daunting regular expression. Here's one in Perl regexp language that's supposed to be RFC compliant: (from the Mail::RFC822::Address module) http://www.ex-parrot.com/~pdw/Mail-RFC822-Address.html The regexp is: (?:(?:\r\n)?[ \t])*(?:(?:(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t] )+|\Z|(?=[\["()<>@,;:\\".\[\]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ \t]))*"(?:(?: \r\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:( ?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ \t]))*"(?:(?:\r\n)?[ \t])*))*@(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\0 31]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\ ](?:(?:\r\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+ (?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?: (?:\r\n)?[ \t])*))*|(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z |(?=[\["()<>@,;:\\".\[\]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ \t]))*"(?:(?:\r\n) ?[ \t])*)*\<(?:(?:\r\n)?[ \t])*(?:@(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\ r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n) ?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t] )*))*(?:,@(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])* )(?:\.(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t] )+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*))*) *:(?:(?:\r\n)?[ \t])*)?(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+ |\Z|(?=[\["()<>@,;:\\".\[\]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ \t]))*"(?:(?:\r \n)?[ \t])*)(?:\.(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?: \r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ \t ]))*"(?:(?:\r\n)?[ \t])*))*@(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031 ]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\]( ?:(?:\r\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+(? :(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(? :\r\n)?[ \t])*))*\>(?:(?:\r\n)?[ \t])*)|(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(? :(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)? [ \t]))*"(?:(?:\r\n)?[ \t])*)*:(?:(?:\r\n)?[ \t])*(?:(?:(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|"(?:[^\"\r\\]| \\.|(?:(?:\r\n)?[ \t]))*"(?:(?:\r\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ \t])*(?:[^()<> @,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|" (?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ \t]))*"(?:(?:\r\n)?[ \t])*))*@(?:(?:\r\n)?[ \t] )*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\ ".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ \t])*(? :[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[ \]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*))*|(?:[^()<>@,;:\\".\[\] \000- \031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|"(?:[^\"\r\\]|\\.|( ?:(?:\r\n)?[ \t]))*"(?:(?:\r\n)?[ \t])*)*\<(?:(?:\r\n)?[ \t])*(?:@(?:[^()<>@,; :\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([ ^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\" .\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\ ]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*))*(?:,@(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\ [\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\ r\\]|\\.)*\](?:(?:\r\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\] |\\.)*\](?:(?:\r\n)?[ \t])*))*)*:(?:(?:\r\n)?[ \t])*)?(?:[^()<>@,;:\\".\[\] \0 00-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|"(?:[^\"\r\\]|\\ .|(?:(?:\r\n)?[ \t]))*"(?:(?:\r\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ \t])*(?:[^()<>@, ;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|"(? :[^\"\r\\]|\\.|(?:(?:\r\n)?[ \t]))*"(?:(?:\r\n)?[ \t])*))*@(?:(?:\r\n)?[ \t])* (?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\". \[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ \t])*(?:[ ^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\] ]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*))*\>(?:(?:\r\n)?[ \t])*)(?:,\s*( ?:(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\ ".\[\]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ \t]))*"(?:(?:\r\n)?[ \t])*)(?:\.(?:( ?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[ \["()<>@,;:\\".\[\]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ \t]))*"(?:(?:\r\n)?[ \t ])*))*@(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t ])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*)(? :\.(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+| \Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*))*|(?: [^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\ ]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ \t]))*"(?:(?:\r\n)?[ \t])*)*\<(?:(?:\r\n) ?[ \t])*(?:@(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\[" ()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*)(?:\.(?:(?:\r\n) ?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<> @,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*))*(?:,@(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@, ;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ \t] )*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\ ".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*))*)*:(?:(?:\r\n)?[ \t])*)? (?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\". \[\]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ \t]))*"(?:(?:\r\n)?[ \t])*)(?:\.(?:(?: \r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\[ "()<>@,;:\\".\[\]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ \t]))*"(?:(?:\r\n)?[ \t]) *))*@(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t]) +|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*)(?:\ .(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z |(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*))*\>(?:( ?:\r\n)?[ \t])*))*)?;\s*) From Cbielanski at inta.org Thu Dec 2 11:28:29 2004 From: Cbielanski at inta.org (Chris Bielanski) Date: Thu, 2 Dec 2004 11:28:29 -0500 Subject: [ot] RE: [nycphp-talk] Validating Email Addresses Message-ID: <4DBE3775D77C744E9D1B9D06082E75D60AAAA5@intamail1.com> That looks like a PGP key written in RE!! @_@;; Thanks, Chris Bielanski Web Programmer, International Trademark Association, 1133 Avenue of the Americas, 33rd Floor New York, NY 10036 +1 (212) 642-1745, f: +1 (212) 768-7796 mailto:cbielanski at inta.org, www.inta.org INTA -- 125 Years of Excellence > -----Original Message----- > From: James B. Wetterau Jr. [mailto:james at surgam.net] > Sent: Thursday, December 02, 2004 11:19 AM > To: NYPHP Talk > Subject: Re: [nycphp-talk] Validating Email Addresses > > > Dan Cech says: > > Hi All, > > > > I've come up against an interesting little problem, and wondered if > > anyone had any input for me. > ... > > To validate any potentially valid email address (including those that > use old fashion conventions, multiple subnet parts > (e.g. joe.smith at retail.sales.east.us.example.com), or other stuff that > you don't see frequently requires a pretty daunting regular > expression. Here's one in Perl regexp language that's supposed to be > RFC compliant: (from the Mail::RFC822::Address module) > > http://www.ex-parrot.com/~pdw/Mail-RFC822-Address.html > > The regexp is: > > (?:(?:\r\n)?[ \t])*(?:(?:(?:[^()<>@,;:\\".\[\] > \000-\031]+(?:(?:(?:\r\n)?[ \t] > )+|\Z|(?=[\["()<>@,;:\\".\[\]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ > \t]))*"(?:(?: > \r\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] > \000-\031]+(?:(?:( > ?:\r\n)?[ > \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ > \t]))*"(?:(?:\r\n)?[ \t])*))*@(?:(?:\r\n)?[ > \t])*(?:[^()<>@,;:\\".\[\] > \000-\0 > 31]+(?:(?:(?:\r\n)?[ > \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\ > ](?:(?:\r\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] > \000-\031]+ > (?:(?:(?:\r\n)?[ > \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?: > (?:\r\n)?[ \t])*))*|(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ > \t])+|\Z > |(?=[\["()<>@,;:\\".\[\]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ > \t]))*"(?:(?:\r\n) > ?[ \t])*)*\<(?:(?:\r\n)?[ \t])*(?:@(?:[^()<>@,;:\\".\[\] > \000-\031]+(?:(?:(?:\ > r\n)?[ > \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:( > ?:\r\n)?[ > \t])*)(?:\.(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] > \000-\031]+(?:(?:(?:\r\n) > ?[ > \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:( > ?:\r\n)?[ \t] > )*))*(?:,@(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] > \000-\031]+(?:(?:(?:\r\n)?[ > > \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:( > ?:\r\n)?[ > \t])* > )(?:\.(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] > \000-\031]+(?:(?:(?:\r\n)?[ \t] > )+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ > \t])*))*) > *:(?:(?:\r\n)?[ \t])*)?(?:[^()<>@,;:\\".\[\] > \000-\031]+(?:(?:(?:\r\n)?[ > \t])+ > |\Z|(?=[\["()<>@,;:\\".\[\]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ > \t]))*"(?:(?:\r > \n)?[ \t])*)(?:\.(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] > \000-\031]+(?:(?:(?: > \r\n)?[ > \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ \t > ]))*"(?:(?:\r\n)?[ \t])*))*@(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] > \000-\031 > ]+(?:(?:(?:\r\n)?[ > \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\]( > ?:(?:\r\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] > \000-\031]+(? > :(?:(?:\r\n)?[ > \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(? > :\r\n)?[ \t])*))*\>(?:(?:\r\n)?[ \t])*)|(?:[^()<>@,;:\\".\[\] > \000-\031]+(?:(? > :(?:\r\n)?[ > \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)? > [ \t]))*"(?:(?:\r\n)?[ \t])*)*:(?:(?:\r\n)?[ > \t])*(?:(?:(?:[^()<>@,;:\\".\[\] > \000-\031]+(?:(?:(?:\r\n)?[ > \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|"(?:[^\"\r\\]| > \\.|(?:(?:\r\n)?[ \t]))*"(?:(?:\r\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ > \t])*(?:[^()<> > @,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ > \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|" > (?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ \t]))*"(?:(?:\r\n)?[ > \t])*))*@(?:(?:\r\n)?[ \t] > )*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ > \t])+|\Z|(?=[\["()<>@,;:\\ > ".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ > \t])*)(?:\.(?:(?:\r\n)?[ > \t])*(? > :[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ > \t])+|\Z|(?=[\["()<>@,;:\\".\[ > \]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ > \t])*))*|(?:[^()<>@,;:\\".\[\] > \000- > \031]+(?:(?:(?:\r\n)?[ > \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|"(?:[^\"\r\\]|\\.|( > ?:(?:\r\n)?[ \t]))*"(?:(?:\r\n)?[ \t])*)*\<(?:(?:\r\n)?[ > \t])*(?:@(?:[^()<>@,; > :\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ > \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([ > ^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ > \t])*(?:[^()<>@,;:\\" > .\[\] \000-\031]+(?:(?:(?:\r\n)?[ > \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\ > ]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*))*(?:,@(?:(?:\r\n)?[ > \t])*(?:[^()<>@,;:\\".\ > [\] \000-\031]+(?:(?:(?:\r\n)?[ > \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\ > r\\]|\\.)*\](?:(?:\r\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ > \t])*(?:[^()<>@,;:\\".\[\] > \000-\031]+(?:(?:(?:\r\n)?[ > \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\] > |\\.)*\](?:(?:\r\n)?[ \t])*))*)*:(?:(?:\r\n)?[ > \t])*)?(?:[^()<>@,;:\\".\[\] \0 > 00-\031]+(?:(?:(?:\r\n)?[ > \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|"(?:[^\"\r\\]|\\ > .|(?:(?:\r\n)?[ \t]))*"(?:(?:\r\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ > \t])*(?:[^()<>@, > ;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ > \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|"(? > :[^\"\r\\]|\\.|(?:(?:\r\n)?[ \t]))*"(?:(?:\r\n)?[ > \t])*))*@(?:(?:\r\n)?[ > \t])* > (?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ > \t])+|\Z|(?=[\["()<>@,;:\\". > \[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ > \t])*(?:[ > ^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ > \t])+|\Z|(?=[\["()<>@,;:\\".\[\] > ]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*))*\>(?:(?:\r\n)?[ > \t])*)(?:,\s*( > ?:(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ > \t])+|\Z|(?=[\["()<>@,;:\\ > ".\[\]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ \t]))*"(?:(?:\r\n)?[ > \t])*)(?:\.(?:( > ?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ > \t])+|\Z|(?=[ > \["()<>@,;:\\".\[\]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ > \t]))*"(?:(?:\r\n)?[ \t > ])*))*@(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] > \000-\031]+(?:(?:(?:\r\n)?[ \t > ])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ > \t])*)(? > :\.(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] > \000-\031]+(?:(?:(?:\r\n)?[ > \t])+| > \Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ > \t])*))*|(?: > [^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ > \t])+|\Z|(?=[\["()<>@,;:\\".\[\ > ]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ \t]))*"(?:(?:\r\n)?[ > \t])*)*\<(?:(?:\r\n) > ?[ \t])*(?:@(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ > \t])+|\Z|(?=[\[" > ()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ > \t])*)(?:\.(?:(?:\r\n) > ?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ > \t])+|\Z|(?=[\["()<> > @,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ > \t])*))*(?:,@(?:(?:\r\n)?[ > \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ > \t])+|\Z|(?=[\["()<>@, > ;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ > \t])*)(?:\.(?:(?:\r\n)?[ \t] > )*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ > \t])+|\Z|(?=[\["()<>@,;:\\ > ".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ > \t])*))*)*:(?:(?:\r\n)?[ > \t])*)? > (?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ > \t])+|\Z|(?=[\["()<>@,;:\\". > \[\]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ \t]))*"(?:(?:\r\n)?[ > \t])*)(?:\.(?:(?: > \r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ > \t])+|\Z|(?=[\[ > "()<>@,;:\\".\[\]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ > \t]))*"(?:(?:\r\n)?[ \t]) > *))*@(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] > \000-\031]+(?:(?:(?:\r\n)?[ \t]) > +|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ > \t])*)(?:\ > .(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ > \t])+|\Z > |(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ > \t])*))*\>(?:( > ?:\r\n)?[ \t])*))*)?;\s*) > > > _______________________________________________ > New York PHP Talk > Supporting AMP Technology (Apache/MySQL/PHP) > http://lists.nyphp.org/mailman/listinfo/talk > http://www.newyorkphp.org > From 1j0lkq002 at sneakemail.com Thu Dec 2 11:42:29 2004 From: 1j0lkq002 at sneakemail.com (inforequest) Date: Thu, 02 Dec 2004 11:42:29 -0500 Subject: [nycphp-talk] mysource cms In-Reply-To: References: Message-ID: <12010-16446@sneakemail.com> Ophir Prusak prusak-at-gmail.com |nyphp dev/internal group use| wrote: >I just heard about this CMS on the wwwac list called MySource by squiz.net. >It's PHP/MySQL based. > >I have *never* seen such a polished flash presentation for an open source cms. >http://www.squiz.net/home/monkey_movie > Thanks for the link. Looks interesting. (I think I once worked with that guy.. the one who disagrees with everything the lady says....) -=john andrews From danielc at analysisandsolutions.com Thu Dec 2 11:45:35 2004 From: danielc at analysisandsolutions.com (Daniel Convissor) Date: Thu, 2 Dec 2004 11:45:35 -0500 Subject: [nycphp-talk] Validating Email Addresses In-Reply-To: <41AF408B.2070706@surgam.net> References: <41AF408B.2070706@surgam.net> Message-ID: <20041202164535.GA11151@panix.com> Folks: On Thu, Dec 02, 2004 at 11:19:23AM -0500, James B. Wetterau Jr. wrote: > > http://www.ex-parrot.com/~pdw/Mail-RFC822-Address.html I feel that regex is way overblown. Here's my ereg pattern: '^[a-z0-9_.=+-]+@([a-z0-9-]+\.)+([a-z]{2,6})$' --Dan -- T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y data intensive web and database programming http://www.AnalysisAndSolutions.com/ 4015 7th Ave #4, Brooklyn NY 11232 v: 718-854-0335 f: 718-854-0409 From dcech at phpwerx.net Thu Dec 2 12:42:55 2004 From: dcech at phpwerx.net (Dan Cech) Date: Thu, 02 Dec 2004 12:42:55 -0500 Subject: [nycphp-talk] Validating Email Addresses In-Reply-To: <20041202164535.GA11151@panix.com> References: <41AF408B.2070706@surgam.net> <20041202164535.GA11151@panix.com> Message-ID: <41AF541F.2060309@phpwerx.net> Daniel Convissor wrote: > Folks: > > On Thu, Dec 02, 2004 at 11:19:23AM -0500, James B. Wetterau Jr. wrote: > >>http://www.ex-parrot.com/~pdw/Mail-RFC822-Address.html > > > I feel that regex is way overblown. Here's my ereg pattern: > > '^[a-z0-9_.=+-]+@([a-z0-9-]+\.)+([a-z]{2,6})$' > > --Dan > The problem with that is that it will reject emails of the form: Joe Bloggs or variants thereof. I'm trying to accept these addresses and use them in a sensible way using phpmailer. Dan From rahmin at insite-out.com Thu Dec 2 13:02:39 2004 From: rahmin at insite-out.com (Rahmin Pavlovic) Date: Thu, 2 Dec 2004 13:02:39 -0500 Subject: [nycphp-talk] Validating Email Addresses Message-ID: <200412021802.iB2I2dSJ011049@webmail2.megamailservers.com> An embedded and charset-unspecified text was scrubbed... Name: not available URL: From james at surgam.net Thu Dec 2 13:21:25 2004 From: james at surgam.net (James B. Wetterau Jr.) Date: Thu, 02 Dec 2004 13:21:25 -0500 Subject: [nycphp-talk] Validating Email Addresses Message-ID: <41AF5D25.9020608@surgam.net> Dan Cech says: > Daniel Convissor wrote: > > Folks: > > > > On Thu, Dec 02, 2004 at 11:19:23AM -0500, James B. Wetterau Jr. wrote: > > > >>http://www.ex-parrot.com/~pdw/Mail-RFC822-Address.html > > > > > > I feel that regex is way overblown. Here's my ereg pattern: > > > > '^[a-z0-9_.=+-]+@([a-z0-9-]+\.)+([a-z]{2,6})$' ... I feel that that regex is way underblown. It misses many valid email addresses. It's perfectly legitimate to have characters other than [a-z0-9_.=+-] in the local part of the address. Here's a handy guide: http://www.remote.org/jochen/mail/info/chars.html Note that particularly the equals sign "=" can be used. All the characters listed as "MAYBE" are legitimate in the local part of an email address according to the RFC's. Thus, though this author puts them in the "maybe" category for creating a new email address, if you are working with other peoples' email addresses you might want to be prepared to encounter them. ... > The problem with that is that it will reject emails of the form: > > Joe Bloggs > > or variants thereof. And that, indeed, is another problem. From krook at us.ibm.com Thu Dec 2 13:28:06 2004 From: krook at us.ibm.com (Daniel Krook) Date: Thu, 2 Dec 2004 13:28:06 -0500 Subject: [nycphp-talk] Validating Email Addresses In-Reply-To: <41AF541F.2060309@phpwerx.net> Message-ID: > Joe Bloggs As I understand it, this format which includes the names, brackets and whitespace is RFC822 compliant [http://www.ietf.org/rfc/rfc0822.txt?number=822] . If you want it to accept the format above, will need an RFC822 compliant parser like the Perl module, although your regex seems to work ok for the most common format. I would recommend searching for a reasonable sample of RFC822 compliant addresses and run them through, or study examples such as PEAR Mail's RFC822.php [http://cvs.php.net/co.php/pear/Mail/Mail/RFC822.php?r=1.18]. Daniel Krook, Application Developer WW Web Production Services North 2, ibm.com 1133 Westchester Avenue, White Plains, NY 10604 Personal: http://info.krook.org/ Persona: http://w3.ibm.com/eworkplace/persona_bp_finder.jsp?CNUM=9A9796897 From mitch.pirtle at gmail.com Thu Dec 2 13:43:37 2004 From: mitch.pirtle at gmail.com (Mitch Pirtle) Date: Thu, 2 Dec 2004 13:43:37 -0500 Subject: [nycphp-talk] mysource cms In-Reply-To: <12010-16446@sneakemail.com> References: <12010-16446@sneakemail.com> Message-ID: <330532b604120210435b3df20@mail.gmail.com> I am unimpressed at how they portray us monkeys! I protest! -- mitch (a.k.a. spacemonkey) On Thu, 02 Dec 2004 11:42:29 -0500, inforequest <1j0lkq002 at sneakemail.com> wrote: > Ophir Prusak prusak-at-gmail.com |nyphp dev/internal group use| wrote: > > >I just heard about this CMS on the wwwac list called MySource by squiz.net. > >It's PHP/MySQL based. > > > >I have *never* seen such a polished flash presentation for an open source cms. > >http://www.squiz.net/home/monkey_movie > > > > Thanks for the link. Looks interesting. > > (I think I once worked with that guy.. the one who disagrees with > everything the lady says....) > > -=john andrews > > > > _______________________________________________ > New York PHP Talk > Supporting AMP Technology (Apache/MySQL/PHP) > http://lists.nyphp.org/mailman/listinfo/talk > http://www.newyorkphp.org > From adam at trachtenberg.com Thu Dec 2 13:45:13 2004 From: adam at trachtenberg.com (Adam Maccabee Trachtenberg) Date: Thu, 2 Dec 2004 13:45:13 -0500 (EST) Subject: [nycphp-talk] Validating Email Addresses In-Reply-To: References: Message-ID: On Thu, 2 Dec 2004, Daniel Krook wrote: > > Joe Bloggs > > As I understand it, this format which includes the names, brackets and > whitespace is RFC822 compliant > [http://www.ietf.org/rfc/rfc0822.txt?number=822] . If you want it to > accept the format above, will need an RFC822 compliant parser like the > Perl module, although your regex seems to work ok for the most common > format. > > I would recommend searching for a reasonable sample of RFC822 compliant > addresses and run them through, or study examples such as PEAR Mail's > RFC822.php [http://cvs.php.net/co.php/pear/Mail/Mail/RFC822.php?r=1.18]. Comments (and nested comments) are the real bitch here. I suggest you pretend they don't exist. :) -adam -- adam at trachtenberg.com | http://www.trachtenberg.com author of o'reilly's "upgrading to php 5" and "php cookbook" avoid the holiday rush, buy your copies today! From drydell at att.net Thu Dec 2 13:50:44 2004 From: drydell at att.net (drydell at att.net) Date: Thu, 02 Dec 2004 18:50:44 +0000 Subject: [nycphp-talk] Validating Email Addresses Message-ID: <120220041850.10823.41AF640400032C8300002A47216037631604040A0B979D0B@att.net> a problem here is that a valid email address like firstname.lastname at domain.com would be rejected... -------------- Original message ---------------------- From: Rahmin Pavlovic > I wrote this a while back, as I'm somewhat illiterate when it comes to regexp's: > > function is_email($str) { > $str=trim($str); > if($str=='') { return false; } > if(strstr($str,'@')=='' || strstr($str,'.')=='') { return false; } > if(strpos($str,'@') > strrpos($str,'.')) { return false; } > if(strpos($str,'@') < 1) { return false; } > if((strrpos($str,'.') - strpos($str,'@')) < 3) { return false; } > if((strlen($str) - strrpos($str,'.')) < 3) { return false; } > return true; > } > > It's slightly liberal, but does force input to x at xx.xx. That should would work > for cases like Joe . > > HTH > > > _______________________________________________ > New York PHP Talk > Supporting AMP Technology (Apache/MySQL/PHP) > http://lists.nyphp.org/mailman/listinfo/talk > http://www.newyorkphp.org From rahmin at insite-out.com Thu Dec 2 13:58:01 2004 From: rahmin at insite-out.com (Rahmin Pavlovic) Date: Thu, 2 Dec 2004 13:58:01 -0500 Subject: [nycphp-talk] Validating Email Addresses Message-ID: <200412021858.iB2Iw1SJ019850@webmail2.megamailservers.com> An embedded and charset-unspecified text was scrubbed... Name: not available URL: From drydell at att.net Thu Dec 2 14:07:07 2004 From: drydell at att.net (drydell at att.net) Date: Thu, 02 Dec 2004 19:07:07 +0000 Subject: [nycphp-talk] Validating Email Addresses Message-ID: <120220041907.28543.41AF67DB00016D3300006F7F216037631604040A0B979D0B@att.net> I didn't see that it was strrpos, not strpos... -------------- Original message ---------------------- From: Rahmin Pavlovic > > On Thu, 02 Dec 2004 18:50 , drydell at att.net sent: > > >a problem here is that a valid email address like firstname.lastname at domain.com > would be rejected... > > > Those are acceptable. It simply makes sure the last occurrence of the '.' > exists after the @ symbol. > > > > -------------- Original message ---------------------- > >From: Rahmin Pavlovic rahmin at insite-out.com> > >> I wrote this a while back, as I'm somewhat illiterate when it comes to > regexp's: > >> > >> function is_email($str) { > >> $str=trim($str); > >> if($str=='') { return false; } > >> if(strstr($str,'@')=='' || strstr($str,'.')=='') { return false; } > >> if(strpos($str,'@') > strrpos($str,'.')) { return false; } > >> if(strpos($str,'@') > >> if((strrpos($str,'.') - strpos($str,'@')) > >> if((strlen($str) - strrpos($str,'.')) > >> return true; > >> } > >> > >> It's slightly liberal, but does force input to x at xx.xx. That should would > work > >> for cases like Joe joe at bob.com>. > >> > >> HTH > >> > >> > >> _______________________________________________ > >> New York PHP Talk > >> Supporting AMP Technology (Apache/MySQL/PHP) > >> http://lists.nyphp.org/mailman/listinfo/talk > >> http://www.newyorkphp.org > > > > > >_______________________________________________ > >New York PHP Talk > >Supporting AMP Technology (Apache/MySQL/PHP) > >http://lists.nyphp.org/mailman/listinfo/talk > >http://www.newyorkphp.org > > > > > _______________________________________________ > New York PHP Talk > Supporting AMP Technology (Apache/MySQL/PHP) > http://lists.nyphp.org/mailman/listinfo/talk > http://www.newyorkphp.org From dcech at phpwerx.net Thu Dec 2 14:09:53 2004 From: dcech at phpwerx.net (Dan Cech) Date: Thu, 02 Dec 2004 14:09:53 -0500 Subject: [nycphp-talk] Validating Email Addresses In-Reply-To: References: Message-ID: <41AF6881.9090705@phpwerx.net> Adam Maccabee Trachtenberg wrote: > On Thu, 2 Dec 2004, Daniel Krook wrote: > >>>Joe Bloggs >> >>As I understand it, this format which includes the names, brackets and >>whitespace is RFC822 compliant >>[http://www.ietf.org/rfc/rfc0822.txt?number=822] . If you want it to >>accept the format above, will need an RFC822 compliant parser like the >>Perl module, although your regex seems to work ok for the most common >>format. >> >>I would recommend searching for a reasonable sample of RFC822 compliant >>addresses and run them through, or study examples such as PEAR Mail's >>RFC822.php [http://cvs.php.net/co.php/pear/Mail/Mail/RFC822.php?r=1.18]. Yep, for my purposes I think I'll be able to get by with: /^(?:(["]?)([^<>]+?)\1\s*)?(?:<)?(([^!"#$%()*,:;<>@\[\]\\`|]+)@((?:[\w-]+\.)+[a-z0-9]{1,4}))(?:>?)$/i I also came across the imap_rfc822_parse_adrlist() function, which is obviously seldom used because of the unwieldy name ;) > Comments (and nested comments) are the real bitch here. I suggest you > pretend they don't exist. :) That was the plan. Dan > -adam > From codebowl at gmail.com Thu Dec 2 14:15:18 2004 From: codebowl at gmail.com (Joseph Crawford) Date: Thu, 2 Dec 2004 14:15:18 -0500 Subject: [nycphp-talk] [ OT ] Web Hosting Gone Bad Message-ID: <8d9a428004120211157b4ce2f7@mail.gmail.com> Guys, i had a web host that was a reseller, they went under and thier servers taken back by the company who sold them the space, there was no warning for this happening at all. now the new company wants to charge me $20 to get my files back.... is this even legal to do? all files on my account were written by me therefore they are my property. I mean this sounds to me the equivilence to walking into thier datacenter taking one of thier servers then saying hah you want it you have to pay me to get it back. what steps should i take in this situation? I have contacted support and they continue to say they are going to charge me now way around it, because thier tech has to run a tar command and email me the files, which on a properly setup linux box could probably all be done on one line. -- Joseph Crawford Jr. Codebowl Solutions codebowl at gmail.com For a GMail account contact me OFF-LIST From wwwac at summit7solutions.com Thu Dec 2 14:18:30 2004 From: wwwac at summit7solutions.com (Jeff Wilhelm) Date: Thu, 2 Dec 2004 14:18:30 -0500 Subject: [nycphp-talk] [ OT ] Web Hosting Gone Bad In-Reply-To: <8d9a428004120211157b4ce2f7@mail.gmail.com> Message-ID: <20041202191831.A373DA85E9@virtu.nyphp.org> Do you have any other sites with them? If so, you could threaten to pull them. If the revenue from the other sites exceeds $20 they'd be stupid to fight with you. Alternatively, you could just pay them for the data (if you really need it; you don't have a local copy?) and then never go back to that company. I mean, the ball is in their court. They have the data. You want it. You have to play by their rules (as dumb as they may be) or else they may -- OOPS -- drop the tape in the lake. Jeff ----Original Message---- From: talk-bounces at lists.nyphp.org [mailto:talk-bounces at lists.nyphp.org] On Behalf Of Joseph Crawford Sent: Thursday, December 02, 2004 2:15 PM To: NYPHP Talk Subject: [nycphp-talk] [ OT ] Web Hosting Gone Bad > Guys, > > i had a web host that was a reseller, they went under and > thier servers taken back by the company who sold them > the space, there was no warning for this happening at > all. now the new company wants to charge me $20 to get > my files back.... is this even legal to do? all files on > my account were written by me therefore they are my > property. I mean this sounds to me the equivilence to > walking into thier datacenter taking one of thier servers > then saying hah you want it you have to pay me to get it > back. > > what steps should i take in this situation? I have > contacted support and they continue to say they are going > to charge me now way around it, because thier tech has to > run a tar command and email me the files, which on a > properly setup linux box could probably all be done on > one line. From jlacey at att.net Thu Dec 2 14:19:21 2004 From: jlacey at att.net (John Lacey) Date: Thu, 02 Dec 2004 12:19:21 -0700 Subject: [nycphp-talk] [ OT ] Web Hosting Gone Bad In-Reply-To: <8d9a428004120211157b4ce2f7@mail.gmail.com> References: <8d9a428004120211157b4ce2f7@mail.gmail.com> Message-ID: <41AF6AB9.8030909@att.net> Joseph Crawford wrote: > Guys, > > i had a web host that was a reseller, they went under and thier > servers taken back by the company who sold them the space, there was > no warning for this happening at all. now the new company wants to > charge me $20 to get my files back.... is this even legal to do? all > files on my account were written by me therefore they are my property. > I mean this sounds to me the equivilence to walking into thier > datacenter taking one of thier servers then saying hah you want it you > have to pay me to get it back. > > what steps should i take in this situation? I have contacted support > and they continue to say they are going to charge me now way around > it, because thier tech has to run a tar command and email me the > files, which on a properly setup linux box could probably all be done > on one line. > > I'd pay the $20 (get a receipt, of course :) and cut my losses to avoid the brain damage. John From codebowl at gmail.com Thu Dec 2 14:20:19 2004 From: codebowl at gmail.com (Joseph Crawford) Date: Thu, 2 Dec 2004 14:20:19 -0500 Subject: [nycphp-talk] [ OT ] Web Hosting Gone Bad In-Reply-To: <20041202191831.A373DA85E9@virtu.nyphp.org> References: <8d9a428004120211157b4ce2f7@mail.gmail.com> <20041202191831.A373DA85E9@virtu.nyphp.org> Message-ID: <8d9a4280041202112079d72279@mail.gmail.com> couldnt i get them for destructing data that doesnt belong to them or something, i mean i would almost be willing to pay $100 to a lawyer to send them a letter if it would get me the files, i honestly dont feel i should have to pay the $20 and i dont know if i am going to stoop to the level and do it. However i dont have a local copy of the files and i do need them. On Thu, 2 Dec 2004 14:18:30 -0500, Jeff Wilhelm wrote: > Do you have any other sites with them? > > If so, you could threaten to pull them. If the revenue from the other sites > exceeds $20 they'd be stupid to fight with you. > > Alternatively, you could just pay them for the data (if you really need it; > you don't have a local copy?) and then never go back to that company. > > I mean, the ball is in their court. They have the data. You want it. You > have to play by their rules (as dumb as they may be) or else they may -- > OOPS -- drop the tape in the lake. > > Jeff > > > > > ----Original Message---- > From: talk-bounces at lists.nyphp.org > [mailto:talk-bounces at lists.nyphp.org] On Behalf Of Joseph > Crawford Sent: Thursday, December 02, 2004 2:15 PM To: > NYPHP Talk Subject: [nycphp-talk] [ OT ] Web Hosting Gone Bad > > > Guys, > > > > i had a web host that was a reseller, they went under and > > thier servers taken back by the company who sold them > > the space, there was no warning for this happening at > > all. now the new company wants to charge me $20 to get > > my files back.... is this even legal to do? all files on > > my account were written by me therefore they are my > > property. I mean this sounds to me the equivilence to > > walking into thier datacenter taking one of thier servers > > then saying hah you want it you have to pay me to get it > > back. > > > > what steps should i take in this situation? I have > > contacted support and they continue to say they are going > > to charge me now way around it, because thier tech has to > > run a tar command and email me the files, which on a > > properly setup linux box could probably all be done on > > one line. > > _______________________________________________ > New York PHP Talk > Supporting AMP Technology (Apache/MySQL/PHP) > http://lists.nyphp.org/mailman/listinfo/talk > http://www.newyorkphp.org > -- Joseph Crawford Jr. Codebowl Solutions codebowl at gmail.com For a GMail account contact me OFF-LIST From dmintz at davidmintz.org Thu Dec 2 14:30:44 2004 From: dmintz at davidmintz.org (David Mintz) Date: Thu, 2 Dec 2004 14:30:44 -0500 (EST) Subject: [nycphp-talk] [ OT ] Web Hosting Gone Bad In-Reply-To: <8d9a4280041202112079d72279@mail.gmail.com> References: <8d9a428004120211157b4ce2f7@mail.gmail.com> <20041202191831.A373DA85E9@virtu.nyphp.org> <8d9a4280041202112079d72279@mail.gmail.com> Message-ID: On Thu, 2 Dec 2004, Joseph Crawford wrote: > couldnt i get them for destructing data that doesnt belong to them or > something, i mean i would almost be willing to pay $100 to a lawyer to > send them a letter if it would get me the files, i honestly dont feel > i should have to pay the $20 and i dont know if i am going to stoop to > the level and do it. However i dont have a local copy of the files > and i do need them. I quite agree with your position. Any chance of escalating up the food chain and trying to talk some sense into someone with more authority? --- David Mintz http://davidmintz.org/ From jperkins at sneer.org Thu Dec 2 14:30:47 2004 From: jperkins at sneer.org (Jason Perkins) Date: Thu, 2 Dec 2004 13:30:47 -0600 Subject: [nycphp-talk] [ OT ] Web Hosting Gone Bad In-Reply-To: <8d9a4280041202112079d72279@mail.gmail.com> References: <8d9a428004120211157b4ce2f7@mail.gmail.com> <20041202191831.A373DA85E9@virtu.nyphp.org> <8d9a4280041202112079d72279@mail.gmail.com> Message-ID: On Dec 2, 2004, at 1:20 PM, Joseph Crawford wrote: > couldnt i get them for destructing data that doesnt belong to them or > something, i mean i would almost be willing to pay $100 to a lawyer to > send them a letter if it would get me the files, i honestly dont feel > i should have to pay the $20 and i dont know if i am going to stoop to > the level and do it. However i dont have a local copy of the files > and i do need them. I've always held that "pick your battles" is not only an injunction against picking ones that you can win, but also ones that are worth your time. It sounds like your former hosting company has left you (and their former hosting company) in a bad position. $20 for recovery of files is nothing, really. Pay 'em the $20 and be done with it and count it as a learning experience that sometimes you really do get what you pay for (I'm assuming this is the "cheap" hosting company you were recommending a few months back - hostproservices.com, iirc). Take that other $80 that you were going to spend (on an attorney!) getting in a pissing contest and give it to make a wish or something and move on. Life's simply too short to let this stuff get you down. My 2 cents. -- Jason N Perkins From wwwac at summit7solutions.com Thu Dec 2 14:36:34 2004 From: wwwac at summit7solutions.com (Jeff Wilhelm) Date: Thu, 2 Dec 2004 14:36:34 -0500 Subject: [nycphp-talk] [ OT ] Web Hosting Gone Bad In-Reply-To: <8d9a4280041202112079d72279@mail.gmail.com> Message-ID: <20041202193635.44E2AA85E9@virtu.nyphp.org> ----Original Message---- From: talk-bounces at lists.nyphp.org [mailto:talk-bounces at lists.nyphp.org] On Behalf Of Joseph Crawford Sent: Thursday, December 02, 2004 2:20 PM To: NYPHP Talk Subject: Re: [nycphp-talk] [ OT ] Web Hosting Gone Bad > couldnt i get them for destructing data that doesnt > belong to them or something, i mean i would almost be > willing to pay $100 to a lawyer to send them a letter if > it would get me the files, i honestly dont feel i should > have to pay the $20 and i dont know if i am going to > stoop to the level and do it. However i dont have a > local copy of the files and i do need them. Hm, I see where you're coming from. If I were you I'd go higher up. Sure, the tech guy wants money for untarring a file, but his boss, or his bosses boss, or a relationship manager, or a sales person, or SOMEONE should realize the value of good customer service, or the value of repeat business. I would be nice and civil on the phone when you call, and ask to talk to someone else. There's got to be SOMEONE over there who can help. > On Thu, 2 Dec 2004 14:18:30 -0500, Jeff Wilhelm > wrote: > > Do you have any other sites with them? > > > > If so, you could threaten to pull them. If the revenue > > from the other > > sites exceeds $20 they'd be stupid to fight with you. > > > > Alternatively, you could just pay them for the data (if > > you really > > need it; you don't have a local copy?) and then never > > go back to that company. > > > > I mean, the ball is in their court. They have the data. > > You want it. > > You have to play by their rules (as dumb as they may > > be) or else they > > may -- OOPS -- drop the tape in the lake. > > > > Jeff > > > > > > > > > > ----Original Message---- > > From: talk-bounces at lists.nyphp.org > > [mailto:talk-bounces at lists.nyphp.org] On Behalf Of > > Joseph Crawford > > Sent: Thursday, December 02, 2004 2:15 PM To: > > NYPHP Talk Subject: [nycphp-talk] [ OT ] Web Hosting > > Gone Bad > > > > > Guys, > > > > > > i had a web host that was a reseller, they went under > > > and thier servers taken back by the company who sold > > > them the space, there was no warning for this > > > happening at all. now the new company wants to > > > charge me $20 to get my files back.... is this even > > > legal to do? all files on my account were written by > > > me therefore they are my property. I mean this sounds > > > to me the equivilence to walking into thier > > > datacenter taking one of thier servers then saying > > > hah you want it you have to pay me to get it back. > > > > > > what steps should i take in this situation? I have > > > contacted support and they continue to say they are > > > going to charge me now way around it, because thier > > > tech has to run a tar command and email me the files, > > > which on a properly setup linux box could probably > > > all be done on one line. > > > > _______________________________________________ > > New York PHP Talk > > Supporting AMP Technology (Apache/MySQL/PHP) > > http://lists.nyphp.org/mailman/listinfo/talk > > http://www.newyorkphp.org From mitch.pirtle at gmail.com Thu Dec 2 14:38:22 2004 From: mitch.pirtle at gmail.com (Mitch Pirtle) Date: Thu, 2 Dec 2004 14:38:22 -0500 Subject: [nycphp-talk] [ OT ] Web Hosting Gone Bad In-Reply-To: <8d9a4280041202112079d72279@mail.gmail.com> References: <8d9a428004120211157b4ce2f7@mail.gmail.com> <20041202191831.A373DA85E9@virtu.nyphp.org> <8d9a4280041202112079d72279@mail.gmail.com> Message-ID: <330532b604120211382dd2c62@mail.gmail.com> Forget it, you will pay $2,000 for a lawyer and have no avenues for collection of damages. This is a situation where although you've done nothing wrong per se, you are going to get screwed anyway. Best to eat the $20, and then call the police for extortion. -- Mitch, grinning an evil grin On Thu, 2 Dec 2004 14:20:19 -0500, Joseph Crawford wrote: > couldnt i get them for destructing data that doesnt belong to them or > something, i mean i would almost be willing to pay $100 to a lawyer to > send them a letter if it would get me the files, i honestly dont feel > i should have to pay the $20 and i dont know if i am going to stoop to > the level and do it. However i dont have a local copy of the files > and i do need them. From codebowl at gmail.com Thu Dec 2 14:39:53 2004 From: codebowl at gmail.com (Joseph Crawford) Date: Thu, 2 Dec 2004 14:39:53 -0500 Subject: [nycphp-talk] [ OT ] Web Hosting Gone Bad In-Reply-To: <20041202193635.44E2AA85E9@virtu.nyphp.org> References: <8d9a4280041202112079d72279@mail.gmail.com> <20041202193635.44E2AA85E9@virtu.nyphp.org> Message-ID: <8d9a4280041202113913122521@mail.gmail.com> these are not the tech guys i am talking with they are the sales and billing. yes it is the same company i recomended and the only reason i recommended them is i have used them for 2 years now without any problems, until this. i guess i need to get the real big expensive hosts for reliability. On Thu, 2 Dec 2004 14:36:34 -0500, Jeff Wilhelm wrote: > > > ----Original Message---- > From: talk-bounces at lists.nyphp.org > [mailto:talk-bounces at lists.nyphp.org] On Behalf Of Joseph > Crawford Sent: Thursday, December 02, 2004 2:20 PM To: > NYPHP Talk Subject: Re: [nycphp-talk] [ OT ] Web Hosting > Gone Bad > > > couldnt i get them for destructing data that doesnt > > belong to them or something, i mean i would almost be > > willing to pay $100 to a lawyer to send them a letter if > > it would get me the files, i honestly dont feel i should > > have to pay the $20 and i dont know if i am going to > > stoop to the level and do it. However i dont have a > > local copy of the files and i do need them. > > Hm, I see where you're coming from. If I were you I'd go higher up. Sure, > the tech guy wants money for untarring a file, but his boss, or his bosses > boss, or a relationship manager, or a sales person, or SOMEONE should > realize the value of good customer service, or the value of repeat business. > I would be nice and civil on the phone when you call, and ask to talk to > someone else. There's got to be SOMEONE over there who can help. > > > > > > On Thu, 2 Dec 2004 14:18:30 -0500, Jeff Wilhelm > > wrote: > > > Do you have any other sites with them? > > > > > > If so, you could threaten to pull them. If the revenue > > > from the other > > > sites exceeds $20 they'd be stupid to fight with you. > > > > > > Alternatively, you could just pay them for the data (if > > > you really > > > need it; you don't have a local copy?) and then never > > > go back to that company. > > > > > > I mean, the ball is in their court. They have the data. > > > You want it. > > > You have to play by their rules (as dumb as they may > > > be) or else they > > > may -- OOPS -- drop the tape in the lake. > > > > > > Jeff > > > > > > > > > > > > > > > ----Original Message---- > > > From: talk-bounces at lists.nyphp.org > > > [mailto:talk-bounces at lists.nyphp.org] On Behalf Of > > > Joseph Crawford > > > Sent: Thursday, December 02, 2004 2:15 PM To: > > > NYPHP Talk Subject: [nycphp-talk] [ OT ] Web Hosting > > > Gone Bad > > > > > > > Guys, > > > > > > > > i had a web host that was a reseller, they went under > > > > and thier servers taken back by the company who sold > > > > them the space, there was no warning for this > > > > happening at all. now the new company wants to > > > > charge me $20 to get my files back.... is this even > > > > legal to do? all files on my account were written by > > > > me therefore they are my property. I mean this sounds > > > > to me the equivilence to walking into thier > > > > datacenter taking one of thier servers then saying > > > > hah you want it you have to pay me to get it back. > > > > > > > > what steps should i take in this situation? I have > > > > contacted support and they continue to say they are > > > > going to charge me now way around it, because thier > > > > tech has to run a tar command and email me the files, > > > > which on a properly setup linux box could probably > > > > all be done on one line. > > > > > > _______________________________________________ > > > New York PHP Talk > > > Supporting AMP Technology (Apache/MySQL/PHP) > > > http://lists.nyphp.org/mailman/listinfo/talk > > > http://www.newyorkphp.org > > _______________________________________________ > > > New York PHP Talk > Supporting AMP Technology (Apache/MySQL/PHP) > http://lists.nyphp.org/mailman/listinfo/talk > http://www.newyorkphp.org > -- Joseph Crawford Jr. Codebowl Solutions codebowl at gmail.com For a GMail account contact me OFF-LIST From rahmin at insite-out.com Thu Dec 2 14:44:46 2004 From: rahmin at insite-out.com (Rahmin Pavlovic) Date: Thu, 2 Dec 2004 14:44:46 -0500 Subject: [nycphp-talk] [ OT ] Web Hosting Gone Bad Message-ID: <200412021944.iB2JikSJ024346@webmail2.megamailservers.com> An embedded and charset-unspecified text was scrubbed... Name: not available URL: From jperkins at sneer.org Thu Dec 2 14:44:43 2004 From: jperkins at sneer.org (Jason Perkins) Date: Thu, 2 Dec 2004 13:44:43 -0600 Subject: [nycphp-talk] [ OT ] Web Hosting Gone Bad In-Reply-To: <8d9a4280041202113913122521@mail.gmail.com> References: <8d9a4280041202112079d72279@mail.gmail.com> <20041202193635.44E2AA85E9@virtu.nyphp.org> <8d9a4280041202113913122521@mail.gmail.com> Message-ID: <9D3E387C-449A-11D9-9824-000D932DF2B4@sneer.org> On Dec 2, 2004, at 1:39 PM, Joseph Crawford wrote: > i guess i need to get the real big expensive hosts for reliability. I'm sorry if my comment about cheap webhosting sounded like a condemnation, but hostproservices.com was advertising websites for $2.95/month. -- Jason N Perkins From codebowl at gmail.com Thu Dec 2 14:46:19 2004 From: codebowl at gmail.com (Joseph Crawford) Date: Thu, 2 Dec 2004 14:46:19 -0500 Subject: [nycphp-talk] [ OT ] Web Hosting Gone Bad In-Reply-To: <9D3E387C-449A-11D9-9824-000D932DF2B4@sneer.org> References: <8d9a4280041202112079d72279@mail.gmail.com> <20041202193635.44E2AA85E9@virtu.nyphp.org> <8d9a4280041202113913122521@mail.gmail.com> <9D3E387C-449A-11D9-9824-000D932DF2B4@sneer.org> Message-ID: <8d9a42800412021146408f00ab@mail.gmail.com> yea if i recall they were 20mb accounts :D nonetheless i didnt take it personally they did have some cheap accounts :D -- Joseph Crawford Jr. Codebowl Solutions codebowl at gmail.com For a GMail account contact me OFF-LIST From yury at heavenspa.com Thu Dec 2 14:46:34 2004 From: yury at heavenspa.com (Yury Rush) Date: Thu, 2 Dec 2004 14:46:34 -0500 Subject: [nycphp-talk] [ OT ] Web Hosting Gone Bad In-Reply-To: <8d9a4280041202113913122521@mail.gmail.com> Message-ID: Nah -- get your own server :O) ciao yury www.discounted-cosmetics.info -----Original Message----- From: talk-bounces at lists.nyphp.org [mailto:talk-bounces at lists.nyphp.org]On Behalf Of Joseph Crawford Sent: Thursday, December 02, 2004 2:40 PM To: NYPHP Talk Subject: Re: [nycphp-talk] [ OT ] Web Hosting Gone Bad these are not the tech guys i am talking with they are the sales and billing. yes it is the same company i recomended and the only reason i recommended them is i have used them for 2 years now without any problems, until this. i guess i need to get the real big expensive hosts for reliability. On Thu, 2 Dec 2004 14:36:34 -0500, Jeff Wilhelm wrote: > > > ----Original Message---- > From: talk-bounces at lists.nyphp.org > [mailto:talk-bounces at lists.nyphp.org] On Behalf Of Joseph > Crawford Sent: Thursday, December 02, 2004 2:20 PM To: > NYPHP Talk Subject: Re: [nycphp-talk] [ OT ] Web Hosting > Gone Bad > > > couldnt i get them for destructing data that doesnt > > belong to them or something, i mean i would almost be > > willing to pay $100 to a lawyer to send them a letter if > > it would get me the files, i honestly dont feel i should > > have to pay the $20 and i dont know if i am going to > > stoop to the level and do it. However i dont have a > > local copy of the files and i do need them. > > Hm, I see where you're coming from. If I were you I'd go higher up. Sure, > the tech guy wants money for untarring a file, but his boss, or his bosses > boss, or a relationship manager, or a sales person, or SOMEONE should > realize the value of good customer service, or the value of repeat business. > I would be nice and civil on the phone when you call, and ask to talk to > someone else. There's got to be SOMEONE over there who can help. > > > > > > On Thu, 2 Dec 2004 14:18:30 -0500, Jeff Wilhelm > > wrote: > > > Do you have any other sites with them? > > > > > > If so, you could threaten to pull them. If the revenue > > > from the other > > > sites exceeds $20 they'd be stupid to fight with you. > > > > > > Alternatively, you could just pay them for the data (if > > > you really > > > need it; you don't have a local copy?) and then never > > > go back to that company. > > > > > > I mean, the ball is in their court. They have the data. > > > You want it. > > > You have to play by their rules (as dumb as they may > > > be) or else they > > > may -- OOPS -- drop the tape in the lake. > > > > > > Jeff > > > > > > > > > > > > > > > ----Original Message---- > > > From: talk-bounces at lists.nyphp.org > > > [mailto:talk-bounces at lists.nyphp.org] On Behalf Of > > > Joseph Crawford > > > Sent: Thursday, December 02, 2004 2:15 PM To: > > > NYPHP Talk Subject: [nycphp-talk] [ OT ] Web Hosting > > > Gone Bad > > > > > > > Guys, > > > > > > > > i had a web host that was a reseller, they went under > > > > and thier servers taken back by the company who sold > > > > them the space, there was no warning for this > > > > happening at all. now the new company wants to > > > > charge me $20 to get my files back.... is this even > > > > legal to do? all files on my account were written by > > > > me therefore they are my property. I mean this sounds > > > > to me the equivilence to walking into thier > > > > datacenter taking one of thier servers then saying > > > > hah you want it you have to pay me to get it back. > > > > > > > > what steps should i take in this situation? I have > > > > contacted support and they continue to say they are > > > > going to charge me now way around it, because thier > > > > tech has to run a tar command and email me the files, > > > > which on a properly setup linux box could probably > > > > all be done on one line. > > > > > > _______________________________________________ > > > New York PHP Talk > > > Supporting AMP Technology (Apache/MySQL/PHP) > > > http://lists.nyphp.org/mailman/listinfo/talk > > > http://www.newyorkphp.org > > _______________________________________________ > > > New York PHP Talk > Supporting AMP Technology (Apache/MySQL/PHP) > http://lists.nyphp.org/mailman/listinfo/talk > http://www.newyorkphp.org > -- Joseph Crawford Jr. Codebowl Solutions codebowl at gmail.com For a GMail account contact me OFF-LIST _______________________________________________ New York PHP Talk Supporting AMP Technology (Apache/MySQL/PHP) http://lists.nyphp.org/mailman/listinfo/talk http://www.newyorkphp.org From jperkins at sneer.org Thu Dec 2 14:53:53 2004 From: jperkins at sneer.org (Jason Perkins) Date: Thu, 2 Dec 2004 13:53:53 -0600 Subject: [nycphp-talk] [ OT ] Web Hosting Gone Bad In-Reply-To: <200412021944.iB2JikSJ024346@webmail2.megamailservers.com> References: <200412021944.iB2JikSJ024346@webmail2.megamailservers.com> Message-ID: On Dec 2, 2004, at 1:44 PM, Rahmin Pavlovic wrote: > > On Thu, 2 Dec 2004 14:15 , Joseph Crawford sent: > >> Guys, >> >> i had a web host that was a reseller, they went under and thier >> servers taken back by the company who sold them the space, there was >> no warning for this happening at all. now the new company wants to >> charge me $20 to get my files back.... is this even legal to do? all >> files on my account were written by me therefore they are my property. >> I mean this sounds to me the equivilence to walking into thier >> datacenter taking one of thier servers then saying hah you want it you >> have to pay me to get it back. >> > > Interesting. Let's see - if I found myself in that boat, I'd probably > tell them that my agreement was with the reseller, not the parent > company, > and that I am paid up. If parent company is owed any money, that is > between them and the reseller - otherwise, I deserve full access to my > paid-for files, or I'd be happy to pay the $20 to take all of my > business elsewhere. And possibly blog the experience. I don't think that this is a parent company - I think that hostproservices.com had a (or some) dedicated boxes that they were renting from gnax.com (who only does colo and dedicated, not shared hosting). It sounds like hostproservices.com folded with no notice and gnax.com is doing the hostproservices customers a favor, holding the boxes (or at least copied their data off of them) and charging $20 for recovery of their files. And really, it's a favor given that most hosting companies would've kicked a fresh OS install on those boxes and put 'em right back up into the pool for leasing, hostproservice's customers and their data be damned. -- Jason N Perkins From shiflett at php.net Thu Dec 2 15:03:26 2004 From: shiflett at php.net (Chris Shiflett) Date: Thu, 2 Dec 2004 12:03:26 -0800 (PST) Subject: [nycphp-talk] Validating Email Addresses In-Reply-To: <41AF3B8C.5000300@phpwerx.net> Message-ID: <20041202200326.20311.qmail@web52802.mail.yahoo.com> --- Dan Cech wrote: > I've come up against an interesting little problem, and wondered > if anyone had any input for me. > > I'm trying to validate email addresses like: > > Joe Bloggs That's a valid format for the From header (not sure it can really be called an email address, but maybe), but aren't quotes required around the name? You might think it's less cool than matching everything with a single pattern, but can't you easily break this up into name and email address? There are plenty of patterns to help make sure a string looks like an email address (I use the one in the Cookbook), so you just need to augment that by breaking up your string into a name and email address. The email address is probably everything to the right of the last space, without the angle brackets (if present). The name is everything else, without the quotes (if present). Hope that helps. Chris ===== Chris Shiflett - http://shiflett.org/ PHP Security - O'Reilly HTTP Developer's Handbook - Sams Coming February 2005 http://httphandbook.org/ From nyphp at enobrev.com Thu Dec 2 16:16:40 2004 From: nyphp at enobrev.com (Mark Armendariz) Date: Thu, 2 Dec 2004 16:16:40 -0500 Subject: [nycphp-talk] Validating Email Addresses In-Reply-To: <20041202200326.20311.qmail@web52802.mail.yahoo.com> Message-ID: <20041202211641.49084A85E9@virtu.nyphp.org> Here's a pattern I've been using for a while with success. /(?P(?:(?P[^\[\]()<>@,;:\\".]+)|"(?P[^\\"]+| [\\.]+)*")*(?P<))?(?P(?!\.)(?P\.?[^\[\]()<>@,;:\\" . ]+)+|"(?P[^\\"]+|[\\.]+)*")@(?P(?:(?!-)(?P[a-zA-Z\ d\-]+)(?[a-zA-Z]{2,})|\[(?P(?:(?(?[a-zA-Z\d\-]*[a-zA-Z\d]):(?P\d {2,5})))\])(?(4)>)/ And here's some examples: http://dev.enobrev.com/email/ And the code for the example: http://dev.enobrev.com/email/index.txt Mark From prusak at gmail.com Thu Dec 2 16:50:33 2004 From: prusak at gmail.com (Ophir Prusak) Date: Thu, 2 Dec 2004 16:50:33 -0500 Subject: [nycphp-talk] [ OT ] Web Hosting Gone Bad In-Reply-To: <8d9a428004120211157b4ce2f7@mail.gmail.com> References: <8d9a428004120211157b4ce2f7@mail.gmail.com> Message-ID: First of all, pay the $20 so you'll have the data in hand. THEN you can go ahead and do something else (like talk to a boss, threaten them, etc). Maybe you could even get your money back or something If the files have any real value to you, the last thing you need is to try to play hardball only to have your files "accidentally" deleted or something like that. On Thu, 2 Dec 2004 14:15:18 -0500, Joseph Crawford wrote: > Guys, > > i had a web host that was a reseller, they went under and thier > servers taken back by the company who sold them the space, there was > no warning for this happening at all. now the new company wants to > charge me $20 to get my files back.... is this even legal to do? all > files on my account were written by me therefore they are my property. > I mean this sounds to me the equivilence to walking into thier > datacenter taking one of thier servers then saying hah you want it you > have to pay me to get it back. > > what steps should i take in this situation? I have contacted support > and they continue to say they are going to charge me now way around > it, because thier tech has to run a tar command and email me the > files, which on a properly setup linux box could probably all be done > on one line. > > -- > Joseph Crawford Jr. > Codebowl Solutions > codebowl at gmail.com > > For a GMail account > contact me OFF-LIST > _______________________________________________ > New York PHP Talk > Supporting AMP Technology (Apache/MySQL/PHP) > http://lists.nyphp.org/mailman/listinfo/talk > http://www.newyorkphp.org > From danielc at analysisandsolutions.com Thu Dec 2 17:10:01 2004 From: danielc at analysisandsolutions.com (Daniel Convissor) Date: Thu, 2 Dec 2004 17:10:01 -0500 Subject: [nycphp-talk] Validating Email Addresses In-Reply-To: <41AF541F.2060309@phpwerx.net> References: <41AF408B.2070706@surgam.net> <20041202164535.GA11151@panix.com> <41AF541F.2060309@phpwerx.net> Message-ID: <20041202221001.GA21957@panix.com> Hey Dan: On Thu, Dec 02, 2004 at 12:42:55PM -0500, Dan Cech wrote: > > The problem with that is that it will reject emails of the form: > Joe Bloggs Yes. I figured you'd be smart enough to take care of that simple tweak. --Dan -- T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y data intensive web and database programming http://www.AnalysisAndSolutions.com/ 4015 7th Ave #4, Brooklyn NY 11232 v: 718-854-0335 f: 718-854-0409 From 1j0lkq002 at sneakemail.com Thu Dec 2 17:19:52 2004 From: 1j0lkq002 at sneakemail.com (inforequest) Date: Thu, 02 Dec 2004 17:19:52 -0500 Subject: [nycphp-talk] [ OT ] Web Hosting Gone Bad In-Reply-To: <8d9a4280041202112079d72279@mail.gmail.com> References: <8d9a428004120211157b4ce2f7@mail.gmail.com> <20041202191831.A373DA85E9@virtu.nyphp.org> <8d9a4280041202112079d72279@mail.gmail.com> Message-ID: <317-32513@sneakemail.com> Joseph Crawford codebowl-at-gmail.com |nyphp dev/internal group use| wrote: >However i dont have a local copy of the files and i do need them. > > That's your bad, so pay the fine. And then if you like, blog your customer service experience (honestly) to make yourself feel better. -=john andrews From chsnyder at gmail.com Thu Dec 2 17:30:08 2004 From: chsnyder at gmail.com (csnyder) Date: Thu, 2 Dec 2004 17:30:08 -0500 Subject: [nycphp-talk] [ OT ] Web Hosting Gone Bad In-Reply-To: <317-32513@sneakemail.com> References: <8d9a428004120211157b4ce2f7@mail.gmail.com> <20041202191831.A373DA85E9@virtu.nyphp.org> <8d9a4280041202112079d72279@mail.gmail.com> <317-32513@sneakemail.com> Message-ID: On Thu, 02 Dec 2004 17:19:52 -0500, inforequest <1j0lkq002 at sneakemail.com> wrote: > >However i dont have a local copy of the files and i do need them. > > That's your bad, so pay the fine. Or if not a mistake on your part, a life lesson worth 20 bucks -- keep local copies of everything you put on a remote server. You never know when the disk/server/isp/datacenter is going to take a walk. I used to tell my hosting clients up front that I'm not responsible for anything they put on my server. From danielc at analysisandsolutions.com Thu Dec 2 18:16:59 2004 From: danielc at analysisandsolutions.com (Daniel Convissor) Date: Thu, 2 Dec 2004 18:16:59 -0500 Subject: [nycphp-talk] Validating Email Addresses In-Reply-To: <41AF5D25.9020608@surgam.net> References: <41AF5D25.9020608@surgam.net> Message-ID: <20041202231659.GA12747@panix.com> On Thu, Dec 02, 2004 at 01:21:25PM -0500, James B. Wetterau Jr. wrote: > > Daniel Convissor wrote: > > > > > > '^[a-z0-9_.=+-]+@([a-z0-9-]+\.)+([a-z]{2,6})$' > > I feel that that regex is way underblown. > > It misses many valid email addresses. It's perfectly legitimate to > have characters other than [a-z0-9_.=+-] in the local part of the > address. Back when I did a study of RFC 822, those were the characters that the RFC said were valid. Perhaps I made a mistake. But I haven't heard of any problems with my expression. But RFC 822 has been replaced by 2822. I believe the newer RFC allows more characters in the local part. Again, I haven't heard of any complaints with it. None the less, looking at ftp://ftp.rfc-editor.org/in-notes/rfc2822.txt shows the following: atext = ALPHA / DIGIT / ; Any character except controls, "!" / "#" / ; SP, and specials. "$" / "%" / ; Used for atoms "&" / "'" / "*" / "+" / "-" / "/" / "=" / "?" / "^" / "_" / "`" / "{" / "|" / "}" / "~" Most of those characters are quite unusual for email addresses. fine Let's "do the right thing..." Here's a tweaking of my ereg expression to include all the legit characters in the local part: '^[-!#$%&\'*+/=?^_`{|}~a-z0-9.]+@([a-z0-9-]+\.)+([a-z]{2,6})$' The one flaw with that is it allows the local part to be just a period: . at foo.com. So, while we're at it, let's take it all the way: $expr = '^[-!#$%&\'*+/=?^_`{|}~a-z0-9]+' . '(.[-!#$%&\'*+/=?^_`{|}~a-z0-9]+)*' . '@([a-z0-9-]+\.)+([a-z]{2,6})$'; I've needed to do this for a while. Thanks for the excuse. --Dan -- T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y data intensive web and database programming http://www.AnalysisAndSolutions.com/ 4015 7th Ave #4, Brooklyn NY 11232 v: 718-854-0335 f: 718-854-0409 From 1j0lkq002 at sneakemail.com Thu Dec 2 21:00:45 2004 From: 1j0lkq002 at sneakemail.com (inforequest) Date: Thu, 02 Dec 2004 21:00:45 -0500 Subject: [nycphp-talk] [ OT ] Web Hosting Gone Bad In-Reply-To: References: <8d9a428004120211157b4ce2f7@mail.gmail.com> <20041202191831.A373DA85E9@virtu.nyphp.org> <8d9a4280041202112079d72279@mail.gmail.com> <317-32513@sneakemail.com> Message-ID: <30443-46926@sneakemail.com> csnyder chsnyder-at-gmail.com |nyphp dev/internal group use| wrote: >On Thu, 02 Dec 2004 17:19:52 -0500, inforequest ><1j0lkq002 at sneakemail.com> wrote: > > >>>However i dont have a local copy of the files and i do need them. >>> >>> >>That's your bad, so pay the fine. >> >> > >Or if not a mistake on your part, a life lesson worth 20 bucks -- keep >local copies of everything you put on a remote server. You never know >when the disk/server/isp/datacenter is going to take a walk. > or the server compromised. It amazes me that we know hosting servers get compromised, yet it certainly seems that after rebuilding the server they just dump the user files back onto the server ass-is from the last backup. If that happens, I dump my files and republish. You never know what you might find in there. From preinheimer at gmail.com Thu Dec 2 21:34:37 2004 From: preinheimer at gmail.com (Paul Reinheimer) Date: Thu, 2 Dec 2004 21:34:37 -0500 Subject: [nycphp-talk] [ OT ] Web Hosting Gone Bad In-Reply-To: <30443-46926@sneakemail.com> References: <8d9a428004120211157b4ce2f7@mail.gmail.com> <20041202191831.A373DA85E9@virtu.nyphp.org> <8d9a4280041202112079d72279@mail.gmail.com> <317-32513@sneakemail.com> <30443-46926@sneakemail.com> Message-ID: <6ec19ec7041202183479c7b366@mail.gmail.com> I would give up and pay them, and not bother trying to get the money back, once you pay them the chances of them doing a CC refund are somewhere between slim and none. I also don't think your legal grounds are as firm as you think they are. Just because the files belong do you doesn't obligate them to help you get them. If someones rollerskates appeared in the middle of my fenced in property I doubt I am breaking any laws by refusing to get them for the owner, with or without some sort of a fee. I would estimate your legal recourses against the incumbant host to also be between slim and none. The only company who owes you anything is your old host, and even that depends on when everything went down. If it happened at the end of your billing cycle (ie end of month) you've got nothing, your terms of service probably explicitly allowed for this to happen. If it happened mid billing cycle (ie you have paid for more than you received) you might have something. You have the same rights to the property of the new defunct host as the one that took them over, albeit just not in the same fiscal range. You could offer your claim (were talking pennies on the dollar here) on the defunct's host debt to you in exchange for your files. paul (ianal) On Thu, 02 Dec 2004 21:00:45 -0500, inforequest <1j0lkq002 at sneakemail.com> wrote: > csnyder chsnyder-at-gmail.com |nyphp dev/internal group use| wrote: > > >On Thu, 02 Dec 2004 17:19:52 -0500, inforequest > ><1j0lkq002 at sneakemail.com> wrote: > > > > > >>>However i dont have a local copy of the files and i do need them. > >>> > >>> > >>That's your bad, so pay the fine. > >> > >> > > > >Or if not a mistake on your part, a life lesson worth 20 bucks -- keep > >local copies of everything you put on a remote server. You never know > >when the disk/server/isp/datacenter is going to take a walk. > > > or the server compromised. It amazes me that we know hosting servers get > compromised, yet it certainly seems that after rebuilding the server > they just dump the user files back onto the server ass-is from the last > backup. If that happens, I dump my files and republish. You never know > what you might find in there. > > > _______________________________________________ > New York PHP Talk > Supporting AMP Technology (Apache/MySQL/PHP) > http://lists.nyphp.org/mailman/listinfo/talk > http://www.newyorkphp.org > -- Paul Reinheimer Zend Certified Engineer From preinheimer at gmail.com Thu Dec 2 21:45:59 2004 From: preinheimer at gmail.com (Paul Reinheimer) Date: Thu, 2 Dec 2004 21:45:59 -0500 Subject: [nycphp-talk] About XML in PHP In-Reply-To: <41AEAE6E.3090300@jonbaer.net> References: <41AEAE6E.3090300@jonbaer.net> Message-ID: <6ec19ec7041202184596bfb62@mail.gmail.com> check out MiniXML, i discovered it while writing my book as a SimpleXML alternative for PHP 4 users, but it has a lot of extra functionality. http://minixml.psychogenic.com paul On Thu, 02 Dec 2004 00:55:58 -0500, Jon Baer wrote: > im not sure you really want a parser function as much as you want to > manipulate + outout the dom .. check out dom functions: > > http://www.php.net/dom > > example: (you can also load/modify/etc) > > $doc = new DOMDocument("1.0"); > $foo = $doc->createElement("foo"); > $foo = $doc->appendChild($foo); > $bar = $doc->createElement("bar", "NYPHP Talk"); > $bar = $foo->appendChild($bar); > echo $doc->saveXML(); > ?> > > output: > > > NYPHP Talk > > - jon > > > > Amir Aavani wrote: > > dear friends > > i have a question about XML support in PHP. is there any class or > > function or etc that allow the program to generate an XML > > file(stream).I mean that it can add new node or new element or > > atrribute by its input parameters. > > for example if in its input, there is a 'login' message , it can add a > > node 'Login' to its output XML, and in otherwise add a node 'not > > login' or something like this. > > i know that there are some parser function or classes in PHP but with > > none of them you can't add a new node to the output XML. > > thanks > > Amir > > pgp key: http://www.jonbaer.net/jonbaer.asc > fingerprint: F438 A47E C45E 8B27 F68C 1F9B 41DB DB8B 9A0C AF47 > > > _______________________________________________ > New York PHP Talk > Supporting AMP Technology (Apache/MySQL/PHP) > http://lists.nyphp.org/mailman/listinfo/talk > http://www.newyorkphp.org > -- Paul Reinheimer Zend Certified Engineer From codebowl at gmail.com Thu Dec 2 21:52:45 2004 From: codebowl at gmail.com (Joseph Crawford) Date: Thu, 2 Dec 2004 21:52:45 -0500 Subject: [nycphp-talk] [ OT ] Web Hosting Gone Bad In-Reply-To: <6ec19ec7041202183479c7b366@mail.gmail.com> References: <8d9a428004120211157b4ce2f7@mail.gmail.com> <20041202191831.A373DA85E9@virtu.nyphp.org> <8d9a4280041202112079d72279@mail.gmail.com> <317-32513@sneakemail.com> <30443-46926@sneakemail.com> <6ec19ec7041202183479c7b366@mail.gmail.com> Message-ID: <8d9a428004120218524bc70f3d@mail.gmail.com> is there a public blog i could post this on? would anyone here mind posting this on thier blogs? -- Joseph Crawford Jr. Codebowl Solutions codebowl at gmail.com For a GMail account contact me OFF-LIST From kirill at svots.edu Thu Dec 2 22:15:17 2004 From: kirill at svots.edu (Dn. Kirill Sokolov) Date: Thu, 2 Dec 2004 22:15:17 -0500 Subject: [nycphp-talk] Integration for small non-profit In-Reply-To: <20041129170004.40196A8775@virtu.nyphp.org> References: <20041129170004.40196A8775@virtu.nyphp.org> Message-ID: Hello, I'm trying to work out several different options for integrated software to administer our small (<100 students) graduaate school. One option is to purchase a commercial integrated system designed for the purpose -- very expensive, naturally. Another option is to stick with our current system (poor text-based user interface - Informix SE). A third option would be to try to put together various software components that all together are still significantly cheaper than the integrated system. The components we have now include: Accounting Donor Management Bookstore (POS) Academic Records / Registrar The glue that holds this all together in a relational database is the contacts table. I think that for our needs, one of the higher end Quickbooks applications would do perfectly well for accounting; almost any donor management program would be fine (e.g., Donorperfect or even the nonprofitbooks program designed for Quickbooks). POS and Academic programs need only to share a contacts database. If I could get Quickbooks or an equivalent package and a donor management program to share an SQL database, I think I could straightforwardly enough implement open source / php applications for smaller tasks such as academic records. Any thoughts as to whether this is worth further exploration? I think I've "googled" everywhere I can and haven't quite been able to figure out accounting and donor management WITH an open/shared contacts database short of very expensive packages... Thanks for pointers, -- Rev. Dn. Kirill Sokolov Director of Systems and Information Technologies St. Vladimir's Orthodox Theological Seminary From jlacey at att.net Thu Dec 2 22:50:33 2004 From: jlacey at att.net (John Lacey) Date: Thu, 02 Dec 2004 20:50:33 -0700 Subject: [nycphp-talk] Integration for small non-profit In-Reply-To: References: <20041129170004.40196A8775@virtu.nyphp.org> Message-ID: <41AFE289.3080905@att.net> Dn. Kirill Sokolov wrote: > > Accounting > Donor Management > Bookstore (POS) > Academic Records / Registrar > > The glue that holds this all together in a relational database is the > contacts table. > > I think that for our needs, one of the higher end Quickbooks > applications would do perfectly well for accounting; almost any donor > management program would be fine (e.g., Donorperfect or even the > nonprofitbooks program designed for Quickbooks). POS and Academic > programs need only to share a contacts database. > look into SQL-Ledger--it's an open source accounting system that uses PostgreSQL -- an Open Source database. Postgres is a little more work setting up than MySQL (at least in my experience -- feel free to jump in listies). link to SQL-Ledger: http://www.sql-ledger.org/ There will probably be some other folks chiming in here with other suggestions for the other apps. hope that helps, John From matt at jiffycomp.com Thu Dec 2 23:46:06 2004 From: matt at jiffycomp.com (Matt Morgan) Date: Thu, 02 Dec 2004 23:46:06 -0500 Subject: [nycphp-talk] Integration for small non-profit In-Reply-To: <41AFE289.3080905@att.net> References: <20041129170004.40196A8775@virtu.nyphp.org> <41AFE289.3080905@att.net> Message-ID: <41AFEF8E.3040700@jiffycomp.com> John Lacey wrote: > Dn. Kirill Sokolov wrote: > >> >> Accounting >> Donor Management >> Bookstore (POS) >> Academic Records / Registrar >> >> The glue that holds this all together in a relational database is the >> contacts table. >> >> I think that for our needs, one of the higher end Quickbooks >> applications would do perfectly well for accounting; almost any donor >> management program would be fine (e.g., Donorperfect or even the >> nonprofitbooks program designed for Quickbooks). POS and Academic >> programs need only to share a contacts database. >> > > look into SQL-Ledger--it's an open source accounting system that uses > PostgreSQL -- an Open Source database. Postgres is a little more work > setting up than MySQL (at least in my experience -- feel free to jump > in listies). > > link to SQL-Ledger: > http://www.sql-ledger.org/ > > There will probably be some other folks chiming in here with other > suggestions for the other apps. > I second the recommendation about SQL-Ledger. Postgres is indeed a bit harder to set up then MySQL, although there are packages for all the big Linux distributions. It just seems like I always end up having to compile it for some reason, or at least edit something manually. But it is still better than MySQL in some ways, so it can be worth it. I suggest a look at dotLRN (http://dotlrn.org/) for open-source academic management. It doesn't do everything you need out of the box, but it's based on OpenACS (http://www.openacs.org), which is very, very powerful. --Matt From kirill at svots.edu Fri Dec 3 06:38:05 2004 From: kirill at svots.edu (Dn. Kirill Sokolov) Date: Fri, 3 Dec 2004 06:38:05 -0500 Subject: [nycphp-talk] Integration for small non-profit In-Reply-To: <41AFEF8E.3040700@jiffycomp.com> References: <20041129170004.40196A8775@virtu.nyphp.org> <41AFE289.3080905@att.net> <41AFEF8E.3040700@jiffycomp.com> Message-ID: At 23:46 -0500 12/2/04, Matt Morgan wrote, referring to John Lacey's post: >I second the recommendation about SQL-Ledger. Postgres is indeed a >bit harder to set up then MySQL, although there are packages for all >the big Linux distributions. It just seems like I always end up >having to compile it for some reason, or at least edit something >manually. But it is still better than MySQL in some ways, so it can >be worth it. I don't mind using Postgres; SQL-Ledger looks like it would be perfect for our accounting needs (better than what we have, anyway). However - I am a little unclear as to how I could integrate SQL-Ledger with donor management? Does anyone know of a non-profit which has successfully modified SQL-Ledger for basic donor management or integrated SQL-Ledger with a CRM or something similar? Thanks for the suggestions.. >I suggest a look at dotLRN (http://dotlrn.org/) for open-source >academic management. It doesn't do everything you need out of the >box, but it's based on OpenACS (http://www.openacs.org), which is >very, very powerful. This seems promising, at least in the long term.. I might be wrong, but it seems like this is (for now) mostly ready for producing academic web sites, rather than hosting academic administrative tasks (although it is a powerful framework). From james at surgam.net Fri Dec 3 13:32:31 2004 From: james at surgam.net (James B. Wetterau Jr.) Date: Fri, 03 Dec 2004 13:32:31 -0500 Subject: [nycphp-talk] Validating Email Addresses Message-ID: <41B0B13F.7020202@surgam.net> Daniel Convissor says: ... > Back when I did a study of RFC 822, those were the characters that the > RFC said were valid. Perhaps I made a mistake. But I haven't heard > of any problems with my expression. I think the characters you had were the ones permitted by the RFC *that are commonly considered supported*. To give an obvious example: if an email address has a / in it, and an address maps directly to a Unix file or directory, it cannot be written on the system without translation. That said, it's still an RFC valid address -- it would just have to be aliased to something else locally on the Unix system. In practice you are probably right that almost no one uses such a weird address. I vaguely recall one person using an address with a % to prove a point on one mailing list I was on. ... > The one flaw with that is it allows the local part to be just a > period: . at foo.com. Or is it a feature? > I've needed to do this for a while. Thanks for the excuse. I sincerely appreciate your effort to do the right thing. Good going! Seriously, software would be better if more people tried to promptly fix stuff like this. While we're at it though, I should mention one other thing: From what I can tell, though RFC822 seems to discourage it, it supports for backward compatibility addresses of this form: address.example at tld ... evidently because some TLD's used to do addressing like that. I also can't quite tell from the RFC whether it would be valid for a TLD to grant its own email addresses, but those would also look like that. So you can have a valid email address that has only a TLD to the right of the "@" with no "." in there. From mogmios at mlug.missouri.edu Fri Dec 3 16:58:13 2004 From: mogmios at mlug.missouri.edu (Michael) Date: Fri, 03 Dec 2004 13:58:13 -0800 Subject: [nycphp-talk] [ OT ] Web Hosting Gone Bad In-Reply-To: <30443-46926@sneakemail.com> References: <8d9a428004120211157b4ce2f7@mail.gmail.com> <20041202191831.A373DA85E9@virtu.nyphp.org> <8d9a4280041202112079d72279@mail.gmail.com> <317-32513@sneakemail.com> <30443-46926@sneakemail.com> Message-ID: <41B0E175.1050509@mlug.missouri.edu> > or the server compromised. It amazes me that we know hosting servers > get compromised, yet it certainly seems that after rebuilding the > server they just dump the user files back onto the server ass-is from > the last backup. If that happens, I dump my files and republish. You > never know what you might find in there. Most hosting companies I have worked with didn't make any real effort at security and didn't seem to have much expertise. You're really better off getting a dedicated host and managing it yourself. -- Michael http://kavlon.org From ajai at bitblit.net Fri Dec 3 17:10:57 2004 From: ajai at bitblit.net (Ajai Khattri) Date: Fri, 03 Dec 2004 17:10:57 -0500 Subject: [nycphp-talk] [ OT ] Web Hosting Gone Bad In-Reply-To: <41B0E175.1050509@mlug.missouri.edu> References: <8d9a428004120211157b4ce2f7@mail.gmail.com> <20041202191831.A373DA85E9@virtu.nyphp.org> <8d9a4280041202112079d72279@mail.gmail.com> <317-32513@sneakemail.com> <30443-46926@sneakemail.com> <41B0E175.1050509@mlug.missouri.edu> Message-ID: <41B0E471.4010204@bitblit.net> Michael wrote: > Most hosting companies I have worked with didn't make any real effort > at security and didn't seem to have much expertise. You're really > better off getting a dedicated host and managing it yourself. Well, as someone who works for an ISP, I feel that clients are their own worst enemy. For example, they will continue using the same old insecure scripts they have always been using even when it is widely known they represent security problems. Designers are the worst because they usually have no clue. If you have thousands of sites being hosted its hard to keep an eye on what scripts a client is running - all we can do is inform them of the problem and hope they take care of it and learn from it. -- Aj. Systems Administrator / Developer From webmaster at localnotion.com Fri Dec 3 18:54:51 2004 From: webmaster at localnotion.com (Matthew Terenzio) Date: Fri, 3 Dec 2004 18:54:51 -0500 Subject: [nycphp-talk] horizontally scalable Message-ID: So would this be an example of a legit type of set up: LOad Balancer | | | PHP PHP PHP PHP PHP | | | | | \ \ | / / Database This is something like what was presented in school, but I've never had the need to try it out. Matt From chsnyder at gmail.com Fri Dec 3 23:04:04 2004 From: chsnyder at gmail.com (csnyder) Date: Fri, 3 Dec 2004 23:04:04 -0500 Subject: [nycphp-talk] horizontally scalable In-Reply-To: References: Message-ID: That diagram might be legit, or it might not -- it all depends on what problem you're trying to solve. If it's specifically the PHP processing that you need to parallelize (is that a word?) -- becuase you're generating images or something -- you could use a reverse proxy instead of a load balancer. If it's all about bandwidth rather than processing, then you might have a number of caching reverse proxies in front of a single PHP/MySQL master. From hans at nyphp.com Mon Dec 6 16:41:17 2004 From: hans at nyphp.com (Hans Zaunere) Date: Mon, 6 Dec 2004 13:41:17 -0800 Subject: [nycphp-talk] NYPHP Server Online Message-ID: <41EE526EC2D3C74286415780D3BA9F87065A005C@ehost011-1.exch011.intermedia.net> Hi everyone, Sorry for the inconvenience of the server being down lately, but things should be fixed now. If anyone notices any additional issues, please contact me directly ASAP. Regards, --- Hans Zaunere President, Founder New York PHP http://www.nyphp.org From mwithington at PLMresearch.com Mon Dec 6 16:49:48 2004 From: mwithington at PLMresearch.com (Mark Withington) Date: Mon, 6 Dec 2004 16:49:48 -0500 Subject: [nycphp-talk] On line catalog pricing Message-ID: <1F3CD8DDFB6A9B4C9B8DD06E4A7DE358CCFD1D@network.PLMresearch.com> Has anyone got any experiences that they would like to share regarding online catalog pricing? Really looking for price quotes to implement a shopping cart system, not design the HTML presentation layer front-end. I'd like to ensure that I'm quoting within some sort of standardized "from $XXXX.00 to $YYYY.00" price range. Thanks in advance, Mark -------------------------- Mark L. Withington PLMresearch "eBusiness for the Midsize Enterprise" PO Box 1354 Plymouth, MA 02362 o: 800-310-3992 f: 508-746-4973 v: 508-746-2383 m: 508-801-0181 http://www.PLMresearch.com Netscape/AOL/MSN IM: PLMresearch mwithington at plmresearch.com Public Key: http://www.PLMresearch.com/keys/MLW_public_key.asc Calendar: http://www.plmresearch.com/calendar.php -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/ms-tnef Size: 2344 bytes Desc: not available URL: From crayolalettuce at gmail.com Mon Dec 6 13:36:25 2004 From: crayolalettuce at gmail.com (Jim Bishop) Date: Mon, 6 Dec 2004 13:36:25 -0500 Subject: [nycphp-talk] NYPHP.ORG down? Message-ID: I'm trying to post a job to jobs at nyphp.org. I went to the website to look up specs for job submissions, but I can't get to the site. Is everyone else having this problem? Jim Bishop From yury at heavenspa.com Mon Dec 6 17:16:25 2004 From: yury at heavenspa.com (Yury Rush) Date: Mon, 6 Dec 2004 17:16:25 -0500 Subject: [nycphp-talk] NYPHP.ORG down? In-Reply-To: Message-ID: working for me. yury http://www.motionrush.com -----Original Message----- From: talk-bounces at lists.nyphp.org [mailto:talk-bounces at lists.nyphp.org]On Behalf Of Jim Bishop Sent: Monday, December 06, 2004 1:36 PM To: talk at lists.nyphp.org Subject: [nycphp-talk] NYPHP.ORG down? I'm trying to post a job to jobs at nyphp.org. I went to the website to look up specs for job submissions, but I can't get to the site. Is everyone else having this problem? Jim Bishop _______________________________________________ New York PHP Talk Supporting AMP Technology (Apache/MySQL/PHP) http://lists.nyphp.org/mailman/listinfo/talk http://www.newyorkphp.org From dan at danhorning.com Mon Dec 6 17:25:49 2004 From: dan at danhorning.com (Dan Horning) Date: Mon, 6 Dec 2004 17:25:49 -0500 Subject: [nycphp-talk] On line catalog pricing In-Reply-To: <1F3CD8DDFB6A9B4C9B8DD06E4A7DE358CCFD1D@network.PLMresearch.com> Message-ID: <200412062225.iB6MPEOW018614@ms-smtp-04.nyroc.rr.com> Mark, I most often price based on a few factors 1) number of items (w/o data entry) 2) number of items needing data entry 3) product imaging ($5 - $150(each) depending on size and qty.) 4) what the avg. customer would actually buy along with how many per month would buy. 5) training / upkeep - who does the continued maintenance 6) integration of frontend design. basically that should cover a few major factors I end up charging anywhere from 1500 (really small company) to 150,000 for commerce sites 7) frontend design -- Dan Horning dan.horning at lblogistics.com - http://www.lblogistics.com/ Chief Operations Officer / Owner - Lightning Bug Logistics, Inc. Office - 1-800-863-3854 ext. 502 Cell - 1-518-894-4155 Home - 1-518-280-2119 > -----Original Message----- > From: talk-bounces at lists.nyphp.org > [mailto:talk-bounces at lists.nyphp.org] On Behalf Of Mark Withington > Sent: Monday, December 06, 2004 4:50 PM > To: 'NYPHP Talk' > Subject: [nycphp-talk] On line catalog pricing > > Has anyone got any experiences that they would like to share > regarding online catalog pricing? Really looking for price > quotes to implement a shopping cart system, not design the > HTML presentation layer front-end. I'd like to ensure that > I'm quoting within some sort of standardized "from $XXXX.00 > to $YYYY.00" price range. > > Thanks in advance, > > Mark > > -------------------------- > Mark L. Withington > PLMresearch > "eBusiness for the Midsize Enterprise" > PO Box 1354 > Plymouth, MA 02362 > o: 800-310-3992 > f: 508-746-4973 > v: 508-746-2383 > m: 508-801-0181 > http://www.PLMresearch.com > Netscape/AOL/MSN IM: PLMresearch > mwithington at plmresearch.com > Public Key: http://www.PLMresearch.com/keys/MLW_public_key.asc > Calendar: http://www.plmresearch.com/calendar.php > From mitch.pirtle at gmail.com Sat Dec 4 09:48:19 2004 From: mitch.pirtle at gmail.com (Mitch Pirtle) Date: Sat, 4 Dec 2004 09:48:19 -0500 Subject: [nycphp-talk] horizontally scalable In-Reply-To: References: Message-ID: <330532b6041204064851b0b8a3@mail.gmail.com> I wouldn't call that horizontally scalable though, as you would also need to scale at the load balancer / database layer. This is when things get really complicated - but with smart proxies like pound (http://www.apsis.ch/pound/) and database-driven session storage such as what is provided by ADOdb (http://adodb.sf.net/) it is not nearly as difficult as it was in the past. What I have seen in the past - working on high-traffic websites at least - was that scaling the application layer was a piece of cake; and scaling the database was complicated enough that instead of installing many cheap/commodity servers (like at the application level) they always ended up getting two monster machines. And with quad-processor opterons as affordable as they are now, I am thinking that is just fine ;-) I remember running a very heavy site on a single mysql box, dual pentium 333s with the DPT controller (slowest controller on the planet); and that was when they were getting something like 10 million visitors daily. Man, how different life would have looked with a quad opteron back there! -- Mitch On Fri, 3 Dec 2004 18:54:51 -0500, Matthew Terenzio wrote: > So would this be an example of a legit type of set up: > > LOad Balancer > | > | > | > PHP PHP PHP PHP PHP > > | | | | | > \ \ | / / > > Database From nhart at musicpf.org Tue Dec 7 09:30:27 2004 From: nhart at musicpf.org (Nicholas Hart) Date: Tue, 7 Dec 2004 09:30:27 -0500 Subject: [nycphp-talk] RE: On line catalog pricing In-Reply-To: <1F3CD8DDFB6A9B4C9B8DD06E4A7DE358CCFD1D@network.PLMresearch.com> Message-ID: <000901c4dc69$54644230$0f01a8c0@DC823JN11> Hi, Are you looking for a sort of 'MSRP' or do you want a quote? Let me know. Thanks. Regards, Nicholas Hart -----Original Message----- From: talk-bounces at lists.nyphp.org [mailto:talk-bounces at lists.nyphp.org] On Behalf Of Mark Withington Sent: Monday, December 06, 2004 4:50 PM To: 'NYPHP Talk' Subject: On line catalog pricing Has anyone got any experiences that they would like to share regarding online catalog pricing? Really looking for price quotes to implement a shopping cart system, not design the HTML presentation layer front-end. I'd like to ensure that I'm quoting within some sort of standardized "from $XXXX.00 to $YYYY.00" price range. Thanks in advance, Mark -------------------------- Mark L. Withington PLMresearch "eBusiness for the Midsize Enterprise" PO Box 1354 Plymouth, MA 02362 o: 800-310-3992 f: 508-746-4973 v: 508-746-2383 m: 508-801-0181 http://www.PLMresearch.com Netscape/AOL/MSN IM: PLMresearch mwithington at plmresearch.com Public Key: http://www.PLMresearch.com/keys/MLW_public_key.asc Calendar: http://www.plmresearch.com/calendar.php From mwithington at PLMresearch.com Tue Dec 7 09:46:17 2004 From: mwithington at PLMresearch.com (Mark Withington) Date: Tue, 7 Dec 2004 09:46:17 -0500 Subject: [nycphp-talk] RE: On line catalog pricing Message-ID: <1F3CD8DDFB6A9B4C9B8DD06E4A7DE3586A6EE0@network.PLMresearch.com> Thanks Nicholas, I'm looking for MSRP - trying to conduct a sanity check to ensure that I'm quoting my clients in line with the "prevailing rate" Cheers, Mark -------------------------- Mark L. Withington PLMresearch v: 508-746-2383 m: 508-801-0181 Calendar: http://www.plmresearch.com/calendar.php -----Original Message----- From: talk-bounces at lists.nyphp.org [mailto:talk-bounces at lists.nyphp.org] On Behalf Of Nicholas Hart Sent: Tuesday, December 07, 2004 9:30 AM To: 'NYPHP Talk' Subject: [nycphp-talk] RE: On line catalog pricing Hi, Are you looking for a sort of 'MSRP' or do you want a quote? Let me know. Thanks. Regards, Nicholas Hart -----Original Message----- From: talk-bounces at lists.nyphp.org [mailto:talk-bounces at lists.nyphp.org] On Behalf Of Mark Withington Sent: Monday, December 06, 2004 4:50 PM To: 'NYPHP Talk' Subject: On line catalog pricing Has anyone got any experiences that they would like to share regarding online catalog pricing? Really looking for price quotes to implement a shopping cart system, not design the HTML presentation layer front-end. I'd like to ensure that I'm quoting within some sort of standardized "from $XXXX.00 to $YYYY.00" price range. Thanks in advance, Mark -------------------------- Mark L. Withington PLMresearch "eBusiness for the Midsize Enterprise" PO Box 1354 Plymouth, MA 02362 o: 800-310-3992 f: 508-746-4973 v: 508-746-2383 m: 508-801-0181 http://www.PLMresearch.com Netscape/AOL/MSN IM: PLMresearch mwithington at plmresearch.com Public Key: http://www.PLMresearch.com/keys/MLW_public_key.asc Calendar: http://www.plmresearch.com/calendar.php _______________________________________________ New York PHP Talk Supporting AMP Technology (Apache/MySQL/PHP) http://lists.nyphp.org/mailman/listinfo/talk http://www.newyorkphp.org From psaw at pswebcode.com Tue Dec 7 10:23:03 2004 From: psaw at pswebcode.com (Peter Sawczynec) Date: Tue, 7 Dec 2004 10:23:03 -0500 Subject: [nycphp-talk] "It's An Opensource World..." Pointing to New Jobs Message-ID: <000001c4dc70$a88ff0f0$68e4a144@Liz> Cover story article in InfoWorld Dec 06, 2004 issue: http://www.infoworld.com/article/04/12/03/49FEopensource_1.html?s=feature I'm just wondering: it may seem that right now there will be a short-lived growth spurt in the general corp IT environment for vps, programmers, webmasters, db admins, etc that have hands on with AMP. Collectively, nyphp.org members offer I fine pret-a-porter group of future corp IT associates. Is there any value in us [maybe me] getting together a list of IT HR contacts to which we can regularly email/mail/promote our group as a very valuable and viable pool of opensource talent. Then maybe we have a web page with a roster of names linked to contact info and an online resume. E.g. I may have a name or two in HR at Corbis, maybe Xerox and Citibank. Certainly we can find other info online. Maybe you have HR contact name(s) you can throw in the pool from your own job hunting exp. Does this have merit? Thoughts... Warmest regards, Peter Sawczynec Munroe Creative psawczynec at muroe.com 718.543.3240 -------------- next part -------------- An HTML attachment was scrubbed... URL: From michael.southwell at nyphp.org Tue Dec 7 16:50:10 2004 From: michael.southwell at nyphp.org (Michael Southwell) Date: Tue, 07 Dec 2004 16:50:10 -0500 Subject: [nycphp-talk] PHP Compilers Message-ID: <6.1.2.0.2.20041207164918.02046c80@mail.optonline.net> Would anyone care to share recommendations (and/or bad experiences) with PHP Compilers? Michael Southwell VP, Education Department New York PHP michael.southwell at nyphp.org From george at omniti.com Tue Dec 7 17:01:47 2004 From: george at omniti.com (George Schlossnagle) Date: Tue, 7 Dec 2004 17:01:47 -0500 Subject: [nycphp-talk] PHP Compilers In-Reply-To: <6.1.2.0.2.20041207164918.02046c80@mail.optonline.net> References: <6.1.2.0.2.20041207164918.02046c80@mail.optonline.net> Message-ID: <973B03A6-489B-11D9-848A-000D93359332@omniti.com> On Dec 7, 2004, at 4:50 PM, Michael Southwell wrote: > Would anyone care to share recommendations (and/or bad experiences) > with PHP Compilers? Compilers like roadsend or compiler caches like APC or ZPS? George From jaimeb82 at yahoo.com Thu Dec 9 16:47:28 2004 From: jaimeb82 at yahoo.com (jaime bermudez) Date: Thu, 9 Dec 2004 13:47:28 -0800 (PST) Subject: [nycphp-talk] primary key alphanumerical Message-ID: <20041209214728.99414.qmail@web51306.mail.yahoo.com> Hi there, Is there any way to make a Primary Key that is a combination of letters and numbers. I have an application form that collects teachers information, then every teacher should submit their school principal and their school supervisor, the problem is that each (PK) is just a consecutive number. Therefore, each application contains 3 diferent numbers like 001 (for the teacher) 002 (for the principal) and 003 (for the supervisor) this gets confusing when I try to separate them to transfer from MySQL into an Access database. It would be ideal if they are something like that : TEA001, PRI001, SUP001, etc... Any ideas or paths so I can start researching...? Thanks in advance, Jaime. Gilder Lehrman Institute of American History __________________________________ Do you Yahoo!? Yahoo! Mail - Easier than ever with enhanced search. Learn more. http://info.mail.yahoo.com/mail_250 From Cbielanski at inta.org Thu Dec 9 16:55:01 2004 From: Cbielanski at inta.org (Chris Bielanski) Date: Thu, 9 Dec 2004 16:55:01 -0500 Subject: [nycphp-talk] primary key alphanumerical Message-ID: <4DBE3775D77C744E9D1B9D06082E75D60AAAB7@intamail1.com> Sounds like I'd look first at normalizing the data. You'd end up with three tables by this example. One for all members, one for all membertypes and one associating table between them. Unless you really want to keep it all in one table, get away from solving problems arising from using a single BMFT! (Big Mother-Fraggin Table) :) Thanks, Chris Bielanski Web Programmer, International Trademark Association, 1133 Avenue of the Americas, 33rd Floor New York, NY 10036 +1 (212) 642-1745, f: +1 (212) 768-7796 mailto:cbielanski at inta.org, www.inta.org INTA -- 125 Years of Excellence > -----Original Message----- > From: jaime bermudez [mailto:jaimeb82 at yahoo.com] > Sent: Thursday, December 09, 2004 4:47 PM > To: talk at lists.nyphp.org > Subject: [nycphp-talk] primary key alphanumerical > > > Hi there, > Is there any way to make a Primary Key that is a > combination of letters and numbers. I have an > application form that collects teachers information, > then every teacher should submit their school > principal and their school supervisor, the problem is > that each (PK) is just a consecutive number. > Therefore, each application contains 3 diferent > numbers like 001 (for the teacher) 002 (for the > principal) and 003 (for the supervisor) this gets > confusing when I try to separate them to transfer from > MySQL into an Access database. It would be ideal if > they are something like that : TEA001, PRI001, SUP001, > etc... > > Any ideas or paths so I can start researching...? > > Thanks in advance, Jaime. > Gilder Lehrman Institute of American History > > > > > __________________________________ > Do you Yahoo!? > Yahoo! Mail - Easier than ever with enhanced search. Learn more. > http://info.mail.yahoo.com/mail_250 > _______________________________________________ > New York PHP Talk > Supporting AMP Technology (Apache/MySQL/PHP) > http://lists.nyphp.org/mailman/listinfo/talk > http://www.newyorkphp.org > From jlacey at att.net Thu Dec 9 16:54:17 2004 From: jlacey at att.net (John Lacey) Date: Thu, 09 Dec 2004 14:54:17 -0700 Subject: [nycphp-talk] primary key alphanumerical In-Reply-To: <20041209214728.99414.qmail@web51306.mail.yahoo.com> References: <20041209214728.99414.qmail@web51306.mail.yahoo.com> Message-ID: <41B8C989.6000201@att.net> jaime bermudez wrote: > Hi there, > Is there any way to make a Primary Key that is a > combination of letters and numbers. I have an > application form that collects teachers information, > then every teacher should submit their school > principal and their school supervisor, the problem is > that each (PK) is just a consecutive number. > Therefore, each application contains 3 diferent > numbers like 001 (for the teacher) 002 (for the > principal) and 003 (for the supervisor) this gets > confusing when I try to separate them to transfer from > MySQL into an Access database. It would be ideal if > they are something like that : TEA001, PRI001, SUP001, > etc... > A primary key, or any key, can be comprised of more than one field (and they don't have to be contiguous). So, you can have an auto_increment field (fld1) that bumps the numbers and another field (fld2) that contains "letters". The primary key is then keyname (fld1, fld2). something along those lines should work for you. HTH, John From 1j0lkq002 at sneakemail.com Thu Dec 9 17:57:13 2004 From: 1j0lkq002 at sneakemail.com (inforequest) Date: Thu, 09 Dec 2004 17:57:13 -0500 Subject: [nycphp-talk] primary key alphanumerical In-Reply-To: <20041209214728.99414.qmail@web51306.mail.yahoo.com> References: <20041209214728.99414.qmail@web51306.mail.yahoo.com> Message-ID: <13497-83800@sneakemail.com> jaime bermudez jaimeb82-at-yahoo.com |nyphp dev/internal group use| wrote: >Hi there, >Is there any way to make a Primary Key that is a >combination of letters and numbers. I have an >application form that collects teachers information, >then every teacher should submit their school >principal and their school supervisor, the problem is >that each (PK) is just a consecutive number. >Therefore, each application contains 3 diferent >numbers like 001 (for the teacher) 002 (for the >principal) and 003 (for the supervisor) this gets >confusing when I try to separate them to transfer from >MySQL into an Access database. It would be ideal if >they are something like that : TEA001, PRI001, SUP001, >etc... > >Any ideas or paths so I can start researching...? > >Thanks in advance, Jaime. >Gilder Lehrman Institute of American History > > I echo the comments about exercising care normalizing the data. What you seem to be describing is a need for labels, which is best addressed with display features or lookup tables. When you add TEA to the data as you describe, you are actually encoding the "teacher" data twice, which is dangerous for technical/management reasons. You are also hard-coding an assumption into your dataset (that 001 is "teacher") and that removes some of the flexibility you got when you chose to use a database in the first place. I'd suggest you have a database expert look over your table design and maybe your queries before you advance too far. It maybe very much worth the minor inconvenience. -=john andrews From danielc at analysisandsolutions.com Thu Dec 9 20:07:31 2004 From: danielc at analysisandsolutions.com (Daniel Convissor) Date: Thu, 9 Dec 2004 20:07:31 -0500 Subject: [nycphp-talk] primary key alphanumerical In-Reply-To: <20041209214728.99414.qmail@web51306.mail.yahoo.com> References: <20041209214728.99414.qmail@web51306.mail.yahoo.com> Message-ID: <20041210010731.GB25080@panix.com> On Thu, Dec 09, 2004 at 01:47:28PM -0800, jaime bermudez wrote: > Is there any way to make a Primary Key that is a > combination of letters and numbers. There's nothing preventing you from using a CHAR field as a primary key. That would negate auto_increment, but you didn't mention needing that. As someone else mentioned, you can combine a CHAR and INT column to make the key. Like other pepole mentioned, it sounds like you're on an unusual track. If you need some database consulting, drop me an email off list. --Dan -- T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y data intensive web and database programming http://www.AnalysisAndSolutions.com/ 4015 7th Ave #4, Brooklyn NY 11232 v: 718-854-0335 f: 718-854-0409 From tgales at tgaconnect.com Fri Dec 10 07:21:38 2004 From: tgales at tgaconnect.com (Tim Gales) Date: Fri, 10 Dec 2004 07:21:38 -0500 Subject: [nycphp-talk] primary key alphanumerical In-Reply-To: <20041209214728.99414.qmail@web51306.mail.yahoo.com> Message-ID: <001401c4deb2$ccb8e1f0$e98d3818@oberon1> jaime bermudez writes > Is there any way to make a Primary Key that is a > combination of letters and numbers. I have an > application form that collects teachers information, > then every teacher should submit their school > principal and their school supervisor, the problem is > that each (PK) is just a consecutive number. > Therefore, each application contains 3 diferent > numbers like 001 (for the teacher) 002 (for the > principal) and 003 (for the supervisor) this gets > confusing... The short answer is yes. (John Lacey already pointed out that you can create a segmented key.) I would suggest that you do some reading on when to use a natural key versus when to use a surrogate key. (Auto increment fields are, of course, generated surrogate keys) My feeling is that you should always look for a natural key first, before falling back on a surrogate. Generally speaking, a segmented key is needed when no field or column (i.e. natural attribute) is suitable by itself. But if you have to generate a key, I would say you should at least generate a (self-contained) unique key -- and not create a 'unique key if it is glued onto another column from the table' key. Maybe you could just use a (universal) timestamp instead (as a surrogate key). T. Gales & Associates 'Helping People Connect with Technology' http://www.tgaconnect.com P.S. It may be that: if you have more surrogate keys than natural keys in your database, you may have a bad design Sort of like: if you have more guns than teeth, you may be a 'red neck' From jayeshsh at ceruleansky.com Fri Dec 10 14:19:15 2004 From: jayeshsh at ceruleansky.com (Jayesh Sheth) Date: Fri, 10 Dec 2004 14:19:15 -0500 Subject: [nycphp-talk] .htaccess user manager for PHP (similar to Auth Pro by cgi-city.com); mod_rewrite + PHP Message-ID: <41B9F6B3.2080000@ceruleansky.com> Hello all, I was wondering if any of you knew of a PHP-script (either open source or commercially-licensed) that helps one do the following: - Password protect all files or select files in a directory using .htaccess files - The information in the .htaccess files will be written when the user selects the files (or directories) to be password protected, and then adds a username and password that correspond to those protected resources - Some user info, such as last login date and time and email will be stored in a MySQL database - When the administrator adds a new user (thus allowing the new user to access a specific directory or set of files), that user's info is stored in the MySQL database and the username and password info is also written to a .htaccess file. (In this case the admin either chooses a new password for the user, or one is randomly created by the system.) - At this time, the user is also emailed with a note saying something like: "John has added you as a member. Your username is john at aol.com, your password is 4rgf567u. Log-in at http://www.somewebsite.com " - An access log should be available, showing who logged in last and when - Users should be able to add short notes to a guestbook that is visible to other users This system should also be able to work with an existing website that is full of static .html files. The reason .htaccess seems the best tool for this job is that the potential client already has a boat-load of static content that is to be protected. Finally, since the potential client is on a tight budget, the only option seems to be to buy a PHP script that does all of this and customize the script as necessary for the client. This will take much less time than writing it from scratch, and thus fit into this person's budget. I don't might writing this from scratch (in which case I would use the htaccess class from pear.php.net ) - but the thing is writing it from scratch takes longer than just installing and customizing an existing script. I came across the following product from cgi-city.com: http://www.cgi-city.com/authpro/demo.shtml It is written in Perl, though, which is a bit denser than PHP, and a bit harder to work with (my opinion only). Additionally, it is simply TOO feature rich, and the potential client will likely not have a clue as to how to use it. Does anyone have any suggestions on how to proceed, or can anyone suggest an appropriate third-party script? I searched sourceforge for "htaccess" and came up with a few things, but I am not sure those scripts are good or easily customizable. If it is a commercial script, I could only use it if the source code is not encoded (i.e. is modifyable, even if I am not allowed to redistribute it.) Another easier idea occured to me, but it involved mod_rewrite. I have not used mod_rewrite before, but I have read about it. If anyone can help me with the following mod_rewrite rule, I would be most grateful. Here's the idea: - Suppose the client's website is www.abc123.com - The client has files such as www.abc123.com/one.html and www.abc123.com/two.html that need to be password protected - All current .html files are moved from the root web directory to a sub-directory called "protected". This directory is protected by a single set of .htaccess username and password that is only available to the administrator - The administrator logs into the control panel and whitelists all file or selected files from the "protected" directory to be processed/included later (by mod_rewrite and a PHP script). This whitelist info is stored in a MySQL table - A mod_rewrite rule is written to say the following: all .html files accessed from www.abc123.com are rerouted to the following file for processing: www.abc123.com/load.php?page=chosenpage.html - The load.php page checks to see if the requested file exists in the MySQL file whitelist. - If a user is logged-in, it includes the file. If not, it prompts the user to log-in. - The log-in is performed using the PEAR Auth class. The username and password info (along with user email and last login info) is stored in a MySQL table. The advantage of this approach is that one is not dealing with messy .htaccess files. Additionally, there is no duplication of username and password data as in the previous case - where the username and password were being stored both in .htaccess files and in a MySQL database. Thus all info is in a MySQL database, and works with existing static files. The user can continue to use Frontpage (or whatever) to modify static files, and simply upload them to the "protected" directory. Does anyone know of a mod_rewrite rule to do the rewriting described in step 5 above? Maybe this second method is more complication, but I am interested in hearing feedback. Thanks in advance, - Jay From rolanyang at gmail.com Fri Dec 10 14:46:34 2004 From: rolanyang at gmail.com (Rolan Yang) Date: Fri, 10 Dec 2004 14:46:34 -0500 Subject: [nycphp-talk] .htaccess user manager for PHP (similar to Auth Pro by cgi-city.com); mod_rewrite + PHP In-Reply-To: <41B9F6B3.2080000@ceruleansky.com> References: <41B9F6B3.2080000@ceruleansky.com> Message-ID: If you want to use mysql, you might want to look into the mod_auth_mysql for apache. That may be a cleaner approach instead of having your scripts create the .htpasswd and .htaccess files. ftp://ftp.kcilink.com/pub/ ~Rolan On Fri, 10 Dec 2004 14:19:15 -0500, Jayesh Sheth wrote: > Hello all, > > I was wondering if any of you knew of a PHP-script (either open source > or commercially-licensed) that helps one do the following: > - Password protect all files or select files in a directory using > .htaccess files > - The information in the .htaccess files will be written when the user > selects the files (or directories) to be password protected, and then > adds a username and password that correspond to those protected resources > - Some user info, such as last login date and time and email will be > stored in a MySQL database > - When the administrator adds a new user (thus allowing the new user to > access a specific directory or set of files), that user's info is stored > in the MySQL database and the username and password info is also written > to a .htaccess file. (In this case the admin either chooses a new > password for the user, or one is randomly created by the system.) > - At this time, the user is also emailed with a note saying something > like: "John has added you as a member. Your username is john at aol.com, > your password is 4rgf567u. Log-in at http://www.somewebsite.com " > - An access log should be available, showing who logged in last and when > - Users should be able to add short notes to a guestbook that is visible > to other users > > This system should also be able to work with an existing website that is > full of static .html files. The reason .htaccess seems the best tool for > this job is that the potential client already has a boat-load of static > content that is to be protected. > > Finally, since the potential client is on a tight budget, the only > option seems to be to buy a PHP script that does all of this and > customize the script as necessary for the client. This will take much > less time than writing it from scratch, and thus fit into this person's > budget. I don't might writing this from scratch (in which case I would > use the htaccess class from pear.php.net ) - but the thing is writing it > from scratch takes longer than just installing and customizing an > existing script. > > I came across the following product from cgi-city.com: > > http://www.cgi-city.com/authpro/demo.shtml > > It is written in Perl, though, which is a bit denser than PHP, and a bit > harder to work with (my opinion only). > Additionally, it is simply TOO feature rich, and the potential client > will likely not have a clue as to how to use it. > > Does anyone have any suggestions on how to proceed, or can anyone > suggest an appropriate third-party script? > I searched sourceforge for "htaccess" and came up with a few things, but > I am not sure those scripts are good or easily customizable. If it is a > commercial script, I could only use it if the source code is not encoded > (i.e. is modifyable, even if I am not allowed to redistribute it.) > > Another easier idea occured to me, but it involved mod_rewrite. I have > not used mod_rewrite before, but I have read about it. If anyone can > help me with the following mod_rewrite rule, I would be most grateful. > > Here's the idea: > - Suppose the client's website is www.abc123.com > - The client has files such as www.abc123.com/one.html and > www.abc123.com/two.html that need to be password protected > - All current .html files are moved from the root web directory to a > sub-directory called "protected". This directory is protected by a > single set of .htaccess username and password that is only available to > the administrator > - The administrator logs into the control panel and whitelists all file > or selected files from the "protected" directory to be > processed/included later (by mod_rewrite and a PHP script). This > whitelist info is stored in a MySQL table > - A mod_rewrite rule is written to say the following: all .html files > accessed from www.abc123.com are rerouted to the following file for > processing: www.abc123.com/load.php?page=chosenpage.html > - The load.php page checks to see if the requested file exists in the > MySQL file whitelist. > - If a user is logged-in, it includes the file. If not, it prompts the > user to log-in. > - The log-in is performed using the PEAR Auth class. The username and > password info (along with user email and last login info) is stored in a > MySQL table. > > The advantage of this approach is that one is not dealing with messy > .htaccess files. Additionally, there is no duplication of username and > password data as in the previous case - where the username and password > were being stored both in .htaccess files and in a MySQL database. Thus > all info is in a MySQL database, and works with existing static files. > > The user can continue to use Frontpage (or whatever) to modify static > files, and simply upload them to the "protected" directory. > > Does anyone know of a mod_rewrite rule to do the rewriting described in > step 5 above? > > Maybe this second method is more complication, but I am interested in > hearing feedback. > > Thanks in advance, > > - Jay > _______________________________________________ > New York PHP Talk > Supporting AMP Technology (Apache/MySQL/PHP) > http://lists.nyphp.org/mailman/listinfo/talk > http://www.newyorkphp.org > From 1j0lkq002 at sneakemail.com Sat Dec 11 00:12:50 2004 From: 1j0lkq002 at sneakemail.com (inforequest) Date: Sat, 11 Dec 2004 00:12:50 -0500 Subject: [nycphp-talk] .htaccess user manager for PHP (similar to Auth Pro by cgi-city.com); mod_rewrite + PHP In-Reply-To: <41B9F6B3.2080000@ceruleansky.com> References: <41B9F6B3.2080000@ceruleansky.com> Message-ID: <22662-56745@sneakemail.com> Jayesh Sheth jayeshsh-at-ceruleansky.com |nyphp dev/internal group use| wrote: > Hello all, > > I was wondering if any of you knew of a PHP-script (either open source > or commercially-licensed) that helps one do the following: > - Password protect all files or select files in a directory using > .htaccess files > - The information in the .htaccess files will be written when the user > selects the files (or directories) to be password protected, and then > adds a username and password that correspond to those protected resources > - Some user info, such as last login date and time and email will be > stored in a MySQL database > - When the administrator adds a new user (thus allowing the new user > to access a specific directory or set of files), that user's info is > stored in the MySQL database and the username and password info is > also written to a .htaccess file. (In this case the admin either > chooses a new password for the user, or one is randomly created by the > system.) > - At this time, the user is also emailed with a note saying something > like: "John has added you as a member. Your username is john at aol.com, > your password is 4rgf567u. Log-in at http://www.somewebsite.com " > - An access log should be available, showing who logged in last and when > - Users should be able to add short notes to a guestbook that is > visible to other users > > This system should also be able to work with an existing website that > is full of static .html files. The reason .htaccess seems the best > tool for this job is that the potential client already has a boat-load > of static content that is to be protected. > > Finally, since the potential client is on a tight budget, the only > option seems to be to buy a PHP script that does all of this and > customize the script as necessary for the client. This will take much > less time than writing it from scratch, and thus fit into this > person's budget. I don't might writing this from scratch (in which > case I would use the htaccess class from pear.php.net ) - but the > thing is writing it from scratch takes longer than just installing and > customizing an existing script. > > I came across the following product from cgi-city.com: > > http://www.cgi-city.com/authpro/demo.shtml > > It is written in Perl, though, which is a bit denser than PHP, and a > bit harder to work with (my opinion only). > Additionally, it is simply TOO feature rich, and the potential client > will likely not have a clue as to how to use it. > > Does anyone have any suggestions on how to proceed, or can anyone > suggest an appropriate third-party script? > I searched sourceforge for "htaccess" and came up with a few things, > but I am not sure those scripts are good or easily customizable. If it > is a commercial script, I could only use it if the source code is not > encoded (i.e. is modifyable, even if I am not allowed to redistribute > it.) > > Another easier idea occured to me, but it involved mod_rewrite. I have > not used mod_rewrite before, but I have read about it. If anyone can > help me with the following mod_rewrite rule, I would be most grateful. > > Here's the idea: > - Suppose the client's website is www.abc123.com > - The client has files such as www.abc123.com/one.html and > www.abc123.com/two.html that need to be password protected > - All current .html files are moved from the root web directory to a > sub-directory called "protected". This directory is protected by a > single set of .htaccess username and password that is only available > to the administrator > - The administrator logs into the control panel and whitelists all > file or selected files from the "protected" directory to be > processed/included later (by mod_rewrite and a PHP script). This > whitelist info is stored in a MySQL table > - A mod_rewrite rule is written to say the following: all .html files > accessed from www.abc123.com are rerouted to the following file for > processing: www.abc123.com/load.php?page=chosenpage.html > - The load.php page checks to see if the requested file exists in the > MySQL file whitelist. > - If a user is logged-in, it includes the file. If not, it prompts the > user to log-in. > - The log-in is performed using the PEAR Auth class. The username and > password info (along with user email and last login info) is stored in > a MySQL table. > > The advantage of this approach is that one is not dealing with messy > .htaccess files. Additionally, there is no duplication of username and > password data as in the previous case - where the username and > password were being stored both in .htaccess files and in a MySQL > database. Thus all info is in a MySQL database, and works with > existing static files. > > The user can continue to use Frontpage (or whatever) to modify static > files, and simply upload them to the "protected" directory. > > Does anyone know of a mod_rewrite rule to do the rewriting described > in step 5 above? > > Maybe this second method is more complication, but I am interested in > hearing feedback. > > Thanks in advance, > > - Jay > _______________________________________________ > New York PHP Talk > Supporting AMP Technology (Apache/MySQL/PHP) > http://lists.nyphp.org/mailman/listinfo/talk > http://www.newyorkphp.org > Jay, You might look at amember pro. Last I heard that is how it worked, although it might do more/different. It was well regarded as a membershipadd on for mambo, invisionboard, etc. and supported by the developer himself ($99price tag - look slike 139 now). Never used it myself. http://membership.cgi-central.net/scripts/amember/ -=john andrews From spot at deviantart.com Sat Dec 11 06:25:51 2004 From: spot at deviantart.com (Spot) Date: Sat, 11 Dec 2004 03:25:51 -0800 Subject: [nycphp-talk] Bug Tracking Message-ID: <41BAD93F.3010102@deviantart.com> What are some suggestions for other nice open source bug management projects besides Bugzilla? Thanks, Spot deviantART Inc. www.deviantART.com From ben at atlphp.org Sat Dec 11 09:01:33 2004 From: ben at atlphp.org (Ben Ramsey) Date: Sat, 11 Dec 2004 09:01:33 -0500 Subject: [nycphp-talk] Bug Tracking In-Reply-To: <41BAD93F.3010102@deviantart.com> References: <41BAD93F.3010102@deviantart.com> Message-ID: <41BAFDBD.2070907@atlphp.org> Spot wrote: > What are some suggestions for other nice open source bug management > projects besides Bugzilla? My personal favorite: Mantis -- http://www.mantisbt.org/ -- Ben Ramsey Zend Certified Engineer http://benramsey.com From chsnyder at gmail.com Sat Dec 11 12:35:48 2004 From: chsnyder at gmail.com (csnyder) Date: Sat, 11 Dec 2004 12:35:48 -0500 Subject: [nycphp-talk] Bug Tracking In-Reply-To: <41BAFDBD.2070907@atlphp.org> References: <41BAD93F.3010102@deviantart.com> <41BAFDBD.2070907@atlphp.org> Message-ID: It's a commercial product, and written in Java (2 strikes) but Atlassian's Jira is the nicest bug tracker I've ever worked with, and manages to be appealing even to people who aren't software developers. http://atlassian.com/ They give free licenses to nonprofits and open source projects. From jayeshsh at ceruleansky.com Sat Dec 11 13:07:09 2004 From: jayeshsh at ceruleansky.com (Jayesh Sheth) Date: Sat, 11 Dec 2004 13:07:09 -0500 Subject: [nycphp-talk] .htaccess user manager for PHP (similar to Auth Pro by cgi-city.com); mod_rewrite + PHP Message-ID: <41BB374D.6020603@ceruleansky.com> Hello Rolan, John and others, thanks for your valuable suggestions. I will keep mod_auth_mysql in mind. It seems like a good solution, but it is probably not supported by shared hosts ... Still, useful to keep in mind. John, your suggestion was quite good. I contacted the people at cgi-central.net and it seems that their product is available with almost all the files unencoded when you buy it. I might end up going with that. Thanks again for your help. Best regards, - Jay PS: If anyone has good experience with mod_rewrite and wants to swap knowhow with me on something that I know (such as building remote XUL + PHP apps) please let me know. I am all for exchanging knowledge. From jayeshsh at ceruleansky.com Sat Dec 11 14:45:38 2004 From: jayeshsh at ceruleansky.com (Jayesh Sheth) Date: Sat, 11 Dec 2004 14:45:38 -0500 (EST) Subject: [nycphp-talk] Bug Tracking Message-ID: <56007.69.86.84.233.1102794338.spork@webmail.ceruleansky.com> Hello Spot, I have used Mantis, and found it to be quite good. It is good as a basic, easy-to-use bug management system. It is certainly easier to use than Bugzilla. I am a big Mozilla fan, and I don't want to knock Bugzilla, but I think it was always a tool written by programmers for programmers. Hence it always had a hard-to-use interface. FogBugz by Joe Spolsky's company, Fog Creek, is supposed to be really good. It is not open source, but nevertheless has some well-received features (including the ability to import Bugzilla data, I think.) He has three different versions, one each for Windows, Unix and the Mac. The Unix and MAc versions seem to use PHP, MySQL and Curl: http://www.fogcreek.com/FogBugz/KB/setup/UnixReady.html http://www.fogcreek.com/FogBugz/KB/setup/MacReady.html The Windows version seems to offer support for Microsoft databases including support for MySQL. It is unclear whether the Windows version also uses PHP, but I think it must. (Why create two different versions for two different platforms?) Hope that helps. - Jay From supertomcom at optonline.net Sat Dec 11 22:02:36 2004 From: supertomcom at optonline.net (Tom Melendez) Date: Sat, 11 Dec 2004 22:02:36 -0500 Subject: [nycphp-talk] Bug Tracking In-Reply-To: <56007.69.86.84.233.1102794338.spork@webmail.ceruleansky.com> Message-ID: <0I8L008E990KDO@mta3.srv.hcvlny.cv.net> Two from the "big guys": I'm starting to use Issue Tracker: http://www.issue-tracker.com/ It was written by the folks at Redhat, and they still use it today. There's also MySQL's eventum: http://dev.mysql.com/downloads/other/eventum/index.html Nice product with graphs, and as I understand it, they use this in house as well. I opted not to use it because it was a little granular than I needed. Both of these are GPL, and PHP/MySQL. Good Luck! Tom www.liphp.org -----Original Message----- From: talk-bounces at lists.nyphp.org [mailto:talk-bounces at lists.nyphp.org] On Behalf Of Jayesh Sheth Sent: Saturday, December 11, 2004 2:46 PM To: talk at lists.nyphp.org Subject: [nycphp-talk] Bug Tracking Hello Spot, I have used Mantis, and found it to be quite good. It is good as a basic, easy-to-use bug management system. It is certainly easier to use than Bugzilla. I am a big Mozilla fan, and I don't want to knock Bugzilla, but I think it was always a tool written by programmers for programmers. Hence it always had a hard-to-use interface. FogBugz by Joe Spolsky's company, Fog Creek, is supposed to be really good. It is not open source, but nevertheless has some well-received features (including the ability to import Bugzilla data, I think.) He has three different versions, one each for Windows, Unix and the Mac. The Unix and MAc versions seem to use PHP, MySQL and Curl: http://www.fogcreek.com/FogBugz/KB/setup/UnixReady.html http://www.fogcreek.com/FogBugz/KB/setup/MacReady.html The Windows version seems to offer support for Microsoft databases including support for MySQL. It is unclear whether the Windows version also uses PHP, but I think it must. (Why create two different versions for two different platforms?) Hope that helps. - Jay _______________________________________________ New York PHP Talk Supporting AMP Technology (Apache/MySQL/PHP) http://lists.nyphp.org/mailman/listinfo/talk http://www.newyorkphp.org From ppinto at aaahawk.com Sun Dec 12 11:41:49 2004 From: ppinto at aaahawk.com (Peter) Date: Sun, 12 Dec 2004 11:41:49 -0500 Subject: [nycphp-talk] gmail invite Message-ID: <41BC74CD.2020509@aaahawk.com> Does anyone have an invite for GMAIL? At this point the invites must be ubiquitous, can someone send me one? Thanks, Pete From tommyo at gmail.com Sun Dec 12 11:43:05 2004 From: tommyo at gmail.com (Thomas O'Neill) Date: Sun, 12 Dec 2004 10:43:05 -0600 Subject: [nycphp-talk] gmail invite In-Reply-To: <41BC74CD.2020509@aaahawk.com> References: <41BC74CD.2020509@aaahawk.com> Message-ID: you still need an invite? On Sun, 12 Dec 2004 11:41:49 -0500, Peter wrote: > Does anyone have an invite for GMAIL? At this point the invites must be > ubiquitous, can someone send me one? > > Thanks, > Pete > _______________________________________________ > New York PHP Talk > Supporting AMP Technology (Apache/MySQL/PHP) > http://lists.nyphp.org/mailman/listinfo/talk > http://www.newyorkphp.org > -- Tom O'Neill tommyo at gmail.com From ppinto at aaahawk.com Sun Dec 12 14:48:15 2004 From: ppinto at aaahawk.com (Peter) Date: Sun, 12 Dec 2004 14:48:15 -0500 Subject: [nycphp-talk] gmail invite thanks Message-ID: <41BCA07F.9000404@aaahawk.com> Thanks I got the gmail account!!! Pete From codebowl at gmail.com Sun Dec 12 15:08:03 2004 From: codebowl at gmail.com (Joseph Crawford) Date: Sun, 12 Dec 2004 15:08:03 -0500 Subject: [nycphp-talk] gmail invite In-Reply-To: References: <41BC74CD.2020509@aaahawk.com> Message-ID: <8d9a428004121212083d524d1c@mail.gmail.com> i didnt think this was the place to ask for an invite there was much talk about this -- Joseph Crawford Jr. Codebowl Solutions codebowl at gmail.com From hans at nyphp.com Sun Dec 12 15:44:43 2004 From: hans at nyphp.com (Hans Zaunere) Date: Sun, 12 Dec 2004 12:44:43 -0800 Subject: [nycphp-talk] gmail invite Message-ID: <41EE526EC2D3C74286415780D3BA9F8706A1DF61@ehost011-1.exch011.intermedia.net> > i didnt think this was the place to ask for an invite You're right, it's not. H From jlacey at att.net Sun Dec 12 20:13:15 2004 From: jlacey at att.net (John Lacey) Date: Sun, 12 Dec 2004 18:13:15 -0700 Subject: [nycphp-talk] [OT] NoMachine NX Terminal Server Message-ID: <41BCECAB.9080401@att.net> Hello all, Although it's been around for a while, I ran across NoMachine's NX Terminal Server since Knoppix has a free version (FreeNX) on both its 3.6 and just released 3.7 CD. http://www.nomachine.com/ NoMachine has a set up where you can test drive NX, after you first download a client. I downloaded the NX Client for Windows. The client programs are free; NoMachine charges for the commercial version of the NX server. http://www.nomachine.com/download.php The testdrive link from their homepage: http://www.nomachine.com/testdrive.php When you get it going, it opens a window with a full KDE desktop on your [Windows] box. The thing that impressed me is its speed. I'm on a dialup line that never runs faster than 26.4 Kbps and it was usable. I've used Knoppix and a USB memory stick as a "backup system" to be able to deliver courses in most any situation without regard to platform (and school sysadmins). As the NX Terminal Server looks like another, and quite franky, better way to accomplish the same thing, I thought I'd pass this info along. enjoy, John From 1j0lkq002 at sneakemail.com Sun Dec 12 22:25:05 2004 From: 1j0lkq002 at sneakemail.com (inforequest) Date: Sun, 12 Dec 2004 22:25:05 -0500 Subject: [nycphp-talk] [OT] NoMachine NX Terminal Server In-Reply-To: <41BCECAB.9080401@att.net> References: <41BCECAB.9080401@att.net> Message-ID: <30879-70563@sneakemail.com> John Lacey jlacey-at-att.net |nyphp dev/internal group use| wrote: > Hello all, > > Although it's been around for a while, I ran across NoMachine's NX > Terminal Server since Knoppix has a free version (FreeNX) on both its > 3.6 and just released 3.7 CD. > > http://www.nomachine.com/ > > NoMachine has a set up where you can test drive NX, after you first > download a client. I downloaded the NX Client for Windows. The > client programs are free; NoMachine charges for the commercial version > of the NX server. > > http://www.nomachine.com/download.php > > The testdrive link from their homepage: > http://www.nomachine.com/testdrive.php > > When you get it going, it opens a window with a full KDE desktop on > your [Windows] box. The thing that impressed me is its speed. I'm on > a dialup line that never runs faster than 26.4 Kbps and it was usable. > > I've used Knoppix and a USB memory stick as a "backup system" to be > able to deliver courses in most any situation without regard to > platform (and school sysadmins). As the NX Terminal Server looks like > another, and quite franky, better way to accomplish the same thing, I > thought I'd pass this info along. > > enjoy, > John Thanks for the heads-up. I just enjoyed a nomachine trial Suse session and queried Google Italy. Nice to see my sites at the top of the Google results GLOBALLY (I thought I had merely achieved top rank nationally ;-) More seriously, though, why is this better than a local knoppix or other livelinux boot? Sure it's a contender for a persistent VPN to your own Linux server (there are others and some free), but isn't knoppix locally much faster and easier (no system administration once the ISO is set)? I was running VNC over ssh from WinXP to a SuSe 9 box with persistent connections over a year ago, and I'm pretty sure the wizard who configured it for me used only OS components. Zero cost and total control. I was using VMware on Windows but lately I have been happy with knoppix. -=john andrews From jlacey at att.net Sun Dec 12 22:54:14 2004 From: jlacey at att.net (John Lacey) Date: Sun, 12 Dec 2004 20:54:14 -0700 Subject: [nycphp-talk] [OT] NoMachine NX Terminal Server In-Reply-To: <30879-70563@sneakemail.com> References: <41BCECAB.9080401@att.net> <30879-70563@sneakemail.com> Message-ID: <41BD1266.50300@att.net> inforequest wrote: > > More seriously, though, why is this better than a local knoppix or other > livelinux boot? Sure it's a contender for a persistent VPN to your own > Linux server (there are others and some free), but isn't knoppix locally > much faster and easier (no system administration once the ISO is set)? > NX Serever is potentially better since the only thing the students need is a Windows box (with a downloaded NX client), which allows me to do a few interesting things since they are now in a terminal server session with my laptop. I run many flavors of Linux (not all at once :) on top of VMware on a win2K laptop which is maxed at 1GB RAM. You may or may not have an idea of what an instructor can run into when they walk into a class where the systems can be in god-knows-what-state, and they have a course to teach. For example, I just finished a security tools course that featured the Knoppix-STD CD. We were doing nessus vulnerability scans on desktops where Win2K was removed and XP and SP2 was installed between class meetings (with no warning) and were then locked down. I can run several instances of win2k as well as windows 2000 server using VMware and work around problems like that. And with NX Server, I can see a potential for User Mode Linux in certain student troubleshooting scenarios, where they have to work on a system that's "not theirs". At this point, I'll end since my cat is staring at me wanting to be fed :) John From 1j0lkq002 at sneakemail.com Sun Dec 12 23:43:52 2004 From: 1j0lkq002 at sneakemail.com (inforequest) Date: Sun, 12 Dec 2004 23:43:52 -0500 Subject: [nycphp-talk] [OT] NoMachine NX Terminal Server In-Reply-To: <41BD1266.50300@att.net> References: <41BCECAB.9080401@att.net> <30879-70563@sneakemail.com> <41BD1266.50300@att.net> Message-ID: <22305-03220@sneakemail.com> John Lacey jlacey-at-att.net |nyphp dev/internal group use| wrote: > inforequest wrote: > >> >> More seriously, though, why is this better than a local knoppix or >> other livelinux boot? Sure it's a contender for a persistent VPN to >> your own Linux server (there are others and some free), but isn't >> knoppix locally much faster and easier (no system administration once >> the ISO is set)? >> > > NX Serever is potentially better since the only thing the students > need is a Windows box (with a downloaded NX client), which allows me > to do a few interesting things since they are now in a terminal server > session with my laptop. I run many flavors of Linux (not all at once > :) on top of VMware on a win2K laptop which is maxed at 1GB RAM. > > You may or may not have an idea of what an instructor can run into > when they walk into a class where the systems can be in > god-knows-what-state, and they have a course to teach. For example, I > just finished a security tools course that featured the Knoppix-STD > CD. We were doing nessus vulnerability scans on desktops where Win2K > was removed and XP and SP2 was installed between class meetings (with > no warning) and were then locked down. I can run several instances of > win2k as well as windows 2000 server using VMware and work around > problems like that. > > And with NX Server, I can see a potential for User Mode Linux in > certain student troubleshooting scenarios, where they have to work on > a system that's "not theirs". > > At this point, I'll end since my cat is staring at me wanting to be > fed :) > > John So you run nomachine server on your laptop, and offer it locally over their LAN connection. Got it, and it sounds great. Thanks for explaining -- and explaining so well. -=john From joshmccormack at travelersdiary.com Mon Dec 13 08:54:31 2004 From: joshmccormack at travelersdiary.com (Josh McCormack) Date: Mon, 13 Dec 2004 08:54:31 -0500 Subject: [nycphp-talk] cheap php hosts? In-Reply-To: <41ABE295.8020106@clan-forsaken.com> References: <200411291836.iATIaD7E000305@webmail3.megamailservers.com> <41ABE295.8020106@clan-forsaken.com> Message-ID: <41BD9F17.3070802@travelersdiary.com> I took a look at nearlyfreespeech.net. They look good. I saw they don't handle email at all. What do you do for email hosting with sites you have with them? Josh DarkWulf wrote: > I host a few smaller sites at www.nearlyfreespeech.net > > I like them because they have always struck me as very honest people, > and surprisingly un-bottom-line orientated. You pay for the hard drive > space and bandwidth you use, and thats about it. ($0.02/day for hosting > a domain, $0.01/month/megabyte for storage, $1.00/gigabyte for bandwidth) > > Strong caveat is that you really do have to know what you're doing. > Their control panel is sometimes confusing. There is no support for "my > script doesn't work" and so on and so forth. > From hans at nyphp.com Mon Dec 13 12:19:49 2004 From: hans at nyphp.com (Hans Zaunere) Date: Mon, 13 Dec 2004 09:19:49 -0800 Subject: [nycphp-talk] NYTCHP Volunteers Message-ID: <41EE526EC2D3C74286415780D3BA9F8706A1E43D@ehost011-1.exch011.intermedia.net> Hello all, As you know, Wed. is the holiday event. http://www.nytchp.org We still need a couple more volunteers to help. The RSVP has been closed, so if you haven't RSVP'd, this is the perfect way to attend the event, and we will require just a couple of hours of your time. Thanks folks, --- Hans Zaunere President, Founder New York PHP http://www.nyphp.org From alexchan.1976 at gmail.com Mon Dec 13 12:26:26 2004 From: alexchan.1976 at gmail.com (Alex C) Date: Mon, 13 Dec 2004 12:26:26 -0500 Subject: [nycphp-talk] NYTCHP Volunteers In-Reply-To: <41EE526EC2D3C74286415780D3BA9F8706A1E43D@ehost011-1.exch011.intermedia.net> References: <41EE526EC2D3C74286415780D3BA9F8706A1E43D@ehost011-1.exch011.intermedia.net> Message-ID: <8f494f76041213092627db9d83@mail.gmail.com> Hans, What will the voluteers need to do? Alexander Chan On Mon, 13 Dec 2004 09:19:49 -0800, Hans Zaunere wrote: > > Hello all, > > As you know, Wed. is the holiday event. > > http://www.nytchp.org > > We still need a couple more volunteers to help. The RSVP has been > closed, so if you haven't RSVP'd, this is the perfect way to attend the > event, and we will require just a couple of hours of your time. > > Thanks folks, > > --- > Hans Zaunere > President, Founder > New York PHP > http://www.nyphp.org > > _______________________________________________ > New York PHP Talk > Supporting AMP Technology (Apache/MySQL/PHP) > http://lists.nyphp.org/mailman/listinfo/talk > http://www.newyorkphp.org > From ajai at bitblit.net Mon Dec 13 12:28:46 2004 From: ajai at bitblit.net (Ajai Khattri) Date: Mon, 13 Dec 2004 12:28:46 -0500 Subject: [nycphp-talk] NYTCHP Volunteers In-Reply-To: <41EE526EC2D3C74286415780D3BA9F8706A1E43D@ehost011-1.exch011.intermedia.net> References: <41EE526EC2D3C74286415780D3BA9F8706A1E43D@ehost011-1.exch011.intermedia.net> Message-ID: <41BDD14E.2020708@bitblit.net> Hans Zaunere wrote: >Hello all, > >As you know, Wed. is the holiday event. > >http://www.nytchp.org > >We still need a couple more volunteers to help. The RSVP has been >closed, so if you haven't RSVP'd, this is the perfect way to attend the >event, and we will require just a couple of hours of your time. > Shame its on the same day as the NYLUG event... -- Aj. Systems Administrator / Developer From hans at nyphp.com Mon Dec 13 12:46:34 2004 From: hans at nyphp.com (Hans Zaunere) Date: Mon, 13 Dec 2004 09:46:34 -0800 Subject: [nycphp-talk] NYTCHP Volunteers Message-ID: <41EE526EC2D3C74286415780D3BA9F8706A1E4B7@ehost011-1.exch011.intermedia.net> > >We still need a couple more volunteers to help. The RSVP has been > >closed, so if you haven't RSVP'd, this is the perfect way to attend the > >event, and we will require just a couple of hours of your time. > > Shame its on the same day as the NYLUG event... There is no NYLUG event. They're having a half hour meeting, then folks are coming to this event. If you want to volunteer and want to find out what's involved, email: contact not junk at nytchp.com H From gatzby3jr at gmail.com Mon Dec 13 16:50:55 2004 From: gatzby3jr at gmail.com (Brian O'Connor) Date: Mon, 13 Dec 2004 16:50:55 -0500 Subject: [nycphp-talk] cheap php hosts? In-Reply-To: <200411291836.iATIaD7E000305@webmail3.megamailservers.com> References: <200411291836.iATIaD7E000305@webmail3.megamailservers.com> Message-ID: <29da5d15041213135014804e49@mail.gmail.com> I use hostdime for my website, and I haven't had any problems yet. The only thing that bothered me was a slow response time between me and my server at certain points, and when I notified them, they switched me to a different servers. Their customer service is adequate, with email responses after you file a ticket (I think they have a telephone service but I prefer online). www.hostdime.com On Mon, 29 Nov 2004 13:36:13 -0500, Rahmin Pavlovic wrote: > Sorry if this has been posted before - > > A friend of mine -- not exactly a client, but someone I work with in the music biz -- is looking for a cheap hosting solution. > > He asked me about this $19.95/yr package at register.com, which I'm about to shoot down for a number of reasons, but I'm > wondering what cheapo php solutions I can offer as an alternative. > > It doesn't have to be twenty-bucks-a-year cheap, and he really doesn't need a 'website building tool', but I want to offer > something that's clearly better than register.com. > > TIA > > R > > _______________________________________________ > New York PHP Talk > Supporting AMP Technology (Apache/MySQL/PHP) > http://lists.nyphp.org/mailman/listinfo/talk > http://www.newyorkphp.org > -- Brian O'Connor From webmaster at localnotion.com Mon Dec 13 17:53:03 2004 From: webmaster at localnotion.com (Matthew Terenzio) Date: Mon, 13 Dec 2004 17:53:03 -0500 Subject: [nycphp-talk] cheap php hosts? In-Reply-To: <29da5d15041213135014804e49@mail.gmail.com> References: <200411291836.iATIaD7E000305@webmail3.megamailservers.com> <29da5d15041213135014804e49@mail.gmail.com> Message-ID: Not that it end all list but I like the fact that some of my hosting providers end up on this list: http://uptime.netcraft.com/perf/reports/Hosters Among the cheapies and PHP on the list is Pair.com and 1and1.com. One linux and one FreeBSD. On Dec 13, 2004, at 4:50 PM, Brian O'Connor wrote: > I use hostdime for my website, and I haven't had any problems yet. > The only thing that bothered me was a slow response time between me > and my server at certain points, and when I notified them, they > switched me to a different servers. Their customer service is > adequate, with email responses after you file a ticket (I think they > have a telephone service but I prefer online). > > www.hostdime.com > > On Mon, 29 Nov 2004 13:36:13 -0500, Rahmin Pavlovic > wrote: >> Sorry if this has been posted before - >> >> A friend of mine -- not exactly a client, but someone I work with in >> the music biz -- is looking for a cheap hosting solution. >> >> He asked me about this $19.95/yr package at register.com, which I'm >> about to shoot down for a number of reasons, but I'm >> wondering what cheapo php solutions I can offer as an alternative. >> >> It doesn't have to be twenty-bucks-a-year cheap, and he really >> doesn't need a 'website building tool', but I want to offer >> something that's clearly better than register.com. >> >> TIA >> >> R >> >> _______________________________________________ >> New York PHP Talk >> Supporting AMP Technology (Apache/MySQL/PHP) >> http://lists.nyphp.org/mailman/listinfo/talk >> http://www.newyorkphp.org >> > > > -- > Brian O'Connor > _______________________________________________ > New York PHP Talk > Supporting AMP Technology (Apache/MySQL/PHP) > http://lists.nyphp.org/mailman/listinfo/talk > http://www.newyorkphp.org From darkwulf at clan-forsaken.com Mon Dec 13 18:22:36 2004 From: darkwulf at clan-forsaken.com (DarkWulf) Date: Mon, 13 Dec 2004 15:22:36 -0800 Subject: [nycphp-talk] cheap php hosts? In-Reply-To: <41BD9F17.3070802@travelersdiary.com> References: <200411291836.iATIaD7E000305@webmail3.megamailservers.com> <41ABE295.8020106@clan-forsaken.com> <41BD9F17.3070802@travelersdiary.com> Message-ID: <41BE243C.8070606@clan-forsaken.com> To be honest, I don't. I understand you can handle the email on your own, but that seems like alot of trouble... I host small sites with them (otherwise the bandwidth gets expensive), and most really small organizations seem to use yahoo, hotmail, or some other free email derivative. :-/ I didn't want to have them (small charities mostly) change the way they did things too much, so I just had them stay with their old email. Sorry for the non-answer there. Josh McCormack wrote: > I took a look at nearlyfreespeech.net. They look good. I saw they > don't handle email at all. What do you do for email hosting with sites > you have with them? > > Josh From 1j0lkq002 at sneakemail.com Mon Dec 13 20:06:30 2004 From: 1j0lkq002 at sneakemail.com (inforequest) Date: Mon, 13 Dec 2004 20:06:30 -0500 Subject: [nycphp-talk] cheap php hosts? In-Reply-To: <41BD9F17.3070802@travelersdiary.com> References: <200411291836.iATIaD7E000305@webmail3.megamailservers.com> <41ABE295.8020106@clan-forsaken.com> <41BD9F17.3070802@travelersdiary.com> Message-ID: <13601-91144@sneakemail.com> Josh McCormack joshmccormack-at-travelersdiary.com |nyphp dev/internal group use| wrote: > I took a look at nearlyfreespeech.net. They look good. I saw they > don't handle email at all. What do you do for email hosting with sites > you have with them? > > Josh > > DarkWulf wrote: > >> I host a few smaller sites at www.nearlyfreespeech.net >> >> I like them because they have always struck me as very honest people, >> and surprisingly un-bottom-line orientated. You pay for the hard >> drive space and bandwidth you use, and thats about it. ($0.02/day for >> hosting a domain, $0.01/month/megabyte for storage, $1.00/gigabyte >> for bandwidth) >> >> Strong caveat is that you really do have to know what you're doing. >> Their control panel is sometimes confusing. There is no support for >> "my script doesn't work" and so on and so forth. >> You can purchase mail services from most registrars, ISPs hosting companies. You just manage the MX records separate from the rest of the domain records. I manage most of my sites that way. I manage the DNS myself (via a web interface), outsource the email hosting, outsource the web hosting. A decision to move a site to colo doesn't mean reconfiguring mail servers, a change in mail handling doesn't bother the websites, DNS changes are justthat: DNS changes, etc. If you tie your websites and mail functions together, obviously you have a need for tighter integration, but I am comfortable using subdomains for that when necessary. -=john andrews From shawn at shawnlawyer.com Tue Dec 14 02:24:42 2004 From: shawn at shawnlawyer.com (Shawn Lawyer) Date: Tue, 14 Dec 2004 02:24:42 -0500 Subject: [nycphp-talk] cheap php hosts? References: <200411291836.iATIaD7E000305@webmail3.megamailservers.com> <29da5d15041213135014804e49@mail.gmail.com> Message-ID: <052e01c4e1ad$fb4966e0$6401a8c0@ViaoDev1> Well not that it's cheap but I Colo my servers with company in Cali called Simpli. www.simpli.biz . The owners name is Erica and she's very reliable. The servers are in a great datacenter and the cost you'd have to work out with her. I think her shared hosting starts at $6.95 and they're all LAMP. Fyi she also mirrors php.net Happy Holidays Shawn Lawyer From rrust at r2communications.com Tue Dec 14 09:09:39 2004 From: rrust at r2communications.com (Randal Rust) Date: Tue, 14 Dec 2004 09:09:39 -0500 Subject: [nycphp-talk] Saving Items for Later in a Shopping Cart Message-ID: <41BEF423.5060201@r2communications.com> A partner and I are building an ecommerce app. He is handling the commerce part of the system, but has to go out of the country for a few weeks and now it's all in my lap (as was planned). In looking at the cart, there is an issue that I am not quite sure how to resolve. Any customer (registered or not), should be able to add items to their shopping cart, leave the site, and come back later and still see the items in their cart. I was thinking I could pull this off by using the session id and storing it in the cart, but that won't work if the customer leaves the site and comes back a day later. Now I am thinking that I will have to use a cookie, but even then, how do I ensure that the customer sees the correct items when they return? Would it work to store the IP address? Any suggestions? -- Randal Rust R.Squared Communications http://www.r2communications.com Digital Design for Bricks-and-Mortar Businesses From chsnyder at gmail.com Tue Dec 14 09:22:14 2004 From: chsnyder at gmail.com (csnyder) Date: Tue, 14 Dec 2004 09:22:14 -0500 Subject: [nycphp-talk] Saving Items for Later in a Shopping Cart In-Reply-To: <41BEF423.5060201@r2communications.com> References: <41BEF423.5060201@r2communications.com> Message-ID: On Tue, 14 Dec 2004 09:09:39 -0500, Randal Rust wrote: > Now I am thinking that I will have to use a cookie, but even then, how > do I ensure that the customer sees the correct items when they return? Since you're right about the session going away, you'll need to use a database to store the items, under an id that you can put into a cookie for when they come back. The items aren't stored in the cookie, only the reference to the cart. A bonus to this approach is that you can also mark the cart with a userid, so that if they start shopping from home, but then log in at work to complete the transaction, they can pick up where they left off. -- Chris Snyder http://chxo.com/ From rrust at r2communications.com Tue Dec 14 09:33:41 2004 From: rrust at r2communications.com (Randal Rust) Date: Tue, 14 Dec 2004 09:33:41 -0500 Subject: [nycphp-talk] Saving Items for Later in a Shopping Cart In-Reply-To: References: <41BEF423.5060201@r2communications.com> Message-ID: <41BEF9C5.4000200@r2communications.com> csnyder wrote: > Since you're right about the session going away, you'll need to use a > database to store the items, good. that's what we're doing anyway. no javascript, no over-the-top session stuff. > under an id that you can put into a > cookie for when they come back. The items aren't stored in the cookie, > only the reference to the cart. so i could randomly generate a 6-10 digit id for the cart. would that be the way to go? > A bonus to this approach is that you can also mark the cart with a > userid, so that if they start shopping from home, but then log in at > work to complete the transaction, they can pick up where they left > off. right, there is a customerID column in the table. but you've got me thinking that there should be a 'cart' table, which stores the cartID and customerID. it would tie to the 'orders' table, which would hold the orderID, cartID, etc. so each user would have their own unique cart. would that be overkill? every time someone access the site, i'd have to check for the cookie. if it exists, then we're ok, the user already has a cart created. if the cookie does not exist, then a new row has to be created in the cart table, which provides the unique id for the customer's cart. this would avoid having to randomly generate a number. -- Randal Rust R.Squared Communications http://www.r2communications.com Digital Design for Bricks-and-Mortar Businesses From joshmccormack at travelersdiary.com Tue Dec 14 10:17:06 2004 From: joshmccormack at travelersdiary.com (Josh McCormack) Date: Tue, 14 Dec 2004 10:17:06 -0500 Subject: [nycphp-talk] Saving Items for Later in a Shopping Cart In-Reply-To: References: <41BEF423.5060201@r2communications.com> Message-ID: <41BF03F2.1090409@travelersdiary.com> csnyder wrote: > On Tue, 14 Dec 2004 09:09:39 -0500, Randal Rust > wrote: > >>Now I am thinking that I will have to use a cookie, but even then, how >>do I ensure that the customer sees the correct items when they return? > > > Since you're right about the session going away, you'll need to use a > database to store the items, under an id that you can put into a > cookie for when they come back. The items aren't stored in the cookie, > only the reference to the cart. > > A bonus to this approach is that you can also mark the cart with a > userid, so that if they start shopping from home, but then log in at > work to complete the transaction, they can pick up where they left > off. > I'd recommend not having the registration process be a one shot thing. Have them choose a user name and password, then later on billing and shipping. Otherwise it's too much work if they're just browsing/checking stuff out. Josh From rrust at r2communications.com Tue Dec 14 10:37:04 2004 From: rrust at r2communications.com (Randal Rust) Date: Tue, 14 Dec 2004 10:37:04 -0500 Subject: [nycphp-talk] Saving Items for Later in a Shopping Cart In-Reply-To: <41BF03F2.1090409@travelersdiary.com> References: <41BEF423.5060201@r2communications.com> <41BF03F2.1090409@travelersdiary.com> Message-ID: <41BF08A0.4020100@r2communications.com> Josh McCormack wrote: > I'd recommend not having the registration process be a one shot thing. > Have them choose a user name and password, then later on billing and > shipping. Otherwise it's too much work if they're just browsing/checking > stuff out. they don't have to register to browse. what it would do is just create an empty cart with a cartID. they do have to register to make a purchase though, which would provide the cart with the necessary customerID. -- Randal Rust R.Squared Communications http://www.r2communications.com Digital Design for Bricks-and-Mortar Businesses From joshmccormack at travelersdiary.com Tue Dec 14 10:59:30 2004 From: joshmccormack at travelersdiary.com (Josh McCormack) Date: Tue, 14 Dec 2004 10:59:30 -0500 Subject: [nycphp-talk] Saving Items for Later in a Shopping Cart In-Reply-To: <41BF08A0.4020100@r2communications.com> References: <41BEF423.5060201@r2communications.com> <41BF03F2.1090409@travelersdiary.com> <41BF08A0.4020100@r2communications.com> Message-ID: <41BF0DE2.8090708@travelersdiary.com> Randal Rust wrote: > Josh McCormack wrote: > >> I'd recommend not having the registration process be a one shot thing. >> Have them choose a user name and password, then later on billing and >> shipping. Otherwise it's too much work if they're just >> browsing/checking stuff out. > > > they don't have to register to browse. > > what it would do is just create an empty cart with a cartID. they do > have to register to make a purchase though, which would provide the cart > with the necessary customerID. > By browsing I mean grabbing stuff and continue shopping, the way people often do in the physical world. Josh From rrust at r2communications.com Tue Dec 14 11:05:44 2004 From: rrust at r2communications.com (Randal Rust) Date: Tue, 14 Dec 2004 11:05:44 -0500 Subject: [nycphp-talk] Saving Items for Later in a Shopping Cart In-Reply-To: <41BF0DE2.8090708@travelersdiary.com> References: <41BEF423.5060201@r2communications.com> <41BF03F2.1090409@travelersdiary.com> <41BF08A0.4020100@r2communications.com> <41BF0DE2.8090708@travelersdiary.com> Message-ID: <41BF0F58.3060601@r2communications.com> Josh McCormack wrote: > By browsing I mean grabbing stuff and continue shopping, the way people > often do in the physical world. yeah, we've got that covered. the customer can put an item in the cart and continue shopping. the goal here is to make sure that if a customer puts an item in the cart, we don't lose it. -- Randal Rust R.Squared Communications http://www.r2communications.com Digital Design for Bricks-and-Mortar Businesses From dmintz at davidmintz.org Tue Dec 14 11:17:46 2004 From: dmintz at davidmintz.org (David Mintz) Date: Tue, 14 Dec 2004 11:17:46 -0500 (EST) Subject: [nycphp-talk] that mysterious holiday party Message-ID: last I heard "the event will be held in SoHo, Manhattan. The full address and a map will be announced Monday, and only to those who have RSVPd with a valid email address" but this is Tuesday and I haven't heard, so I'm wondering if I missed something or if the organizers are just letting the suspense build a bit longer (-: --- David Mintz http://davidmintz.org/ $world =~ s|]*>.+||is; From hans at nyphp.com Tue Dec 14 11:18:52 2004 From: hans at nyphp.com (Hans Zaunere) Date: Tue, 14 Dec 2004 08:18:52 -0800 Subject: [nycphp-talk] that mysterious holiday party Message-ID: <41EE526EC2D3C74286415780D3BA9F8706BFC9D6@ehost011-1.exch011.intermedia.net> > last I heard "the event will be held in SoHo, Manhattan. The full address > and a map will be announced Monday, and only to those who have RSVPd with > a valid email address" but this is Tuesday and I haven't heard, so I'm > wondering if I missed something or if the organizers are just letting the > suspense build a bit longer (-: A little delayed - going out today... H From chsnyder at gmail.com Tue Dec 14 11:26:04 2004 From: chsnyder at gmail.com (csnyder) Date: Tue, 14 Dec 2004 11:26:04 -0500 Subject: [nycphp-talk] that mysterious holiday party In-Reply-To: <41EE526EC2D3C74286415780D3BA9F8706BFC9D6@ehost011-1.exch011.intermedia.net> References: <41EE526EC2D3C74286415780D3BA9F8706BFC9D6@ehost011-1.exch011.intermedia.net> Message-ID: > if the organizers are just letting > the suspense build a bit longer (-: > The NYCBUG folks are working from the rumor that it's going to be in the plaza next to the Cyclone on Coney Island.... classy! From sajith.ml at gmail.com Tue Dec 14 11:56:35 2004 From: sajith.ml at gmail.com (Sajith A) Date: Tue, 14 Dec 2004 22:26:35 +0530 Subject: [nycphp-talk] Saving Items for Later in a Shopping Cart In-Reply-To: <41BEF423.5060201@r2communications.com> References: <41BEF423.5060201@r2communications.com> Message-ID: Randal Rust wrote > In looking at the cart, there is an issue that I am not quite sure how > to resolve. Any customer (registered or not), should be able to add > items to their shopping cart, leave the site, and come back later and > still see the items in their cart. As Chris Snyder pointed out, it will be good to store the cart in db. I would also suggest to clean cart table over a period of time - may be by a cron job - that will delete dead entries generated by casual browsing [checking against timestamp]. Another thing that is told about carts in general[i think i heard it from a case study based on amazon] is that, people tend to skip the cart if they are prompted for a username and password right at the beginning. It would be ideal to ask for a username and password while checking out rather than while adding to cart.. You can still save the temporary cart based on a random unique id generated by the system for the user stored in the browser. Ip addresses will not be a good choice as dial-up users will be getting a random ip from the ISP pool. God bless you Sajith A From agfische at email.smith.edu Tue Dec 14 13:36:37 2004 From: agfische at email.smith.edu (Aaron Fischer) Date: Tue, 14 Dec 2004 13:36:37 -0500 Subject: [nycphp-talk] PHP magazines Message-ID: <166CC4EC-4DFF-11D9-A143-0003930D07F2@email.smith.edu> Hi all, I recently ordered an issue of international php magazine (http://www.php-mag.net/) and php architect (http://phparch.com/) to compare the two and pick one to subscribe to. They both look pretty good, but unfortunately budget dictates that I pick just one. I'd be interested to hear people's opinions on which one to subscribe to. Are they both pretty similar? Do they tend to focus on the same audience? Are there differences of note? One thing to note, the issue of php architect came almost immediately, whereas I am still waiting (three weeks later) for the issue of international php magazine to arrive. Thanks for any thoughts, -Aaron From listings at impulsenetwork.de Tue Dec 14 14:13:52 2004 From: listings at impulsenetwork.de (Andreas Gaisbauer) Date: Tue, 14 Dec 2004 20:13:52 +0100 Subject: [nycphp-talk] PHP magazines In-Reply-To: <166CC4EC-4DFF-11D9-A143-0003930D07F2@email.smith.edu> References: <166CC4EC-4DFF-11D9-A143-0003930D07F2@email.smith.edu> Message-ID: <41BF3B70.2030100@impulsenetwork.de> Hi, I'm regular reading the following mags: - PHP Solutions (www.phpsolmag.org): nice mag but primary focused on beginners - PHP Magazin (german version): the classic of the php mags. It provides imo high class articels on advanced topics. Focused on advanced users. - PHP Magazin International: the same as the german mag (with complete different contents) - top resource... - PHP Architect (PDF version): I really like php|arch. Intersting topics, and the same audience as the php magazines. If I have to choose one, I would take php|arch because it provides a single issue every month (12 issues a year) - php magazin (print) instead is released only all 2 month (only 6 issues p.a.)... Another option: take php|arch and php magazin international as PDF... maybe your budget allows you to get both PDF mags... Both mags provide free sample issues PHP Magazin International https://www.entwickler.com/ssl/phppdf/ PHP Architect PDF Version http://www.phparch.com/issue.php?mid=9 bye bye Andreas Aaron Fischer wrote: > Hi all, > > I recently ordered an issue of international php magazine > (http://www.php-mag.net/) and php architect (http://phparch.com/) to > compare the two and pick one to subscribe to. They both look pretty > good, but unfortunately budget dictates that I pick just one. > > I'd be interested to hear people's opinions on which one to subscribe > to. Are they both pretty similar? Do they tend to focus on the same > audience? Are there differences of note? > > One thing to note, the issue of php architect came almost immediately, > whereas I am still waiting (three weeks later) for the issue of > international php magazine to arrive. > > Thanks for any thoughts, > > -Aaron > > _______________________________________________ > New York PHP Talk > Supporting AMP Technology (Apache/MySQL/PHP) > http://lists.nyphp.org/mailman/listinfo/talk > http://www.newyorkphp.org > > From ben at atlphp.org Tue Dec 14 14:26:08 2004 From: ben at atlphp.org (Ben Ramsey) Date: Tue, 14 Dec 2004 14:26:08 -0500 Subject: [nycphp-talk] PHP magazines In-Reply-To: <166CC4EC-4DFF-11D9-A143-0003930D07F2@email.smith.edu> References: <166CC4EC-4DFF-11D9-A143-0003930D07F2@email.smith.edu> Message-ID: <41BF3E50.9040009@atlphp.org> Aaron Fischer wrote: > One thing to note, the issue of php architect came almost immediately, > whereas I am still waiting (three weeks later) for the issue of > international php magazine to arrive. This will almost always happen because PHP Mag is located in Germany. It takes me two months to get their issues. php|a comes a bit quicker to me, but I still get it a month after it's been released. For example, I just received the November 2004 issue yesterday, but the December issue is already out. (I'm located in Atlanta, so I guess it takes longer to get to me.) Needless to say, I'm a bit upset with the delay in receiving both of these publications, but there's not much I can do about that. Since each magazine competes with the other, they try to stay on top of news and latest trends. So, content-wise they're both pretty good. Both use well-known speakers, writers, bloggers, and developers for their material. I also have spoken to the editors of both publications, and they're both great people who are seeking the best possible content for the community. I think it may come to this for you: PHP Mag is published bi-monthly (6 issues a year), whereas php|architect is published monthly. So, it may come down to how many issues you want for your money. Still, if budget would allow for both, I'd say to get both. -- Ben Ramsey Zend Certified Engineer http://benramsey.com From mwithington at PLMresearch.com Tue Dec 14 22:40:35 2004 From: mwithington at PLMresearch.com (Mark Withington) Date: Tue, 14 Dec 2004 22:40:35 -0500 Subject: [nycphp-talk] OT: HTMLTableCellElement Message-ID: <1F3CD8DDFB6A9B4C9B8DD06E4A7DE3586A6F6B@network.PLMresearch.com> Has anyone had any experience/luck using the DOM HTMLTableCellElement.width to provide information? I'm trying to generate table headings using DHTML that would be positioned absolute (and thereby eliminate the need for frames). Everything works great, except the DHTML column widths don't line up with the HTML (generated) table body. I'm letting the browser adjust the columns as necessary and was hoping to use HTMLTableCellElement.width to provide the information that I would then inject into the DHTML table tags. Any suggestions/help would be appreciated. Mark -------------------------- Mark L. Withington PLMresearch v: 508-746-2383 m: 508-801-0181 Calendar: http://www.plmresearch.com/calendar.php -----Original Message----- From: talk-bounces at lists.nyphp.org [mailto:talk-bounces at lists.nyphp.org] On Behalf Of Aaron Fischer Sent: Tuesday, December 14, 2004 1:37 PM To: NYPHP-Talk Subject: [nycphp-talk] PHP magazines Hi all, I recently ordered an issue of international php magazine (http://www.php-mag.net/) and php architect (http://phparch.com/) to compare the two and pick one to subscribe to. They both look pretty good, but unfortunately budget dictates that I pick just one. I'd be interested to hear people's opinions on which one to subscribe to. Are they both pretty similar? Do they tend to focus on the same audience? Are there differences of note? One thing to note, the issue of php architect came almost immediately, whereas I am still waiting (three weeks later) for the issue of international php magazine to arrive. Thanks for any thoughts, -Aaron _______________________________________________ New York PHP Talk Supporting AMP Technology (Apache/MySQL/PHP) http://lists.nyphp.org/mailman/listinfo/talk http://www.newyorkphp.org From hans at cyberxdesigns.com Wed Dec 15 10:18:58 2004 From: hans at cyberxdesigns.com (Hans C. Kaspersetz) Date: Wed, 15 Dec 2004 10:18:58 -0500 Subject: [nycphp-talk] OT: HTMLTableCellElement In-Reply-To: <1F3CD8DDFB6A9B4C9B8DD06E4A7DE3586A6F6B@network.PLMresearch.com> References: <1F3CD8DDFB6A9B4C9B8DD06E4A7DE3586A6F6B@network.PLMresearch.com> Message-ID: <41C055E2.4060407@cyberxdesigns.com> Mark, Not sure if you are aware, but NY PHP has a front end list for these types of questions. Check it out might get you a better response. http://lists.nyphp.org/mailman/listinfo/front-end Hans Mark Withington wrote: >Has anyone had any experience/luck using the DOM HTMLTableCellElement.width >to provide information? I'm trying to generate table headings using >DHTML that would be positioned absolute (and thereby eliminate the need for >frames). Everything works great, except the DHTML column widths don't line >up with the HTML (generated) table body. I'm letting the browser adjust the >columns as necessary and was hoping to use HTMLTableCellElement.width to >provide the information that I would then inject into the DHTML table >tags. > >Any suggestions/help would be appreciated. > >Mark > > > --- snip --- -- Hans C. Kaspersetz Cyber X Designs http://www.cyberxdesigns.com From it at avp.org Wed Dec 15 11:31:18 2004 From: it at avp.org (Chris Baronavski) Date: Wed, 15 Dec 2004 11:31:18 -0500 Subject: [nycphp-talk] Open Source Volunteer Management Systems Message-ID: <20041215112431.SM00237@miasma> Does anyone know of any good open source volunteer management systems? Thanks, Chris -------------- next part -------------- An HTML attachment was scrubbed... URL: From dorgan at optonline.net Wed Dec 15 14:43:47 2004 From: dorgan at optonline.net (Donald J. Organ IV) Date: Wed, 15 Dec 2004 14:43:47 -0500 Subject: [nycphp-talk] $_SERVER['DOCUMENT_ROOT'] Message-ID: <41C093F3.7090508@optonline.net> does anyone know a work around for the lack of $_SERVER['DOCUMENT_ROOT'] on windows 2003 servers From jsiegel1 at optonline.net Wed Dec 15 14:53:37 2004 From: jsiegel1 at optonline.net (Jeff Siegel) Date: Wed, 15 Dec 2004 14:53:37 -0500 Subject: [nycphp-talk] $_SERVER['DOCUMENT_ROOT'] In-Reply-To: <41C093F3.7090508@optonline.net> References: <41C093F3.7090508@optonline.net> Message-ID: <41C09641.9040004@optonline.net> Linux. ;) Jeff Donald J. Organ IV wrote: > does anyone know a work around for the lack of $_SERVER['DOCUMENT_ROOT'] > on windows 2003 servers > _______________________________________________ > New York PHP Talk > Supporting AMP Technology (Apache/MySQL/PHP) > http://lists.nyphp.org/mailman/listinfo/talk > http://www.newyorkphp.org > From rahmin at insite-out.com Wed Dec 15 14:59:22 2004 From: rahmin at insite-out.com (Rahmin Pavlovic) Date: Wed, 15 Dec 2004 14:59:22 -0500 Subject: [nycphp-talk] redirect problem Message-ID: <200412151959.iBFJxMuk005364@webmail5.megamailservers.com> An embedded and charset-unspecified text was scrubbed... Name: not available URL: From john at cyber-ny.com Wed Dec 15 15:06:03 2004 From: john at cyber-ny.com (John Nunez) Date: Wed, 15 Dec 2004 15:06:03 -0500 Subject: [nycphp-talk] redirect problem In-Reply-To: <200412151959.iBFJxMuk005364@webmail5.megamailservers.com> References: <200412151959.iBFJxMuk005364@webmail5.megamailservers.com> Message-ID: <41C0992B.4030200@cyber-ny.com> I think the problem is with the browser specs. Using header( 'location: http://...com' ); cause the browser to receive a Error Code #302(?) and it will redirect to the new url that has been supplied but it's a temporary redirect. On refresh the browser will attempt the original url. The method I use to fix this is: echo ''; There might be a better/proper way of re-directing the browser. Rahmin Pavlovic wrote: > Hello all, > > I'm feeling especially out of it today - maybe someone here can help - > > I have a page here that checks the db for a certain condition, which if met, > redirects the user to another page. > > That condition can be set by an external process, so it's entirely possible for > the condition to be met while the user is on the page. If that's the case, and > the user hits reload, redirect. > > So far so good. > > The problem here is that, after being redirected, if the user hits reload on the > new page, the previous page comes up. Actually, the real problem is: I don't > know why it's doing that. > > Has anyone experienced this before? My header hurts.. > > > _______________________________________________ > New York PHP Talk > Supporting AMP Technology (Apache/MySQL/PHP) > http://lists.nyphp.org/mailman/listinfo/talk > http://www.newyorkphp.org > From john at cyber-ny.com Wed Dec 15 15:07:37 2004 From: john at cyber-ny.com (John Nunez) Date: Wed, 15 Dec 2004 15:07:37 -0500 Subject: [nycphp-talk] $_SERVER['DOCUMENT_ROOT'] In-Reply-To: <41C093F3.7090508@optonline.net> References: <41C093F3.7090508@optonline.net> Message-ID: <41C09989.2090305@cyber-ny.com> Donald print_r out the $_SYSTEM variable to see if IIS has renamed it. John Donald J. Organ IV wrote: > does anyone know a work around for the lack of $_SERVER['DOCUMENT_ROOT'] > on windows 2003 servers > _______________________________________________ > New York PHP Talk > Supporting AMP Technology (Apache/MySQL/PHP) > http://lists.nyphp.org/mailman/listinfo/talk > http://www.newyorkphp.org > From dcech at phpwerx.net Wed Dec 15 15:08:17 2004 From: dcech at phpwerx.net (Dan Cech) Date: Wed, 15 Dec 2004 15:08:17 -0500 Subject: [nycphp-talk] redirect problem In-Reply-To: <200412151959.iBFJxMuk005364@webmail5.megamailservers.com> References: <200412151959.iBFJxMuk005364@webmail5.megamailservers.com> Message-ID: <41C099B1.8080105@phpwerx.net> Rahmin Pavlovic wrote: > Hello all, > > I'm feeling especially out of it today - maybe someone here can help - > > I have a page here that checks the db for a certain condition, which if met, > redirects the user to another page. How exactly are you redirecting the user? Dan From dcech at phpwerx.net Wed Dec 15 15:12:12 2004 From: dcech at phpwerx.net (Dan Cech) Date: Wed, 15 Dec 2004 15:12:12 -0500 Subject: [nycphp-talk] redirect problem In-Reply-To: <41C0992B.4030200@cyber-ny.com> References: <200412151959.iBFJxMuk005364@webmail5.megamailservers.com> <41C0992B.4030200@cyber-ny.com> Message-ID: <41C09A9C.4090805@phpwerx.net> John Nunez wrote: > I think the problem is with the browser specs. Using header( 'location: > http://...com' ); cause the browser to receive a Error Code #302(?) and > it will redirect to the new url that has been supplied but it's a > temporary redirect. On refresh the browser will attempt the original > url. The method I use to fix this is: > echo ''; > > There might be a better/proper way of re-directing the browser. Another method is to use an http-equiv meta element: which doesn't require JavaScript. Dan From ben at atlphp.org Wed Dec 15 15:12:57 2004 From: ben at atlphp.org (Ben Ramsey) Date: Wed, 15 Dec 2004 15:12:57 -0500 Subject: [nycphp-talk] $_SERVER['DOCUMENT_ROOT'] In-Reply-To: <41C09989.2090305@cyber-ny.com> References: <41C093F3.7090508@optonline.net> <41C09989.2090305@cyber-ny.com> Message-ID: <41C09AC9.70901@atlphp.org> John Nunez wrote: > print_r out the $_SYSTEM variable to see if IIS has renamed it. Or don't use the $_SYSTEM variable at all and use realpath() or pathinfo()... http://www.php.net/realpath http://www.php.net/pathinfo -- Ben Ramsey Zend Certified Engineer http://benramsey.com From flakie at gmail.com Wed Dec 15 15:26:34 2004 From: flakie at gmail.com (Eric Rank) Date: Wed, 15 Dec 2004 14:26:34 -0600 Subject: [nycphp-talk] Session security: protecting against hijacking attempts Message-ID: Hi all, I'm looking for a good standard practice for authenticating Sessions to protect against hijacking attempts. What have you tried? What works? What doesn't? I know that the only REAL way to protext against this is to use SSL, but I'm trying to get as secure as possible without SSL. So far I've decided that as a minimum I can check the user agent and the remote ip address on each page request to see if a session is hijacked. This is the most obvious way to see if the session is being used by a different user. However, these things can be spoofed, and in fact, they probably don't even need to be spoofed if 2 users are behind the same router and have the same user agent. What else can one do to protect? Thanks, Eric Rank From ajai at bitblit.net Wed Dec 15 15:33:31 2004 From: ajai at bitblit.net (Ajai Khattri) Date: Wed, 15 Dec 2004 15:33:31 -0500 Subject: [nycphp-talk] htpasswd files from PHP Message-ID: <41C09F9B.3030008@bitblit.net> Anyone written code or a library to manage htpasswd files from a web page with PHP? --- Aj. Systems Administrator / Developer From rahmin at insite-out.com Wed Dec 15 15:48:44 2004 From: rahmin at insite-out.com (Rahmin Pavlovic) Date: Wed, 15 Dec 2004 15:48:44 -0500 Subject: [nycphp-talk] redirect problem Message-ID: <200412152048.iBFKmiTN005076@webmail4.megamailservers.com> An embedded and charset-unspecified text was scrubbed... Name: not available URL: From chsnyder at gmail.com Wed Dec 15 15:55:50 2004 From: chsnyder at gmail.com (csnyder) Date: Wed, 15 Dec 2004 15:55:50 -0500 Subject: [nycphp-talk] Session security: protecting against hijacking attempts In-Reply-To: References: Message-ID: As you said, SSL is the only way to be sure. If I'm using your website through my evil neighbor's wireless access point, and she decides to hijack my session, there is nothing we can do about it. She'll probably duplicate my user-agent header, she has the same ip address, and if she passes the same session cookie then she *is* me, as far as your server can tell. It used to be that a hijacker had to live inside the ISP to be able to capture the packets -- but with wireless, anyone can play. You can prevent inadvertant hijacking by requiring cookies. Otherwise... good luck. From flakie at gmail.com Wed Dec 15 17:47:07 2004 From: flakie at gmail.com (Eric Rank) Date: Wed, 15 Dec 2004 16:47:07 -0600 Subject: [nycphp-talk] Session security: protecting against hijacking attempts In-Reply-To: References: Message-ID: Is that it? Nothing else I can do to prevent it? Thus far this is the conclusion that I've come up with too. It's slightly disturbing.... but web security vulnerabilities make me pretty squeemish. Is this something that needs to be worried about, or am I just paranoind? Eric Rank On Wed, 15 Dec 2004 15:55:50 -0500, csnyder wrote: > As you said, SSL is the only way to be sure. > > If I'm using your website through my evil neighbor's wireless access > point, and she decides to hijack my session, there is nothing we can > do about it. She'll probably duplicate my user-agent header, she has > the same ip address, and if she passes the same session cookie then > she *is* me, as far as your server can tell. > > It used to be that a hijacker had to live inside the ISP to be able to > capture the packets -- but with wireless, anyone can play. > > You can prevent inadvertant hijacking by requiring cookies. > Otherwise... good luck. From fields at surgam.net Wed Dec 15 18:00:56 2004 From: fields at surgam.net (Adam Fields) Date: Wed, 15 Dec 2004 18:00:56 -0500 Subject: [nycphp-talk] Session security: protecting against hijacking attempts In-Reply-To: References: Message-ID: <20041215230056.GG434@lola.aquick.org> On Wed, Dec 15, 2004 at 04:47:07PM -0600, Eric Rank wrote: > Is that it? Nothing else I can do to prevent it? Thus far this is the > conclusion that I've come up with too. It's slightly disturbing.... > but web security vulnerabilities make me pretty squeemish. Is this > something that needs to be worried about, or am I just paranoind? Er... this isn't limited to wireless - anyone between the server and the user can eavesdrop on everything that crosses the wire, and consequently fake it. What's the aversion to SSL? It's not perfect, but it exists precisely to try to address this exact problem. > On Wed, 15 Dec 2004 15:55:50 -0500, csnyder wrote: > > As you said, SSL is the only way to be sure. > > > > If I'm using your website through my evil neighbor's wireless access > > point, and she decides to hijack my session, there is nothing we can > > do about it. She'll probably duplicate my user-agent header, she has > > the same ip address, and if she passes the same session cookie then > > she *is* me, as far as your server can tell. > > > > It used to be that a hijacker had to live inside the ISP to be able to > > capture the packets -- but with wireless, anyone can play. > > > > You can prevent inadvertant hijacking by requiring cookies. > > Otherwise... good luck. > _______________________________________________ > New York PHP Talk > Supporting AMP Technology (Apache/MySQL/PHP) > http://lists.nyphp.org/mailman/listinfo/talk > http://www.newyorkphp.org -- - Adam ----- [ http://www.aquick.org/blog ] [ http://www.adamfields.com ][ http://del.icio.us/fields ] [ http://www.aquick.org/photoblog ][ http://www.aquick.org/gallery ] From ttoomey at ydnt.com Wed Dec 15 18:09:56 2004 From: ttoomey at ydnt.com (Tim Toomey) Date: Wed, 15 Dec 2004 17:09:56 -0600 Subject: [nycphp-talk] Session security: protecting against hijacking attempts In-Reply-To: References: Message-ID: <41C0C444.10104@ydnt.com> Eric Rank wrote: >Hi all, > >I'm looking for a good standard practice for authenticating Sessions >to protect against hijacking attempts. What have you tried? What >works? What doesn't? > >I know that the only REAL way to protext against this is to use SSL, >but I'm trying to get as secure as possible without SSL. > >So far I've decided that as a minimum I can check the user agent and >the remote ip address on each page request to see if a session is >hijacked. This is the most obvious way to see if the session is being >used by a different user. However, these things can be spoofed, and in >fact, they probably don't even need to be spoofed if 2 users are >behind the same router and have the same user agent. > >What else can one do to protect? > >Thanks, > >Eric Rank > > I know one thing I did to limit session hijacking is setup your files to automatically redirect to a portion of your php that kills the session after say 10 minutes of the page not being changed. Then I have a simple little function I call up inbetween an if statement asking if action is set and timeout is equal to one to destroy the session array and log the user out. -- -Tim Toomey ttoomey at ydnt.com From chsnyder at gmail.com Wed Dec 15 18:11:37 2004 From: chsnyder at gmail.com (csnyder) Date: Wed, 15 Dec 2004 18:11:37 -0500 Subject: [nycphp-talk] Session security: protecting against hijacking attempts In-Reply-To: References: Message-ID: On Wed, 15 Dec 2004 16:47:07 -0600, Eric Rank wrote: > Is this something that needs to be worried about, or am I just paranoind? Yes. ;-) No, not really -- you need to think about what harm can come from someone impersonating an authenticated user of your application. Falsified posts on a message board are usually no big deal, but defacement of your Fortune 500 company's dynamic website would be a much bigger concern. Just because it's relatively easy to do, doesn't mean that anyone will ever take the trouble to do it. If the possibility keeps you awake at night, use SSL. Otherwise don't sweat it. From flakie at gmail.com Wed Dec 15 20:42:43 2004 From: flakie at gmail.com (Eric Rank) Date: Wed, 15 Dec 2004 19:42:43 -0600 Subject: [nycphp-talk] Session security: protecting against hijacking attempts In-Reply-To: References: Message-ID: Thanks for the feedback. Using SSL will be an option when it's available. I'm just trying to figure out some best practices in order to stop the gaps as much as possible. I just want to know what IS possible and if I'm missing anything. >From the responses so far, it seems that (just as you say, Chris) I should use SSL for the really important stuff. Otherwise, a mixture of timeout settings, useragent and ip verification, and possibly the use of cookies, are the best, if not only, means of verifying the session. Although, my gut tells me that there's some other creative solution possible... - Eric Rank > > Is this something that needs to be worried about, or am I just paranoind? > > Yes. ;-) > > No, not really -- you need to think about what harm can come from > someone impersonating an authenticated user of your application. > Falsified posts on a message board are usually no big deal, but > defacement of your Fortune 500 company's dynamic website would be a > much bigger concern. > > Just because it's relatively easy to do, doesn't mean that anyone will > ever take the trouble to do it. If the possibility keeps you awake at > night, use SSL. Otherwise don't sweat it. From codebowl at gmail.com Thu Dec 16 08:05:50 2004 From: codebowl at gmail.com (Joseph Crawford) Date: Thu, 16 Dec 2004 08:05:50 -0500 Subject: [nycphp-talk] htpasswd files from PHP In-Reply-To: <41C09F9B.3030008@bitblit.net> References: <41C09F9B.3030008@bitblit.net> Message-ID: <8d9a428004121605054751f13a@mail.gmail.com> i have none on hand that i have written however i have seen some that will allow you to add/edit/delete users from a web based admin area. search on hotscripts.com under php for htaccess it should turn up some results. Maybe this is something i will write in the future :D -- Joseph Crawford Jr. Codebowl Solutions codebowl at gmail.com From shiflett at php.net Thu Dec 16 09:05:34 2004 From: shiflett at php.net (Chris Shiflett) Date: Thu, 16 Dec 2004 06:05:34 -0800 (PST) Subject: [nycphp-talk] $_SERVER['DOCUMENT_ROOT'] In-Reply-To: <41C093F3.7090508@optonline.net> Message-ID: <20041216140534.49479.qmail@web52807.mail.yahoo.com> --- "Donald J. Organ IV" wrote: > does anyone know a work around for the lack of > $_SERVER['DOCUMENT_ROOT'] on windows 2003 servers I put this in httpd.conf to work around the lack of $_SERVER['SERVER_ROOT']: SetEnv SERVER_ROOT /path/to/apache You could do the same sort of thing for document root. Chris ===== Chris Shiflett - http://shiflett.org/ PHP Security - O'Reilly HTTP Developer's Handbook - Sams Coming Soon http://httphandbook.org/ From dorgan at optonline.net Thu Dec 16 09:23:30 2004 From: dorgan at optonline.net (Donald J. Organ IV) Date: Thu, 16 Dec 2004 09:23:30 -0500 Subject: [nycphp-talk] $_SERVER['DOCUMENT_ROOT'] In-Reply-To: <20041216140534.49479.qmail@web52807.mail.yahoo.com> References: <20041216140534.49479.qmail@web52807.mail.yahoo.com> Message-ID: <41C19A62.6040307@optonline.net> Chris Shiflett wrote: >--- "Donald J. Organ IV" wrote: > > >>does anyone know a work around for the lack of >>$_SERVER['DOCUMENT_ROOT'] on windows 2003 servers >> >> > >I put this in httpd.conf to work around the lack of >$_SERVER['SERVER_ROOT']: > >SetEnv SERVER_ROOT /path/to/apache > >You could do the same sort of thing for document root. > >Chris > >===== >Chris Shiflett - http://shiflett.org/ > >PHP Security - O'Reilly HTTP Developer's Handbook - Sams >Coming Soon http://httphandbook.org/ >_______________________________________________ >New York PHP Talk >Supporting AMP Technology (Apache/MySQL/PHP) >http://lists.nyphp.org/mailman/listinfo/talk >http://www.newyorkphp.org > > > yeah but the hosting company i am using is using IIS so there is no httpd.conf file From shiflett at php.net Thu Dec 16 09:49:20 2004 From: shiflett at php.net (Chris Shiflett) Date: Thu, 16 Dec 2004 06:49:20 -0800 (PST) Subject: [nycphp-talk] $_SERVER['DOCUMENT_ROOT'] In-Reply-To: <41C19A62.6040307@optonline.net> Message-ID: <20041216144920.3554.qmail@web52804.mail.yahoo.com> --- "Donald J. Organ IV" wrote: > yeah but the hosting company i am using is using IIS so there is > no httpd.conf file Yikes! Good luck with that. :-( Chris ===== Chris Shiflett - http://shiflett.org/ PHP Security - O'Reilly HTTP Developer's Handbook - Sams Coming Soon http://httphandbook.org/ From mark at thirdstation.com Thu Dec 16 10:19:02 2004 From: mark at thirdstation.com (mark) Date: Thu, 16 Dec 2004 11:19:02 -0400 Subject: [nycphp-talk] DBM file support and caching in PHP Message-ID: <20041216151902.M51527@thirdstation.com> Greetings, I am porting a library from Perl to PHP that will provide an API to perform over-the-network lookups of information. The network lookups can potentially take a long time so, I'd like to cache results locally in a DBM file. >From what I've discovered so far, DBM file support is not enabled by default and must be compiled into the php binary. Because I'd like the library to be easy to install, basically just untar it and go, I want to avoid asking my customers to recompile their php installations. I also don't want to ask that the customers use their own DB's for caching because I don't want them to know anything about the cache (other than the fact it's there). It's internal to the library. Does PHP offer any built-in mechanisms to cache data? I was going to serialize PHP objects out to the DBM file. I'd use a flat file but, I need the fast lookup that DBM gives. Any suggestions, wisdom? Any info will be greatly appreciated. Thanks, Mark From mark at thirdstation.com Thu Dec 16 10:35:53 2004 From: mark at thirdstation.com (mark) Date: Thu, 16 Dec 2004 11:35:53 -0400 Subject: [nycphp-talk] DBM file support and caching in PHP Message-ID: <20041216153553.M85104@thirdstation.com> Hi all, Follow-up to my last message. I just found the PEAR Cache_Lite package, 30 seconds after posting to the list. Figures. It looks like it does what I need. Anyone have any experience using it? Are there caveats? Thanks, Mark From psaw at pswebcode.com Thu Dec 16 10:43:49 2004 From: psaw at pswebcode.com (Peter Sawczynec) Date: Thu, 16 Dec 2004 10:43:49 -0500 Subject: [nycphp-talk] Shooting stars pour down the black heaven... Message-ID: <000201c4e386$0ce8e950$68e4a144@Liz> Out back the horizon was strangely tinted. Low sun floated, a metallic pink bubble behind stubby grey oaks with branches retaining clutches of tightly curled crimson and gold leaves. Giant, shining blackbirds commanded and complained. Robins cased the plush crusted field. An alert rabbit stood, nose moving precisely like swanky hips, stared towards the broad white Victorian with lemon shutters, mint window frames, pink trellises under the gables, and three sides of wide porch filled with four generations of white rockers, an Adirondack, two swings and a hammock. Rough winds smacked the frosted glass in the second floor dormers. Ancient warped wooden sashes clicked and clapped in the frames. Fine brass wind chimes strained and sprayed in the gusts, hurling icy tinkles. A rake, hoe and shovel slid from position and sequentially clunked to the floor. Time lapsed in my unforgettable floating world. Happy, happy holidays to you and yours... Warmest regards, Peter Sawczynec Technology Director PSWebcode psaw at pswebcode.com 718.543.3240 -------------- next part -------------- An HTML attachment was scrubbed... URL: From fields at hedge.net Thu Dec 16 11:16:20 2004 From: fields at hedge.net (Adam Fields) Date: Thu, 16 Dec 2004 11:16:20 -0500 Subject: [nycphp-talk] Thanks to our hosts! Message-ID: <20041216161620.GD19604@lola.aquick.org> It was great to see some of you last night! I hope you're still recovering from whatever hangover you might have acquired. Just a quick thanks to our hosts, who put a lot of effort into putting together a fun party. Great drink, great food, great space. Thanks! -- - Adam ----- [ http://www.aquick.org/blog ] [ http://www.adamfields.com ][ http://del.icio.us/fields ] [ http://www.aquick.org/photoblog ][ http://www.aquick.org/gallery ] From danielc at analysisandsolutions.com Thu Dec 16 11:57:13 2004 From: danielc at analysisandsolutions.com (Daniel Convissor) Date: Thu, 16 Dec 2004 11:57:13 -0500 Subject: [nycphp-talk] DBM file support and caching in PHP In-Reply-To: <20041216151902.M51527@thirdstation.com> References: <20041216151902.M51527@thirdstation.com> Message-ID: <20041216165712.GA5374@panix.com> On Thu, Dec 16, 2004 at 11:19:02AM -0400, mark wrote: > I also don't want to ask that the customers use their own DB's for > caching Have you thought about using SQLite? It's built into PHP 5 by default. While it has many characteristics of a DBMS, it's really just a glorified file format, so doesn't have a DBMS server. --Dan -- T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y data intensive web and database programming http://www.AnalysisAndSolutions.com/ 4015 7th Ave #4, Brooklyn NY 11232 v: 718-854-0335 f: 718-854-0409 From george at omniti.com Thu Dec 16 12:02:57 2004 From: george at omniti.com (George Schlossnagle) Date: Thu, 16 Dec 2004 12:02:57 -0500 Subject: [nycphp-talk] DBM file support and caching in PHP In-Reply-To: <20041216165712.GA5374@panix.com> References: <20041216151902.M51527@thirdstation.com> <20041216165712.GA5374@panix.com> Message-ID: <55A8A702-4F84-11D9-A171-000D93359332@omniti.com> On Dec 16, 2004, at 11:57 AM, Daniel Convissor wrote: > On Thu, Dec 16, 2004 at 11:19:02AM -0400, mark wrote: >> I also don't want to ask that the customers use their own DB's for >> caching > > Have you thought about using SQLite? It's built into PHP 5 by default. > While it has many characteristics of a DBMS, it's really just a > glorified > file format, so doesn't have a DBMS server. That's a rather poor characterization. SQLite is actually much more fully featured that something like MySQL, it just happens to be an embedded RDBMS instead of a standalone server. Extending your characterization would mean that all the DBM implementation (including ones with full transactional support like db4) are glorified file formats, simply because they embed and aren't talked to over so sort of IPC or networking. George From chsnyder at gmail.com Thu Dec 16 12:11:29 2004 From: chsnyder at gmail.com (csnyder) Date: Thu, 16 Dec 2004 12:11:29 -0500 Subject: [nycphp-talk] Shooting stars pour down the black heaven... In-Reply-To: <000201c4e386$0ce8e950$68e4a144@Liz> References: <000201c4e386$0ce8e950$68e4a144@Liz> Message-ID: buffer = $message."\n...and happy freek'n holidays!"; } public function asHtml() { return nl2br( $this->buffer ); } } $greets = new holidayGreeting( "Wishing you many bugfree returns..." ); ?> Warmest Regards
asHtml()?>
PS -- Thanks for a great party last night. Friends, art, music, free beer ... a dream come true!"; } //EOF From hans at nyphp.com Thu Dec 16 12:26:51 2004 From: hans at nyphp.com (Hans Zaunere) Date: Thu, 16 Dec 2004 09:26:51 -0800 Subject: [nycphp-talk] Thanks to our hosts! Message-ID: <41EE526EC2D3C74286415780D3BA9F8706D13EF5@ehost011-1.exch011.intermedia.net> > It was great to see some of you last night! I hope you're still > recovering from whatever hangover you might have acquired. > > Just a quick thanks to our hosts, who put a lot of effort into putting > together a fun party. Great drink, great food, great space. Thanks Adam, and for everyone that joined us last night. It was a great time, and we're looking forward to making such events in the future. Regards, --- Hans Zaunere President, Founder New York PHP http://www.nyphp.org From psaw at pswebcode.com Thu Dec 16 12:54:59 2004 From: psaw at pswebcode.com (Peter Sawczynec) Date: Thu, 16 Dec 2004 12:54:59 -0500 Subject: [nycphp-talk] Quick DHTML/FLash Conflict Question Message-ID: <002201c4e398$5f8f7db0$68e4a144@Liz> Using PHP to feed vars to JavaScript that creates DHTML menu system on the fly. When the menu is opened and menu items overlay a Flash .swf on the same page, the .swf file is always on top obscuring menu items. Can ordinary HTML be forced on top of Flash? Use CSS z-index? Warmest regards, Peter Sawczynec Technology Director PSWebcode psaw at pswebcode.com 718.543.3240 From rahmin at insite-out.com Thu Dec 16 13:10:02 2004 From: rahmin at insite-out.com (Rahmin Pavlovic) Date: Thu, 16 Dec 2004 13:10:02 -0500 Subject: [nycphp-talk] Quick DHTML/FLash Conflict Question Message-ID: <200412161810.iBGIA2uk028725@webmail5.megamailservers.com> An embedded and charset-unspecified text was scrubbed... Name: not available URL: From chsnyder at gmail.com Thu Dec 16 13:54:30 2004 From: chsnyder at gmail.com (csnyder) Date: Thu, 16 Dec 2004 13:54:30 -0500 Subject: [nycphp-talk] Quick DHTML/FLash Conflict Question In-Reply-To: <200412161810.iBGIA2uk028725@webmail5.megamailservers.com> References: <200412161810.iBGIA2uk028725@webmail5.megamailservers.com> Message-ID: On Thu, 16 Dec 2004 13:10:02 -0500, Rahmin Pavlovic wrote: > Not really. Best cross-browser method I can think of is to make the movie > disappear when the menu is activated (reappearing when deactivated) using either > the css 'display' or 'visible' properties. Wow, does that work? Flash, QuickTime, etc. are outside of the browser's rendering process -- they're given a piece of screen real estate and told to "write here". So there's no way to put HTML on top. You could dynamically insert things into the .swf using some actionscript. -- Chris Snyder http://chxo.com/ From mjdewitt at alexcommgrp.com Thu Dec 16 13:58:04 2004 From: mjdewitt at alexcommgrp.com (DeWitt, Michael) Date: Thu, 16 Dec 2004 13:58:04 -0500 Subject: [nycphp-talk] Call for pictures of the holiday party Message-ID: It was great seeing so many of you at the party last night. I noticed that quite a few people had cameras. I would like to gather everyone's pictures and hang them in the NYPHP gallery (which is open to all to view at http://nyphp.org/content/gallery/). If you have some that you would like to share, would you please compress and email them to me at mailto:mjdewitt at alexcommgrp.com Thanks Mike NYPHP From rahmin at insite-out.com Thu Dec 16 14:12:42 2004 From: rahmin at insite-out.com (Rahmin Pavlovic) Date: Thu, 16 Dec 2004 14:12:42 -0500 Subject: [nycphp-talk] Quick DHTML/FLash Conflict Question Message-ID: <200412161912.iBGJCguk012545@webmail5.megamailservers.com> An embedded and charset-unspecified text was scrubbed... Name: not available URL: From codebowl at gmail.com Thu Dec 16 14:22:32 2004 From: codebowl at gmail.com (Joseph Crawford) Date: Thu, 16 Dec 2004 14:22:32 -0500 Subject: [nycphp-talk] Call for pictures of the holiday party In-Reply-To: References: Message-ID: <8d9a4280041216112272c9c646@mail.gmail.com> OHHH Drunken programmers, i gotta see that :D -- Joseph Crawford Jr. Codebowl Solutions codebowl at gmail.com From joshmccormack at travelersdiary.com Thu Dec 16 15:00:32 2004 From: joshmccormack at travelersdiary.com (Josh McCormack) Date: Thu, 16 Dec 2004 15:00:32 -0500 Subject: [nycphp-talk] Quick DHTML/FLash Conflict Question In-Reply-To: <200412161810.iBGIA2uk028725@webmail5.megamailservers.com> References: <200412161810.iBGIA2uk028725@webmail5.megamailservers.com> Message-ID: <41C1E960.40501@travelersdiary.com> Rahmin Pavlovic wrote: > On Thu, 16 Dec 2004 12:54 , Peter Sawczynec sent: > > >>Using PHP to feed vars to JavaScript that creates DHTML menu system on the >>fly. >>When the menu is opened and menu items overlay a Flash .swf on the same >>page, >>the .swf file is always on top obscuring menu items. >> >>Can ordinary HTML be forced on top of Flash? Use CSS z-index? >> > > > > Not really. Best cross-browser method I can think of is to make the movie > disappear when the menu is activated (reappearing when deactivated) using either > the css 'display' or 'visible' properties. > Switch out the movie with a gif of it, if possible. Josh From shawn at shawnlawyer.com Fri Dec 17 03:00:07 2004 From: shawn at shawnlawyer.com (Shawn Lawyer) Date: Fri, 17 Dec 2004 03:00:07 -0500 Subject: [nycphp-talk] $_SERVER['DOCUMENT_ROOT'] References: <41C093F3.7090508@optonline.net> Message-ID: <003d01c4e40e$6ce1a9e0$6401a8c0@ViaoDev1> >From when I was a little Kiddie function docRoot() { return str_repeat('../', substr_count($_SERVER['REQUEST_URI'], "/")-1); } $docRoot=docRoot(); > does anyone know a work around for the lack of $_SERVER['DOCUMENT_ROOT'] > on windows 2003 servers Shawn Lawyer From j.aponte at gmail.com Fri Dec 17 12:55:00 2004 From: j.aponte at gmail.com (Juancarlos Aponte) Date: Fri, 17 Dec 2004 12:55:00 -0500 Subject: [nycphp-talk] php + mysql Message-ID: Hey, I'm trying to get PHP 5.0.x to work with the latest MySQL on Windows Server 2003 (don't flame me). I've edited the php.ini file as per PHP's website. Somehow I still can't get it to work properly. I got rid of the semicolon in front of the phpmysql.dll line in the ini file but it still doesn't work. I put the libmysql.dll file into the windows system directory (both system and system32). Can anyone help me out here? Thanks. -- .: Juancarlos :. "Any fool can know. The point is to understand." -Albert Einstein From jayeshsh at ceruleansky.com Fri Dec 17 13:13:58 2004 From: jayeshsh at ceruleansky.com (Jayesh Sheth) Date: Fri, 17 Dec 2004 13:13:58 -0500 Subject: [nycphp-talk] PHP + Java with PHPMQ Message-ID: <41C321E6.5070903@ceruleansky.com> Hello everyone, I hope you are all enjoying the tropical weather of New York City. I don't know about any of you, but who would want to vacation on a tropical island such as Java in this warm weather? Speaking of Java, I thought I should mention this interesting article I came across: http://www.onjava.com/lpt/a/5363 Amir Shevat has written the PHPMQ system. He has this to say: "JMS (Java Messaging Service) is an interface implemented by most J2EE containers in order to provide point-to-point queuing and topic-based (publish/subscribe) functionality. JMS is frequently used by enterprise and back-end applications for distributed communication and collaboration. [...] Although efforts are being made to develop PHP as a back-end scripting language, its use is still very much confined to front-end applications. Combining the strengths of PHP--easy and fast web development, and compatibility with many types of databases--with those of JMS, which is the standard for communication with back-end enterprise applications, creates a powerful and easy-to-use tool for both Java and PHP developers. PHPMQ gives the PHP developer JMS-like abilities through the MantaRay messaging bus. This document gives an overview of PHPMQ and its use by the PHP developer." This seems like a cool project. - Jay PS: People interested in both Java and PHP may want to check out (the end of) this article too: http://www.oracle.com/technology/pub/articles/php_experts/FutureofPHP.html From danielc at analysisandsolutions.com Fri Dec 17 13:27:10 2004 From: danielc at analysisandsolutions.com (Daniel Convissor) Date: Fri, 17 Dec 2004 13:27:10 -0500 Subject: [nycphp-talk] php + mysql In-Reply-To: References: Message-ID: <20041217182710.GA20963@panix.com> On Fri, Dec 17, 2004 at 12:55:00PM -0500, Juancarlos Aponte wrote: > Hey, I'm trying to get PHP 5.0.x to work with the latest MySQL on > Windows Server 2003 WHICH version of MySQL? 4.0.x needs the mysql extension. 4.1.x needs the mysqli extension. Are you running PHP as a CGI or as a module? > got rid of the semicolon in front of the phpmysql.dll line in the ini > file but it still doesn't work. You mean php_mysql.dll (or php_mysqli.dll). Did you uncomment the proper DLL/extension? Did you properly set the extension_dir entry in php.ini? For example: extension_dir = "c:\progra~1\php\ext" > I put the libmysql.dll file into the > windows system directory (both system and system32). Can anyone help libmysql.dll? Anyway, don't. Put it back in the php\ext directory. --Dan -- T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y data intensive web and database programming http://www.AnalysisAndSolutions.com/ 4015 7th Ave #4, Brooklyn NY 11232 v: 718-854-0335 f: 718-854-0409 From mjdewitt at alexcommgrp.com Fri Dec 17 14:27:39 2004 From: mjdewitt at alexcommgrp.com (DeWitt, Michael) Date: Fri, 17 Dec 2004 14:27:39 -0500 Subject: [nycphp-talk] PHP Vulnerability Message-ID: Just forwarding Brad's note as this is on-topic here. Mike > -----Original Message----- > From: Brad Schonhorst [SMTP:bschonhorst at vcsnyc.org] > Sent: Friday, December 17, 2004 2:18 PM > To: nycbug List > Subject: [nycbug-talk] OT: PHP Vulnerability > > > From http://www.hardened-php.net > > During the development of Hardened-PHP several serious vulnerabilties > were discovered and fixed. The following advisory has been released. > > The advisory: > http://www.hardened-php.net/advisories/012004.txt > > Apparently PHP 4 and 5 is effected which includes the versions running > on Mac OS X Server (PHP v 4.3.2) > > _______________________________________________ > % NYC*BUG talk mailing list > http://lists.nycbug.org/mailman/listinfo/talk > %Be sure to check out our Jobs and NYCBUG-announce lists > %We meet the first Wednesday of the month From chsnyder at gmail.com Fri Dec 17 14:47:49 2004 From: chsnyder at gmail.com (csnyder) Date: Fri, 17 Dec 2004 14:47:49 -0500 Subject: [nycphp-talk] PHP Vulnerability In-Reply-To: References: Message-ID: Looks like another Friday afternoon upgrade session for a lot of us. According to the announcement, any code that uses unserialize() on any values that include user input is vulnerable. On a related note, does anyone here use Hardened-PHP? Or as a Slashdot poster wondered earlier, is there any reason why the Hardened-PHP patches aren't part of vanilla PHP in the first place? chris. From danielc at analysisandsolutions.com Fri Dec 17 15:49:20 2004 From: danielc at analysisandsolutions.com (Daniel Convissor) Date: Fri, 17 Dec 2004 15:49:20 -0500 Subject: [nycphp-talk] PHP Vulnerability In-Reply-To: References: Message-ID: <20041217204920.GA6226@panix.com> On Fri, Dec 17, 2004 at 02:47:49PM -0500, csnyder wrote: > According to the announcement, any code that uses unserialize() on any > values that include user input is vulnerable. You mean _improperly validated_ user input. Come on, who would pass unsanitized user input to ANYTHING? :) --Dan -- T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y data intensive web and database programming http://www.AnalysisAndSolutions.com/ 4015 7th Ave #4, Brooklyn NY 11232 v: 718-854-0335 f: 718-854-0409 From mjdewitt at alexcommgrp.com Fri Dec 17 15:55:38 2004 From: mjdewitt at alexcommgrp.com (DeWitt, Michael) Date: Fri, 17 Dec 2004 15:55:38 -0500 Subject: [nycphp-talk] 35% off from Addison-Wesley/Prentice Hall to group members Message-ID: If you are looking for some reading material over the holidays, here you go: For discount off Prentice Hall PTR books: http://www.phptr.com/promotion/1945 For discount off Addison-Wesley books: http://www.awprofessional.com/promotion/1942 Mike From shiflett at php.net Fri Dec 17 16:02:34 2004 From: shiflett at php.net (Chris Shiflett) Date: Fri, 17 Dec 2004 13:02:34 -0800 (PST) Subject: [nycphp-talk] PHP Vulnerability In-Reply-To: <20041217204920.GA6226@panix.com> Message-ID: <20041217210234.64020.qmail@web52803.mail.yahoo.com> --- Daniel Convissor wrote: > You mean _improperly validated_ user input. Come on, who would > pass unsanitized user input to ANYTHING? :) That's a good point. This is why I don't find most vulnerabilities to be a concern. However, whenever there is a vulnerability in something people use to filter data (even if it's not the best approach), I consider it to be very serious. For example, this is from the Security Focus description of the recent addslashes() vulnerability fixed in 4.3.10: A malicious attacker might open the following URL, disclosing the boot.ini file: http://localhost/phpscript.php?whatever=../../../../boot.ini%00 That's not exactly a great way to be filtering something, but it demonstrates that even those who try to adhere to some security practices can still be affected by vulnerabilities. Chris ===== Chris Shiflett - http://shiflett.org/ PHP Security - O'Reilly HTTP Developer's Handbook - Sams Coming Soon http://httphandbook.org/ From chsnyder at gmail.com Fri Dec 17 16:11:48 2004 From: chsnyder at gmail.com (csnyder) Date: Fri, 17 Dec 2004 16:11:48 -0500 Subject: [nycphp-talk] PHP Vulnerability In-Reply-To: <20041217204920.GA6226@panix.com> References: <20041217204920.GA6226@panix.com> Message-ID: Daniel Convissor wrote: > You mean _improperly validated_ user input. Come on, who would pass > unsanitized user input to ANYTHING? :) Well gees -- you pass unsanitized user input to addslashes(), dontcha? We're not talking about sending user input to a database query or shell command -- the unserialize() vulnerability happens inside PHP itself. From danielc at analysisandsolutions.com Fri Dec 17 16:22:16 2004 From: danielc at analysisandsolutions.com (Daniel Convissor) Date: Fri, 17 Dec 2004 16:22:16 -0500 Subject: [nycphp-talk] PHP Vulnerability In-Reply-To: References: <20041217204920.GA6226@panix.com> Message-ID: <20041217212216.GA24492@panix.com> On Fri, Dec 17, 2004 at 04:11:48PM -0500, csnyder wrote: > Well gees -- you pass unsanitized user input to addslashes(), dontcha? Uh, no. If I expect something to be an integer, it better be an integer. If I had to accept a file name, it wouldn't be allowed to have double periods or slashes in it. I tend to check for length also. Etc... Though, of course, I use PHP functions to do that checking. So, if preg functions had a vulnerability... OUCH! --Dan -- T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y data intensive web and database programming http://www.AnalysisAndSolutions.com/ 4015 7th Ave #4, Brooklyn NY 11232 v: 718-854-0335 f: 718-854-0409 From dmintz at davidmintz.org Fri Dec 17 16:27:00 2004 From: dmintz at davidmintz.org (David Mintz) Date: Fri, 17 Dec 2004 16:27:00 -0500 (EST) Subject: [nycphp-talk] why addslashes()? [PHP Vulnerability] In-Reply-To: <20041217212216.GA24492@panix.com> References: <20041217204920.GA6226@panix.com> <20041217212216.GA24492@panix.com> Message-ID: Isn't the main purpose of addslashes() to escape stuff for SQL query purposes? In that case let's do our sanitization per normal, then use parameterized SQL queries instead and forget addslashes(). On Fri, 17 Dec 2004, Daniel Convissor wrote: > On Fri, Dec 17, 2004 at 04:11:48PM -0500, csnyder wrote: > > > Well gees -- you pass unsanitized user input to addslashes(), dontcha? > > Uh, no. > > If I expect something to be an integer, it better be an integer. If I > had to accept a file name, it wouldn't be allowed to have double > periods or slashes in it. I tend to check for length also. Etc... --- David Mintz http://davidmintz.org/ From dmintz at davidmintz.org Fri Dec 17 16:30:35 2004 From: dmintz at davidmintz.org (David Mintz) Date: Fri, 17 Dec 2004 16:30:35 -0500 (EST) Subject: [nycphp-talk] Subversion (vs CVS) Message-ID: Has anybody migrated to Subversion and if so, how do ya like it? --- David Mintz http://davidmintz.org/ $world =~ s|]*>.+||is; From shiflett at php.net Fri Dec 17 16:35:15 2004 From: shiflett at php.net (Chris Shiflett) Date: Fri, 17 Dec 2004 13:35:15 -0800 (PST) Subject: [nycphp-talk] PHP Vulnerability In-Reply-To: <20041217212216.GA24492@panix.com> Message-ID: <20041217213515.11535.qmail@web52809.mail.yahoo.com> --- Daniel Convissor wrote: > If I expect something to be an integer, it better be an integer. > If I had to accept a file name, it wouldn't be allowed to have > double periods or slashes in it. I tend to check for length also. This is a very good practice. Like Dan, I also don't like the idea of relying on something like addslashes() to protect against SQL injection. Data should be both filtered and escaped, not just escaped. In fact, I have a very high opinion of the principle of defense in depth, which is just a fancy way to say that redundancy is a good thing, even in terms of security safeguards. It's nice to have a backup check, just in case you screw up when writing your code. Not that any of us do that. :-) Chris ===== Chris Shiflett - http://shiflett.org/ PHP Security - O'Reilly HTTP Developer's Handbook - Sams Coming Soon http://httphandbook.org/ From george at omniti.com Fri Dec 17 16:34:06 2004 From: george at omniti.com (George Schlossnagle) Date: Fri, 17 Dec 2004 16:34:06 -0500 Subject: [nycphp-talk] PHP Vulnerability In-Reply-To: <20041217212216.GA24492@panix.com> References: <20041217204920.GA6226@panix.com> <20041217212216.GA24492@panix.com> Message-ID: <61501A7C-5073-11D9-A171-000D93359332@omniti.com> I think in general it's bad policy to blame the victim, even when it's due to some oversight. Besides, it really is an untenable standard that people should have to manually deserialize all their data themselves as a verification before then passing it to PHP. It is unserialize's job to determine if it's inputs are valid serialized data or not. The problem was that you could have something which for all intents and purposes looked like a duck, quacked like a duck, but wasn't a duck and a resulted in an unchecked buffer overrun. George From tom at supertom.com Fri Dec 17 16:37:00 2004 From: tom at supertom.com (Tom) Date: Fri, 17 Dec 2004 16:37:00 -0500 Subject: [nycphp-talk] Subversion (vs CVS) In-Reply-To: References: Message-ID: <1103319419.2269.24.camel@tmelendez.int.bascom.com> Hi David, Yes, we just migrated from CVS couple of weeks ago. Very full featured, and use is similar to CVS, so no big learning curve. I strongly recommend it. Also converted our history without issue. There are Windows and Linux clients available as well. Tom www.liphp.org On Fri, 2004-12-17 at 16:30, David Mintz wrote: > Has anybody migrated to Subversion and if so, how do ya like it? > > --- > David Mintz > http://davidmintz.org/ > > $world =~ s|]*>.+||is; > _______________________________________________ > New York PHP Talk > Supporting AMP Technology (Apache/MySQL/PHP) > http://lists.nyphp.org/mailman/listinfo/talk > http://www.newyorkphp.org From chsnyder at gmail.com Fri Dec 17 16:40:29 2004 From: chsnyder at gmail.com (csnyder) Date: Fri, 17 Dec 2004 16:40:29 -0500 Subject: [nycphp-talk] PHP Vulnerability In-Reply-To: <20041217212216.GA24492@panix.com> References: <20041217204920.GA6226@panix.com> <20041217212216.GA24492@panix.com> Message-ID: Daniel Convissor wrote: > Though, of course, I use PHP functions to do that checking. So, if > preg functions had a vulnerability... OUCH! Heh. Exactly what I mean. In this case, I actually have no idea what the specially crafted string is that breaks unserialize() -- but if it's a string, and not an insanely big one, then it would go through any input validation unnoticed. Especially if it was in, say, a message field where all you did was strip_tags() and store it. Which is why I'm upgrading now. From fields at hedge.net Fri Dec 17 16:49:40 2004 From: fields at hedge.net (Adam Fields) Date: Fri, 17 Dec 2004 16:49:40 -0500 Subject: [nycphp-talk] Subversion (vs CVS) In-Reply-To: References: Message-ID: <20041217214940.GB17205@lola.aquick.org> On Fri, Dec 17, 2004 at 04:30:35PM -0500, David Mintz wrote: > > Has anybody migrated to Subversion and if so, how do ya like it? Yup. It's better in pretty much every way. -- - Adam ----- [ http://www.aquick.org/blog ] [ http://www.adamfields.com ][ http://del.icio.us/fields ] [ http://www.aquick.org/photoblog ][ http://www.aquick.org/gallery ] From george at omniti.com Fri Dec 17 16:51:34 2004 From: george at omniti.com (George Schlossnagle) Date: Fri, 17 Dec 2004 16:51:34 -0500 Subject: [nycphp-talk] Subversion (vs CVS) In-Reply-To: <20041217214940.GB17205@lola.aquick.org> References: <20041217214940.GB17205@lola.aquick.org> Message-ID: On Dec 17, 2004, at 4:49 PM, Adam Fields wrote: > On Fri, Dec 17, 2004 at 04:30:35PM -0500, David Mintz wrote: >> >> Has anybody migrated to Subversion and if so, how do ya like it? > > Yup. It's better in pretty much every way. Anyone know how to (easily) find the global revision number for a tag? For example, I want to do the svn version of cvs log -r SOMETAG . Seems like you need to do: svn diff -rNNNN . where NNNN is the revision number of the tag. Also, I don't want to have a working copy of the tag in question to do this. George From ajai at bitblit.net Fri Dec 17 17:55:00 2004 From: ajai at bitblit.net (Ajai Khattri) Date: Fri, 17 Dec 2004 17:55:00 -0500 Subject: [nycphp-talk] Subversion (vs CVS) In-Reply-To: <20041217214940.GB17205@lola.aquick.org> References: <20041217214940.GB17205@lola.aquick.org> Message-ID: <41C363C4.1060608@bitblit.net> Adam Fields wrote: >On Fri, Dec 17, 2004 at 04:30:35PM -0500, David Mintz wrote: > > >>Has anybody migrated to Subversion and if so, how do ya like it? >> >> > >Yup. It's better in pretty much every way. > > > Anybody used RapidSVN or another GUI front-end for Subversion on Mac OS X??? -- Aj. Systems Administrator / Developer From danielc at analysisandsolutions.com Fri Dec 17 18:09:59 2004 From: danielc at analysisandsolutions.com (Daniel Convissor) Date: Fri, 17 Dec 2004 18:09:59 -0500 Subject: [nycphp-talk] DBM file support and caching in PHP In-Reply-To: <55A8A702-4F84-11D9-A171-000D93359332@omniti.com> References: <20041216151902.M51527@thirdstation.com> <20041216165712.GA5374@panix.com> <55A8A702-4F84-11D9-A171-000D93359332@omniti.com> Message-ID: <20041217230959.GA8487@panix.com> On Thu, Dec 16, 2004 at 12:02:57PM -0500, George Schlossnagle wrote: > > That's a rather poor characterization. SQLite is actually much more > fully featured that something like MySQL, it just happens to be an > embedded RDBMS instead of a standalone server. Granted. I was making a quick generalization. In part that's based on my being wary to use SQLite for an application that needs (heavy) simultaneous reading and writing. --Dan -- T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y data intensive web and database programming http://www.AnalysisAndSolutions.com/ 4015 7th Ave #4, Brooklyn NY 11232 v: 718-854-0335 f: 718-854-0409 From danielc at analysisandsolutions.com Fri Dec 17 18:16:09 2004 From: danielc at analysisandsolutions.com (Daniel Convissor) Date: Fri, 17 Dec 2004 18:16:09 -0500 Subject: [nycphp-talk] PHP Vulnerability In-Reply-To: <61501A7C-5073-11D9-A171-000D93359332@omniti.com> References: <20041217204920.GA6226@panix.com> <20041217212216.GA24492@panix.com> <61501A7C-5073-11D9-A171-000D93359332@omniti.com> Message-ID: <20041217231609.GB8487@panix.com> On Fri, Dec 17, 2004 at 04:34:06PM -0500, George Schlossnagle wrote: > I think in general it's bad policy to blame the victim Of course. > Besides, it really is an untenable standard > that people should have to manually deserialize all their data > themselves Not my intention. I was infering more that I wouldn't pass unvalidated info to serialize() and wouldn't rely on cookie data being clean. > The problem was that you could have something which for all intents > and purposes looked like a duck, quacked like a duck, but wasn't a duck > and a resulted in an unchecked buffer overrun. Hmmm... so what animal would that be? I guess a some unusual snake that quacks. --Dan -- T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y data intensive web and database programming http://www.AnalysisAndSolutions.com/ 4015 7th Ave #4, Brooklyn NY 11232 v: 718-854-0335 f: 718-854-0409 From jlacey at att.net Fri Dec 17 18:24:10 2004 From: jlacey at att.net (John Lacey) Date: Fri, 17 Dec 2004 16:24:10 -0700 Subject: [nycphp-talk] 35% off from Addison-Wesley/Prentice Hall to group members In-Reply-To: References: Message-ID: <41C36A9A.7000709@att.net> DeWitt, Michael wrote: > If you are looking for some reading material over the holidays, here you go: > > For discount off Prentice Hall PTR books: > http://www.phptr.com/promotion/1945 > > For discount off Addison-Wesley books: > http://www.awprofessional.com/promotion/1942 > thanks Mike, and speaking of books, people who are looking for a good treatment on security with a focus on web programming, you might check out a book called "Innocent Code -- a security wake-up call for web programmers" by Sverre H. Huseby. Bookpool has it along with their usual killer prices: http://www.bookpool.com/.x/seohzqasy8/ss?qs=innocent+code&x=0&y=0 I bought it sometime ago while waiting for Shiflett's security book to hit the shelves. BTW George Schlossnagle, nice job on the "Advanced PHP Programming" book. It is well-organized and contains a wealth of interesting and diverse topics. I have a little business developing and teaching Open Source classes (mainly LAMP stack). I hope to offer several levels of courses and if things work out, I want to develop an advanced PHP course--your book would make a good text, I'm thinking. The method to my madness is to pick a good text and then develop a student workbook around it. John From george at omniti.com Fri Dec 17 18:31:53 2004 From: george at omniti.com (George Schlossnagle) Date: Fri, 17 Dec 2004 18:31:53 -0500 Subject: [nycphp-talk] PHP Vulnerability In-Reply-To: <20041217231609.GB8487@panix.com> References: <20041217204920.GA6226@panix.com> <20041217212216.GA24492@panix.com> <61501A7C-5073-11D9-A171-000D93359332@omniti.com> <20041217231609.GB8487@panix.com> Message-ID: On Dec 17, 2004, at 6:16 PM, Daniel Convissor wrote: > Hmmm... so what animal would that be? I guess a some unusual snake > that quacks. A well-disguised snake. :) George From j.aponte at gmail.com Fri Dec 17 23:47:21 2004 From: j.aponte at gmail.com (Juancarlos Aponte) Date: Fri, 17 Dec 2004 23:47:21 -0500 Subject: [nycphp-talk] php + mysql In-Reply-To: <20041217182710.GA20963@panix.com> References: <20041217182710.GA20963@panix.com> Message-ID: I have version 4.1.7 of MySQL. I recommented the extension=php_mysql.dll line and set the extension dir to the proper directory and also put the libmysql.dll file back into the PHP directory. Restarted Apache, and it still didn't work. I even tried adding an "extension=php_mysqli.dll" line into the php.ini file but to no avail. PHPmyadmin still gives me an error when trying to start up. "Cannot load mysql extension..." Anyone else have some ideas? Thanks a ton. On Fri, 17 Dec 2004 13:27:10 -0500, Daniel Convissor wrote: > On Fri, Dec 17, 2004 at 12:55:00PM -0500, Juancarlos Aponte wrote: > > Hey, I'm trying to get PHP 5.0.x to work with the latest MySQL on > > Windows Server 2003 > > WHICH version of MySQL? 4.0.x needs the mysql extension. 4.1.x needs > the mysqli extension. > > Are you running PHP as a CGI or as a module? > > > > got rid of the semicolon in front of the phpmysql.dll line in the ini > > file but it still doesn't work. > > You mean php_mysql.dll (or php_mysqli.dll). > > Did you uncomment the proper DLL/extension? Did you properly set the > extension_dir entry in php.ini? For example: > > extension_dir = "c:\progra~1\php\ext" > > > > I put the libmysql.dll file into the > > windows system directory (both system and system32). Can anyone help > > libmysql.dll? Anyway, don't. Put it back in the php\ext directory. > > --Dan > > -- > T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y > data intensive web and database programming > http://www.AnalysisAndSolutions.com/ > 4015 7th Ave #4, Brooklyn NY 11232 v: 718-854-0335 f: 718-854-0409 > _______________________________________________ > New York PHP Talk > Supporting AMP Technology (Apache/MySQL/PHP) > http://lists.nyphp.org/mailman/listinfo/talk > http://www.newyorkphp.org > -- .: Juancarlos :. "Any fool can know. The point is to understand." -Albert Einstein From danielc at analysisandsolutions.com Sat Dec 18 00:46:12 2004 From: danielc at analysisandsolutions.com (Daniel Convissor) Date: Sat, 18 Dec 2004 00:46:12 -0500 Subject: [nycphp-talk] php + mysql In-Reply-To: References: <20041217182710.GA20963@panix.com> Message-ID: <20041218054612.GA14294@panix.com> On Fri, Dec 17, 2004 at 11:47:21PM -0500, Juancarlos Aponte wrote: > I have version 4.1.7 of MySQL. I recommented the > extension=php_mysql.dll line and set the extension dir to the proper > directory and also put the libmysql.dll file back into the PHP > directory. Restarted Apache, and it still didn't work. I even tried > adding an "extension=php_mysqli.dll" line into the php.ini file but to > no avail. PHPmyadmin still gives me an error when trying to start up. > "Cannot load mysql extension..." Anyone else have some ideas? Thanks > a ton. Please pay attention. * You have to use the mysqli extension for MySQL 4.1.x, so uncomment php_mysqli.dll extension in your php.ini. * That also means you need to use the mysqli_*() functions, not the old mysql_*() functions. * Since you probably don't have MySQL 4.0.x installed, DO NOT enable the php_mysql.dll extension. * What are you talking about with the libmysql.dll? The libmySQL.dll that MySQL installs to the mysql bin directory (for example C:\Program Files\mysql41\bin)? Don't move that from there (Put it back there). Guess you misinterpreted some instructions you read somewhere else. * You didn't mention what you set the extension_dir to in php.ini. * If you're using PHP as an Apache module, restart Apache. --Dan -- T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y data intensive web and database programming http://www.AnalysisAndSolutions.com/ 4015 7th Ave #4, Brooklyn NY 11232 v: 718-854-0335 f: 718-854-0409 From tgales at tgaconnect.com Sat Dec 18 08:07:24 2004 From: tgales at tgaconnect.com (Tim Gales) Date: Sat, 18 Dec 2004 08:07:24 -0500 Subject: [nycphp-talk] php + mysql In-Reply-To: Message-ID: <001b01c4e502$84a18650$e98d3818@oberon1> Juancarlos Aponte writes: > I have version 4.1.7 of MySQL. I recommented the > extension=php_mysql.dll line and set the extension dir to the > proper directory and also put the libmysql.dll file back into > the PHP directory. Restarted Apache, and it still didn't > work. I even tried adding an "extension=php_mysqli.dll" line > into the php.ini file but to no avail. PHPmyadmin still > gives me an error when trying to start up. "Cannot load > mysql extension..." Anyone else have some ideas? Thanks a ton. Windows has a search path, which it uses to resolve symbols at run-time (dynamic link loading). The dynamic link loader looks in: 1) The directory where the executable exists 2) The current directory 3) The system directory 4) The PATH environment (this is the path for executatbles -- NOT LIBPATH, the environment variable) Chances are that you either have another bad (incompatible) LIBMYSQL.DLL located higher in the search order (i.e in the system directory versus the PATH) or none at all in the search path. T. Gales & Associates 'Helping People Connect with Technology' http://www.tgaconnect.com From tgales at tgaconnect.com Sat Dec 18 08:24:29 2004 From: tgales at tgaconnect.com (Tim Gales) Date: Sat, 18 Dec 2004 08:24:29 -0500 Subject: [nycphp-talk] php + mysql In-Reply-To: <001b01c4e502$84a18650$e98d3818@oberon1> Message-ID: <001c01c4e504$e7d21030$e98d3818@oberon1> > Chances are that you either have another bad (incompatible) > LIBMYSQL.DLL located higher in the search order > (i.e in the system directory versus the PATH) or > none at all in the search path. er, make that LIBMYSQLI.DLL which is probably missing from the search path T. Gales & Associates 'Helping People Connect with Technology' http://www.tgaconnect.com From codebowl at gmail.com Sat Dec 18 08:39:10 2004 From: codebowl at gmail.com (Joseph Crawford) Date: Sat, 18 Dec 2004 08:39:10 -0500 Subject: [nycphp-talk] 35% off from Addison-Wesley/Prentice Hall to group members In-Reply-To: <41C36A9A.7000709@att.net> References: <41C36A9A.7000709@att.net> Message-ID: <8d9a42800412180539629da7e4@mail.gmail.com> is George on this list? i have to say he did a great job on that book too. I picked it up about 1-2 mos ago and fell in love with the book as soon as i started reading :D -- Joseph Crawford Jr. Codebowl Solutions codebowl at gmail.com From danielc at analysisandsolutions.com Sat Dec 18 08:49:54 2004 From: danielc at analysisandsolutions.com (Daniel Convissor) Date: Sat, 18 Dec 2004 08:49:54 -0500 Subject: [nycphp-talk] php + mysql In-Reply-To: <001c01c4e504$e7d21030$e98d3818@oberon1> References: <001b01c4e502$84a18650$e98d3818@oberon1> <001c01c4e504$e7d21030$e98d3818@oberon1> Message-ID: <20041218134954.GA9400@panix.com> On Sat, Dec 18, 2004 at 08:24:29AM -0500, Tim Gales wrote: > make that LIBMYSQLI.DLL In MySQL 4.1.x the DLL MySQL ships is in the bin directory is named libmySQL.dll. --Dan -- T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y data intensive web and database programming http://www.AnalysisAndSolutions.com/ 4015 7th Ave #4, Brooklyn NY 11232 v: 718-854-0335 f: 718-854-0409 From rrust at r2communications.com Sat Dec 18 09:45:56 2004 From: rrust at r2communications.com (Randal Rust) Date: Sat, 18 Dec 2004 09:45:56 -0500 Subject: [nycphp-talk] PayFlow Pro Extension Message-ID: <41C442A4.8050609@r2communications.com> Is this my only option for processing transactions via Verisign's PayFlow Pro? http://us2.php.net/pfpro -- Randal Rust R.Squared Communications http://www.r2communications.com Digital Design for Bricks-and-Mortar Businesses From tgales at tgaconnect.com Sat Dec 18 11:25:19 2004 From: tgales at tgaconnect.com (Tim Gales) Date: Sat, 18 Dec 2004 11:25:19 -0500 Subject: [nycphp-talk] php + mysql In-Reply-To: <20041218134954.GA9400@panix.com> Message-ID: <001d01c4e51e$2aa51ce0$e98d3818@oberon1> > Subject: Re: [nycphp-talk] php + mysql > > > On Sat, Dec 18, 2004 at 08:24:29AM -0500, Tim Gales wrote: > > make that LIBMYSQLI.DLL > > In MySQL 4.1.x the DLL MySQL ships is in the bin directory is named > libmySQL.dll. > > --Dan you wrote: "Please pay attention. * You have to use the mysqli extension for MySQL 4.1.x, so uncomment php_mysqli.dll extension in your php.ini. * That also means you need to use the mysqli_*() functions, not the old mysql_*() functions. " php_mysqli.dll (5.0.2.2) depends upon libmysqli.dll. T. Gales & Associates 'Helping People Connect with Technology' http://www.tgaconnect.com From j.aponte at gmail.com Sat Dec 18 13:12:35 2004 From: j.aponte at gmail.com (Juancarlos Aponte) Date: Sat, 18 Dec 2004 13:12:35 -0500 Subject: [nycphp-talk] php + mysql In-Reply-To: <20041218054612.GA14294@panix.com> References: <20041217182710.GA20963@panix.com> <20041218054612.GA14294@panix.com> Message-ID: ok. -extension_dir = "c:\PHP\ext" -extension=php_mysqli.dll -I also have a libmySQL.dll in mysql\bin and another in the PHP directory. I've tried leaving only the one in the PHP and then only the one in the mysql, but nothing worked. There exists none in the Windows System directory either. -PHP is installed as an Apache module. -Supposedly, PHPMyAdmin supports MySQL 4.1.x and above. On Sat, 18 Dec 2004 00:46:12 -0500, Daniel Convissor wrote: > On Fri, Dec 17, 2004 at 11:47:21PM -0500, Juancarlos Aponte wrote: > > I have version 4.1.7 of MySQL. I recommented the > > extension=php_mysql.dll line and set the extension dir to the proper > > directory and also put the libmysql.dll file back into the PHP > > directory. Restarted Apache, and it still didn't work. I even tried > > adding an "extension=php_mysqli.dll" line into the php.ini file but to > > no avail. PHPmyadmin still gives me an error when trying to start up. > > "Cannot load mysql extension..." Anyone else have some ideas? Thanks > > a ton. > > Please pay attention. > > * You have to use the mysqli extension for MySQL 4.1.x, so uncomment > php_mysqli.dll extension in your php.ini. > * That also means you need to use the mysqli_*() functions, not the old > mysql_*() functions. > * Since you probably don't have MySQL 4.0.x installed, DO NOT enable the > php_mysql.dll extension. > * What are you talking about with the libmysql.dll? The libmySQL.dll > that MySQL installs to the mysql bin directory (for example > C:\Program Files\mysql41\bin)? Don't move that from there (Put it > back there). Guess you misinterpreted some instructions you read > somewhere else. > * You didn't mention what you set the extension_dir to in php.ini. > * If you're using PHP as an Apache module, restart Apache. > > --Dan > > -- > T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y > data intensive web and database programming > http://www.AnalysisAndSolutions.com/ > 4015 7th Ave #4, Brooklyn NY 11232 v: 718-854-0335 f: 718-854-0409 > _______________________________________________ > New York PHP Talk > Supporting AMP Technology (Apache/MySQL/PHP) > http://lists.nyphp.org/mailman/listinfo/talk > http://www.newyorkphp.org > -- .: Juancarlos :. "Any fool can know. The point is to understand." -Albert Einstein From jlacey at att.net Sat Dec 18 14:10:10 2004 From: jlacey at att.net (John Lacey) Date: Sat, 18 Dec 2004 12:10:10 -0700 Subject: [nycphp-talk] php + mysql In-Reply-To: References: <20041217182710.GA20963@panix.com> <20041218054612.GA14294@panix.com> Message-ID: <41C48092.1050408@att.net> Juancarlos Aponte wrote: > ok. > > -extension_dir = "c:\PHP\ext" > -extension=php_mysqli.dll > -I also have a libmySQL.dll in mysql\bin and another in the PHP > directory. I've tried leaving only the one in the PHP and then only > the one in the mysql, but nothing worked. There exists none in the > Windows System directory either. > -PHP is installed as an Apache module. > -Supposedly, PHPMyAdmin supports MySQL 4.1.x and above. what version of phpmyadmin are you running? From j.aponte at gmail.com Sat Dec 18 14:17:20 2004 From: j.aponte at gmail.com (Juancarlos Aponte) Date: Sat, 18 Dec 2004 14:17:20 -0500 Subject: [nycphp-talk] php + mysql In-Reply-To: <41C48092.1050408@att.net> References: <20041217182710.GA20963@panix.com> <20041218054612.GA14294@panix.com> <41C48092.1050408@att.net> Message-ID: phpmyadmin 2.6.1, downloaded two days ago. On Sat, 18 Dec 2004 12:10:10 -0700, John Lacey wrote: > Juancarlos Aponte wrote: > > ok. > > > > -extension_dir = "c:\PHP\ext" > > -extension=php_mysqli.dll > > -I also have a libmySQL.dll in mysql\bin and another in the PHP > > directory. I've tried leaving only the one in the PHP and then only > > the one in the mysql, but nothing worked. There exists none in the > > Windows System directory either. > > -PHP is installed as an Apache module. > > -Supposedly, PHPMyAdmin supports MySQL 4.1.x and above. > > > what version of phpmyadmin are you running? > > _______________________________________________ > New York PHP Talk > Supporting AMP Technology (Apache/MySQL/PHP) > http://lists.nyphp.org/mailman/listinfo/talk > http://www.newyorkphp.org > -- .: Juancarlos :. "Any fool can know. The point is to understand." -Albert Einstein From jlacey at att.net Sat Dec 18 14:24:28 2004 From: jlacey at att.net (John Lacey) Date: Sat, 18 Dec 2004 12:24:28 -0700 Subject: [nycphp-talk] php + mysql In-Reply-To: References: <20041217182710.GA20963@panix.com> <20041218054612.GA14294@panix.com> <41C48092.1050408@att.net> Message-ID: <41C483EC.7000901@att.net> Juancarlos Aponte wrote: > phpmyadmin 2.6.1, downloaded two days ago. > ok, had to ask since I didn't see that mentioned in the thread... pardon me for asking an obvious question here, but is it safe to assume that in addition to phpmyadmin not working that a connection cannot be made to mysql with a short test script? John From j.aponte at gmail.com Sat Dec 18 14:37:26 2004 From: j.aponte at gmail.com (Juancarlos Aponte) Date: Sat, 18 Dec 2004 14:37:26 -0500 Subject: [nycphp-talk] php + mysql In-Reply-To: <41C483EC.7000901@att.net> References: <20041217182710.GA20963@panix.com> <20041218054612.GA14294@panix.com> <41C48092.1050408@att.net> <41C483EC.7000901@att.net> Message-ID: This is what I have right now as a test script. # test.php # mysql_connect.php To my knowledge that is correct syntax. The other problem that I have is that index.php doesn't work. I can't just type in /phpmyadmin and it goes to index.php, I have to physically put in index.php in the address bar. It's annoying and I dont know where to fix it. On Sat, 18 Dec 2004 12:24:28 -0700, John Lacey wrote: > Juancarlos Aponte wrote: > > phpmyadmin 2.6.1, downloaded two days ago. > > > > ok, had to ask since I didn't see that mentioned in the thread... > > pardon me for asking an obvious question here, but is it safe to assume > that in addition to phpmyadmin not working that a connection cannot be > made to mysql with a short test script? > > John > > _______________________________________________ > New York PHP Talk > Supporting AMP Technology (Apache/MySQL/PHP) > http://lists.nyphp.org/mailman/listinfo/talk > http://www.newyorkphp.org > -- .: Juancarlos :. "Any fool can know. The point is to understand." -Albert Einstein From jlacey at att.net Sat Dec 18 14:53:52 2004 From: jlacey at att.net (John Lacey) Date: Sat, 18 Dec 2004 12:53:52 -0700 Subject: [nycphp-talk] php + mysql In-Reply-To: References: <20041217182710.GA20963@panix.com> <20041218054612.GA14294@panix.com> <41C48092.1050408@att.net> <41C483EC.7000901@att.net> Message-ID: <41C48AD0.6030006@att.net> Juancarlos Aponte wrote: > This is what I have right now as a test script. > > # test.php > > echo 'Hello World'; > > require_once ('mysql/mysql_connect.php'); > > $query = "INSERT into espana_pics (pid, filepath, filename, title) > VALUES (1, images/, eiffel.jpg, Eiffel)"; > $result = @mysql_query ($query); > ?> > > # mysql_connect.php > > define('DB_USER','root'); > define('DB_PASSWORD','password'); > define('DB_HOST','localhost'); > define('DB_NAME','serverdb'); > > $dbc = mysql_connect (DB_HOST,DB_USER,DB_PASSWORD); > mysql_select_db (DB_NAME); > > ?> > > To my knowledge that is correct syntax. have you tried a "mysqli_connect"? > > The other problem that I have is that index.php doesn't work. I can't > just type in /phpmyadmin and it goes to index.php, I have to > physically put in index.php in the address bar. It's annoying and I > dont know where to fix it. the "DirectoryIndex" directive handles that... for apache 2.x they broke out sections of the httpd.conf file into "ssl.conf", "php.conf", etc. if you have a php.conf file look there, if not, check that directive in httpd.conf If I recall, this concerned a windows 2003 platform -- I only use a windows platform with XAMPP (runs apache 2.x) for convenience, my hosting company runs apache 1.3.33. So, double-check the above .conf files locations on the windows box you're on. From mitch.pirtle at gmail.com Sat Dec 18 17:58:06 2004 From: mitch.pirtle at gmail.com (Mitch Pirtle) Date: Sat, 18 Dec 2004 17:58:06 -0500 Subject: [nycphp-talk] WAMP on a new XP box with SP2 possible? Message-ID: <330532b6041218145832a98212@mail.gmail.com> Folks, Please help this tired old unix fart with his new laptop. I've tried for hours, trudged through forums, and even tried XAMPP and several other WAMP 'easy to install, really!' packages that don't work. I've opened up port 80 on the firewall (both UDP and TCP), and other than that have absolutely no idea what it takes to get going on a SP2 box. Please, can someone end the pain? -- Mitch, grateful to have the old fedora box laying around (for now) From danielc at analysisandsolutions.com Sat Dec 18 22:26:55 2004 From: danielc at analysisandsolutions.com (Daniel Convissor) Date: Sat, 18 Dec 2004 22:26:55 -0500 Subject: [nycphp-talk] php + mysql In-Reply-To: References: <20041217182710.GA20963@panix.com> <20041218054612.GA14294@panix.com> <41C48092.1050408@att.net> <41C483EC.7000901@att.net> Message-ID: <20041219032655.GA17608@panix.com> Dude: On Sat, Dec 18, 2004 at 02:37:26PM -0500, Juancarlos Aponte wrote: > require_once ('mysql/mysql_connect.php'); ...snip... > $dbc = mysql_connect (DB_HOST,DB_USER,DB_PASSWORD); > mysql_select_db (DB_NAME); As the manual says, and I said twice, you need to use the mysqli extension. And, as the manual said and I said last time, you have to use mysqli_connect() and mysqli_select_db() ^ ^ notice the "i"'s there? All of the functions you need to operate with MySQL 4.1 need to have an "i" in them. As far as phpmyadmin, I bet there's a setting you didn't set telling it to use the mysqli extension. Good bye, --Dan -- T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y data intensive web and database programming http://www.AnalysisAndSolutions.com/ 4015 7th Ave #4, Brooklyn NY 11232 v: 718-854-0335 f: 718-854-0409 From danielc at analysisandsolutions.com Sat Dec 18 22:36:14 2004 From: danielc at analysisandsolutions.com (Daniel Convissor) Date: Sat, 18 Dec 2004 22:36:14 -0500 Subject: [nycphp-talk] PayFlow Pro Extension In-Reply-To: <41C442A4.8050609@r2communications.com> References: <41C442A4.8050609@r2communications.com> Message-ID: <20041219033614.GB17608@panix.com> On Sat, Dec 18, 2004 at 09:45:56AM -0500, Randal Rust wrote: > Is this my only option for processing transactions via Verisign's > PayFlow Pro? > http://us2.php.net/pfpro I used PayFlow Pro via PHP by writing the transaction info to a file and then using shell commands in an exec() call to initiate the transaction. Worked like a charm. --Dan -- T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y data intensive web and database programming http://www.AnalysisAndSolutions.com/ 4015 7th Ave #4, Brooklyn NY 11232 v: 718-854-0335 f: 718-854-0409 From rolan at omnistep.com Sat Dec 18 23:00:35 2004 From: rolan at omnistep.com (Rolan Yang) Date: Sat, 18 Dec 2004 23:00:35 -0500 Subject: [nycphp-talk] PayFlow Pro Extension In-Reply-To: <41C442A4.8050609@r2communications.com> References: <41C442A4.8050609@r2communications.com> Message-ID: <41C4FCE3.3050800@omnistep.com> I used the php functions without any problems. It's pretty easy. Msg me offline if you want to see some examples. ~Rolan Randal Rust wrote: > Is this my only option for processing transactions via Verisign's > PayFlow Pro? > > http://us2.php.net/pfpro > From rolan at omnistep.com Sun Dec 19 00:48:05 2004 From: rolan at omnistep.com (Rolan Yang) Date: Sun, 19 Dec 2004 00:48:05 -0500 Subject: [nycphp-talk] PayFlow Pro Extension In-Reply-To: <81073D33-5179-11D9-B6ED-000A95D78076@duikerbok.com> References: <41C442A4.8050609@r2communications.com> <41C4FCE3.3050800@omnistep.com> <81073D33-5179-11D9-B6ED-000A95D78076@duikerbok.com> Message-ID: <41C51615.8040409@omnistep.com> Here is an example function that will charge the card and return the response code. Replace the USER,PWD,VENDOR parameters with the info Verisign provides to you. The Payflow manual describes the different response codes in detail, but really most of the time all you need to know is wether the charge was accepted or rejected. ~Rolan 19) {$acct=substr($acct,0,19);} if (strlen($name)>30) {$name=substr($name,0,30);} if (strlen($street)>30) {$street=substr($street,0,30);} pfpro_init(); $transaction = array(USER=> 'VerisignUserNameGoesHere', PWD=> 'SecretPasswordGoesHere', TRXTYPE=> 'S', TENDER=> 'C', AMT=> $amt, ACCT=> $acct, EXPDATE=> $exp, PARTNER=> 'VeriSign', VENDOR=> 'VendorNameGoesHere', STREET=> $street, ZIP=> $zip, NAME=> $name ); putenv("PFPRO_CERT_PATH=/etc/verisign/certs/"); $response = pfpro_process($transaction,'payflow.verisign.com','443'); if (!$response) { print "BLAH!\n"; die("Couldn't establish link to Verisign.\n"); } pfpro_cleanup(); return ($response); } ?> Jose Villegas wrote: > Hey Rolan, > > I'm about to set up a site with PayFlow as well. I'd love to see your > examples too, if it's not too much trouble. > > -jose > www.josevillegasdesign.com > > On Dec 18, 2004, at 11:00 PM, Rolan Yang wrote: > >> I used the php functions without any problems. It's pretty easy. >> Msg me offline if you want to see some examples. >> >> ~Rolan >> >> Randal Rust wrote: >> >>> Is this my only option for processing transactions via Verisign's >>> PayFlow Pro? >>> >>> http://us2.php.net/pfpro >>> >> _______________________________________________ >> New York PHP Talk >> Supporting AMP Technology (Apache/MySQL/PHP) >> http://lists.nyphp.org/mailman/listinfo/talk >> http://www.newyorkphp.org >> >> > > From jlacey at att.net Sun Dec 19 12:22:19 2004 From: jlacey at att.net (John Lacey) Date: Sun, 19 Dec 2004 10:22:19 -0700 Subject: [nycphp-talk] WAMP on a new XP box with SP2 possible? In-Reply-To: <330532b6041218145832a98212@mail.gmail.com> References: <330532b6041218145832a98212@mail.gmail.com> Message-ID: <41C5B8CB.7010804@att.net> Mitch Pirtle wrote: > Folks, > > Please help this tired old unix fart with his new laptop. I've tried > for hours, trudged through forums, and even tried XAMPP and several > other WAMP 'easy to install, really!' packages that don't work. > > I've opened up port 80 on the firewall (both UDP and TCP), and other > than that have absolutely no idea what it takes to get going on a SP2 > box. > > Please, can someone end the pain? A couple weeks ago, just for grins and giggles I loaded up XAMPP on a box with XP where the college sysadmin had just installed SP2. Short version, it didn't work. Since I don't have XP SP2 at home, I haven't had a chance to look into it. It wouldn't allow loopbacked access to Apache, so it looks like a fairly straightforward SP2 config issue. If you get it working, let us know what you found. John From tgales at tgaconnect.com Sun Dec 19 13:18:18 2004 From: tgales at tgaconnect.com (Tim Gales) Date: Sun, 19 Dec 2004 13:18:18 -0500 Subject: [nycphp-talk] WAMP on a new XP box with SP2 possible? In-Reply-To: <41C5B8CB.7010804@att.net> Message-ID: <002001c4e5f7$1de646d0$e98d3818@oberon1> > Subject: Re: [nycphp-talk] WAMP on a new XP box with SP2 possible? > > > Mitch Pirtle wrote: > > Folks, > > > > Please help this tired old unix fart with his new laptop. > I've tried > > for hours, trudged through forums, and even tried XAMPP and several > > other WAMP 'easy to install, really!' packages that don't work. > > > > I've opened up port 80 on the firewall (both UDP and TCP), > and other > > than that have absolutely no idea what it takes to get > going on a SP2 > > box. > > > > Please, can someone end the pain? > > A couple weeks ago, just for grins and giggles I loaded up XAMPP on a > box with XP where the college sysadmin had just installed SP2. Short > version, it didn't work. Since I don't have XP SP2 at home, > I haven't > had a chance to look into it. It wouldn't allow loopbacked access to > Apache, so it looks like a fairly straightforward SP2 config > issue. If > you get it working, let us know what you found. > Well, a brave soul (not me) might try an update located at: http://www.microsoft.com/downloads/details.aspx?amp;displaylang=en&familyi d=17d997d2-5034-4bbb-b74d-ad8430a1f7c8&displaylang=en It tries to solve some loopback problems with XP2. T. Gales & Associates 'Helping People Connect with Technology' http://www.tgaconnect.com From danielc at analysisandsolutions.com Sun Dec 19 13:42:50 2004 From: danielc at analysisandsolutions.com (Daniel Convissor) Date: Sun, 19 Dec 2004 13:42:50 -0500 Subject: [nycphp-talk] php + mysql In-Reply-To: <001d01c4e51e$2aa51ce0$e98d3818@oberon1> References: <20041218134954.GA9400@panix.com> <001d01c4e51e$2aa51ce0$e98d3818@oberon1> Message-ID: <20041219184250.GA12099@panix.com> On Sat, Dec 18, 2004 at 11:25:19AM -0500, Tim Gales wrote: > > php_mysqli.dll (5.0.2.2) depends upon libmysqli.dll. Hmmm. Okay, I never really looked at all the files involved until this moment. On my Windows XP box with MySQL 4.1.2-alpha and PHP 5.1.0-dev from snaps.php.net a moment ago, here are all the files named *mysql*.dll c:\program files\php\ext\php_mysql.dll (for the mysql <= 4.0.x) c:\program files\php\ext\php_mysqli.dll (for the mysql >= 4.1.x) c:\program files\php\libmysql.dll (I'd never noticed this before) c:\program files\mysql41\bin\libmySQL.dll c:\program files\mysql41\Embedded\DLL\debug\libmysqld.dll c:\program files\mysql41\Embedded\DLL\release\libmysqld.dll c:\program files\mysql41\lib\debug\libmySQL.dll c:\program files\mysql41\lib\opt\libmySQL.dll c:\program files\mysql41\lib\opt\libmysqld.dll So, under this setup, there's no libmysqli.dll. BUT, looking at different versions of PHP, I see there's a libmysqli.dll in the "c:\program files\php" directory. It exists in the versions 5.0.0 through 5.0.2 (haven't looked at 5.0.3). It was removed from HEAD (5.1.x) some time after 2004-10-31. --Dan -- T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y data intensive web and database programming http://www.AnalysisAndSolutions.com/ 4015 7th Ave #4, Brooklyn NY 11232 v: 718-854-0335 f: 718-854-0409 From danielc at analysisandsolutions.com Sun Dec 19 13:48:27 2004 From: danielc at analysisandsolutions.com (Daniel Convissor) Date: Sun, 19 Dec 2004 13:48:27 -0500 Subject: [nycphp-talk] WAMP on a new XP box with SP2 possible? In-Reply-To: <330532b6041218145832a98212@mail.gmail.com> References: <330532b6041218145832a98212@mail.gmail.com> Message-ID: <20041219184827.GB12099@panix.com> Mitch: I'm running Apache (1.3.x) and PHP (as CGI) on XP _PRO_ SP2 without a problem. Though, I'm using Zone Alarm as my firewall, not Windows Firewall. Anything differ with you from the above beside the firewall? If not, disconnect from the network, disable the firewall and see what happens. I'm assuming Apache starts okay and stays running and PHP works fine from the command line. --Dan -- T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y data intensive web and database programming http://www.AnalysisAndSolutions.com/ 4015 7th Ave #4, Brooklyn NY 11232 v: 718-854-0335 f: 718-854-0409 From jlacey at att.net Sun Dec 19 13:51:10 2004 From: jlacey at att.net (John Lacey) Date: Sun, 19 Dec 2004 11:51:10 -0700 Subject: [nycphp-talk] WAMP on a new XP box with SP2 possible? In-Reply-To: <002001c4e5f7$1de646d0$e98d3818@oberon1> References: <002001c4e5f7$1de646d0$e98d3818@oberon1> Message-ID: <41C5CD9E.5090304@att.net> Tim Gales wrote: >>Subject: Re: [nycphp-talk] WAMP on a new XP box with SP2 possible? >> >> >>Mitch Pirtle wrote: >> >>>for hours, trudged through forums, and even tried XAMPP and several >>>other WAMP 'easy to install, really!' packages that don't work. >>> > > > Well, a brave soul (not me) might try an update located at: > http://www.microsoft.com/downloads/details.aspx?amp;displaylang=en&familyi > d=17d997d2-5034-4bbb-b74d-ad8430a1f7c8&displaylang=en > > It tries to solve some loopback problems with XP2. I google for this and hit "translate" -- XAMPP board is German " XAMPP does not function under XP SP2! But! Only Microsoft provided an improved Firewall in the service luggage 2 (SP2), which "nice-proves" also ungefragt starts. This blockert then important haven the 80 (HTTP) and 443 (https) and the Apache server does not want (more) to start. The fast solution: The Microsoft Firewall over the task border deactivate and the XAMPP try again to start. " "service luggage 2" I love it! J From j.aponte at gmail.com Sun Dec 19 14:13:11 2004 From: j.aponte at gmail.com (Juancarlos Aponte) Date: Sun, 19 Dec 2004 14:13:11 -0500 Subject: [nycphp-talk] php + mysql In-Reply-To: <20041219184250.GA12099@panix.com> References: <20041218134954.GA9400@panix.com> <001d01c4e51e$2aa51ce0$e98d3818@oberon1> <20041219184250.GA12099@panix.com> Message-ID: Well, it seems as though I overlooked something very minor in the PHPMyAdmin config page and now it works almost perfectly. The mysqli functions are working just fine as well. Now the only problem i have, although it is very minor is that I can't get index.php to work like index.html would. Meaning, if I type in my URL, index.php is not selected by default, instead I have an index.html page that automatically refreshes to index.php. A little annoying but I can deal. If anyone has a solution, that'd be great. Sorry if I wasn't paying attention too much there Daniel, I sometimes overlook things because I have no patience. Thanks a lot for the help. On Sun, 19 Dec 2004 13:42:50 -0500, Daniel Convissor wrote: > On Sat, Dec 18, 2004 at 11:25:19AM -0500, Tim Gales wrote: > > > > php_mysqli.dll (5.0.2.2) depends upon libmysqli.dll. > > Hmmm. Okay, I never really looked at all the files involved until > this moment. On my Windows XP box with MySQL 4.1.2-alpha and PHP > 5.1.0-dev from snaps.php.net a moment ago, here are all the files > named *mysql*.dll > > c:\program files\php\ext\php_mysql.dll (for the mysql <= 4.0.x) > c:\program files\php\ext\php_mysqli.dll (for the mysql >= 4.1.x) > c:\program files\php\libmysql.dll (I'd never noticed this before) > > c:\program files\mysql41\bin\libmySQL.dll > c:\program files\mysql41\Embedded\DLL\debug\libmysqld.dll > c:\program files\mysql41\Embedded\DLL\release\libmysqld.dll > c:\program files\mysql41\lib\debug\libmySQL.dll > c:\program files\mysql41\lib\opt\libmySQL.dll > c:\program files\mysql41\lib\opt\libmysqld.dll > > So, under this setup, there's no libmysqli.dll. BUT, looking at > different versions of PHP, I see there's a libmysqli.dll in the > "c:\program files\php" directory. It exists in the versions 5.0.0 > through 5.0.2 (haven't looked at 5.0.3). It was removed from HEAD > (5.1.x) some time after 2004-10-31. > > --Dan > > -- > T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y > data intensive web and database programming > http://www.AnalysisAndSolutions.com/ > 4015 7th Ave #4, Brooklyn NY 11232 v: 718-854-0335 f: 718-854-0409 > _______________________________________________ > New York PHP Talk > Supporting AMP Technology (Apache/MySQL/PHP) > http://lists.nyphp.org/mailman/listinfo/talk > http://www.newyorkphp.org > -- .: Juancarlos :. "Any fool can know. The point is to understand." -Albert Einstein From jlacey at att.net Sun Dec 19 14:13:30 2004 From: jlacey at att.net (John Lacey) Date: Sun, 19 Dec 2004 12:13:30 -0700 Subject: [nycphp-talk] WAMP on a new XP box with SP2 possible? In-Reply-To: <002001c4e5f7$1de646d0$e98d3818@oberon1> References: <002001c4e5f7$1de646d0$e98d3818@oberon1> Message-ID: <41C5D2DA.5080406@att.net> Tim Gales wrote: >>Subject: Re: [nycphp-talk] WAMP on a new XP box with SP2 possible? > > Well, a brave soul (not me) might try an update located at: > http://www.microsoft.com/downloads/details.aspx?amp;displaylang=en&familyi > d=17d997d2-5034-4bbb-b74d-ad8430a1f7c8&displaylang=en > > It tries to solve some loopback problems with XP2. > Tim (and Mitch) The above link doesn't seem to work, but I did find this: (update for SP2 concerning the loopback address) http://www.microsoft.com/downloads/details.aspx?FamilyID=17d997d2-5034-4bbb-b74d-ad8430a1f7c8&displaylang=en and the tiny version: http://tinyurl.com/4oxqw John From mitch.pirtle at gmail.com Sun Dec 19 16:34:12 2004 From: mitch.pirtle at gmail.com (Mitch Pirtle) Date: Sun, 19 Dec 2004 16:34:12 -0500 Subject: [nycphp-talk] WAMP on a new XP box with SP2 possible? In-Reply-To: <41C5D2DA.5080406@att.net> References: <002001c4e5f7$1de646d0$e98d3818@oberon1> <41C5D2DA.5080406@att.net> Message-ID: <330532b6041219133415b9bf32@mail.gmail.com> Tried that, but the problem is still there. In a nutshell, when trying to install Apache (2.0.47 OR 2.0.51) I get a DOS command window that says the installer could not connect to socket 0.0.0.0:80, and fails to install the service. Forget startup, I can't even get though the install :-( -- Mitch On Sun, 19 Dec 2004 12:13:30 -0700, John Lacey wrote: > Tim Gales wrote: > >>Subject: Re: [nycphp-talk] WAMP on a new XP box with SP2 possible? > > > > > Well, a brave soul (not me) might try an update located at: > > http://www.microsoft.com/downloads/details.aspx?amp;displaylang=en&familyi > > d=17d997d2-5034-4bbb-b74d-ad8430a1f7c8&displaylang=en > > > > It tries to solve some loopback problems with XP2. > > > > > Tim (and Mitch) > > The above link doesn't seem to work, but I did find this: (update for > SP2 concerning the loopback address) > > http://www.microsoft.com/downloads/details.aspx?FamilyID=17d997d2-5034-4bbb-b74d-ad8430a1f7c8&displaylang=en > > and the tiny version: > http://tinyurl.com/4oxqw > > John > > _______________________________________________ > New York PHP Talk > Supporting AMP Technology (Apache/MySQL/PHP) > http://lists.nyphp.org/mailman/listinfo/talk > http://www.newyorkphp.org > From jlacey at att.net Sun Dec 19 16:41:30 2004 From: jlacey at att.net (John Lacey) Date: Sun, 19 Dec 2004 14:41:30 -0700 Subject: [nycphp-talk] WAMP on a new XP box with SP2 possible? In-Reply-To: <330532b6041219133415b9bf32@mail.gmail.com> References: <002001c4e5f7$1de646d0$e98d3818@oberon1> <41C5D2DA.5080406@att.net> <330532b6041219133415b9bf32@mail.gmail.com> Message-ID: <41C5F58A.9080801@att.net> Mitch Pirtle wrote: > Tried that, but the problem is still there. In a nutshell, when > trying to install Apache (2.0.47 OR 2.0.51) I get a DOS command window > that says the installer could not connect to socket 0.0.0.0:80, and > fails to install the service. > > Forget startup, I can't even get though the install :-( > In XAMPP, you can run the "apache_start.bat" file which does not install Apache as a service. The same holds true for MySQL. In this case, the DOS window that is opened must be left open -- minimized, of course. Have you tried this? John From hans at nyphp.com Sun Dec 19 16:42:14 2004 From: hans at nyphp.com (Hans Zaunere) Date: Sun, 19 Dec 2004 13:42:14 -0800 Subject: [nycphp-talk] php + mysql Message-ID: <41EE526EC2D3C74286415780D3BA9F8706F1C0E3@ehost011-1.exch011.intermedia.net> > Well, it seems as though I overlooked something very minor in the > PHPMyAdmin config page and now it works almost perfectly. The mysqli > functions are working just fine as well. Now the only problem i have, > although it is very minor is that I can't get index.php to work like > index.html would. Meaning, if I type in my URL, index.php is not > selected by default, instead I have an index.html page that > automatically refreshes to index.php. A little annoying but I can > deal. If anyone has a solution, that'd be great. Sorry if I wasn't > paying attention too much there Daniel, I sometimes overlook things > because I have no patience. Thanks a lot for the help. This is Apache's DirectoryIndex It probably looks something like this now: DirectoryIndex index.html It should look like this: DirectoryIndex index.html index.php H From mitch.pirtle at gmail.com Sun Dec 19 16:44:49 2004 From: mitch.pirtle at gmail.com (Mitch Pirtle) Date: Sun, 19 Dec 2004 16:44:49 -0500 Subject: [nycphp-talk] WAMP on a new XP box with SP2 possible? In-Reply-To: <20041219184827.GB12099@panix.com> References: <330532b6041218145832a98212@mail.gmail.com> <20041219184827.GB12099@panix.com> Message-ID: <330532b6041219134457d3642b@mail.gmail.com> Hey Dan, Turned off Windows firewall, and the same error occurs. The install does its thing, and at the end a DOS window pops up and says: "Only one usage of each socket address is normally permitted. : make_sock : could not bind to address 0.0.0.0:80" And then closes itself after a few seconds. After closing, a new DOS window that complains that the service "Apache" could not be found. Anyone out there install Apache 2.0.X on a new XP SP2 machine with success? -- Mitch On Sun, 19 Dec 2004 13:48:27 -0500, Daniel Convissor wrote: > Mitch: > > I'm running Apache (1.3.x) and PHP (as CGI) on XP _PRO_ SP2 without a > problem. Though, I'm using Zone Alarm as my firewall, not Windows > Firewall. > > Anything differ with you from the above beside the firewall? If not, > disconnect from the network, disable the firewall and see what > happens. > > I'm assuming Apache starts okay and stays running and PHP works fine > from the command line. From hans at nyphp.com Sun Dec 19 16:45:45 2004 From: hans at nyphp.com (Hans Zaunere) Date: Sun, 19 Dec 2004 13:45:45 -0800 Subject: [nycphp-talk] WAMP on a new XP box with SP2 possible? Message-ID: <41EE526EC2D3C74286415780D3BA9F8706F1C0E4@ehost011-1.exch011.intermedia.net> > Tried that, but the problem is still there. In a nutshell, when > trying to install Apache (2.0.47 OR 2.0.51) I get a DOS command window > that says the installer could not connect to socket 0.0.0.0:80, and > fails to install the service. > > Forget startup, I can't even get though the install :-( In addition to the loopback stuff, I think the firewall stuff is also a problem. Go to Control Panel -> Windows Firewall Then select Off, and see if that does it. If so, you can enable it if you really want, but configure access as needed. H From mitch.pirtle at gmail.com Sun Dec 19 16:47:44 2004 From: mitch.pirtle at gmail.com (Mitch Pirtle) Date: Sun, 19 Dec 2004 16:47:44 -0500 Subject: [nycphp-talk] WAMP on a new XP box with SP2 possible? In-Reply-To: <41EE526EC2D3C74286415780D3BA9F8706F1C0E4@ehost011-1.exch011.intermedia.net> References: <41EE526EC2D3C74286415780D3BA9F8706F1C0E4@ehost011-1.exch011.intermedia.net> Message-ID: <330532b60412191347745b578e@mail.gmail.com> Nope, turned off the firewall and the error is identical. I'm starting to suspect it is with the Apache installer, as the install fails regardless of firewall being enabled or not. -- Mitch On Sun, 19 Dec 2004 13:45:45 -0800, Hans Zaunere wrote: > > > Tried that, but the problem is still there. In a nutshell, when > > trying to install Apache (2.0.47 OR 2.0.51) I get a DOS command window > > that says the installer could not connect to socket 0.0.0.0:80, and > > fails to install the service. > > > > Forget startup, I can't even get though the install :-( > > In addition to the loopback stuff, I think the firewall stuff is also a > problem. Go to Control Panel -> Windows Firewall > > Then select Off, and see if that does it. If so, you can enable it if > you really want, but configure access as needed. From j.aponte at gmail.com Sun Dec 19 16:47:44 2004 From: j.aponte at gmail.com (Juancarlos Aponte) Date: Sun, 19 Dec 2004 16:47:44 -0500 Subject: [nycphp-talk] php + mysql In-Reply-To: <41EE526EC2D3C74286415780D3BA9F8706F1C0E3@ehost011-1.exch011.intermedia.net> References: <41EE526EC2D3C74286415780D3BA9F8706F1C0E3@ehost011-1.exch011.intermedia.net> Message-ID: Awesome, all problems solved then. Thank you to everyone that has helped me out throughout my long and arduous process of setting this up (Daniel, Tim, John, and Hans). Now if only I could get it to go faster, don't assume any of you could help me out there? Just kidding guys. Thanks again. On Sun, 19 Dec 2004 13:42:14 -0800, Hans Zaunere wrote: > > > Well, it seems as though I overlooked something very minor in the > > PHPMyAdmin config page and now it works almost perfectly. The mysqli > > functions are working just fine as well. Now the only problem i have, > > although it is very minor is that I can't get index.php to work like > > index.html would. Meaning, if I type in my URL, index.php is not > > selected by default, instead I have an index.html page that > > automatically refreshes to index.php. A little annoying but I can > > deal. If anyone has a solution, that'd be great. Sorry if I wasn't > > paying attention too much there Daniel, I sometimes overlook things > > because I have no patience. Thanks a lot for the help. > > This is Apache's DirectoryIndex > > It probably looks something like this now: > > DirectoryIndex index.html > > It should look like this: > > DirectoryIndex index.html index.php > > H > > _______________________________________________ > New York PHP Talk > Supporting AMP Technology (Apache/MySQL/PHP) > http://lists.nyphp.org/mailman/listinfo/talk > http://www.newyorkphp.org > -- .: Juancarlos :. "Any fool can know. The point is to understand." -Albert Einstein From jlacey at att.net Sun Dec 19 16:48:26 2004 From: jlacey at att.net (John Lacey) Date: Sun, 19 Dec 2004 14:48:26 -0700 Subject: [nycphp-talk] php + mysql In-Reply-To: <41EE526EC2D3C74286415780D3BA9F8706F1C0E3@ehost011-1.exch011.intermedia.net> References: <41EE526EC2D3C74286415780D3BA9F8706F1C0E3@ehost011-1.exch011.intermedia.net> Message-ID: <41C5F72A.8060102@att.net> Hans Zaunere wrote: >>Well, it seems as though I overlooked something very minor in the >>PHPMyAdmin config page and now it works almost perfectly. The mysqli >>functions are working just fine as well. Now the only problem i have, >>although it is very minor is that I can't get index.php to work like >>index.html would. Meaning, if I type in my URL, index.php is not >>selected by default, instead I have an index.html page that >>automatically refreshes to index.php. A little annoying but I can >>deal. If anyone has a solution, that'd be great. Sorry if I wasn't >>paying attention too much there Daniel, I sometimes overlook things >>because I have no patience. Thanks a lot for the help. > > > This is Apache's DirectoryIndex > > It probably looks something like this now: > > DirectoryIndex index.html > > It should look like this: > > DirectoryIndex index.html index.php > also, be sure there's not an index.html file in the directory that can be loaded first... John From hans at nyphp.com Sun Dec 19 16:53:21 2004 From: hans at nyphp.com (Hans Zaunere) Date: Sun, 19 Dec 2004 13:53:21 -0800 Subject: [nycphp-talk] php + mysql Message-ID: <41EE526EC2D3C74286415780D3BA9F8706F1C0E6@ehost011-1.exch011.intermedia.net> > > It should look like this: > > > > DirectoryIndex index.html index.php > > > > also, be sure there's not an index.html file in the directory that can > be loaded first... Good point. If you'd rather have index.php have precedence over index.html, you'd switch the order: DirectoryIndex index.php index.html --- Hans Zaunere President, Founder New York PHP http://www.nyphp.org From jlacey at att.net Sun Dec 19 16:54:54 2004 From: jlacey at att.net (John Lacey) Date: Sun, 19 Dec 2004 14:54:54 -0700 Subject: [nycphp-talk] php + mysql In-Reply-To: References: <41EE526EC2D3C74286415780D3BA9F8706F1C0E3@ehost011-1.exch011.intermedia.net> Message-ID: <41C5F8AE.6040305@att.net> Juancarlos Aponte wrote: > Awesome, all problems solved then. Thank you to everyone that has > helped me out throughout my long and arduous process of setting this > up (Daniel, Tim, John, and Hans). Now if only I could get it to go > faster, don't assume any of you could help me out there? Just kidding > guys. Thanks again. > There is, if you're on that Windows box: http://www.zend.com/store/products/zend-win-enabler.php?hstore :) John From danielc at analysisandsolutions.com Sun Dec 19 17:49:09 2004 From: danielc at analysisandsolutions.com (Daniel Convissor) Date: Sun, 19 Dec 2004 17:49:09 -0500 Subject: [nycphp-talk] WAMP on a new XP box with SP2 possible? In-Reply-To: <330532b6041219134457d3642b@mail.gmail.com> References: <330532b6041218145832a98212@mail.gmail.com> <20041219184827.GB12099@panix.com> <330532b6041219134457d3642b@mail.gmail.com> Message-ID: <20041219224909.GA11760@panix.com> On Sun, Dec 19, 2004 at 04:44:49PM -0500, Mitch Pirtle wrote: > > "Only one usage of each socket address is normally permitted. : > make_sock : could not bind to address 0.0.0.0:80" Sounds like you have another web server running. IIS? A worm? Another version of Apache? Run netstat to see what's up with port 80. Hmmm, 0.0.0.0? That's odd. Anyway, I strongly suggest going the simple, 100% reliable route. Apache 1, PHP as CGI. --Dan -- T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y data intensive web and database programming http://www.AnalysisAndSolutions.com/ 4015 7th Ave #4, Brooklyn NY 11232 v: 718-854-0335 f: 718-854-0409 From jlacey at att.net Sun Dec 19 17:58:02 2004 From: jlacey at att.net (John Lacey) Date: Sun, 19 Dec 2004 15:58:02 -0700 Subject: [nycphp-talk] WAMP on a new XP box with SP2 possible? In-Reply-To: <20041219224909.GA11760@panix.com> References: <330532b6041218145832a98212@mail.gmail.com> <20041219184827.GB12099@panix.com> <330532b6041219134457d3642b@mail.gmail.com> <20041219224909.GA11760@panix.com> Message-ID: <41C6077A.9030201@att.net> Daniel Convissor wrote: > On Sun, Dec 19, 2004 at 04:44:49PM -0500, Mitch Pirtle wrote: > >>"Only one usage of each socket address is normally permitted. : >>make_sock : could not bind to address 0.0.0.0:80" > > > Sounds like you have another web server running. IIS? A worm? Another > version of Apache? Run netstat to see what's up with port 80. > > Hmmm, 0.0.0.0? That's odd. 0.0.0.0 says listen on all addresses From jlacey at att.net Sun Dec 19 18:07:47 2004 From: jlacey at att.net (John Lacey) Date: Sun, 19 Dec 2004 16:07:47 -0700 Subject: [nycphp-talk] WAMP on a new XP box with SP2 possible? In-Reply-To: <20041219224909.GA11760@panix.com> References: <330532b6041218145832a98212@mail.gmail.com> <20041219184827.GB12099@panix.com> <330532b6041219134457d3642b@mail.gmail.com> <20041219224909.GA11760@panix.com> Message-ID: <41C609C3.7040003@att.net> Daniel Convissor wrote: > On Sun, Dec 19, 2004 at 04:44:49PM -0500, Mitch Pirtle wrote: > >>"Only one usage of each socket address is normally permitted. : >>make_sock : could not bind to address 0.0.0.0:80" > > > Sounds like you have another web server running. IIS? A worm? Another > version of Apache? Run netstat to see what's up with port 80. > > Hmmm, 0.0.0.0? That's odd. > > Anyway, I strongly suggest going the simple, 100% reliable route. Apache > 1, PHP as CGI. > > --Dan > the thought just occurred to me, I wonder what an nmap scan to localhost would show in an XP SP2 environment J From list at harveyk.com Sun Dec 19 19:12:17 2004 From: list at harveyk.com (harvey) Date: Sun, 19 Dec 2004 19:12:17 -0500 Subject: [nycphp-talk] MySQL Query Question Message-ID: <6.2.0.14.0.20041219190947.039cd900@pop.earthlink.net> Hello NYPHP, Let's say that I have a db and it has a table with list of Senators. Each Senator record has a field for state_fid. Then there's a States table with the names of the states and their associated state_id's. The Senator table also has a field for party_fid. And there's a Party table with the names of the parties and their associated party_id's. Now suppose I want to query the db and alphabetically list the Name, State, and Party of each Senator. Question is this--in general, which (if either) is the preferred method? Create one query similar to: Query Senator Select senate.senator_name, state.state_name, party.party_name From senate, state, party Where senate.state_fid = state.state_id And senate.party_fid = party.party_id Order by senate.senator_name Then loop through the results to print. Or create multiple queries similar to: Select senator_name, state_fid, party_fid From senate Order by senator_name And then loop through the results with add'l queries similar to: Query state Select name from state where state_id = $row_Senator['state_fid'] ... Query party Select name from party where party_id = $row_Senator['party_fid'] ... The first method would seem more elegant, but it seems to take longer also (although that might just be my imagination). Any suggestions? Thanks! Harvey From danielc at analysisandsolutions.com Sun Dec 19 19:25:18 2004 From: danielc at analysisandsolutions.com (Daniel Convissor) Date: Sun, 19 Dec 2004 19:25:18 -0500 Subject: [nycphp-talk] MySQL Query Question In-Reply-To: <6.2.0.14.0.20041219190947.039cd900@pop.earthlink.net> References: <6.2.0.14.0.20041219190947.039cd900@pop.earthlink.net> Message-ID: <20041220002518.GB3801@panix.com> On Sun, Dec 19, 2004 at 07:12:17PM -0500, harvey wrote: > > Now suppose I want to query the db and alphabetically list the Name, State, > and Party of each Senator. Question is this--in general, which (if either) > is the preferred method? One query is better. Joining tables is what DBMS's are all about. I prefer the JOIN syntax rather than the WHERE syntax. Also, I suggest naming the state_id field (etc) the same in both the senate and state tables, then you can use the easier USING clause for the _first_ (in this case) join. So, for example: > Select senate.senator_name, state.state_name, party.party_name > From senate, state, party > Where senate.state_fid = state.state_id > And senate.party_fid = party.party_id > Order by senate.senator_name SELECT senate.senator_name, state.state_name, party.party_name FROM senate JOIN state USING state_id JOIN party ON (party.party_id = senate.party_id) ORDER BY senate.senator_name As far as the USING vs ON clause... You can only use JOIN if the columns are the same in table/join right above it have the same names. By the way, you've done a good job normalizing your database. > The first method would seem more elegant, but it seems to take longer also > (although that might just be my imagination). I suspect you have a very wild imagination. --Dan -- T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y data intensive web and database programming http://www.AnalysisAndSolutions.com/ 4015 7th Ave #4, Brooklyn NY 11232 v: 718-854-0335 f: 718-854-0409 From mitch.pirtle at gmail.com Sun Dec 19 21:16:15 2004 From: mitch.pirtle at gmail.com (Mitch Pirtle) Date: Sun, 19 Dec 2004 21:16:15 -0500 Subject: [nycphp-talk] WAMP on a new XP box with SP2 possible? In-Reply-To: <20041219224909.GA11760@panix.com> References: <330532b6041218145832a98212@mail.gmail.com> <20041219184827.GB12099@panix.com> <330532b6041219134457d3642b@mail.gmail.com> <20041219224909.GA11760@panix.com> Message-ID: <330532b6041219181655071621@mail.gmail.com> On Sun, 19 Dec 2004 17:49:09 -0500, Daniel Convissor wrote: > Sounds like you have another web server running. IIS? A worm? Another > version of Apache? Run netstat to see what's up with port 80. Nothing is on port 80, or 443. *sigh* > Hmmm, 0.0.0.0? That's odd. > > Anyway, I strongly suggest going the simple, 100% reliable route. Apache > 1, PHP as CGI. Not an option, coding future stuff for the 2.0.x series - and no longer see 1.3.x in production (in over 20 sites). Looks like this is a common problem, and the solution is not apparent yet. -- Mitch From mitch.pirtle at gmail.com Mon Dec 20 09:13:36 2004 From: mitch.pirtle at gmail.com (Mitch Pirtle) Date: Mon, 20 Dec 2004 09:13:36 -0500 Subject: [nycphp-talk] WAMP on a new XP box with SP2 possible? SOLVED In-Reply-To: <330532b6041219181655071621@mail.gmail.com> References: <330532b6041218145832a98212@mail.gmail.com> <20041219184827.GB12099@panix.com> <330532b6041219134457d3642b@mail.gmail.com> <20041219224909.GA11760@panix.com> <330532b6041219181655071621@mail.gmail.com> Message-ID: <330532b6041220061358f60ccb@mail.gmail.com> Hi gang, Funny enough, the culprit wasn't SP2 or the firewall, it was either skype or trillian. Stopped both, reinstalled Apache2, and now everything is running just fine. Had no idea either would try to co-opt port 80 on the local machine, but caught one of them red-handed with netstat. Thanks for the attempts, and best wishes to everyone for the holidays. -- Mitch, grateful to be associated with such a great group of talented individuals On Sun, 19 Dec 2004 21:16:15 -0500, Mitch Pirtle wrote: > On Sun, 19 Dec 2004 17:49:09 -0500, Daniel Convissor > wrote: > > Sounds like you have another web server running. IIS? A worm? Another > > version of Apache? Run netstat to see what's up with port 80. > > Nothing is on port 80, or 443. *sigh* > > > Hmmm, 0.0.0.0? That's odd. > > > > Anyway, I strongly suggest going the simple, 100% reliable route. Apache > > 1, PHP as CGI. > > Not an option, coding future stuff for the 2.0.x series - and no > longer see 1.3.x in production (in over 20 sites). > > Looks like this is a common problem, and the solution is not apparent yet. > > -- Mitch > From mjdewitt at alexcommgrp.com Mon Dec 20 11:37:05 2004 From: mjdewitt at alexcommgrp.com (DeWitt, Michael) Date: Mon, 20 Dec 2004 11:37:05 -0500 Subject: [nycphp-talk] OT: HTMLTableCellElement Message-ID: > -----Original Message----- > From: Hans C. Kaspersetz [SMTP:hans at cyberxdesigns.com] > Sent: Wednesday, December 15, 2004 10:19 AM > To: NYPHP Talk > Subject: Re: [nycphp-talk] OT: HTMLTableCellElement > > Mark, > > Not sure if you are aware, but NY PHP has a front end list for these > types of questions. Check it out might get you a better response. > > http://lists.nyphp.org/mailman/listinfo/front-end > > Hans > > Mark Withington wrote: > > >Has anyone had any experience/luck using the DOM > HTMLTableCellElement.width > >to provide information? I'm trying to generate table headings using > >DHTML that would be positioned absolute (and thereby eliminate the need > for > >frames). Everything works great, except the DHTML column widths don't > line > >up with the HTML (generated) table body. I'm letting the browser adjust > the > >columns as necessary and was hoping to use HTMLTableCellElement.width to > >provide the information that I would then inject into the DHTML table > > >tags. > > > >Any suggestions/help would be appreciated. > > > >Mark > > > > > > > --- snip --- > > -- > Hans C. Kaspersetz > Cyber X Designs > > http://www.cyberxdesigns.com > > _______________________________________________ > New York PHP Talk > Supporting AMP Technology (Apache/MySQL/PHP) > http://lists.nyphp.org/mailman/listinfo/talk > http://www.newyorkphp.org From codebowl at gmail.com Mon Dec 20 14:55:24 2004 From: codebowl at gmail.com (Joseph Crawford) Date: Mon, 20 Dec 2004 14:55:24 -0500 Subject: [nycphp-talk] PHP and MSSQL 7 Message-ID: <8d9a42800412201155651b3bb@mail.gmail.com> Hello Everyone, i have been trying to use the MSSQL functions in PHP and i cannot get it to connect i keep getting the error that mssql_connect cannot connect to the host. $link = mssql_connect("207.76.168.21", $dbinfo['user'], $dbinfo['pass']); that is the connection string i was using and this is the error recieved Warning: mssql_connect(): Unable to connect to server: 207.76.168.21 in /htdocs/data.php on line 9 I read the docs and noticed a user comment about using freetds, i$link = mssql_connect("207.76.168.21", $dbinfo['user'], $dbinfo['pass']); added a server to my freetds.conf file which was found in /etc/ and then i restarted apache, i changed my mssql_connect to look like this $link = mssql_connect("MyServer70", $dbinfo['user'], $dbinfo['pass']); when i use this, i get the same error except the hostname is now MyServer70 rather than the IP address of the server, here is what i have in my freetds config # A typical Microsoft SQL Server 7.0 configuration [MyServer70] host = 207.76.168.21 port = 1433 tds version = 7.0 after adding that i restarted my xampp apache install and i get this error Warning: mssql_connect(): Unable to connect to server: MyServer70 in /htdocs/data.php on line 9 am i doing something wrong or is this generally hard to accomplish from a linux to windows server connection? -- Joseph Crawford Jr. Codebowl Solutions codebowl at gmail.com From chsnyder at gmail.com Mon Dec 20 15:17:04 2004 From: chsnyder at gmail.com (csnyder) Date: Mon, 20 Dec 2004 15:17:04 -0500 Subject: [nycphp-talk] PHP and MSSQL 7 In-Reply-To: <8d9a42800412201155651b3bb@mail.gmail.com> References: <8d9a42800412201155651b3bb@mail.gmail.com> Message-ID: Joseph Crawford wrote: > added a server to my freetds.conf file which was found in /etc/ and > then i restarted apache, i changed my mssql_connect to look like this > > $link = mssql_connect("MyServer70", $dbinfo['user'], $dbinfo['pass']); > That's the way to do it... make sure you have putenv("FREETDSCONF=/etc/freetds.conf"); at the start of your script. I find that debugging MSSQL server connections is a huge PITA -- once you get the hostname right, you may struggle for a while figuring out how to correctly specify the username. And lord help ya if you're using a second or third MSSQL instance on the same server -- what port is *that*? Every time I go through this I remember why I never used to support Microsoft servers. From codebowl at gmail.com Mon Dec 20 15:30:19 2004 From: codebowl at gmail.com (Joseph Crawford) Date: Mon, 20 Dec 2004 15:30:19 -0500 Subject: [nycphp-talk] PHP and MSSQL 7 In-Reply-To: References: <8d9a42800412201155651b3bb@mail.gmail.com> Message-ID: <8d9a428004122012303a0ee55e@mail.gmail.com> csnyder, thanks for the information i will take a stab at that in a bit. I know i wish i had control over the use of the MSSQL server but my client uses a national database for real estate they can rent/sell on thier site, they pay a co for the data and that co uses MSSQL bleh. -- Joseph Crawford Jr. Codebowl Solutions codebowl at gmail.com From codebowl at gmail.com Mon Dec 20 15:40:48 2004 From: codebowl at gmail.com (Joseph Crawford) Date: Mon, 20 Dec 2004 15:40:48 -0500 Subject: [nycphp-talk] PHP and MSSQL 7 In-Reply-To: <8d9a428004122012303a0ee55e@mail.gmail.com> References: <8d9a42800412201155651b3bb@mail.gmail.com> <8d9a428004122012303a0ee55e@mail.gmail.com> Message-ID: <8d9a42800412201240445e9fb2@mail.gmail.com> csnyder, i have added that and now it kinda works, but why would i get this error? Fatal error: Allowed memory size of 8388608 bytes exhausted (tried to allocate 14095 bytes) in /htdocs/data.php on line 14 usually i see that when i execute an sql import from phpmyadmin that is too large for PMA to process. -- Joseph Crawford Jr. Codebowl Solutions codebowl at gmail.com From nestorflorez at earthlink.net Mon Dec 20 15:56:40 2004 From: nestorflorez at earthlink.net (Nestor Florez) Date: Mon, 20 Dec 2004 12:56:40 -0800 (PST) Subject: [nycphp-talk] PHP and MSSQL 7 Message-ID: <4331629.1103576200712.JavaMail.root@huey.psp.pas.earthlink.net> Joe, This is what I use when accessing a Mssql DB $hostname = "192.168.0.20,1433"; $username = "user1"; $password = "pwd1"; $dbName = "mydb"; if($conn = mssql_connect($hostname,$username,$password)) { } else { die("DATABASE FAILED TO RESPOND."); } Hope that this helps you. Nestor :-) http://www.IneedWork.org -----Original Message----- From: Joseph Crawford Sent: Dec 20, 2004 11:55 AM To: NYPHP Talk Subject: [nycphp-talk] PHP and MSSQL 7 Hello Everyone, i have been trying to use the MSSQL functions in PHP and i cannot get it to connect i keep getting the error that mssql_connect cannot connect to the host. $link = mssql_connect("207.76.168.21", $dbinfo['user'], $dbinfo['pass']); that is the connection string i was using and this is the error recieved Warning: mssql_connect(): Unable to connect to server: 207.76.168.21 in /htdocs/data.php on line 9 I read the docs and noticed a user comment about using freetds, i$link = mssql_connect("207.76.168.21", $dbinfo['user'], $dbinfo['pass']); added a server to my freetds.conf file which was found in /etc/ and then i restarted apache, i changed my mssql_connect to look like this $link = mssql_connect("MyServer70", $dbinfo['user'], $dbinfo['pass']); when i use this, i get the same error except the hostname is now MyServer70 rather than the IP address of the server, here is what i have in my freetds config # A typical Microsoft SQL Server 7.0 configuration [MyServer70] host = 207.76.168.21 port = 1433 tds version = 7.0 after adding that i restarted my xampp apache install and i get this error Warning: mssql_connect(): Unable to connect to server: MyServer70 in /htdocs/data.php on line 9 am i doing something wrong or is this generally hard to accomplish from a linux to windows server connection? -- Joseph Crawford Jr. Codebowl Solutions codebowl at gmail.com _______________________________________________ New York PHP Talk Supporting AMP Technology (Apache/MySQL/PHP) http://lists.nyphp.org/mailman/listinfo/talk http://www.newyorkphp.org From jlacey at att.net Mon Dec 20 16:09:32 2004 From: jlacey at att.net (John Lacey) Date: Mon, 20 Dec 2004 14:09:32 -0700 Subject: [nycphp-talk] PHP and MSSQL 7 In-Reply-To: <4331629.1103576200712.JavaMail.root@huey.psp.pas.earthlink.net> References: <4331629.1103576200712.JavaMail.root@huey.psp.pas.earthlink.net> Message-ID: <41C73F8C.8030606@att.net> Nestor Florez wrote: > Joe, > > > This is what I use when accessing a Mssql DB > > $hostname = "192.168.0.20,1433"; > $username = "user1"; > $password = "pwd1"; > $dbName = "mydb"; Nestor, Should a comma "," or a colon ":" go after the IP address? I'm unfamiliar with that syntax so I thought I'd ask. I assume the 1433 is the port number that the mssql server waits on ala MySQL port 3306. thanks, John From nestorflorez at earthlink.net Mon Dec 20 16:16:48 2004 From: nestorflorez at earthlink.net (Nestor Florez) Date: Mon, 20 Dec 2004 13:16:48 -0800 (PST) Subject: [nycphp-talk] PHP and MSSQL 7 Message-ID: <12493829.1103577408588.JavaMail.root@huey.psp.pas.earthlink.net> This is the biggest thing to remember a comma "," for MSSQL and a colon ":" for Mysql :-) -----Original Message----- From: John Lacey Sent: Dec 20, 2004 1:09 PM To: NYPHP Talk Subject: Re: [nycphp-talk] PHP and MSSQL 7 Nestor Florez wrote: > Joe, > > > This is what I use when accessing a Mssql DB > > $hostname = "192.168.0.20,1433"; > $username = "user1"; > $password = "pwd1"; > $dbName = "mydb"; Nestor, Should a comma "," or a colon ":" go after the IP address? I'm unfamiliar with that syntax so I thought I'd ask. I assume the 1433 is the port number that the mssql server waits on ala MySQL port 3306. thanks, John _______________________________________________ New York PHP Talk Supporting AMP Technology (Apache/MySQL/PHP) http://lists.nyphp.org/mailman/listinfo/talk http://www.newyorkphp.org From jlacey at att.net Mon Dec 20 16:26:34 2004 From: jlacey at att.net (John Lacey) Date: Mon, 20 Dec 2004 14:26:34 -0700 Subject: [nycphp-talk] PHP and MSSQL 7 In-Reply-To: <12493829.1103577408588.JavaMail.root@huey.psp.pas.earthlink.net> References: <12493829.1103577408588.JavaMail.root@huey.psp.pas.earthlink.net> Message-ID: <41C7438A.4020404@att.net> thanks, I'll file that one away, although I'll probably have to make room in my head for more facts by getting rid of either a Supreme's song or Elvis' All Shook Up :) Nestor Florez wrote: > This is the biggest thing to remember > a comma "," for MSSQL and > a colon ":" for Mysql > > :-) > > -----Original Message----- > From: John Lacey > Sent: Dec 20, 2004 1:09 PM > To: NYPHP Talk > Subject: Re: [nycphp-talk] PHP and MSSQL 7 > > Nestor Florez wrote: > >>Joe, >> >> >>This is what I use when accessing a Mssql DB >> >>$hostname = "192.168.0.20,1433"; >>$username = "user1"; >>$password = "pwd1"; >>$dbName = "mydb"; > > > Nestor, > > Should a comma "," or a colon ":" go after the IP address? I'm > unfamiliar with that syntax so I thought I'd ask. I assume the 1433 is > the port number that the mssql server waits on ala MySQL port 3306. > > thanks, > John > > _______________________________________________ > New York PHP Talk > Supporting AMP Technology (Apache/MySQL/PHP) > http://lists.nyphp.org/mailman/listinfo/talk > http://www.newyorkphp.org > > > > _______________________________________________ > New York PHP Talk > Supporting AMP Technology (Apache/MySQL/PHP) > http://lists.nyphp.org/mailman/listinfo/talk > http://www.newyorkphp.org > > From 1j0lkq002 at sneakemail.com Mon Dec 20 16:49:36 2004 From: 1j0lkq002 at sneakemail.com (inforequest) Date: Mon, 20 Dec 2004 16:49:36 -0500 Subject: [nycphp-talk] PHP and MSSQL 7 In-Reply-To: <41C7438A.4020404@att.net> References: <12493829.1103577408588.JavaMail.root@huey.psp.pas.earthlink.net> <41C7438A.4020404@att.net> Message-ID: <17443-37215@sneakemail.com> John Lacey jlacey-at-att.net |nyphp dev/internal group use| wrote: > > thanks, I'll file that one away, although I'll probably have to make > room in my head for more facts by getting rid of either a Supreme's > song or Elvis' All Shook Up > > :) Hahaha I still keep those - they still come in handy. I made a whole lot of room by completely erasingmy memory of [HTTP_GETVARS/POSTVARS] and Netscape 4.x browser issues earlier this year! -=john andrews From danielc at analysisandsolutions.com Mon Dec 20 18:25:21 2004 From: danielc at analysisandsolutions.com (Daniel Convissor) Date: Mon, 20 Dec 2004 18:25:21 -0500 Subject: [nycphp-talk] PHP and MSSQL 7 In-Reply-To: <41C73F8C.8030606@att.net> References: <4331629.1103576200712.JavaMail.root@huey.psp.pas.earthlink.net> <41C73F8C.8030606@att.net> Message-ID: <20041220232521.GA2906@panix.com> On Mon, Dec 20, 2004 at 02:09:32PM -0700, John Lacey wrote: > Nestor Florez wrote: > > > >$hostname = "192.168.0.20,1433"; > > Should a comma "," or a colon ":" go after the IP address? For MS SQL... on Windows, use a comma, on Unix use a colon. --Dan -- T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y data intensive web and database programming http://www.AnalysisAndSolutions.com/ 4015 7th Ave #4, Brooklyn NY 11232 v: 718-854-0335 f: 718-854-0409 From prusak at gmail.com Tue Dec 21 02:53:41 2004 From: prusak at gmail.com (Ophir Prusak) Date: Tue, 21 Dec 2004 02:53:41 -0500 Subject: [nycphp-talk] [OT] Hosting: Is www.theplanet.com any good? Message-ID: I just gave up on ev1servers (I had a real horror story with them). Anyone have anything to say about www.theplanet.com ? Thanks Ophir From jperkins at sneer.org Tue Dec 21 09:26:06 2004 From: jperkins at sneer.org (Jason N.Perkins) Date: Tue, 21 Dec 2004 08:26:06 -0600 Subject: [nycphp-talk] [OT] Hosting: Is www.theplanet.com any good? In-Reply-To: References: Message-ID: <4022599E-535C-11D9-8B96-000D93C999BA@sneer.org> On Dec 21, 2004, at 1:53 AM, Ophir Prusak wrote: > I just gave up on ev1servers (I had a real horror story with them). > Anyone have anything to say about www.theplanet.com ? I used servers from servermatrix.net (The Planet's lower end subsidiary for dedicated boxes) and was very happy with them. Great prices, great support response times. They really seem to have their act together (and this is from a guy who worked [and loved it] at Rackspace). -- Jason N Perkins From mitch.pirtle at gmail.com Tue Dec 21 09:29:01 2004 From: mitch.pirtle at gmail.com (Mitch Pirtle) Date: Tue, 21 Dec 2004 09:29:01 -0500 Subject: [nycphp-talk] [OT] Hosting: Is www.theplanet.com any good? In-Reply-To: <4022599E-535C-11D9-8B96-000D93C999BA@sneer.org> References: <4022599E-535C-11D9-8B96-000D93C999BA@sneer.org> Message-ID: <330532b604122106295970aff6@mail.gmail.com> Speaking of RackSpace, the guy that started it all is now at ServerBeach.com - which is basically RackSpace on a budget, where you do the system administration yourself. The prices are awesome, they have NAS available for remote backup, and also offer redundant disks as an option. I switched back to them two months ago and can only say good things about them. -- Mitch From jperkins at sneer.org Tue Dec 21 09:50:53 2004 From: jperkins at sneer.org (Jason N.Perkins) Date: Tue, 21 Dec 2004 08:50:53 -0600 Subject: [nycphp-talk] [OT] Hosting: Is www.theplanet.com any good? In-Reply-To: <330532b604122106295970aff6@mail.gmail.com> References: <4022599E-535C-11D9-8B96-000D93C999BA@sneer.org> <330532b604122106295970aff6@mail.gmail.com> Message-ID: On Dec 21, 2004, at 8:29 AM, Mitch Pirtle wrote: > Speaking of RackSpace, the guy that started it all is now at > ServerBeach.com - which is basically RackSpace on a budget, where you > do the system administration yourself. It was actually two of the guys - Richard Yoo and Dirk Elmendorf. > The prices are awesome, they have NAS available for remote backup, and > also offer redundant disks as an option. I had the opportunity to work in the same office as their lead tech guy and some of the stuff that he had done is really, really cool from an automated hosting standpoint. > I switched back to them two months ago and can only say good things > about them. Excellent! I was always reluctant to mix business and personal, so I kept my stuff hosted elsewhere. Also, the buyout of ServerBeach by Pier 1 hasn't had any negative impact on their operations that I'm aware of. -- Jason N Perkins From preinheimer at gmail.com Tue Dec 21 10:20:33 2004 From: preinheimer at gmail.com (Paul Reinheimer) Date: Tue, 21 Dec 2004 10:20:33 -0500 Subject: [nycphp-talk] [OT] Hosting: Is www.theplanet.com any good? In-Reply-To: References: <4022599E-535C-11D9-8B96-000D93C999BA@sneer.org> <330532b604122106295970aff6@mail.gmail.com> Message-ID: <6ec19ec704122107204146b9b5@mail.gmail.com> I am also on ServerMatrix, all in all a great experiance for me. My only negative comment is that the support (& other) techs have a tendancy to close tickets before I feel the issue is otherwise resolved. The few times I have called support I got a tech first ring after transfer. paul On Tue, 21 Dec 2004 08:50:53 -0600, Jason N. Perkins wrote: > > On Dec 21, 2004, at 8:29 AM, Mitch Pirtle wrote: > > > Speaking of RackSpace, the guy that started it all is now at > > ServerBeach.com - which is basically RackSpace on a budget, where you > > do the system administration yourself. > > It was actually two of the guys - Richard Yoo and Dirk Elmendorf. > > > The prices are awesome, they have NAS available for remote backup, and > > also offer redundant disks as an option. > > I had the opportunity to work in the same office as their lead tech guy > and some of the stuff that he had done is really, really cool from an > automated hosting standpoint. > > > I switched back to them two months ago and can only say good things > > about them. > > Excellent! I was always reluctant to mix business and personal, so I > kept my stuff hosted elsewhere. Also, the buyout of ServerBeach by Pier > 1 hasn't had any negative impact on their operations that I'm aware of. > > -- > Jason N Perkins > > _______________________________________________ > New York PHP Talk > Supporting AMP Technology (Apache/MySQL/PHP) > http://lists.nyphp.org/mailman/listinfo/talk > http://www.newyorkphp.org > -- Paul Reinheimer Zend Certified Engineer From mjdewitt at alexcommgrp.com Tue Dec 21 12:11:18 2004 From: mjdewitt at alexcommgrp.com (DeWitt, Michael) Date: Tue, 21 Dec 2004 12:11:18 -0500 Subject: [nycphp-talk] NYTCHP party pictures have been posted Message-ID: You can check them out at http://nyphp.org/content/gallery Mike From cmerlo441 at gmail.com Tue Dec 21 15:03:19 2004 From: cmerlo441 at gmail.com (Christopher Merlo) Date: Tue, 21 Dec 2004 15:03:19 -0500 Subject: [nycphp-talk] Looks like Chris will get Slashdotted again :) Message-ID: <946586480412211203a6b3f43@mail.gmail.com> Chris S.'s blog is linked to in an article that just hit Slashdot regarding the use of PHP with Apache 2.0. In the article, Chris is described as a "high-profile PHP community member". Good work, Chris! :) -c -- cmerlo441 at gmail.com From chsnyder at gmail.com Tue Dec 21 15:10:41 2004 From: chsnyder at gmail.com (csnyder) Date: Tue, 21 Dec 2004 15:10:41 -0500 Subject: [nycphp-talk] Looks like Chris will get Slashdotted again :) In-Reply-To: <946586480412211203a6b3f43@mail.gmail.com> References: <946586480412211203a6b3f43@mail.gmail.com> Message-ID: Disambiguation: that's Chris Shiflett Slashdotted, nice work! From jlacey at att.net Tue Dec 21 16:05:16 2004 From: jlacey at att.net (John Lacey) Date: Tue, 21 Dec 2004 14:05:16 -0700 Subject: [nycphp-talk] Looks like Chris will get Slashdotted again :) In-Reply-To: <946586480412211203a6b3f43@mail.gmail.com> References: <946586480412211203a6b3f43@mail.gmail.com> Message-ID: <41C8900C.8060402@att.net> Christopher Merlo wrote: > Chris S.'s blog is linked to in an article that just hit Slashdot > regarding the use of PHP with Apache 2.0. In the article, Chris is > described as a "high-profile PHP community member". Good work, Chris! > :) > -c > well, in addition to Chris Shiflett, John Coggeshall also posts to this list. Both John's and Chris' blogs are mentioned in the Slashdot article. Chris: http://shiflett.org/archive/86 John: http://blog.coggeshall.org/archives/174_Apache_2.0,_My_Two_Cents.html J From jlacey at att.net Tue Dec 21 16:13:54 2004 From: jlacey at att.net (John Lacey) Date: Tue, 21 Dec 2004 14:13:54 -0700 Subject: [nycphp-talk] Looks like Chris will get Slashdotted again :) In-Reply-To: <946586480412211203a6b3f43@mail.gmail.com> References: <946586480412211203a6b3f43@mail.gmail.com> Message-ID: <41C89212.2030003@att.net> Christopher Merlo wrote: > Chris S.'s blog is linked to in an article that just hit Slashdot > regarding the use of PHP with Apache 2.0. In the article, Chris is > described as a "high-profile PHP community member". Good work, Chris! > :) > -c > I've cut-and-pasted some repartee from Bruce Perens...I thought his last comment about "Slashdot readership" was particularly poignant :) It's a threading issue (Score:5, Interesting) by Bruce Perens (3872) on Tuesday December 21, @02:34PM (#11150764) (http://perens.com/ | Last Journal: Wednesday June 16, @04:13PM) Either PHP itself, or many PHP applications, are not written to deal with the multi-threading offered by Apache 2.0 . So, it seems, you will do best if you install one of the less optimal threading models. And then you lose much of the benefit of Apache 2. Apache 2 and a recent Linux kernel come pretty close to the theoretical limits of the hardware when it comes to serving static content. It just loafs along while saturating whatever net connection you give it. It's worth trying out. Bruce [ Reply to This ] I'm sorry Bruce, you'll have to come back later. (Score:5, Funny) by Mr Guy (547690) on Tuesday December 21, @02:37PM (#11150804) (Last Journal: Tuesday September 07, @04:29PM) It's not nearly late enough in the thread for someone respected to post correct, non-inflamatory, rational information. You're going to stop all the foaming at the mouth, and who wants a half-frothed troll this close to Christmas? [ Reply to This | Parent ] Re:I'm sorry Bruce, you'll have to come back later (Score:5, Funny) by Bruce Perens (3872) on Tuesday December 21, @02:53PM (#11151028) (http://perens.com/ | Last Journal: Wednesday June 16, @04:13PM) It's OK because I didn't read any of the articles linked to in the Slashdot story before posting. Thus, I maintain the proper level of ignorance for Slashdot. On the other hand, I had looked at the problem reasonably hard when choosing supported software for UserLinux, so I did know something about the problem. So perhaps that disqualifies me. Bruce From frank_wong2 at informationideas.com Tue Dec 21 16:20:31 2004 From: frank_wong2 at informationideas.com (Frank Wong) Date: Tue, 21 Dec 2004 16:20:31 -0500 Subject: [nycphp-talk] mysql_close() error Message-ID: Has anyone seen an error like this before? Warning: mysql_close(): 12 is not a valid MySQL-Link resource I connected to the DB using ************************************************************************* // Connecting, selecting database // $link = mysql_connect($host, $sys_user, $sys_password) or die("Could not connect : " . mysql_error()); mysql_select_db($sys_db) or die("Could not select database"); ************************************************************************* I tried to close using ************************************************************************* // Closing connection // mysql_close($link); ************************************************************************* Other than that, I only use the $link to query the DB. How does $link become 12 as stated in the error message? This is driving me nuts... TIA for any help. ________________________ Frank Wong Consultant Information Ideas www.informationideas.com From chsnyder at gmail.com Tue Dec 21 16:29:37 2004 From: chsnyder at gmail.com (csnyder) Date: Tue, 21 Dec 2004 16:29:37 -0500 Subject: [nycphp-talk] mysql_close() error In-Reply-To: References: Message-ID: Not an answer to your question, but unless you explicitly need to close the db connection (because your script is running in daemon mode or something) you can leave out the mysql_close() -- the connection is closed automatically once execution is finished. Still, that's perplexing. Do you do anything to $link that would cause it to be recast as a string or int? From frank_wong2 at informationideas.com Tue Dec 21 16:40:28 2004 From: frank_wong2 at informationideas.com (Frank Wong) Date: Tue, 21 Dec 2004 16:40:28 -0500 Subject: [nycphp-talk] mysql_close() error In-Reply-To: Message-ID: In my function, there is no reference to $link other than the lines with mysql_connect and mysql_close. Also, my function does not call another function so any code that would alter $link should be contained within this function. $link is also a local variable. I will try removing mysql_close and see what happens. Thanks. -----Original Message----- From: talk-bounces at lists.nyphp.org [mailto:talk-bounces at lists.nyphp.org]On Behalf Of csnyder Sent: Tuesday, December 21, 2004 4:30 PM To: NYPHP Talk Subject: Re: [nycphp-talk] mysql_close() error Not an answer to your question, but unless you explicitly need to close the db connection (because your script is running in daemon mode or something) you can leave out the mysql_close() -- the connection is closed automatically once execution is finished. Still, that's perplexing. Do you do anything to $link that would cause it to be recast as a string or int? _______________________________________________ New York PHP Talk Supporting AMP Technology (Apache/MySQL/PHP) http://lists.nyphp.org/mailman/listinfo/talk http://www.newyorkphp.org From frank_wong2 at informationideas.com Tue Dec 21 16:52:50 2004 From: frank_wong2 at informationideas.com (Frank Wong) Date: Tue, 21 Dec 2004 16:52:50 -0500 Subject: [nycphp-talk] mysql_close() error In-Reply-To: Message-ID: The interesting thing is if I explicitly force mysql_connect to open a new connection by using **************************************************************************** ******************************************* // Connecting, selecting database // $link = mysql_connect($host, $sys_user, $sys_password, TRUE) or show_error_page("Could not connect : " . mysql_error()); mysql_select_db($sys_db) or show_error_page("Could not select database"); **************************************************************************** ******************************************* I get the error message **************************************************************************** ******************************************* Warning: mysql_close(): 14 is not a valid MySQL-Link resource **************************************************************************** ******************************************* instead of the original error message without explicitly forcing a new connection **************************************************************************** ******************************************* Warning: mysql_close(): 12 is not a valid MySQL-Link resource **************************************************************************** ******************************************* Do those numbers represent something? Error number or anything else? Frank -----Original Message----- From: talk-bounces at lists.nyphp.org [mailto:talk-bounces at lists.nyphp.org]On Behalf Of csnyder Sent: Tuesday, December 21, 2004 4:30 PM To: NYPHP Talk Subject: Re: [nycphp-talk] mysql_close() error Not an answer to your question, but unless you explicitly need to close the db connection (because your script is running in daemon mode or something) you can leave out the mysql_close() -- the connection is closed automatically once execution is finished. Still, that's perplexing. Do you do anything to $link that would cause it to be recast as a string or int? _______________________________________________ New York PHP Talk Supporting AMP Technology (Apache/MySQL/PHP) http://lists.nyphp.org/mailman/listinfo/talk http://www.newyorkphp.org From faber at linuxnj.com Tue Dec 21 17:00:57 2004 From: faber at linuxnj.com (Faber Fedor) Date: Tue, 21 Dec 2004 17:00:57 -0500 Subject: [nycphp-talk] Re: mysql_close() error In-Reply-To: References: Message-ID: <20041221220057.GA21398@uranus.faber.nom> On 21/12/04 16:20 -0500, Frank Wong wrote: > Has anyone seen an error like this before? > > Warning: mysql_close(): 12 is not a valid MySQL-Link resource > > I connected to the DB using > ************************************************************************* > // Connecting, selecting database // > $link = mysql_connect($host, $sys_user, $sys_password) > or die("Could not connect : " . mysql_error()); > mysql_select_db($sys_db) or die("Could not select database"); > ************************************************************************* > > I tried to close using > ************************************************************************* > // Closing connection // > mysql_close($link); > ************************************************************************* > > Other than that, I only use the $link to query the DB. How does $link > become 12 as stated in the error message? This is driving me nuts... The way I read this is as follows: You open a connection to MySQL and assign that connection to $link. $link is kinda like a filehandle; it's a number that magically points to something. If you were to execute the mysql_connect() multiple times and print $link after each, you'll see increasing (probably sequential) numbers. For some reason, when you go to close $link, it's no longer pointing to a database connection/filehandle. So don't worry about the value of $link, worry about why $link no longer points to a database resource. -- Regards, Faber Linux New Jersey: Open Source Solutions for New Jersey http://www.linuxnj.com From frank_wong2 at informationideas.com Tue Dec 21 17:05:17 2004 From: frank_wong2 at informationideas.com (Frank Wong) Date: Tue, 21 Dec 2004 17:05:17 -0500 Subject: [nycphp-talk] Re: mysql_close() error In-Reply-To: <20041221220057.GA21398@uranus.faber.nom> Message-ID: Thanks for the pointer... ;) I'll look into why it is losing the handler. Frank -----Original Message----- From: talk-bounces at lists.nyphp.org [mailto:talk-bounces at lists.nyphp.org]On Behalf Of Faber Fedor Sent: Tuesday, December 21, 2004 5:01 PM To: NYPHP Talk Subject: [nycphp-talk] Re: mysql_close() error On 21/12/04 16:20 -0500, Frank Wong wrote: > Has anyone seen an error like this before? > > Warning: mysql_close(): 12 is not a valid MySQL-Link resource > > I connected to the DB using > ************************************************************************* > // Connecting, selecting database // > $link = mysql_connect($host, $sys_user, $sys_password) > or die("Could not connect : " . mysql_error()); > mysql_select_db($sys_db) or die("Could not select database"); > ************************************************************************* > > I tried to close using > ************************************************************************* > // Closing connection // > mysql_close($link); > ************************************************************************* > > Other than that, I only use the $link to query the DB. How does $link > become 12 as stated in the error message? This is driving me nuts... The way I read this is as follows: You open a connection to MySQL and assign that connection to $link. $link is kinda like a filehandle; it's a number that magically points to something. If you were to execute the mysql_connect() multiple times and print $link after each, you'll see increasing (probably sequential) numbers. For some reason, when you go to close $link, it's no longer pointing to a database connection/filehandle. So don't worry about the value of $link, worry about why $link no longer points to a database resource. -- Regards, Faber Linux New Jersey: Open Source Solutions for New Jersey http://www.linuxnj.com _______________________________________________ New York PHP Talk Supporting AMP Technology (Apache/MySQL/PHP) http://lists.nyphp.org/mailman/listinfo/talk http://www.newyorkphp.org From danielc at analysisandsolutions.com Tue Dec 21 17:15:37 2004 From: danielc at analysisandsolutions.com (Daniel Convissor) Date: Tue, 21 Dec 2004 17:15:37 -0500 Subject: [nycphp-talk] mysql_close() error In-Reply-To: References: Message-ID: <20041221221537.GA20009@panix.com> On Tue, Dec 21, 2004 at 04:20:31PM -0500, Frank Wong wrote: > > Warning: mysql_close(): 12 is not a valid MySQL-Link resource Sounds like the database connection was already closed somewhere else in your scripts. Comment out all calls to mysql_close() except this one you're talking about. If that isn't it, how about doing some debugging? What you've given here is pseudo code, leaving out a lot of stuff, so ther's no way we can know what's really going on, plus having such a large example is distracting you from the problem at hand. You need to make a REAL self contained example that breaks down everything to the simplest level possible: --Dan -- T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y data intensive web and database programming http://www.AnalysisAndSolutions.com/ 4015 7th Ave #4, Brooklyn NY 11232 v: 718-854-0335 f: 718-854-0409 From frank_wong2 at informationideas.com Tue Dec 21 17:26:55 2004 From: frank_wong2 at informationideas.com (Frank Wong) Date: Tue, 21 Dec 2004 17:26:55 -0500 Subject: [nycphp-talk] mysql_close() error In-Reply-To: <20041221221537.GA20009@panix.com> Message-ID: Aha, thanks for the input. I found the problem. But I need a bit of education as to why this works this way. Once I narrowed it down, I found that there was another function I was calling which mysql_close($link). So what I don't understand is the scope of $link. If I have function one() { $link = mysql_connect(... mysql_close($link); } function two() { $link = mysql_connnect(... one(); $mysql_close($link); } the var $link from function two is automatically referenced by function one even though I did not pass it in? Sorry if this is a newbie question. Thanks. Frank -----Original Message----- From: talk-bounces at lists.nyphp.org [mailto:talk-bounces at lists.nyphp.org]On Behalf Of Daniel Convissor Sent: Tuesday, December 21, 2004 5:16 PM To: NYPHP Talk Subject: Re: [nycphp-talk] mysql_close() error On Tue, Dec 21, 2004 at 04:20:31PM -0500, Frank Wong wrote: > > Warning: mysql_close(): 12 is not a valid MySQL-Link resource Sounds like the database connection was already closed somewhere else in your scripts. Comment out all calls to mysql_close() except this one you're talking about. If that isn't it, how about doing some debugging? What you've given here is pseudo code, leaving out a lot of stuff, so ther's no way we can know what's really going on, plus having such a large example is distracting you from the problem at hand. You need to make a REAL self contained example that breaks down everything to the simplest level possible: --Dan -- T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y data intensive web and database programming http://www.AnalysisAndSolutions.com/ 4015 7th Ave #4, Brooklyn NY 11232 v: 718-854-0335 f: 718-854-0409 _______________________________________________ New York PHP Talk Supporting AMP Technology (Apache/MySQL/PHP) http://lists.nyphp.org/mailman/listinfo/talk http://www.newyorkphp.org From adam at trachtenberg.com Tue Dec 21 18:08:12 2004 From: adam at trachtenberg.com (Adam Maccabee Trachtenberg) Date: Tue, 21 Dec 2004 18:08:12 -0500 (EST) Subject: [nycphp-talk] mysql_close() error In-Reply-To: References: Message-ID: On Tue, 21 Dec 2004, Frank Wong wrote: > the var $link from function two is automatically referenced by function one > even though I did not pass it in? > > Sorry if this is a newbie question. Thanks. Actually, it has nothing to do with lexical scoping. It's more subtle than that. I believe that if you try to make a second connection to MySQL via PHP that's identical to an existing connection, then PHP will reuse the first connection. That's why mysql_connect() returns the same resource handle. -adam -- adam at trachtenberg.com | http://www.trachtenberg.com author of o'reilly's "upgrading to php 5" and "php cookbook" avoid the holiday rush, buy your copies today! From chsnyder at gmail.com Tue Dec 21 18:16:10 2004 From: chsnyder at gmail.com (csnyder) Date: Tue, 21 Dec 2004 18:16:10 -0500 Subject: [nycphp-talk] mysql_close() error In-Reply-To: References: Message-ID: Adam Maccabee Trachtenberg wrote: > I believe that if you try to make a second connection to MySQL via PHP > that's identical to an existing connection, then PHP will reuse the > first connection. That's why mysql_connect() returns the same resource > handle. Which would explain why $link loses its magical resourceness after the first mysql_close() -- and also why it's a good idea not to use mysql_close(), except in exceptional circumstances. From chsnyder at gmail.com Tue Dec 21 18:16:10 2004 From: chsnyder at gmail.com (csnyder) Date: Tue, 21 Dec 2004 18:16:10 -0500 Subject: [nycphp-talk] mysql_close() error In-Reply-To: References: Message-ID: Adam Maccabee Trachtenberg wrote: > I believe that if you try to make a second connection to MySQL via PHP > that's identical to an existing connection, then PHP will reuse the > first connection. That's why mysql_connect() returns the same resource > handle. Which would explain why $link loses its magical resourceness after the first mysql_close() -- and also why it's a good idea not to use mysql_close(), except in exceptional circumstances. From frank_wong2 at informationideas.com Tue Dec 21 21:46:47 2004 From: frank_wong2 at informationideas.com (Frank Wong) Date: Tue, 21 Dec 2004 21:46:47 -0500 Subject: [nycphp-talk] mysql_close() error In-Reply-To: Message-ID: Now I get it. Thanks for clarifying how mysql_connect and mysql_close work. Frank -----Original Message----- From: talk-bounces at lists.nyphp.org [mailto:talk-bounces at lists.nyphp.org]On Behalf Of csnyder Sent: Tuesday, December 21, 2004 6:16 PM To: NYPHP Talk Subject: Re: [nycphp-talk] mysql_close() error Adam Maccabee Trachtenberg wrote: > I believe that if you try to make a second connection to MySQL via PHP > that's identical to an existing connection, then PHP will reuse the > first connection. That's why mysql_connect() returns the same resource > handle. Which would explain why $link loses its magical resourceness after the first mysql_close() -- and also why it's a good idea not to use mysql_close(), except in exceptional circumstances. _______________________________________________ New York PHP Talk Supporting AMP Technology (Apache/MySQL/PHP) http://lists.nyphp.org/mailman/listinfo/talk http://www.newyorkphp.org From rolan at omnistep.com Wed Dec 22 03:34:12 2004 From: rolan at omnistep.com (Rolan Yang) Date: Wed, 22 Dec 2004 03:34:12 -0500 Subject: [nycphp-talk] Turck_mmcache weirdness after upgrading to php4.3.10 Message-ID: <41C93184.2090005@omnistep.com> Some of my scripts have begun to exhibit odd behavior after upgrading to php 4.3.10, such as variables not printing their values when used in "print" statements. After modifying the php scripts and then reverting it back to the original code, the scripts began to function properly. I suspect this has something to do with Turck_mmcache 2.3.23 which is loaded. I will upgrade to the lastest Turck_mmcache to see if it fixes the problems. I just thought I'd make a report to save some head pounding in case anyone else encounters a similiar problem. ~Rolan From shiflett at php.net Wed Dec 22 03:53:32 2004 From: shiflett at php.net (Chris Shiflett) Date: Wed, 22 Dec 2004 00:53:32 -0800 (PST) Subject: [nycphp-talk] Looks like Chris will get Slashdotted again :) In-Reply-To: <946586480412211203a6b3f43@mail.gmail.com> Message-ID: <20041222085332.36870.qmail@web52802.mail.yahoo.com> --- Christopher Merlo wrote: > Chris S.'s blog is linked to in an article that just hit > Slashdot regarding the use of PHP with Apache 2.0. This always seems to happen when I'm out of town and without convenient Internet access. :-) Hopefully my server did better. Everything except the comments is static, so that's about the best I can do on a shared host. > In the article, Chris is described as a "high-profile PHP > community member". Good work, Chris! Thanks, although I don't see myself as having done any work. I am pleased to see that Rich was able to stir things up and get a discussion started. I really only blogged about it to try to help give him a little more attention. I was happy to read Andi's most recent comment: http://marc.theaimsgroup.com/?l=php-dev&m=110369402613847&w=2 Chris ===== Chris Shiflett - http://shiflett.org/ PHP Security - O'Reilly HTTP Developer's Handbook - Sams Coming Soon http://httphandbook.org/ From leam at reuel.net Wed Dec 22 06:13:49 2004 From: leam at reuel.net (leam at reuel.net) Date: Wed, 22 Dec 2004 06:13:49 -0500 Subject: [nycphp-talk] Input validation? Message-ID: <20041222111349.GC3623@leitz> Good heavens, the people I write php for are actually using it! Errgh! Any good references on validating user input that's headed for a database? What are some of the ways malicious or bad data is formed? And Merry Christmas Season to everyone! ciao! leam From jsiegel1 at optonline.net Wed Dec 22 06:41:00 2004 From: jsiegel1 at optonline.net (Jeff Siegel) Date: Wed, 22 Dec 2004 06:41:00 -0500 Subject: [nycphp-talk] Input validation? In-Reply-To: <20041222111349.GC3623@leitz> References: <20041222111349.GC3623@leitz> Message-ID: <41C95D4C.6060401@optonline.net> For starters see: http://education.nyphp.org/phundamentals/PH_storingretrieving.php You'll probably also want to use some regular expressions with http://php.net/preg_match You should also check out "PHP Cookbook" - there are some "recipes" dealing with input validation - and there is a section in "Web Database Applications with PHP and MySQL" (Williams/Lane...this is an Oreilly book) on validating input. Jeff leam at reuel.net wrote: > Good heavens, the people I write php for are actually using it! Errgh! > > Any good references on validating user input that's headed for a database? What are some of the ways malicious or bad data is formed? > > And Merry Christmas Season to everyone! > > ciao! > > leam > _______________________________________________ > New York PHP Talk > Supporting AMP Technology (Apache/MySQL/PHP) > http://lists.nyphp.org/mailman/listinfo/talk > http://www.newyorkphp.org > From amiller at criticalmedia.biz Wed Dec 22 07:34:34 2004 From: amiller at criticalmedia.biz (Alan T. Miller) Date: Wed, 22 Dec 2004 05:34:34 -0700 Subject: [nycphp-talk] Help... NeverEverNoSanity WebWorm generation 8. References: <20041222111349.GC3623@leitz> <41C95D4C.6060401@optonline.net> Message-ID: <004c01c4e822$97c3a510$0b01a8c0@webdev> It looks like I got slammed by some new PHP vulnerablity. It first appeard that what it did was to replace all your index pages with its own that proclaims "This site is defaced!!!" and then includes ... "NeverEverNoSanity WebWorm generation 8.". Well, in an effort to fix this problem, I completely rebuilt apache, mod_ssl, and PHP. And when I tried to upload new index files from my backup, I still get the damn messages but it is as if thay are overlaid on top of my regular pages. So Weird... Anyone have any information about this, how to fix, how to clean this up, how to prevent (other than the obvious upgrade your PHP the absolute minute an update comes out?). Thanks in advance, Alan From flakie at gmail.com Wed Dec 22 09:36:38 2004 From: flakie at gmail.com (Eric Rank) Date: Wed, 22 Dec 2004 08:36:38 -0600 Subject: [nycphp-talk] Session security: protecting against hijacking attempts POSSIBLE SOLUTION In-Reply-To: References: Message-ID: After thinking hard about what's involved with session hijacking, one thing seemed to be the lynchpin in attacks, the session id. If an attacker knows the session id, he can hijack the victim's session. So my thought was to change the session id with every request. This way, the session is only good for a very short time. It also does a very adequate job of protecting against session fixation attacks (http://www.acros.si/papers/session_fixation.pdf) because once the attackers session is used to gain permissions, it becomes an invalid id. The php function session_regenerate_id() looked promissing. However, it falls a bit short by not deleting the old session id once the new session id is generated. So I whipped together a procedure to make it work. The things that it relies on are 1. the id being hard to catch, and 2. the attacker doesn't beat the legit user to the punch. For example, let's say an attacker was sniffing the network and sees a session id go by. if he goes to a page specifying the stolen session id as his own, the legit user will lose all her data in the session because the id she specifies on her next page is no longer valid. However, if you've got someone sniffing the network, there are probably bigger problems to be concerned about. To me, the following approach does a fairly adequate job of protecting against session hijack attempts. You can use this in addition to other validation tests (using cookies with unique id's, using user-agent & ip comparisons, etc). I've done some preliminary testing and it seems to work ok. I'd love to hear some feedback. It goes something like this: Eric Rank From jsiegel1 at optonline.net Wed Dec 22 10:11:07 2004 From: jsiegel1 at optonline.net (Jeff Siegel) Date: Wed, 22 Dec 2004 10:11:07 -0500 Subject: [nycphp-talk] Help... NeverEverNoSanity WebWorm generation 8. In-Reply-To: <004c01c4e822$97c3a510$0b01a8c0@webdev> References: <20041222111349.GC3623@leitz> <41C95D4C.6060401@optonline.net> <004c01c4e822$97c3a510$0b01a8c0@webdev> Message-ID: <41C98E8B.3000705@optonline.net> This seems to be a combination of PHP and phpBB issue. Personally speaking...if you've got this combination, I think it's time to dump phpBB since it seems to often be on the "security vulnerability" list. Jeff Alan T. Miller wrote: > It looks like I got slammed by some new PHP vulnerablity. It first > appeard that what it did was to replace all your index pages with its > own that proclaims "This site is defaced!!!" and then includes ... > "NeverEverNoSanity WebWorm generation 8.". > > Well, in an effort to fix this problem, I completely rebuilt apache, > mod_ssl, and PHP. And when I tried to upload new index files from my > backup, I still get the damn messages but it is as if thay are overlaid > on top of my regular pages. So Weird... > > Anyone have any information about this, how to fix, how to clean this > up, how to prevent (other than the obvious upgrade your PHP the absolute > minute an update comes out?). > > Thanks in advance, > > Alan > > _______________________________________________ > New York PHP Talk > Supporting AMP Technology (Apache/MySQL/PHP) > http://lists.nyphp.org/mailman/listinfo/talk > http://www.newyorkphp.org > From sailer at bnl.gov Wed Dec 22 10:14:42 2004 From: sailer at bnl.gov (Tim Sailer) Date: Wed, 22 Dec 2004 10:14:42 -0500 Subject: [nycphp-talk] Help... NeverEverNoSanity WebWorm generation 8. In-Reply-To: <41C98E8B.3000705@optonline.net> References: <20041222111349.GC3623@leitz> <41C95D4C.6060401@optonline.net> <004c01c4e822$97c3a510$0b01a8c0@webdev> <41C98E8B.3000705@optonline.net> Message-ID: <20041222151442.GB7306@bnl.gov> On Wed, Dec 22, 2004 at 10:11:07AM -0500, Jeff Siegel wrote: > This seems to be a combination of PHP and phpBB issue. > > Personally speaking...if you've got this combination, I think it's time > to dump phpBB since it seems to often be on the "security vulnerability" > list. phpBB seems to have features that everyone likes. Not that it's an excuse, but those of us who do hosting have customers that demand things like phpBB, so, until there's something that's as good or better (in their view), I for one, am stuck with frequent patching. This all reminds me way too much of Sendmail-patch-du-jour. Tim -- Tim Sailer Information and Special Technologies Program Office of CounterIntelligence Brookhaven National Laboratory (631) 344-3001 From jsiegel1 at optonline.net Wed Dec 22 10:51:31 2004 From: jsiegel1 at optonline.net (Jeff Siegel) Date: Wed, 22 Dec 2004 10:51:31 -0500 Subject: [nycphp-talk] Help... NeverEverNoSanity WebWorm generation 8. In-Reply-To: <20041222151442.GB7306@bnl.gov> References: <20041222111349.GC3623@leitz> <41C95D4C.6060401@optonline.net> <004c01c4e822$97c3a510$0b01a8c0@webdev> <41C98E8B.3000705@optonline.net> <20041222151442.GB7306@bnl.gov> Message-ID: <41C99803.5050007@optonline.net> Tim Sailer wrote: > On Wed, Dec 22, 2004 at 10:11:07AM -0500, Jeff Siegel wrote: > >>This seems to be a combination of PHP and phpBB issue. >> >>Personally speaking...if you've got this combination, I think it's time >>to dump phpBB since it seems to often be on the "security vulnerability" >>list. > > > phpBB seems to have features that everyone likes. Not that it's an excuse, > but those of us who do hosting have customers that demand things like > phpBB, so, until there's something that's as good or better (in their view), > I for one, am stuck with frequent patching. This all reminds me way too > much of Sendmail-patch-du-jour. Believe me...I understand. I have a client that has (or should I say "insisted on using") phpNuke/phpBB. Jeff From tgales at tgaconnect.com Wed Dec 22 11:08:08 2004 From: tgales at tgaconnect.com (Tim Gales) Date: Wed, 22 Dec 2004 11:08:08 -0500 Subject: [nycphp-talk] Help... NeverEverNoSanity WebWorm generation 8. Message-ID: <200412221608.iBMG88F00703@tgaconnect.com> > It looks like I got slammed by some new PHP vulnerablity. It first appeard > that what it did was to replace all your index pages with its own that > proclaims "This site is defaced!!!" and then includes ... "NeverEverNoSanity > WebWorm generation 8.". > > Well, in an effort to fix this problem, I completely rebuilt apache, > mod_ssl, and PHP. And when I tried to upload new index files from my backup, > I still get the damn messages but it is as if thay are overlaid on top of my > regular pages. So Weird... > > Anyone have any information about this... >From what I have read there is a script which uses Google to find vulnerable sites like yours. It could happen that after you totally redo your site, you can systematically get compromised again in short order. I would consider changing default directories and renaming configuration files. Tim G. From 1j0lkq002 at sneakemail.com Wed Dec 22 11:35:46 2004 From: 1j0lkq002 at sneakemail.com (inforequest) Date: Wed, 22 Dec 2004 11:35:46 -0500 Subject: [nycphp-talk] Help... NeverEverNoSanity WebWorm generation 8. In-Reply-To: <200412221608.iBMG88F00703@tgaconnect.com> References: <200412221608.iBMG88F00703@tgaconnect.com> Message-ID: <26817-22098@sneakemail.com> Tim Gales tgales-at-tgaconnect.com |nyphp dev/internal group use| wrote: > > >>It looks like I got slammed by some new PHP vulnerablity. It first >> >> >appeard > > >>that what it did was to replace all your index pages with its own >> >> >that > > >>proclaims "This site is defaced!!!" and then >> >> >includes ... "NeverEverNoSanity > There is a flaw in the highlight script for which manual hacks are available. There were also multiple security flaws in PHP < version 4.3.10 or 5.0.3 (Secunia): An integer overflow in the "pack()" function....bypasses the safe_mode feature and allows execution of arbitrary code with the privileges of the web server. An integer overflow in the "unpack()" function can be exploited to leak information stored on the heap by passing specially crafted parameters to the function. An error within safe_mode when executing commands can be exploited to bypass the safe_mode_exec_dir restriction by injecting shell commands into the current directory name. *** An error in safe_mode combined with certain implementations of "realpath()" can be exploited to bypass safe_mode via a specially crafted file path. *** Various errors within the deserialization code can be exploited to disclose information or execute arbitrary code via specially crafted strings passed to the "unserialize()" function. An unspecified error in the "shmop_write()" function may result in an attempt to write to an out-of-bounds memory location. An unspecified error in the "addslashes()" function causes it to not escape "\0" correctly. An unspecified boundary error exists in the "exif_read_data()" function when handling long section names. An unspecified error within "magic_quotes_gpc" may allow a one-level directory traversal when uploading files. Other potential security issues have also been reported. (*** phpBB vulnerability is related to dependency on these) As for phpBB: Edit |overall_footer.tpl| and remove the version number Consider using mod_rewrite to change the default file names, since they are used as search footprints It is widely believed that you should de-link the members directory (memberlist.php) to avoid spam and ID-based cracking atempts. However, for SEO purposes, try linking that instead to a search results page showing all posts of that member (search.php?search_author=membername). Check your forums description text. Crackers have hidden js within the description, which loads on user's browsers when viewed (logged in users :-) Disallow remote avatars Want to see the damage? Check out this search : http://www.google.com/search?hl=en&lr=&q=%22This+site+is+defaced%21%21%21%22&btnG=Search -=john andrews From 1j0lkq002 at sneakemail.com Wed Dec 22 11:49:23 2004 From: 1j0lkq002 at sneakemail.com (inforequest) Date: Wed, 22 Dec 2004 11:49:23 -0500 Subject: [nycphp-talk] Input validation? In-Reply-To: <41C95D4C.6060401@optonline.net> References: <20041222111349.GC3623@leitz> <41C95D4C.6060401@optonline.net> Message-ID: <3262-30217@sneakemail.com> Jeff Siegel jsiegel1-at-optonline.net |nyphp dev/internal group use| wrote: > For starters see: > http://education.nyphp.org/phundamentals/PH_storingretrieving.php > > You'll probably also want to use some regular expressions with > http://php.net/preg_match > > You should also check out "PHP Cookbook" - there are some "recipes" > dealing with input validation - and there is a section in "Web > Database Applications with PHP and MySQL" (Williams/Lane...this is an > Oreilly book) on validating input. > > Jeff > > leam at reuel.net wrote: > >> Good heavens, the people I write php for are actually using it! Errgh! >> >> Any good references on validating user input that's headed for a >> database? What are some of the ways malicious or bad data is formed? >> And Merry Christmas Season to everyone! >> ciao! >> >> leam > During development you may want to propose a quick coding style tip for anyone messing with code. Once they understand the need for input validation they can "guesstimate" the relative level of input validation being done by a script *in it's current state* and add a comment to that effect. For example, a new script never tested starts with and one where the coder has routinely included use of input validation libraries might get . You might simply require anything they add to be commented as level 1, for safety. You might suggest that placing a low ival comment removes culpability from the coder... to help it get included ;-) Many problems arise from not-having-time-to-go-back-and-clean-up-the-code-later and this "method" keeps it on the radar during coding, making it easier to locate/prioritize review later (find all files ival level 0, then 1, then 2, etc.....) No replacement for good house standards, proper use of classes, libraries, code review, and all that. And of course don't leave the comments in production code.... But at the same time, it might help out. -=john andrews From corey at domanistudios.com Wed Dec 22 13:19:41 2004 From: corey at domanistudios.com (corey szopinski) Date: Wed, 22 Dec 2004 13:19:41 -0500 Subject: [nycphp-talk] Session security: protecting against hijacking attempts POSSIBLE SOLUTION In-Reply-To: Message-ID: Hey Eric- One idea to throw in with this: the idea of using a session id along with a key. The key is generated by an algorithm on the client and the server, and ?merged? into the session id. I?m thinking of something like the md5sum of the useragent+ip address+seconds since last request. All three values are known entities to both the client and the server, so you can do the md5sum on both sides without passing the actual value. Instead, you can merge the php session id with this md5sum in a way that you can subtract the key to get the session id. I?m not sure what merging technique to suggest that?s reversible, but the general idea is to vary the id passed to the server in a known and predictable way, without it looking predictable (the md5 will look random). At the end of all of this you get the original session id issued by the server, without passing that id in the clear. It?s essentially a poor-man?s SSL. Since the handshake sequence happens on every request. You won?t be encrypting anything, but you could be 95% sure that no one is getting in the middle. For extra security, throw in a random seed generated by the server on the first request and use that in your md5. Although I have to ask: why not just set up a self-signed certificate for this? -c On 12/22/04 9:36 AM, "Eric Rank" wrote: > After thinking hard about what's involved with session hijacking, one > thing seemed to be the lynchpin in attacks, the session id. If an > attacker knows the session id, he can hijack the victim's session. > > So my thought was to change the session id with every request. This > way, the session is only good for a very short time. It also does a > very adequate job of protecting against session fixation attacks > (http://www.acros.si/papers/session_fixation.pdf) because once the > attackers session is used to gain permissions, it becomes an invalid > id. > > The php function session_regenerate_id() looked promissing. However, > it falls a bit short by not deleting the old session id once the new > session id is generated. So I whipped together a procedure to make it > work. > > The things that it relies on are 1. the id being hard to catch, and 2. > the attacker doesn't beat the legit user to the punch. For example, > let's say an attacker was sniffing the network and sees a session id > go by. if he goes to a page specifying the stolen session id as his > own, the legit user will lose all her data in the session because the > id she specifies on her next page is no longer valid. However, if > you've got someone sniffing the network, there are probably bigger > problems to be concerned about. > > To me, the following approach does a fairly adequate job of protecting > against session hijack attempts. You can use this in addition to other > validation tests (using cookies with unique id's, using user-agent & > ip comparisons, etc). I've done some preliminary testing and it seems > to work ok. I'd love to hear some feedback. > > It goes something like this: > > session_start(); > $temp = $_SESSION; //make a copy of the session > session_unset(); //clear the session data. probably an unnecessary line > if (isset($_COOKIE[session_name()])) { //kill the cookie on the client > @setcookie(session_name(), '', time()-42000, '/'); > } > > //use this instead of session destroy to kill the session file on the server > unlink(session_save_path().'/'.'sess_'.session_id()); > > session_regenerate_id(); //generate a new session id. this sets a new > cookie on client as well > $_SESSION = $temp; //put the temp info back on the session superglobal > > //The rest of your code that uses sessions below... > ?> > Corey Szopinski Director of Technology DOMANI STUDIOS corey at domanistudios.com 55 Washington St. Suite 822 Brooklyn, NY 11201 718-797-4470 x116 -------------- next part -------------- An HTML attachment was scrubbed... URL: From preinheimer at gmail.com Wed Dec 22 13:31:25 2004 From: preinheimer at gmail.com (Paul Reinheimer) Date: Wed, 22 Dec 2004 13:31:25 -0500 Subject: [nycphp-talk] Session security: protecting against hijacking attempts POSSIBLE SOLUTION In-Reply-To: References: Message-ID: <6ec19ec704122210316f471f4d@mail.gmail.com> If a user has disabled cookies, and the session ID is being propegated in the URL, this will break whenever the user uses the back button then clicks on a new link. As links on previous pages will still reference the old session id. The back button is an essential element of the user experiance as it provides a safety mechanism for the user, no matter what they do or click on, they can click back to 'fix it'. Systems that negativly affect that process shouldn't be undertaken lightly. The primary methods for an attacker to obtain a session id would be session fixation (sending a user to specially crafted url to set their session id) and man in the middle attacks. Regenerating their session id once (rather than repeatedly) would be enough to foil a fixation attack, but not man in the middle attacks. This constant regeneration process might have some advantages in a man in the middle attack as once the attacker started using the session it would be reset, and the valid user would be asked to log in again, hopefully this process would destroy any previous sessions associated with the account. Though personally, I don't think this increase is worth the trade off of breaking the back button for non-cookie users & increased server load from constant regeneration & file access. Also, my understanding of session_regenerate_id() is that it moves the session from the previous ID to a newly generated one, the old ID should be invalid at that point. I'm a big supporter of regenerating the session id everytime the visitor changes access levels. When they log in, regenerate the id. When they log out, regenerate the id, etc. Be carefull with doing IP matching as users behind proxies may change IPs at seemingly random intervals. :) paul On Wed, 22 Dec 2004 08:36:38 -0600, Eric Rank wrote: > After thinking hard about what's involved with session hijacking, one > thing seemed to be the lynchpin in attacks, the session id. If an > attacker knows the session id, he can hijack the victim's session. > > So my thought was to change the session id with every request. This > way, the session is only good for a very short time. It also does a > very adequate job of protecting against session fixation attacks > (http://www.acros.si/papers/session_fixation.pdf) because once the > attackers session is used to gain permissions, it becomes an invalid > id. > > The php function session_regenerate_id() looked promissing. However, > it falls a bit short by not deleting the old session id once the new > session id is generated. So I whipped together a procedure to make it > work. > > The things that it relies on are 1. the id being hard to catch, and 2. > the attacker doesn't beat the legit user to the punch. For example, > let's say an attacker was sniffing the network and sees a session id > go by. if he goes to a page specifying the stolen session id as his > own, the legit user will lose all her data in the session because the > id she specifies on her next page is no longer valid. However, if > you've got someone sniffing the network, there are probably bigger > problems to be concerned about. > > To me, the following approach does a fairly adequate job of protecting > against session hijack attempts. You can use this in addition to other > validation tests (using cookies with unique id's, using user-agent & > ip comparisons, etc). I've done some preliminary testing and it seems > to work ok. I'd love to hear some feedback. > > It goes something like this: > > session_start(); > $temp = $_SESSION; //make a copy of the session > session_unset(); //clear the session data. probably an unnecessary line > if (isset($_COOKIE[session_name()])) { //kill the cookie on the client > @setcookie(session_name(), '', time()-42000, '/'); > } > > //use this instead of session destroy to kill the session file on the server > unlink(session_save_path().'/'.'sess_'.session_id()); > > session_regenerate_id(); //generate a new session id. this sets a new > cookie on client as well > $_SESSION = $temp; //put the temp info back on the session superglobal > > //The rest of your code that uses sessions below... > ?> > > > Eric Rank > _______________________________________________ > New York PHP Talk > Supporting AMP Technology (Apache/MySQL/PHP) > http://lists.nyphp.org/mailman/listinfo/talk > http://www.newyorkphp.org > -- Paul Reinheimer Zend Certified Engineer From preinheimer at gmail.com Wed Dec 22 13:39:11 2004 From: preinheimer at gmail.com (Paul Reinheimer) Date: Wed, 22 Dec 2004 13:39:11 -0500 Subject: [nycphp-talk] Session security: protecting against hijacking attempts POSSIBLE SOLUTION In-Reply-To: References: Message-ID: <6ec19ec70412221039550a4c15@mail.gmail.com> This sounds neat, but how does my client generate the ID? Javascript? On each request? Also, my computer doesn't know what its external IP is, I sit behind a connection sharing router, it thinks it is 192.168.1.85, while the server will think it is 64.52.118.25 (or whatever). Users behind connection proxies or other similar corporate constructs will run into similar problems. The seconds since last request thing is also going to be a bit wonky as a result of pings & lag. Some type of specially crafted but shifting key might work well for applications communicating with each other directly, but I don't know how well it would work for a user browsing a site. paul On Wed, 22 Dec 2004 13:19:41 -0500, corey szopinski wrote: > Hey Eric- > > One idea to throw in with this: the idea of using a session id along with a > key. The key is generated by an algorithm on the client and the server, and > "merged" into the session id. I'm thinking of something like the md5sum of > the useragent+ip address+seconds since last request. All three values are > known entities to both the client and the server, so you can do the md5sum > on both sides without passing the actual value. Instead, you can merge the > php session id with this md5sum in a way that you can subtract the key to > get the session id. I'm not sure what merging technique to suggest that's > reversible, but the general idea is to vary the id passed to the server in a > known and predictable way, without it looking predictable (the md5 will look > random). At the end of all of this you get the original session id issued by > the server, without passing that id in the clear. > > It's essentially a poor-man's SSL. Since the handshake sequence happens on > every request. You won't be encrypting anything, but you could be 95% sure > that no one is getting in the middle. For extra security, throw in a random > seed generated by the server on the first request and use that in your md5. > > Although I have to ask: why not just set up a self-signed certificate for > this? > > -c > > > > On 12/22/04 9:36 AM, "Eric Rank" wrote: > > > After thinking hard about what's involved with session hijacking, one > thing seemed to be the lynchpin in attacks, the session id. If an > attacker knows the session id, he can hijack the victim's session. > > So my thought was to change the session id with every request. This > way, the session is only good for a very short time. It also does a > very adequate job of protecting against session fixation attacks > (http://www.acros.si/papers/session_fixation.pdf) because once the > attackers session is used to gain permissions, it becomes an invalid > id. > > The php function session_regenerate_id() looked promissing. However, > it falls a bit short by not deleting the old session id once the new > session id is generated. So I whipped together a procedure to make it > work. > > The things that it relies on are 1. the id being hard to catch, and 2. > the attacker doesn't beat the legit user to the punch. For example, > let's say an attacker was sniffing the network and sees a session id > go by. if he goes to a page specifying the stolen session id as his > own, the legit user will lose all her data in the session because the > id she specifies on her next page is no longer valid. However, if > you've got someone sniffing the network, there are probably bigger > problems to be concerned about. > > To me, the following approach does a fairly adequate job of protecting > against session hijack attempts. You can use this in addition to other > validation tests (using cookies with unique id's, using user-agent & > ip comparisons, etc). I've done some preliminary testing and it seems > to work ok. I'd love to hear some feedback. > > It goes something like this: > > session_start(); > $temp = $_SESSION; //make a copy of the session > session_unset(); //clear the session data. probably an unnecessary line > if (isset($_COOKIE[session_name()])) { //kill the cookie on the client > @setcookie(session_name(), '', time()-42000, '/'); > } > > //use this instead of session destroy to kill the session file on the > server > unlink(session_save_path().'/'.'sess_'.session_id()); > > session_regenerate_id(); //generate a new session id. this sets a new > cookie on client as well > $_SESSION = $temp; //put the temp info back on the session superglobal > > //The rest of your code that uses sessions below... > ?> > > > > > > Corey Szopinski > Director of Technology > > DOMANI STUDIOS > corey at domanistudios.com > 55 Washington St. Suite 822 > Brooklyn, NY 11201 > 718-797-4470 x116 > > > _______________________________________________ > New York PHP Talk > Supporting AMP Technology (Apache/MySQL/PHP) > http://lists.nyphp.org/mailman/listinfo/talk > http://www.newyorkphp.org > > -- Paul Reinheimer Zend Certified Engineer From chsnyder at gmail.com Wed Dec 22 13:47:40 2004 From: chsnyder at gmail.com (csnyder) Date: Wed, 22 Dec 2004 13:47:40 -0500 Subject: [nycphp-talk] Session security: protecting against hijacking attempts POSSIBLE SOLUTION In-Reply-To: <6ec19ec704122210316f471f4d@mail.gmail.com> References: <6ec19ec704122210316f471f4d@mail.gmail.com> Message-ID: > md5sum of the useragent+ip address+seconds since last request. > All three values are known entities to both the client and the server Not true -- my client seldom knows what IP address the server will see, because I'm behind a NATing router. Also, if you think this through it doesn't prevent a man-in-the-middle attack. MITM knows all of this info, and has a copy of the javascript required to generate the id. SSL is the only way to prevent session hijacking in all cases. From webmaster at localnotion.com Wed Dec 22 17:10:28 2004 From: webmaster at localnotion.com (Matthew Terenzio) Date: Wed, 22 Dec 2004 17:10:28 -0500 Subject: [nycphp-talk] mysql_close() error In-Reply-To: References: Message-ID: <49F64CAB-5466-11D9-B3B3-0003938BDF32@localnotion.com> On Dec 21, 2004, at 9:46 PM, Frank Wong wrote: > > Adam Maccabee Trachtenberg wrote: > >> I believe that if you try to make a second connection to MySQL via PHP >> that's identical to an existing connection, then PHP will reuse the >> first connection. That's why mysql_connect() returns the same resource >> handle. > > Which would explain why $link loses its magical resourceness after the > first mysql_close() -- and also why it's a good idea not to use > mysql_close(), except in exceptional circumstances. I wasn't paying terribly close attention to this thread but I had an issue today which may be related. Using Postgresql, I recently added a couple of scripts written by an outside company which allowed them to bulk sync some data that my company wanted. I began noticing that some of my DB backed web pages were displaying errors . Shame on me for allowing that, I know, I hadn't read Phundamentals yet when I created those pages :) Any way. . . The two errors were Postgres "can't connect, too many clients already." and Postgres "The connection was terminated by the administrator" The latter being caused mostly by a page refresh. I upped the Postgresql.conf max users to 64 instead of 32 though I knew that was not a proper fix. I suspected these scripts so I removed them. The errors continued but at a lesser and lesser rate. I guessed some connections were still actively being shared. Finally they ceased. I looked at the scripts again and they were pretty basic, but I changed pg_connect() to pg_pconnect() and removed the pg_close() altogether. So far so good. Time will tell. I guess the moral is don't let cold fusion guys write your PHP scripts. :) I didn't just throw the scripts on the server, by the way, but they were pretty basic and it didn't occur to me that the close DB function would terminate connections elsewhere. That is what happened isn't it? From flakie at gmail.com Wed Dec 22 14:07:58 2004 From: flakie at gmail.com (Eric Rank) Date: Wed, 22 Dec 2004 13:07:58 -0600 Subject: [nycphp-talk] Session security: protecting against hijacking attempts POSSIBLE SOLUTION In-Reply-To: References: Message-ID: Howdy Corey, Using some kind of unique key is a good idea. It makes a lot of sense to combine some sort of unique identifier generated by the client. There are of course problems with using the ip for people behind proxies, among other issues getting the unique goods to generate some sort of key. But regardless, getting some sort of semi-unique value shouldn't be too hard. However, unless I'm missing something (I feel like I am), it seems to me that there's a slight shortcoming in using a session id with a mixed in key. As you mention, the key+session id value does have to transfer from client to server, so anyone watching could see that crazy string, copy it and send some headers to the server matching that. The server then de-crypts the crazy string, and accepts it as valid. Using a timestamp in the key is a good idea though. That would certainly help make things unique. Self signed certificate ? I completely agree that where real security is necessary, SSL is a necessity. In some cases, ssl isn't available (for people running on cheap hosting packages). That's why I'm beating this horse. Is it dead yet? :-) Thanks, Eric On Wed, 22 Dec 2004 13:19:41 -0500, corey szopinski wrote: > Hey Eric- > > One idea to throw in with this: the idea of using a session id along with a > key. The key is generated by an algorithm on the client and the server, and > "merged" into the session id. I'm thinking of something like the md5sum of > the useragent+ip address+seconds since last request. All three values are > known entities to both the client and the server, so you can do the md5sum > on both sides without passing the actual value. Instead, you can merge the > php session id with this md5sum in a way that you can subtract the key to > get the session id. I'm not sure what merging technique to suggest that's > reversible, but the general idea is to vary the id passed to the server in a > known and predictable way, without it looking predictable (the md5 will look > random). At the end of all of this you get the original session id issued by > the server, without passing that id in the clear. > > It's essentially a poor-man's SSL. Since the handshake sequence happens on > every request. You won't be encrypting anything, but you could be 95% sure > that no one is getting in the middle. For extra security, throw in a random > seed generated by the server on the first request and use that in your md5. > > Although I have to ask: why not just set up a self-signed certificate for > this? > > -c > > > > On 12/22/04 9:36 AM, "Eric Rank" wrote: > > > After thinking hard about what's involved with session hijacking, one > thing seemed to be the lynchpin in attacks, the session id. If an > attacker knows the session id, he can hijack the victim's session. > > So my thought was to change the session id with every request. This > way, the session is only good for a very short time. It also does a > very adequate job of protecting against session fixation attacks > (http://www.acros.si/papers/session_fixation.pdf) because once the > attackers session is used to gain permissions, it becomes an invalid > id. > > The php function session_regenerate_id() looked promissing. However, > it falls a bit short by not deleting the old session id once the new > session id is generated. So I whipped together a procedure to make it > work. > > The things that it relies on are 1. the id being hard to catch, and 2. > the attacker doesn't beat the legit user to the punch. For example, > let's say an attacker was sniffing the network and sees a session id > go by. if he goes to a page specifying the stolen session id as his > own, the legit user will lose all her data in the session because the > id she specifies on her next page is no longer valid. However, if > you've got someone sniffing the network, there are probably bigger > problems to be concerned about. > > To me, the following approach does a fairly adequate job of protecting > against session hijack attempts. You can use this in addition to other > validation tests (using cookies with unique id's, using user-agent & > ip comparisons, etc). I've done some preliminary testing and it seems > to work ok. I'd love to hear some feedback. > > It goes something like this: > > session_start(); > $temp = $_SESSION; //make a copy of the session > session_unset(); //clear the session data. probably an unnecessary line > if (isset($_COOKIE[session_name()])) { //kill the cookie on the client > @setcookie(session_name(), '', time()-42000, '/'); > } > > //use this instead of session destroy to kill the session file on the > server > unlink(session_save_path().'/'.'sess_'.session_id()); > > session_regenerate_id(); //generate a new session id. this sets a new > cookie on client as well > $_SESSION = $temp; //put the temp info back on the session superglobal > > //The rest of your code that uses sessions below... > ?> > > > > > > Corey Szopinski > Director of Technology > > DOMANI STUDIOS > corey at domanistudios.com > 55 Washington St. Suite 822 > Brooklyn, NY 11201 > 718-797-4470 x116 From preinheimer at gmail.com Wed Dec 22 20:29:26 2004 From: preinheimer at gmail.com (Paul Reinheimer) Date: Wed, 22 Dec 2004 20:29:26 -0500 Subject: [nycphp-talk] WAMP on a new XP box with SP2 possible? SOLVED In-Reply-To: <330532b6041220061358f60ccb@mail.gmail.com> References: <330532b6041218145832a98212@mail.gmail.com> <20041219184827.GB12099@panix.com> <330532b6041219134457d3642b@mail.gmail.com> <20041219224909.GA11760@panix.com> <330532b6041219181655071621@mail.gmail.com> <330532b6041220061358f60ccb@mail.gmail.com> Message-ID: <6ec19ec70412221729bd51837@mail.gmail.com> Skype grabs port 80 Next time try netstat -ano at the command line, it will list all active or open connections/ports and the PID associated with eact, then you can match the PID in question with task manager (you will need to add the column). I had this exact problem yesterday :) paul On Mon, 20 Dec 2004 09:13:36 -0500, Mitch Pirtle wrote: > Hi gang, > > Funny enough, the culprit wasn't SP2 or the firewall, it was either > skype or trillian. Stopped both, reinstalled Apache2, and now > everything is running just fine. > > Had no idea either would try to co-opt port 80 on the local machine, > but caught one of them red-handed with netstat. > > Thanks for the attempts, and best wishes to everyone for the holidays. > > -- Mitch, grateful to be associated with such a great group of > talented individuals > > On Sun, 19 Dec 2004 21:16:15 -0500, Mitch Pirtle wrote: > > On Sun, 19 Dec 2004 17:49:09 -0500, Daniel Convissor > > wrote: > > > Sounds like you have another web server running. IIS? A worm? Another > > > version of Apache? Run netstat to see what's up with port 80. > > > > Nothing is on port 80, or 443. *sigh* > > > > > Hmmm, 0.0.0.0? That's odd. > > > > > > Anyway, I strongly suggest going the simple, 100% reliable route. Apache > > > 1, PHP as CGI. > > > > Not an option, coding future stuff for the 2.0.x series - and no > > longer see 1.3.x in production (in over 20 sites). > > > > Looks like this is a common problem, and the solution is not apparent yet. > > > > -- Mitch > > > _______________________________________________ > New York PHP Talk > Supporting AMP Technology (Apache/MySQL/PHP) > http://lists.nyphp.org/mailman/listinfo/talk > http://www.newyorkphp.org > -- Paul Reinheimer Zend Certified Engineer From hans at nyphp.com Wed Dec 22 20:30:18 2004 From: hans at nyphp.com (Hans Zaunere) Date: Wed, 22 Dec 2004 17:30:18 -0800 Subject: [nycphp-talk] Session security: protecting against hijackingattempts POSSIBLE SOLUTION Message-ID: <41EE526EC2D3C74286415780D3BA9F87071E9D33@ehost011-1.exch011.intermedia.net> > After thinking hard about what's involved with session hijacking, one > thing seemed to be the lynchpin in attacks, the session id. If an > attacker knows the session id, he can hijack the victim's session. > > So my thought was to change the session id with every request. This > way, the session is only good for a very short time. It also does a > very adequate job of protecting against session fixation attacks > (http://www.acros.si/papers/session_fixation.pdf) because once the > attackers session is used to gain permissions, it becomes an invalid > id. I did something like this using sequenced sessions. It's basically the same idea as the sequence numbers TCP uses (SYN/ACK). See attached; it works pretty well and I've used it in a couple of sites. Easy to use and won't reuse the same session id more than once, making it easy to detect if a hi-jack has occurred, and hard to perform a hi-jack to begin with. For high traffic environments, it could use a couple of improvements. --- Hans Zaunere President, Founder New York PHP http://www.nyphp.org -------------- next part -------------- A non-text attachment was scrubbed... Name: pas.ss.php Type: application/octet-stream Size: 2277 bytes Desc: pas.ss.php URL: From rolan at omnistep.com Wed Dec 22 21:40:16 2004 From: rolan at omnistep.com (Rolan Yang) Date: Wed, 22 Dec 2004 21:40:16 -0500 Subject: [nycphp-talk] Session security: protecting against hijacking attempts POSSIBLE SOLUTION In-Reply-To: References: Message-ID: <41CA3010.8090003@omnistep.com> If you are really concerned about hijacking and security then the web pages should be fetched/served over SSL. ~Rolan Eric Rank wrote: >After thinking hard about what's involved with session hijacking, one >thing seemed to be the lynchpin in attacks, the session id. If an >attacker knows the session id, he can hijack the victim's session. > > > From tom at supertom.com Thu Dec 23 12:08:37 2004 From: tom at supertom.com (Tom) Date: Thu, 23 Dec 2004 12:08:37 -0500 Subject: [nycphp-talk] PHP 5.1 release timeframe? Message-ID: <1103821716.16722.16.camel@tmelendez.int.bascom.com> Hey folks, Just wondering if anyone here had any ideas about when PHP 5.1 would be released. From my searching, I'm going to conclude that there is no date in site, but I thought someone may have some inside information that would prove otherwise. More specifically, I'm looking for support of PHP5 and SQLite 3, which I read on the internals list was tentatively slotted for PHP 5.1. So, if I'm wrong about that, and it would be included at some other time, please let me know that as well. Thanks, and have a good holiday! Tom www.liphp.org From adam at trachtenberg.com Thu Dec 23 13:07:03 2004 From: adam at trachtenberg.com (Adam Maccabee Trachtenberg) Date: Thu, 23 Dec 2004 13:07:03 -0500 (EST) Subject: [nycphp-talk] PHP 5.1 release timeframe? In-Reply-To: <1103821716.16722.16.camel@tmelendez.int.bascom.com> References: <1103821716.16722.16.camel@tmelendez.int.bascom.com> Message-ID: On Thu, 23 Dec 2004, Tom wrote: > More specifically, I'm looking for support of PHP5 and SQLite 3, > which I read on the internals list was tentatively slotted for PHP > 5.1. So, if I'm wrong about that, and it would be included at some > other time, please let me know that as well. I haven't seen a lot of work on that driver. From what I've heard, it will not be a modification of the existing SQLite extension, as there are big differences between SQLite 2 and 3. Instead, the PHP SQLite 3 driver may be part of PDO. I haven't played around with PDO, but it doesn't look like it's actively maintained. There are fixes and features that come in here and there, but I've never really seen a posting with a concrete status or launch plan. -adam -- adam at trachtenberg.com | http://www.trachtenberg.com author of o'reilly's "upgrading to php 5" and "php cookbook" avoid the holiday rush, buy your copies today! From hans at nyphp.com Thu Dec 23 13:07:52 2004 From: hans at nyphp.com (Hans Zaunere) Date: Thu, 23 Dec 2004 10:07:52 -0800 Subject: [nycphp-talk] PHP 5.1 release timeframe? Message-ID: <41EE526EC2D3C74286415780D3BA9F87071EA053@ehost011-1.exch011.intermedia.net> > Just wondering if anyone here had any ideas about when PHP 5.1 would be > released. From my searching, I'm going to conclude that there is no > date in site, but I thought someone may have some inside information > that would prove otherwise. > > More specifically, I'm looking for support of PHP5 and SQLite 3, which I > read on the internals list was tentatively slotted for PHP 5.1. So, if > I'm wrong about that, and it would be included at some other time, > please let me know that as well. I think the classic "it'll be released when it's ready" mantra holds. That said, I've been using PHP 5.1 (cvs HEAD) on AMD64 (because it handles lib64) and it's been working quite well. --- Hans Zaunere President, Founder New York PHP http://www.nyphp.org From mitch.pirtle at gmail.com Thu Dec 23 14:39:07 2004 From: mitch.pirtle at gmail.com (Mitch Pirtle) Date: Thu, 23 Dec 2004 14:39:07 -0500 Subject: [nycphp-talk] hmm, looking at PHP IDEs again... Message-ID: <330532b60412231139246173bd@mail.gmail.com> ...and stumbled across this one: http://www.mpsoftware.dk/phpdesigner.php Nice, has a class browser so code folding isn't so sorely missed. I will live in this over the holidays just to see how well it is done, but on the surface it looks VERY polished (and I am now free of dreamweaver!). It was mentioned on this site, a sort of Freshmeat][ for PHP IDEs: http://www.php-editors.com Any other XP-based editors that are free worth mentioning that are not there? -- Mitch, if I could only find something like Kate for Windows *sigh* From darkwulf at clan-forsaken.com Thu Dec 23 15:04:08 2004 From: darkwulf at clan-forsaken.com (DarkWulf) Date: Thu, 23 Dec 2004 12:04:08 -0800 Subject: [nycphp-talk] hmm, looking at PHP IDEs again... In-Reply-To: <330532b60412231139246173bd@mail.gmail.com> References: <330532b60412231139246173bd@mail.gmail.com> Message-ID: <41CB24B8.7050003@clan-forsaken.com> My personal perception is that it looks good, but doesn't work so well. The FTP manager... seems broken (no online editing...only lets you download, and I occasionally couldn't do even that!). One other thing is that there are three different programs on their site... and they all look the same? Mitch Pirtle wrote: >...and stumbled across this one: > > http://www.mpsoftware.dk/phpdesigner.php > > From codebowl at gmail.com Thu Dec 23 17:18:07 2004 From: codebowl at gmail.com (Joseph Crawford) Date: Thu, 23 Dec 2004 17:18:07 -0500 Subject: [nycphp-talk] hmm, looking at PHP IDEs again... In-Reply-To: <41CB24B8.7050003@clan-forsaken.com> References: <330532b60412231139246173bd@mail.gmail.com> <41CB24B8.7050003@clan-forsaken.com> Message-ID: <8d9a42800412231418555ab8c8@mail.gmail.com> i dont personally think i have found anything better than zend myself. -- Joseph Crawford Jr. Codebowl Solutions codebowl at gmail.com From mitch.pirtle at gmail.com Thu Dec 23 17:25:59 2004 From: mitch.pirtle at gmail.com (Mitch Pirtle) Date: Thu, 23 Dec 2004 17:25:59 -0500 Subject: [nycphp-talk] hmm, looking at PHP IDEs again... In-Reply-To: <8d9a42800412231418555ab8c8@mail.gmail.com> References: <330532b60412231139246173bd@mail.gmail.com> <41CB24B8.7050003@clan-forsaken.com> <8d9a42800412231418555ab8c8@mail.gmail.com> Message-ID: <330532b604122314253fbfbac@mail.gmail.com> On Thu, 23 Dec 2004 17:18:07 -0500, Joseph Crawford wrote: > i dont personally think i have found anything better than zend myself. That would put you on a dual opteron with 2GB of RAM, right? ;-) Or have they made some reasonable gains in the snappiness category? -- Mitch From codebowl at gmail.com Thu Dec 23 17:28:34 2004 From: codebowl at gmail.com (Joseph Crawford) Date: Thu, 23 Dec 2004 17:28:34 -0500 Subject: [nycphp-talk] hmm, looking at PHP IDEs again... In-Reply-To: <330532b604122314253fbfbac@mail.gmail.com> References: <330532b60412231139246173bd@mail.gmail.com> <41CB24B8.7050003@clan-forsaken.com> <8d9a42800412231418555ab8c8@mail.gmail.com> <330532b604122314253fbfbac@mail.gmail.com> Message-ID: <8d9a428004122314287cf728be@mail.gmail.com> well here are the specs of my machine P4 1.4ghz 128mb RDRam i usually run X windows, Zend, Firefox, X-Chat, and some other apps. I think it's a tad heavy on the ram side, however it's a java app :D Did i mention i couldnt get windows 2000 to run on this machine LOL -- Joseph Crawford Jr. Codebowl Solutions codebowl at gmail.com From codebowl at gmail.com Thu Dec 23 17:28:57 2004 From: codebowl at gmail.com (Joseph Crawford) Date: Thu, 23 Dec 2004 17:28:57 -0500 Subject: [nycphp-talk] hmm, looking at PHP IDEs again... In-Reply-To: <8d9a428004122314287cf728be@mail.gmail.com> References: <330532b60412231139246173bd@mail.gmail.com> <41CB24B8.7050003@clan-forsaken.com> <8d9a42800412231418555ab8c8@mail.gmail.com> <330532b604122314253fbfbac@mail.gmail.com> <8d9a428004122314287cf728be@mail.gmail.com> Message-ID: <8d9a428004122314282c5dde2a@mail.gmail.com> I would have more ram if RDRam wasnt so damn expensive -- Joseph Crawford Jr. Codebowl Solutions codebowl at gmail.com From jlacey at att.net Thu Dec 23 17:29:39 2004 From: jlacey at att.net (John Lacey) Date: Thu, 23 Dec 2004 15:29:39 -0700 Subject: [nycphp-talk] hmm, looking at PHP IDEs again... In-Reply-To: <8d9a42800412231418555ab8c8@mail.gmail.com> References: <330532b60412231139246173bd@mail.gmail.com> <41CB24B8.7050003@clan-forsaken.com> <8d9a42800412231418555ab8c8@mail.gmail.com> Message-ID: <41CB46D3.3030608@att.net> Joseph Crawford wrote: > i dont personally think i have found anything better than zend myself. > I use Ultraedit, Vim and Zend Studio for various tasks, and of course vi over SSH since it's 'too convenient'. Some of the features of Zend Studio, like the code analyzer, are especially effective in demonstrating to my students how an IDE can pay for itself over time. In addition, even if I thought that ZS wasn't the best all-around IDE out there, I'd buy it anyway to support Zend. Think of all the things those folks have given us and we often don't take the time to say thank you. John From codebowl at gmail.com Thu Dec 23 17:32:25 2004 From: codebowl at gmail.com (Joseph Crawford) Date: Thu, 23 Dec 2004 17:32:25 -0500 Subject: [nycphp-talk] hmm, looking at PHP IDEs again... In-Reply-To: <41CB46D3.3030608@att.net> References: <330532b60412231139246173bd@mail.gmail.com> <41CB24B8.7050003@clan-forsaken.com> <8d9a42800412231418555ab8c8@mail.gmail.com> <41CB46D3.3030608@att.net> Message-ID: <8d9a4280041223143233d7af20@mail.gmail.com> i havent ventured off into the code analyzer yet, still a lot to learn about the zend features but if you say it is that good i will have to look into it -- Joseph Crawford Jr. Codebowl Solutions codebowl at gmail.com From shiflett at php.net Thu Dec 23 21:11:16 2004 From: shiflett at php.net (Chris Shiflett) Date: Thu, 23 Dec 2004 18:11:16 -0800 (PST) Subject: [nycphp-talk] Help... NeverEverNoSanity WebWorm generation 8. In-Reply-To: <004c01c4e822$97c3a510$0b01a8c0@webdev> Message-ID: <20041224021116.31487.qmail@web52809.mail.yahoo.com> --- "Alan T. Miller" wrote: > It looks like I got slammed by some new PHP vulnerablity. It first > appeard that what it did was to replace all your index pages with > its own that proclaims "This site is defaced!!!" and then includes > ... "NeverEverNoSanity WebWorm generation 8.". [snip] > Anyone have any information about this, how to fix, how to clean > this up, how to prevent (other than the obvious upgrade your PHP > the absolute minute an update comes out?). I believe this is due to a security vulnerability in phpBB that is made much worse by the vulnerability in PHP 4.3.9. PHP has an upgrade available, so you can upgrade to that. I'm not sure if phpBB has a fix yet, but this surely won't be the last hole anyway. :-) Chris ===== Chris Shiflett - http://shiflett.org/ PHP Security - O'Reilly HTTP Developer's Handbook - Sams Coming Soon http://httphandbook.org/ From shiflett at php.net Thu Dec 23 21:13:12 2004 From: shiflett at php.net (Chris Shiflett) Date: Thu, 23 Dec 2004 18:13:12 -0800 (PST) Subject: [nycphp-talk] Help... NeverEverNoSanity WebWorm generation 8. In-Reply-To: <20041222151442.GB7306@bnl.gov> Message-ID: <20041224021312.93591.qmail@web52801.mail.yahoo.com> --- Tim Sailer wrote: > phpBB seems to have features that everyone likes. Out of curiosity, does it have any features that FUDforum does not? I realize that phpBB is very pretty, and FUDforum is a bit fugly, but perhaps all it needs is a facelift. Chris ===== Chris Shiflett - http://shiflett.org/ PHP Security - O'Reilly HTTP Developer's Handbook - Sams Coming Soon http://httphandbook.org/ From dmintz at davidmintz.org Fri Dec 24 02:00:53 2004 From: dmintz at davidmintz.org (David Mintz) Date: Fri, 24 Dec 2004 02:00:53 -0500 (EST) Subject: [nycphp-talk] mysql and mysqli together (with PHP 5.0.3) Message-ID: I upgraded to MySQL 1.4.8. It's installed in /usr/local/mysql and I can connect with it just fine via the command line. The PHP docs say: "To install the mysqli extension for PHP, use the --with-mysqli=mysql_config_path/mysql_config configuration option where mysql_config_path represents the location of the mysql_config program that comes with MySQL versions greater than 4.1. "If you would like to install the mysql extension along with the mysqli extension you have to use the same client library to avoid any conflicts." Dumb question: so what configure options should I use if I want to compile in support for both the old mysql and the new mysqli APIs and ensure that they are using the same client library? What I've done is used '--with-mysql=/usr/local/mysql' as well as '--with-mysqli=/usr/local/mysql/bin/mysql_config' and I guess that wasn't too smart. mysqli is working but when I try mysql_xxx(), all kinds of weirdness happens. Ever so gratefully, --- David Mintz http://davidmintz.org/ "Don't let the liberal media tell you what to think and feel. If you have hatred in your heart, let it out." -- Clayton Bigsby, black white supremacist From yury at heavenspa.com Fri Dec 24 09:03:36 2004 From: yury at heavenspa.com (Yury Rush) Date: Fri, 24 Dec 2004 09:03:36 -0500 Subject: [nycphp-talk] Help... NeverEverNoSanity WebWorm generation 8. In-Reply-To: <20041224021116.31487.qmail@web52809.mail.yahoo.com> Message-ID: temp solution:http://www.phpbb.com/phpBB/viewtopic.php?f=14&t=240513 ciao yury too bad google wont stop the search! -----Original Message----- From: talk-bounces at lists.nyphp.org [mailto:talk-bounces at lists.nyphp.org]On Behalf Of Chris Shiflett Sent: Thursday, December 23, 2004 9:11 PM To: NYPHP Talk Subject: Re: [nycphp-talk] Help... NeverEverNoSanity WebWorm generation 8. --- "Alan T. Miller" wrote: > It looks like I got slammed by some new PHP vulnerablity. It first > appeard that what it did was to replace all your index pages with > its own that proclaims "This site is defaced!!!" and then includes > ... "NeverEverNoSanity WebWorm generation 8.". [snip] > Anyone have any information about this, how to fix, how to clean > this up, how to prevent (other than the obvious upgrade your PHP > the absolute minute an update comes out?). I believe this is due to a security vulnerability in phpBB that is made much worse by the vulnerability in PHP 4.3.9. PHP has an upgrade available, so you can upgrade to that. I'm not sure if phpBB has a fix yet, but this surely won't be the last hole anyway. :-) Chris ===== Chris Shiflett - http://shiflett.org/ PHP Security - O'Reilly HTTP Developer's Handbook - Sams Coming Soon http://httphandbook.org/ _______________________________________________ New York PHP Talk Supporting AMP Technology (Apache/MySQL/PHP) http://lists.nyphp.org/mailman/listinfo/talk http://www.newyorkphp.org From hans at nyphp.com Fri Dec 24 14:47:28 2004 From: hans at nyphp.com (Hans Zaunere) Date: Fri, 24 Dec 2004 11:47:28 -0800 Subject: [nycphp-talk] mysql and mysqli together (with PHP 5.0.3) Message-ID: <41EE526EC2D3C74286415780D3BA9F87071EA3CB@ehost011-1.exch011.intermedia.net> > I upgraded to MySQL 1.4.8. It's installed in /usr/local/mysql and I can > connect with it just fine via the command line. MySQL 4.1.8, right? :) > The PHP docs say: > > "To install the mysqli extension for PHP, use the > --with-mysqli=mysql_config_path/mysql_config configuration option where > mysql_config_path represents the location of the mysql_config program that > comes with MySQL versions greater than 4.1. > > "If you would like to install the mysql extension along with the mysqli > extension you have to use the same client library to avoid any conflicts." > > Dumb question: so what configure options should I use if I want to > compile in support for both the old mysql and the new mysqli APIs and > ensure that they are using the same client library? > > What I've done is used '--with-mysql=/usr/local/mysql' as well as > '--with-mysqli=/usr/local/mysql/bin/mysql_config' and I guess that wasn't > too smart. mysqli is working but when I try mysql_xxx(), all kinds of > weirdness happens. >From an initial take, that should do it. Depending exactly on the weirdness you're seeing, it could be related to the new authentication protocol and passwords MySQL 4.1.x uses by default. Overview: http://dev.mysql.com/doc/mysql/en/Upgrading-from-4.0.html Possible this: http://dev.mysql.com/doc/mysql/en/Upgrading-grant-tables.html Most likely this: http://dev.mysql.com/doc/mysql/en/Old_client.html --- Hans Zaunere, Sales Engineer MySQL, Inc. www.mysql.com Office: +1 212.213.1131 Are you MySQL certified? www.mysql.com/certification President, Founder New York PHP http://www.nyphp.org From mark at nostromo.net Sun Dec 26 00:12:42 2004 From: mark at nostromo.net (Mark Horton) Date: Sun, 26 Dec 2004 00:12:42 -0500 Subject: [nycphp-talk] AMD64 phpMyAdmin with PHP 5 Message-ID: <41CE484A.1030306@nostromo.net> Is anyone using phpMyAdmin on AMD64 with PHP 5? I'm getting segfaults when I try to use "mysqli". If I switch to just "mysql" then it works fine. However, I'm using mysql 4.1.8 and would like to use mysqli. Just curious if I'm doing something wrong or if others are having the same issue. Versions I'm using: PHP 5.0.3 MYSQL 4.1.8 Apache 2.0.52 phpMyAdmin 2.6.0-pl3 Mark From jlacey at att.net Sun Dec 26 02:15:57 2004 From: jlacey at att.net (John Lacey) Date: Sun, 26 Dec 2004 00:15:57 -0700 Subject: [nycphp-talk] AMD64 phpMyAdmin with PHP 5 In-Reply-To: <41CE484A.1030306@nostromo.net> References: <41CE484A.1030306@nostromo.net> Message-ID: <41CE652D.8000802@att.net> Mark Horton wrote: > Is anyone using phpMyAdmin on AMD64 with PHP 5? I'm getting segfaults > when I try to use "mysqli". If I switch to just "mysql" then it works > fine. However, I'm using mysql 4.1.8 and would like to use mysqli. > > Just curious if I'm doing something wrong or if others are having the > same issue. > > Versions I'm using: > > PHP 5.0.3 > MYSQL 4.1.8 > Apache 2.0.52 > phpMyAdmin 2.6.0-pl3 > have you taken a look at the config file for the mysqli change? . . . $cfg['Servers'][$i]['connect_type'] = 'tcp'; // How to connect to MySQL server ('tcp' or 'socket') $cfg['Servers'][$i]['extension'] = 'mysql'; // The php MySQL extension to use ('mysql' or 'mysqli') $cfg['Servers'][$i]['compress'] = FALSE; // Use compressed protocol for the MySQL connection . . . John From codebowl at gmail.com Sun Dec 26 11:00:43 2004 From: codebowl at gmail.com (Joseph Crawford) Date: Sun, 26 Dec 2004 11:00:43 -0500 Subject: [nycphp-talk] [ OT ] Very funny tech support skit Message-ID: <8d9a428004122608005c0fd361@mail.gmail.com> i stumbled accross this and thought many people here would get a kick out of this i would consider this to be NWS since there is some foul language other than that you are good no nudity or anything. http://www.nitra.ca/tech.swf -- Joseph Crawford Jr. Codebowl Solutions codebowl at gmail.com From jeff at geeksociety.com Sun Dec 26 12:27:26 2004 From: jeff at geeksociety.com (Jeffrey Stevison) Date: Sun, 26 Dec 2004 11:27:26 -0600 Subject: [nycphp-talk] cURL login to Squirrelmail Message-ID: <691D8258-5763-11D9-AD23-000A95BE04BE@geeksociety.com> I'm using the following to automatically login users to their web based email from our intranet. I get a message from the browser "Can't open page blah because it could not load any data from this location" I'm not sure if the problem is with my cURL code or squirrelmail. Here is the code: session_start(); $ch = curl_init(); curl_setopt($ch, CURLOPT_URL,"http://mysite/webmail/src/redirect.php"); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, "login_username=".$_SESSION['Username']."&secretkey=".$_SESSION['Passwor d']."&js_autodetect_results=0&just_logged_in=1"); curl_setopt($ch, CURLOPT_FOLLOWLOCATION,1); curl_exec ($ch); curl_close ($ch); Jeff From dmintz at davidmintz.org Sun Dec 26 13:03:46 2004 From: dmintz at davidmintz.org (David Mintz) Date: Sun, 26 Dec 2004 13:03:46 -0500 (EST) Subject: [nycphp-talk] AMD64 phpMyAdmin with PHP 5 In-Reply-To: <41CE652D.8000802@att.net> References: <41CE484A.1030306@nostromo.net> <41CE652D.8000802@att.net> Message-ID: I got bit by the what I believe may be the same thing, i.e., in one place the phpMyAdmin docs tell you that you can safely keep your old config file when you uppgrade and copy it over the new one. But if you do that to upgrade from a pre-mysqli version to one with mysqli support and you're using mysqli, surprise! It doesn't work. On Sun, 26 Dec 2004, John Lacey wrote: > Mark Horton wrote: > > Is anyone using phpMyAdmin on AMD64 with PHP 5? I'm getting segfaults > > when I try to use "mysqli". If I switch to just "mysql" then it works > > fine. However, I'm using mysql 4.1.8 and would like to use mysqli. > > > > have you taken a look at the config file for the mysqli change? > . > . --- David Mintz http://davidmintz.org/ "Don't let the liberal media tell you what to think and feel. If you have hatred in your heart, let it out." -- Clayton Bigsby, black white supremacist From dmintz at davidmintz.org Sun Dec 26 13:32:56 2004 From: dmintz at davidmintz.org (David Mintz) Date: Sun, 26 Dec 2004 13:32:56 -0500 (EST) Subject: [nycphp-talk] mysql and mysqli together (with PHP 5.0.3) In-Reply-To: <41EE526EC2D3C74286415780D3BA9F87071EA3CB@ehost011-1.exch011.intermedia.net> References: <41EE526EC2D3C74286415780D3BA9F87071EA3CB@ehost011-1.exch011.intermedia.net> Message-ID: On Fri, 24 Dec 2004, Hans Zaunere wrote: > > > I upgraded to MySQL 1.4.8. It's installed in /usr/local/mysql and I > can > > connect with it just fine via the command line. > > MySQL 4.1.8, right? :) Numbers number numbers, to paraphrase Hamlet. (-: > > Depending exactly on the weirdness you're seeing, it could be related to > the new authentication protocol and passwords MySQL 4.1.x uses by > default. > I was seeing stuff so weird and mysterious that I didn't know where to begin, hence the vagueness. I would try to use "classic" mysql and a let's say page1.php would fail; so I'd try page2.php in a browser and kept getting page1.php back at me. I would look at Apache error log and see segmentation fault. I would get things quietly failing and not be able to find a verbose error message anywhere. I got tired and cowardly tried a different tack: compile php 4.3.10 with just mysql support; compile php 5.0.3 with just mysqli support. Played with some PEAR DB test scripts that checked the version at runtime and loaded either mysql or mysqli depending. Worked fine in both 4 and 5. But I could only get phpMyAdmin to work with mysqli. (PS I also hacked PhpMyAdmin config to check the PHP version and load the appropriate extension.) Now I am finding a most peculiar behavior with my 4.3.10 which is breaking phpMyAdmin et al and has nothing to do with MySQL. On a different (FreeBSD) host the behavior is what you expect, but on my (RH9) machine, I when I run this... \n" ; } ?> ... I get: Array Array Array .. instead of: one two three How strange is that? --- David Mintz http://davidmintz.org/ "Don't let the liberal media tell you what to think and feel. If you have hatred in your heart, let it out." -- Clayton Bigsby, black white supremacist From mark at nostromo.net Sun Dec 26 13:38:38 2004 From: mark at nostromo.net (Mark Horton) Date: Sun, 26 Dec 2004 13:38:38 -0500 Subject: [nycphp-talk] AMD64 phpMyAdmin with PHP 5 In-Reply-To: <41CE652D.8000802@att.net> References: <41CE484A.1030306@nostromo.net> <41CE652D.8000802@att.net> Message-ID: <41CF052E.7030506@nostromo.net> John Lacey wrote: > Mark Horton wrote: > >> Is anyone using phpMyAdmin on AMD64 with PHP 5? I'm getting segfaults >> when I try to use "mysqli". If I switch to just "mysql" then it works >> fine. However, I'm using mysql 4.1.8 and would like to use mysqli. >> >> Just curious if I'm doing something wrong or if others are having the >> same issue. >> >> Versions I'm using: >> >> PHP 5.0.3 >> MYSQL 4.1.8 >> Apache 2.0.52 >> phpMyAdmin 2.6.0-pl3 >> > > > have you taken a look at the config file for the mysqli change? > . > . > . > > > $cfg['Servers'][$i]['connect_type'] = 'tcp'; // How to connect to > MySQL server ('tcp' or 'socket') > $cfg['Servers'][$i]['extension'] = 'mysql'; // The php MySQL > extension to use ('mysql' or 'mysqli') > $cfg['Servers'][$i]['compress'] = FALSE; // Use compressed > protocol for the MySQL connection Yep. This is how I found out it segfaults. If I change it to mysqli it doesn't work. I'm going to see if I can duplicate the problem on a x86 system. This was I can tell if its actually 64bit related or not. Mark From jlacey at att.net Sun Dec 26 14:12:02 2004 From: jlacey at att.net (John Lacey) Date: Sun, 26 Dec 2004 12:12:02 -0700 Subject: [nycphp-talk] AMD64 phpMyAdmin with PHP 5 In-Reply-To: <41CF052E.7030506@nostromo.net> References: <41CE484A.1030306@nostromo.net> <41CE652D.8000802@att.net> <41CF052E.7030506@nostromo.net> Message-ID: <41CF0D02.7020802@att.net> Mark Horton wrote: > John Lacey wrote: >> >> have you taken a look at the config file for the mysqli change? > > Yep. This is how I found out it segfaults. If I change it to mysqli it > doesn't work. I'm going to see if I can duplicate the problem on a x86 > system. This was I can tell if its actually 64bit related or not. ok, we had some traffic on here recently where that parameter seemed to be the problem, but it was not on a 64 bit system IIRC -- so I thought it worth mentioning I believe Hans Z has some experience with the 64 bit platform, so you might want to see if he'll weigh in on this John From mark at nostromo.net Sun Dec 26 20:46:49 2004 From: mark at nostromo.net (Mark Horton) Date: Sun, 26 Dec 2004 20:46:49 -0500 Subject: [nycphp-talk] AMD64 phpMyAdmin with PHP 5 In-Reply-To: <41CF052E.7030506@nostromo.net> References: <41CE484A.1030306@nostromo.net> <41CE652D.8000802@att.net> <41CF052E.7030506@nostromo.net> Message-ID: <41CF6989.6090108@nostromo.net> Mark Horton wrote: > > Yep. This is how I found out it segfaults. If I change it to mysqli it > doesn't work. I'm going to see if I can duplicate the problem on a x86 > system. This was I can tell if its actually 64bit related or not. FYI: I was not able to reproduce the problem in 32 bit mode. So it looks like this is probably a 64 bit issue. Mark From hans at nyphp.com Sun Dec 26 21:21:17 2004 From: hans at nyphp.com (Hans Zaunere) Date: Sun, 26 Dec 2004 18:21:17 -0800 Subject: [nycphp-talk] mysql and mysqli together (with PHP 5.0.3) Message-ID: <41EE526EC2D3C74286415780D3BA9F87071EA489@ehost011-1.exch011.intermedia.net> > > > I upgraded to MySQL 1.4.8. It's installed in /usr/local/mysql and I > > can > > > connect with it just fine via the command line. > > > > MySQL 4.1.8, right? :) > > Numbers number numbers, to paraphrase Hamlet. (-: > > > > > Depending exactly on the weirdness you're seeing, it could be related to > > the new authentication protocol and passwords MySQL 4.1.x uses by > > default. > > > > I was seeing stuff so weird and mysterious that I didn't know where to > begin, hence the vagueness. I would try to use "classic" mysql and a let's > say page1.php would fail; so I'd try page2.php in a browser and kept > getting page1.php back at me. I would look at Apache error log and see > segmentation fault. I would get things quietly failing and not be able to > find a verbose error message anywhere. > > I got tired and cowardly tried a different tack: compile php 4.3.10 with > just mysql support; compile php 5.0.3 with just mysqli support. Played > with some PEAR DB test scripts that checked the version at runtime and > loaded either mysql or mysqli depending. Worked fine in both 4 and 5. But > I could only get phpMyAdmin to work with mysqli. (PS I also hacked > PhpMyAdmin config to check the PHP version and load the appropriate > extension.) There might be problems with dynamically loading an extension, since I'm not sure how stable/recommended that actually is. Perhaps a recompile with the extensions as static would help? > Now I am finding a most peculiar behavior with my 4.3.10 which is breaking > phpMyAdmin et al and has nothing to do with MySQL. On a different > (FreeBSD) host the behavior is what you expect, but on my (RH9) machine, I > when I run this... > > $array = array('one' ,'two','three' ); > foreach ($array as $i) { > echo "$i
\n" ; > } > ?> > ... I get: > > Array > Array > Array > > .. instead of: > > one > two > three > > How strange is that? That is some strangeness - seems like the code is totally messed up. Perhaps it's related to dynamically loading shared objects, but other than that, I've never seen these problems (and have mysql/mysqli on many different hardware, OS, and PHP versions). H From hans at nyphp.com Sun Dec 26 21:26:13 2004 From: hans at nyphp.com (Hans Zaunere) Date: Sun, 26 Dec 2004 18:26:13 -0800 Subject: [nycphp-talk] AMD64 phpMyAdmin with PHP 5 Message-ID: <41EE526EC2D3C74286415780D3BA9F87071EA48B@ehost011-1.exch011.intermedia.net> > Is anyone using phpMyAdmin on AMD64 with PHP 5? I'm getting segfaults Yeah - using mysql and mysqli extensions on Fedora/SuSE on various AMD 64 boxes. > when I try to use "mysqli". If I switch to just "mysql" then it works > fine. However, I'm using mysql 4.1.8 and would like to use mysqli. I'm betting the problem is a cross of 32bit and 64bit versions of things. Are you sure you have the AMD64 binaries from mysql.com? And, you need to download the client libs... and ensure you have the AMD64/x86_64 versions. Mixing 32 and 64 will cause problems. And this also goes for other libs. If you link 64bit libs into PHP, and mix 32bit libs in too, you'll likely have problems, which may also be hard to avoid. Meaning, unless you're using PHP 5.1 (from CVS) you can't really point it to use the 64bit libraries. Thus, if you have some 32bit libs, and some 64bit MySQL libs, you'll have problems. Hope this helps a little (and makes sense), but let me know if not. I'm going to be writing up some stuff on AMP and AMD64 but the basic rule is all 32bit or all 64bit libs - don't mix. --- Hans Zaunere President, Founder New York PHP http://www.nyphp.org From danielc at analysisandsolutions.com Sun Dec 26 21:34:56 2004 From: danielc at analysisandsolutions.com (Daniel Convissor) Date: Sun, 26 Dec 2004 21:34:56 -0500 Subject: [nycphp-talk] mysql and mysqli together (with PHP 5.0.3) In-Reply-To: References: <41EE526EC2D3C74286415780D3BA9F87071EA3CB@ehost011-1.exch011.intermedia.net> Message-ID: <20041227023456.GA17609@panix.com> On Sun, Dec 26, 2004 at 01:32:56PM -0500, David Mintz wrote: > $array = array('one' ,'two','three' ); > foreach ($array as $i) { > echo "$i
\n" ; > } > ?> > ... I get: > > Array > Array > Array Got Zend Optimizer running? Upgrade it. PHP changed some internal things in 4.3.10 that makes ZO wack out. Some significant mistakes were made in the 4.3.10 and 5.0.3 releases. Quite sad. For example, in 5.0.3, the following code evaluates as true, even though up until this release, it had evaluated to false. $str = 'x'; var_dump(isset($str->prop)); --Dan -- T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y data intensive web and database programming http://www.AnalysisAndSolutions.com/ 4015 7th Ave #4, Brooklyn NY 11232 v: 718-854-0335 f: 718-854-0409 From dmintz at davidmintz.org Sun Dec 26 21:53:31 2004 From: dmintz at davidmintz.org (David Mintz) Date: Sun, 26 Dec 2004 21:53:31 -0500 (EST) Subject: [nycphp-talk] mysql and mysqli together (with PHP 5.0.3) In-Reply-To: <41EE526EC2D3C74286415780D3BA9F87071EA489@ehost011-1.exch011.intermedia.net> References: <41EE526EC2D3C74286415780D3BA9F87071EA489@ehost011-1.exch011.intermedia.net> Message-ID: On Sun, 26 Dec 2004, Hans Zaunere wrote: > [...] > There might be problems with dynamically loading an extension, since I'm > not sure how stable/recommended that actually is. Perhaps a recompile > with the extensions as static would help? OK, you're teaching little Special Ed now. I didn't think I was dynamically loading anything. If you compile --with-this and --with-that (which is what I'm doing with mysql and mysqli), then when your scripts use this and that extension, it's what, static or dynamically loaded? Static, I thought. |-: On Sun, 26 Dec 2004, Daniel Convissor wrote: > > Got Zend Optimizer running? Upgrade it. PHP changed some internal > things in 4.3.10 that makes ZO wack out. > > Some significant mistakes were made in the 4.3.10 and 5.0.3 releases. > Quite sad. OK I will give that a try, thanks Dan. I see they say are saying (http://www.zend.com/store/products/zend-optimizer.php): "Due to incompatibility of the previous version of Zend Optimizer with PHP 4.3.10, it is strongly recommended that owners of Zend Performance Suite, Zend Accelerator, Zend Studio Server, and Zend WinEnabler, upgrade to Zend Optimizer 2.5.7. It is also recommended you upgrade to PHP 4.3.10 or PHP 5.0.3." Re that last bit, I'm kind of like, huh? Upgrading is what brought me all this grief in the first place, whereas the status quo ante was cool. Oh yeah that's right, the security thing is why I upgraded.... I look forward to 4.3.11 and 5.0.4 -- I think (-: --- David Mintz http://davidmintz.org/ "Don't let the liberal media tell you what to think and feel. If you have hatred in your heart, let it out." -- Clayton Bigsby, black white supremacist From dmintz at davidmintz.org Sun Dec 26 22:06:23 2004 From: dmintz at davidmintz.org (David Mintz) Date: Sun, 26 Dec 2004 22:06:23 -0500 (EST) Subject: [nycphp-talk] mysql and mysqli together (with PHP 5.0.3) In-Reply-To: References: <41EE526EC2D3C74286415780D3BA9F87071EA489@ehost011-1.exch011.intermedia.net> Message-ID: On Sun, 26 Dec 2004, I wrote: > On Sun, 26 Dec 2004, Daniel Convissor wrote: > > > > > Got Zend Optimizer running? Upgrade it. PHP changed some internal > > things in 4.3.10 that makes ZO wack out. > > > > OK I will give that a try, thanks Dan. [five minutes later] Bingo! Damn you guys are good. --- David Mintz http://davidmintz.org/ From mark at nostromo.net Sun Dec 26 23:46:16 2004 From: mark at nostromo.net (Mark Horton) Date: Sun, 26 Dec 2004 23:46:16 -0500 Subject: [nycphp-talk] AMD64 phpMyAdmin with PHP 5 In-Reply-To: <41EE526EC2D3C74286415780D3BA9F87071EA48B@ehost011-1.exch011.intermedia.net> References: <41EE526EC2D3C74286415780D3BA9F87071EA48B@ehost011-1.exch011.intermedia.net> Message-ID: <41CF9398.60107@nostromo.net> Hans Zaunere wrote: >>Is anyone using phpMyAdmin on AMD64 with PHP 5? I'm getting segfaults > > > Yeah - using mysql and mysqli extensions on Fedora/SuSE on various AMD > 64 boxes. What versions of PHP, Mysql, and Apache are you running? Perhaps I'll try it with a known good combination first. >>when I try to use "mysqli". If I switch to just "mysql" then it works >>fine. However, I'm using mysql 4.1.8 and would like to use mysqli. > > > I'm betting the problem is a cross of 32bit and 64bit versions of > things. Are you sure you have the AMD64 binaries from mysql.com? And, > you need to download the client libs... and ensure you have the > AMD64/x86_64 versions. Mixing 32 and 64 will cause problems. > And this also goes for other libs. If you link 64bit libs into PHP, and > mix 32bit libs in too, you'll likely have problems, which may also be > hard to avoid. Meaning, unless you're using PHP 5.1 (from CVS) you > can't really point it to use the 64bit libraries. Thus, if you have > some 32bit libs, and some 64bit MySQL libs, you'll have problems. Would ldd tell me this? When I do "ldd libphp5.so" it reports only 64 bit libs. I'm completely stumped. I'm running off a clean install of suse 9.2 (although I had the same problem on suse 9.1). The only verion of mysql I have is 64bit. Mark From ajai at bitblit.net Mon Dec 27 12:36:47 2004 From: ajai at bitblit.net (Ajai Khattri) Date: Mon, 27 Dec 2004 12:36:47 -0500 Subject: [nycphp-talk] On the subject of MySQL 4.1.8... Message-ID: <41D0482F.3070107@bitblit.net> I recently upgraded MySQL to 4.1.8 and had some PHP applications break because of changes in date handling, so I ended up rolling back to the older version. My question is, is it possible to enable backwards compatibility for 4.1.8 especially wrt date handling??? -- Aj. Systems Administrator / Developer From danielc at analysisandsolutions.com Mon Dec 27 12:43:24 2004 From: danielc at analysisandsolutions.com (Daniel Convissor) Date: Mon, 27 Dec 2004 12:43:24 -0500 Subject: [nycphp-talk] On the subject of MySQL 4.1.8... In-Reply-To: <41D0482F.3070107@bitblit.net> References: <41D0482F.3070107@bitblit.net> Message-ID: <20041227174324.GA10142@panix.com> On Mon, Dec 27, 2004 at 12:36:47PM -0500, Ajai Khattri wrote: > > I recently upgraded MySQL to 4.1.8 From? --Dan -- T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y data intensive web and database programming http://www.AnalysisAndSolutions.com/ 4015 7th Ave #4, Brooklyn NY 11232 v: 718-854-0335 f: 718-854-0409 From j.aponte at gmail.com Mon Dec 27 12:51:03 2004 From: j.aponte at gmail.com (Juancarlos Aponte) Date: Mon, 27 Dec 2004 12:51:03 -0500 Subject: [nycphp-talk] On the subject of MySQL 4.1.8... In-Reply-To: <41D0482F.3070107@bitblit.net> References: <41D0482F.3070107@bitblit.net> Message-ID: Wouldn't that have something to do with the mysqli functions being used intsead of the mysql functions for 4.1.x? I had that problem while I was attempting to get MySQL to work. Not sure if you have the same issue as I am not very experienced but just a thought. On Mon, 27 Dec 2004 12:36:47 -0500, Ajai Khattri wrote: > > I recently upgraded MySQL to 4.1.8 and had some PHP applications break > because of changes in date handling, so I ended up rolling back to the > older version. My question is, is it possible to enable backwards > compatibility for 4.1.8 especially wrt date handling??? > > -- > Aj. > Systems Administrator / Developer > > _______________________________________________ > New York PHP Talk > Supporting AMP Technology (Apache/MySQL/PHP) > http://lists.nyphp.org/mailman/listinfo/talk > http://www.newyorkphp.org > -- .: Juancarlos :. "Any fool can know. The point is to understand." -Albert Einstein From ajai at bitblit.net Mon Dec 27 13:11:23 2004 From: ajai at bitblit.net (Ajai Khattri) Date: Mon, 27 Dec 2004 13:11:23 -0500 Subject: [nycphp-talk] On the subject of MySQL 4.1.8... In-Reply-To: <20041227174324.GA10142@panix.com> References: <41D0482F.3070107@bitblit.net> <20041227174324.GA10142@panix.com> Message-ID: <41D0504B.7030907@bitblit.net> Daniel Convissor wrote: >From? > 4.0.23 (yes, its been awhile...). -- Aj. Systems Administrator / Developer From matthew_van_horn at yahoo.com Mon Dec 27 13:40:10 2004 From: matthew_van_horn at yahoo.com (Matthew Van Horn) Date: Mon, 27 Dec 2004 13:40:10 -0500 Subject: [nycphp-talk] On the subject of MySQL 4.1.8... In-Reply-To: <41D0482F.3070107@bitblit.net> References: <41D0482F.3070107@bitblit.net> Message-ID: <1104172810.3627.3.camel@naginata.mattvanhorn.com> On Mon, 2004-12-27 at 12:36, Ajai Khattri wrote: > I recently upgraded MySQL to 4.1.8 and had some PHP applications break > because of changes in date handling, so I ended up rolling back to the > older version. My question is, is it possible to enable backwards > compatibility for 4.1.8 especially wrt date handling??? I had similar problems with java/hibernate and fixed it by using the following argument in the connection string. &zeroDateTimeBehavior=convertToNull -- Matthew Van Horn From hans at nyphp.com Mon Dec 27 14:47:20 2004 From: hans at nyphp.com (Hans Zaunere) Date: Mon, 27 Dec 2004 11:47:20 -0800 Subject: [nycphp-talk] On the subject of MySQL 4.1.8... Message-ID: <41EE526EC2D3C74286415780D3BA9F87071EA6DA@ehost011-1.exch011.intermedia.net> > I recently upgraded MySQL to 4.1.8 and had some PHP applications break > because of changes in date handling, so I ended up rolling back to the > older version. My question is, is it possible to enable backwards > compatibility for 4.1.8 especially wrt date handling??? >From http://dev.mysql.com/doc/mysql/en/Upgrading-from-4.0.html For functions that produce a DATE, DATETIME, or TIME value, the result returned to the client now is fixed up to have a temporal type. For example, in MySQL 4.1, you get this result: mysql> SELECT CAST('2001-1-1' AS DATETIME); -> '2001-01-01 00:00:00' In MySQL 4.0, the result is different: mysql> SELECT CAST('2001-1-1' AS DATETIME); -> '2001-01-01' AND: Incompatible change: TIMESTAMP is now returned as a string in 'YYYY-MM-DD HH:MM:SS' format (from 4.0.12 the --new option can be used to make a 4.0 server behave as 4.1 in this respect). See section 11.3.1.2 TIMESTAMP Properties as of MySQL 4.1. If you want to have the value returned as a number (as MySQL 4.0 does) you should add +0 to TIMESTAMP columns when you retrieve them: mysql> SELECT ts_col + 0 FROM tbl_name; Display widths for TIMESTAMP columns are no longer supported. For example, if you declare a column as TIMESTAMP(10), the (10) is ignored. These changes were necessary for SQL standards compliance. In a future version, a further change will be made (backward compatible with this change), allowing the timestamp length to indicate the desired number of digits for fractions of a second. So yeah, date stuff has changed a bit. Unfortunately there isn't a way to get 4.1 to behave as 4.0 in these respects. However, you can get 4.0 to act as 4.1 to ease upgrading. Check out the --new option as described in the above link, and here: http://dev.mysql.com/doc/mysql/en/Server_options.html --- Hans Zaunere, Sales Engineer MySQL, Inc. www.mysql.com Office: +1 212.213.1131 Are you MySQL certified? www.mysql.com/certification President, Founder New York PHP http://www.nyphp.org From hans at nyphp.com Mon Dec 27 14:55:41 2004 From: hans at nyphp.com (Hans Zaunere) Date: Mon, 27 Dec 2004 11:55:41 -0800 Subject: [nycphp-talk] mysql and mysqli together (with PHP 5.0.3) Message-ID: <41EE526EC2D3C74286415780D3BA9F87071EA6E8@ehost011-1.exch011.intermedia.net> > > There might be problems with dynamically loading an extension, since I'm > > not sure how stable/recommended that actually is. Perhaps a recompile > > with the extensions as static would help? > > OK, you're teaching little Special Ed now. I didn't think I was > dynamically loading anything. If you compile --with-this and --with-that > (which is what I'm doing with mysql and mysqli), then when your scripts > use this and that extension, it's what, static or dynamically loaded? > Static, I thought. Yeah, that'll be static then. What confused me is that you said you had set some applications to detect and load either extension, which I took to mean using dl() (http://php.net/dl) which can be troublesome. As Dan pointed out, there were some problems in recent releases, and the ZO would be the only thing to make the language itself act to strangely. --- Hans Zaunere President, Founder New York PHP http://www.nyphp.org From hans at nyphp.com Mon Dec 27 14:58:06 2004 From: hans at nyphp.com (Hans Zaunere) Date: Mon, 27 Dec 2004 11:58:06 -0800 Subject: [nycphp-talk] AMD64 phpMyAdmin with PHP 5 Message-ID: <41EE526EC2D3C74286415780D3BA9F87071EA6ED@ehost011-1.exch011.intermedia.net> > >>Is anyone using phpMyAdmin on AMD64 with PHP 5? I'm getting segfaults > > > > > > Yeah - using mysql and mysqli extensions on Fedora/SuSE on various AMD > > 64 boxes. > > What versions of PHP, Mysql, and Apache are you running? Perhaps I'll > try it with a known good combination first. Various Apaches (doesn't really matter) and MySQL 4.1.6-4.1.7. The key is PHP; really, only the PHP version in CVS (checkout HEAD) will work correctly in detecting the right 64bit libs. > >>when I try to use "mysqli". If I switch to just "mysql" then it works > >>fine. However, I'm using mysql 4.1.8 and would like to use mysqli. > > > > > > I'm betting the problem is a cross of 32bit and 64bit versions of > > things. Are you sure you have the AMD64 binaries from mysql.com? And, > > you need to download the client libs... and ensure you have the > > AMD64/x86_64 versions. Mixing 32 and 64 will cause problems. > > > And this also goes for other libs. If you link 64bit libs into PHP, and > > mix 32bit libs in too, you'll likely have problems, which may also be > > hard to avoid. Meaning, unless you're using PHP 5.1 (from CVS) you > > can't really point it to use the 64bit libraries. Thus, if you have > > some 32bit libs, and some 64bit MySQL libs, you'll have problems. > > Would ldd tell me this? When I do "ldd libphp5.so" it reports only 64 > bit libs. I'm completely stumped. I'm running off a clean install of > suse 9.2 (although I had the same problem on suse 9.1). The only verion > of mysql I have is 64bit. Yeah, ldd should give you some clues. However, unless you're using PHP from CVS (5.1) it might not be linking against what you expect, especially when used with a lot of extensions. What does your ./configure look like? Perhaps you could strip to a bare minimum ./configure, then add extensions until things start to segfault again. --- Hans Zaunere President, Founder New York PHP http://www.nyphp.org From jlacey at att.net Mon Dec 27 15:40:37 2004 From: jlacey at att.net (John Lacey) Date: Mon, 27 Dec 2004 13:40:37 -0700 Subject: [nycphp-talk] AMD64 phpMyAdmin with PHP 5 In-Reply-To: <41EE526EC2D3C74286415780D3BA9F87071EA6ED@ehost011-1.exch011.intermedia.net> References: <41EE526EC2D3C74286415780D3BA9F87071EA6ED@ehost011-1.exch011.intermedia.net> Message-ID: <41D07345.20305@att.net> Hans Zaunere wrote: >>What versions of PHP, Mysql, and Apache are you running? Perhaps I'll >>try it with a known good combination first. > > > Various Apaches (doesn't really matter) and MySQL 4.1.6-4.1.7. The key > is PHP; really, only the PHP version in CVS (checkout HEAD) will work > correctly in detecting the right 64bit libs. > Hans, I happened to see a mysql 4.1.8a on MySQL's site this morning, but couldn't find anything on it. ? John From hans at nyphp.com Mon Dec 27 16:18:11 2004 From: hans at nyphp.com (Hans Zaunere) Date: Mon, 27 Dec 2004 13:18:11 -0800 Subject: [nycphp-talk] AMD64 phpMyAdmin with PHP 5 Message-ID: <41EE526EC2D3C74286415780D3BA9F87071EA777@ehost011-1.exch011.intermedia.net> > Hans, > > I happened to see a mysql 4.1.8a on MySQL's site this morning, but > couldn't find anything on it. Was it the source tarball? A letter is just a reroll of the tarball, for instance, if a typo is found in the README type of files included in the source distribution. H From jlacey at att.net Mon Dec 27 16:31:57 2004 From: jlacey at att.net (John Lacey) Date: Mon, 27 Dec 2004 14:31:57 -0700 Subject: [nycphp-talk] AMD64 phpMyAdmin with PHP 5 In-Reply-To: <41EE526EC2D3C74286415780D3BA9F87071EA777@ehost011-1.exch011.intermedia.net> References: <41EE526EC2D3C74286415780D3BA9F87071EA777@ehost011-1.exch011.intermedia.net> Message-ID: <41D07F4D.60105@att.net> Hans Zaunere wrote: > >>Hans, >> >>I happened to see a mysql 4.1.8a on MySQL's site this morning, but >>couldn't find anything on it. > > > Was it the source tarball? A letter is just a reroll of the tarball, > for instance, if a typo is found in the README type of files included in > the source distribution. > yup, that's what it was... I went back to the download page and scrolled to the bottom and found the source tarball listed with the letter "a". Since the binaries don't carry the letter designation, then for the folks who use the MySQL AB supplied binaries (which I'm sure are most of us), it's a no-op. Strange--when I searched for 4.1.8a nothing turned up. thx John From dmintz at davidmintz.org Tue Dec 28 09:35:57 2004 From: dmintz at davidmintz.org (David Mintz) Date: Tue, 28 Dec 2004 09:35:57 -0500 (EST) Subject: [nycphp-talk] mysql and mysqli together (with PHP 5.0.3) In-Reply-To: <41EE526EC2D3C74286415780D3BA9F87071EA6E8@ehost011-1.exch011.intermedia.net> References: <41EE526EC2D3C74286415780D3BA9F87071EA6E8@ehost011-1.exch011.intermedia.net> Message-ID: On Mon, 27 Dec 2004, Hans Zaunere wrote: > > [...]If you compile --with-this and > > --with-that (which is what I'm doing with mysql and mysqli), then when > > your scripts use this and that extension, it's what, static or dynamically > > loaded? Static, I thought. > > Yeah, that'll be static then. What confused me is that you said you had > set some applications to detect and load either extension, which I took > to mean using dl() (http://php.net/dl) which can be troublesome. Ah yes, my bad. I was (mis)speaking of loading PEAR DB/mysql.php versus DB/mysqli.php by specifying 'mysql' or 'mysqli' in the DSN being passed to DB::connect() > As Dan > pointed out, there were some problems in recent releases, and the ZO > would be the only thing to make the language itself act to strangely. > It was some pretty bizarre behavior indeed, and thank you again. --- David Mintz http://davidmintz.org/ "Don't let the liberal media tell you what to think and feel. If you have hatred in your heart, let it out." -- Clayton Bigsby, black white supremacist From Cbielanski at inta.org Tue Dec 28 09:55:04 2004 From: Cbielanski at inta.org (Chris Bielanski) Date: Tue, 28 Dec 2004 09:55:04 -0500 Subject: [nycphp-talk] PHP-CLI Timeout Message-ID: <4DBE3775D77C744E9D1B9D06082E75D60AAAE9@intamail1.com> Happy holidaze all, I'm trying to parse a number of large webserver logs into a DB and I would prefer to use PHP as its our shop's lingua franca. How do I keep PHP from timing out the script after 30 seconds (or whatever I use in set_timeout())? Is there a method for running a script on the command line that doesn't terminate like this? Thanks, Chris Bielanski Web Programmer, International Trademark Association, 1133 Avenue of the Americas, 33rd Floor New York, NY 10036 +1 (212) 642-1745, f: +1 (212) 768-7796 mailto:cbielanski at inta.org, www.inta.org INTA -- 125 Years of Excellence From scott at crisscott.com Tue Dec 28 09:59:32 2004 From: scott at crisscott.com (Scott Mattocks) Date: Tue, 28 Dec 2004 09:59:32 -0500 Subject: [nycphp-talk] PHP-CLI Timeout In-Reply-To: <4DBE3775D77C744E9D1B9D06082E75D60AAAE9@intamail1.com> References: <4DBE3775D77C744E9D1B9D06082E75D60AAAE9@intamail1.com> Message-ID: <41D174D4.2070404@crisscott.com> Chris Bielanski wrote: > I'm trying to parse a number of large webserver logs into a DB and I would > prefer to use PHP as its our shop's lingua franca. How do I keep PHP from > timing out the script after 30 seconds (or whatever I use in set_timeout())? > Is there a method for running a script on the command line that doesn't > terminate like this? set_time_limit(-1); // http://us2.php.net/manual/en/function.set-time-limit.php // http://us2.php.net/manual/en/ref.info.php#ini.max-execution-time This will let the script run indefinately depending on your system settings (max_execution_time). -- Scott Mattocks From hans at nyphp.com Tue Dec 28 10:09:12 2004 From: hans at nyphp.com (Hans Zaunere) Date: Tue, 28 Dec 2004 07:09:12 -0800 Subject: [nycphp-talk] PHP-CLI Timeout Message-ID: <41EE526EC2D3C74286415780D3BA9F8707348172@ehost011-1.exch011.intermedia.net> > > I'm trying to parse a number of large webserver logs into a DB and I would > > prefer to use PHP as its our shop's lingua franca. How do I keep PHP from > > timing out the script after 30 seconds (or whatever I use in set_timeout())? > > Is there a method for running a script on the command line that doesn't > > terminate like this? > > set_time_limit(-1); > // http://us2.php.net/manual/en/function.set-time-limit.php > // http://us2.php.net/manual/en/ref.info.php#ini.max-execution-time > > This will let the script run indefinately depending on your system > settings (max_execution_time). Also, if this is a 4.3.x version of PHP, and it's truly compiled as a CLI (not a CGI) an execution time limit doesn't exist. --- Hans Zaunere President, Founder New York PHP http://www.nyphp.org From Cbielanski at inta.org Tue Dec 28 10:18:25 2004 From: Cbielanski at inta.org (Chris Bielanski) Date: Tue, 28 Dec 2004 10:18:25 -0500 Subject: [nycphp-talk] PHP-CLI Timeout Message-ID: <4DBE3775D77C744E9D1B9D06082E75D60AAAEA@intamail1.com> I'm afraid the set_time_limit(-1); threw an error. I decided to use a bad idea to get me through the crunch and I'm calling set_time_limit(60) in my processing loops. per the Fine Manual: "When called, set_time_limit() restarts the timeout counter from zero. In other words, if the timeout is the default 30 seconds, and 25 seconds into script execution a call such as set_time_limit(20) is made, the script will run for a total of 45 seconds before timing out." ...mmmm. Just the kind of ingredients one needs for a dirty hack... PHP -v tells me I have v. 4.3.4 (cgi-fcgi) Thanks, Chris Bielanski Web Programmer, International Trademark Association, 1133 Avenue of the Americas, 33rd Floor New York, NY 10036 +1 (212) 642-1745, f: +1 (212) 768-7796 mailto:cbielanski at inta.org, www.inta.org INTA -- 125 Years of Excellence > -----Original Message----- > From: Hans Zaunere [mailto:hans at nyphp.com] > Sent: Tuesday, December 28, 2004 10:09 AM > To: NYPHP Talk > Subject: RE: [nycphp-talk] PHP-CLI Timeout > > > > > > I'm trying to parse a number of large webserver logs into > a DB and I > would > > > prefer to use PHP as its our shop's lingua franca. How do > I keep PHP > from > > > timing out the script after 30 seconds (or whatever I use in > set_timeout())? > > > Is there a method for running a script on the command line that > doesn't > > > terminate like this? > > > > set_time_limit(-1); > > // http://us2.php.net/manual/en/function.set-time-limit.php > > // http://us2.php.net/manual/en/ref.info.php#ini.max-execution-time > > > > This will let the script run indefinately depending on your system > > settings (max_execution_time). > > Also, if this is a 4.3.x version of PHP, and it's truly compiled as a > CLI (not a CGI) an execution time limit doesn't exist. > > > --- > Hans Zaunere > President, Founder > New York PHP > http://www.nyphp.org > > > _______________________________________________ > New York PHP Talk > Supporting AMP Technology (Apache/MySQL/PHP) > http://lists.nyphp.org/mailman/listinfo/talk > http://www.newyorkphp.org > From scott at crisscott.com Tue Dec 28 10:17:58 2004 From: scott at crisscott.com (Scott Mattocks) Date: Tue, 28 Dec 2004 10:17:58 -0500 Subject: [nycphp-talk] PHP-CLI Timeout In-Reply-To: <4DBE3775D77C744E9D1B9D06082E75D60AAAEA@intamail1.com> References: <4DBE3775D77C744E9D1B9D06082E75D60AAAEA@intamail1.com> Message-ID: <41D17926.3060801@crisscott.com> Chris Bielanski wrote: > I'm afraid the set_time_limit(-1); threw an error. I decided to use a bad > idea to get me through the crunch and I'm calling set_time_limit(60) in my > processing loops. Sorry. I gave you bad information. per the Fine Manual again: "If seconds is set to zero, no time limit is imposed." > > per the Fine Manual: > "When called, set_time_limit() restarts the timeout counter from zero. In > other words, if the timeout is the default 30 seconds, and 25 seconds into > script execution a call such as set_time_limit(20) is made, the script will > run for a total of 45 seconds before timing out." > > ...mmmm. Just the kind of ingredients one needs for a dirty hack... > > PHP -v tells me I have v. 4.3.4 (cgi-fcgi) -- Scott Mattocks scott at crisscott.com http://www.crisscott.com http://pear.php.net/user/scottmattocks From codebowl at gmail.com Tue Dec 28 12:12:48 2004 From: codebowl at gmail.com (Joseph Crawford) Date: Tue, 28 Dec 2004 12:12:48 -0500 Subject: [nycphp-talk] Site Optimization Message-ID: <8d9a4280041228091214959ba1@mail.gmail.com> i was wondering..... are there any tools out there to simulate high traffic on your web server say where you specify how many users hit the site at one time and the tool actually hits your server that many times? sites seem to run fast on my dev server and on low traffic servers i would just like to see how my apps would run under heavy traffic circumstances. -- Joseph Crawford Jr. Codebowl Solutions codebowl at gmail.com From drydell at att.net Tue Dec 28 12:22:45 2004 From: drydell at att.net (drydell at att.net) Date: Tue, 28 Dec 2004 17:22:45 +0000 Subject: [nycphp-talk] Site Optimization Message-ID: <122820041722.28455.41D196650005E67C00006F27215876672004040A0B979D0B@att.net> check out LoadRunner: http://www.mercury.com/us/products/performance-center/loadrunner/ -------------- Original message ---------------------- From: Joseph Crawford > i was wondering..... > > are there any tools out there to simulate high traffic on your web > server say where you specify how many users hit the site at one time > and the tool actually hits your server that many times? > > sites seem to run fast on my dev server and on low traffic servers i > would just like to see how my apps would run under heavy traffic > circumstances. > > -- > Joseph Crawford Jr. > Codebowl Solutions > codebowl at gmail.com > _______________________________________________ > New York PHP Talk > Supporting AMP Technology (Apache/MySQL/PHP) > http://lists.nyphp.org/mailman/listinfo/talk > http://www.nyphp.org From patterson at computer.org Tue Dec 28 12:21:09 2004 From: patterson at computer.org (Bill Patterson) Date: Tue, 28 Dec 2004 12:21:09 -0500 Subject: [nycphp-talk] Site Optimization In-Reply-To: <8d9a4280041228091214959ba1@mail.gmail.com> References: <8d9a4280041228091214959ba1@mail.gmail.com> Message-ID: <41D19605.5080505@computer.org> Perhaps, if there is no opensource version of this, we could collectively build one on sourceforge? Between cron jobs and PHP to hit sites, we might be able to build some kind of simulator. Bill Joseph Crawford wrote: >i was wondering..... > >are there any tools out there to simulate high traffic on your web >server say where you specify how many users hit the site at one time >and the tool actually hits your server that many times? > >sites seem to run fast on my dev server and on low traffic servers i >would just like to see how my apps would run under heavy traffic >circumstances. > > > From codebowl at gmail.com Tue Dec 28 12:26:01 2004 From: codebowl at gmail.com (Joseph Crawford) Date: Tue, 28 Dec 2004 12:26:01 -0500 Subject: [nycphp-talk] Site Optimization In-Reply-To: <41D19605.5080505@computer.org> References: <8d9a4280041228091214959ba1@mail.gmail.com> <41D19605.5080505@computer.org> Message-ID: <8d9a428004122809261fe1574e@mail.gmail.com> thanks for the info i am looking now :D -- Joseph Crawford Jr. Codebowl Solutions codebowl at gmail.com From codebowl at gmail.com Tue Dec 28 12:26:42 2004 From: codebowl at gmail.com (Joseph Crawford) Date: Tue, 28 Dec 2004 12:26:42 -0500 Subject: [nycphp-talk] Site Optimization In-Reply-To: <8d9a428004122809261fe1574e@mail.gmail.com> References: <8d9a4280041228091214959ba1@mail.gmail.com> <41D19605.5080505@computer.org> <8d9a428004122809261fe1574e@mail.gmail.com> Message-ID: <8d9a428004122809264c739281@mail.gmail.com> ack there has to be a GPL application out there that doesnt "require" you to pay to use it :D -- Joseph Crawford Jr. Codebowl Solutions codebowl at gmail.com From faber at linuxnj.com Tue Dec 28 12:34:19 2004 From: faber at linuxnj.com (Faber Fedor) Date: Tue, 28 Dec 2004 12:34:19 -0500 Subject: [nycphp-talk] Re: Site Optimization In-Reply-To: <8d9a428004122809264c739281@mail.gmail.com> References: <8d9a4280041228091214959ba1@mail.gmail.com> <41D19605.5080505@computer.org> <8d9a428004122809261fe1574e@mail.gmail.com> <8d9a428004122809264c739281@mail.gmail.com> Message-ID: <20041228173419.GA23016@uranus.faber.nom> On 28/12/04 12:26 -0500, Joseph Crawford wrote: > ack there has to be a GPL application out there that doesnt "require" > you to pay to use it :D I thought there was a utility that came with Apache that did this kind of testing. IIRC, it had a small name (three letters or so). I can't find anything else at the moment... If you google 'load test site:www.apache.org' something called JMEter pops up all over the place... -- Regards, Faber Linux New Jersey: Open Source Solutions for New Jersey http://www.linuxnj.com From ajai at bitblit.net Tue Dec 28 12:42:47 2004 From: ajai at bitblit.net (Ajai Khattri) Date: Tue, 28 Dec 2004 12:42:47 -0500 Subject: [nycphp-talk] Site Optimization In-Reply-To: <8d9a4280041228091214959ba1@mail.gmail.com> References: <8d9a4280041228091214959ba1@mail.gmail.com> Message-ID: <41D19B17.3090107@bitblit.net> Joseph Crawford wrote: >i was wondering..... > >are there any tools out there to simulate high traffic on your web >server say where you specify how many users hit the site at one time >and the tool actually hits your server that many times? > >sites seem to run fast on my dev server and on low traffic servers i >would just like to see how my apps would run under heavy traffic >circumstances. > Awhile ago, I found this site had some useful tools: http://opensourcetesting.org -- Aj. Systems Administrator / Developer From ajai at bitblit.net Tue Dec 28 12:44:28 2004 From: ajai at bitblit.net (Ajai Khattri) Date: Tue, 28 Dec 2004 12:44:28 -0500 Subject: [nycphp-talk] Re: Site Optimization In-Reply-To: <20041228173419.GA23016@uranus.faber.nom> References: <8d9a4280041228091214959ba1@mail.gmail.com> <41D19605.5080505@computer.org> <8d9a428004122809261fe1574e@mail.gmail.com> <8d9a428004122809264c739281@mail.gmail.com> <20041228173419.GA23016@uranus.faber.nom> Message-ID: <41D19B7C.30300@bitblit.net> Faber Fedor wrote: >On 28/12/04 12:26 -0500, Joseph Crawford wrote: > >>ack there has to be a GPL application out there that doesnt "require" >>you to pay to use it :D >> > >I thought there was a utility that came with Apache that did this kind >of testing. IIRC, it had a small name (three letters or so). I can't >find anything else at the moment... > How about Deluge? http://deluge.sourceforge.net/ -- Aj. Systems Administrator / Developer From tgales at tgaconnect.com Tue Dec 28 12:45:49 2004 From: tgales at tgaconnect.com (Tim Gales) Date: Tue, 28 Dec 2004 12:45:49 -0500 Subject: [nycphp-talk] Re: Site Optimization Message-ID: <200412281745.iBSHjnD18206@tgaconnect.com> Faber Fedor writes: > I thought there was a utility that came with Apache that did this kind > of testing. IIRC, it had a small name (three letters or so). I can't > find anything else at the moment... Flood has four letters. Tim Gales www.tgaconnect.com Helping People Connect With Technology From faber at linuxnj.com Tue Dec 28 12:47:12 2004 From: faber at linuxnj.com (Faber Fedor) Date: Tue, 28 Dec 2004 12:47:12 -0500 Subject: [nycphp-talk] Re: Site Optimization In-Reply-To: <41D19B17.3090107@bitblit.net> References: <8d9a4280041228091214959ba1@mail.gmail.com> <41D19B17.3090107@bitblit.net> Message-ID: <20041228174712.GA23145@uranus.faber.nom> The "little utility" I was thinking of is called "ab" (Apache benchmarking). -- Regards, Faber Linux New Jersey: Open Source Solutions for New Jersey http://www.linuxnj.com From tgales at tgaconnect.com Tue Dec 28 12:48:08 2004 From: tgales at tgaconnect.com (Tim Gales) Date: Tue, 28 Dec 2004 12:48:08 -0500 Subject: [nycphp-talk] Re: Site Optimization Message-ID: <200412281748.iBSHm8B18547@tgaconnect.com> > Flood has four letters. food has four letters -- better break for some soon. Tim G. From henry at beewh.com Tue Dec 28 12:50:52 2004 From: henry at beewh.com (Henry Ponce) Date: Tue, 28 Dec 2004 14:50:52 -0300 Subject: [nycphp-talk] help needed Message-ID: <200412281450.52995.henry@beewh.com> Hello people: i have a problem that is driving me crazy. i am developing a site that is currently in: http://www.php-developers.com.ar 1. With Opera Browser there are no problems. 2. with ie you can open the page once, and when you try refreshing there is a problem. 3. same problem with firefox. I'm using include() to include the different blocks. I don't know what the problem might be. can anyone point me in the right direction. i also tested with www.php-developers.com.ar/newsarticles.php and i get the same error, with the first include. i hope you understand my problem. thank you. Henry From jayeshsh at ceruleansky.com Tue Dec 28 12:51:00 2004 From: jayeshsh at ceruleansky.com (Jayesh Sheth) Date: Tue, 28 Dec 2004 12:51:00 -0500 Subject: [nycphp-talk] trouble with PHP5 CGI Suse 9.1 - client denied by server configuration Message-ID: <41D19D04.3050901@ceruleansky.com> Hello all, perhaps some of the (SuSe) Linux gurus out there will have an idea as to what is going on here. I have an existing SuSe 9.1 Linux LAMP server set up with Apache 2.x, PHP 4.3.x, MySQL 4.x. The thing is that I want to use PHP 5 instead of PHP 4. But I also want to run older PHP4 scripts. I followed the instructions in Appendix C of Adam Trachtenberg's "Upgrading to PHP 5" book to use PHP 5 as a CGI, so that I can continue to use PHP 4 as an Apache module. (To use PHP5 scripts, I would simply configure Apache to execute scripts from a particular directory using the PHP 5 CGI binary.) I compiled PHP with the following options: ./configure --prefix=/usr/local/php5/ \ --enable-force-cgi-redirect \ --with-xml \ --with-libxml-dir=/usr/local/ \ --enable-soap \ --with-xsl=/usr/local/ \ --with-mysql \ --with-tidy-dir=/usr/ \ --with-curl-dir=/usr/local/ \ --with-mcrypt-dir=/usr/local/ \ --with-zlib-dir=/usr/local/ \ --with-gd \ --with-jpeg-dir=/usr/local/ \ --with-png-dir=/usr/local/ \ --enable-gd-native-ttf \ --enable-ftp \ --enable-sockets \ --enable-wddx \ --with-xmlrpc \ --with-iconv \ --enable-soap Thus, the PHP binary was installed to : /usr/local/php/bin/ I am not sure the this was right thing to do, but I chowned /usr/local/php/bin/ and its subdirectories to run as wwwrun user and belong to www group (Apache's user and group). I then modified /etc/apache2/httpd.conf and added the following information to the end of it: ScriptAlias /php5 /usr/local/php5/bin Options +ExecCGI +FollowSymLinks AllowOverride None AddHandler php-cgi-script .php Action php-cgi-script /php5/php Options +ExecCGI But when I try to access http://myipaddress/php5/ I get the following error in Apache's error logs ( /var/log/apache2/error-log ) : [Tue Dec 28 12:18:33 2004] [warn] Init: Session Cache is not configured [hint: SSLSessionCache] [Tue Dec 28 12:18:33 2004] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec2) [Tue Dec 28 12:18:34 2004] [notice] Apache/2.0.49 (Linux/SuSE) configured -- resuming normal operations [Tue Dec 28 12:20:20 2004] [error] [client 69.86.**.***] client denied by server configuration: /usr/local/php5/bin/pinfo.php [Tue Dec 28 12:23:18 2004] [error] [client 69.86.**.***] client denied by server configuration: /usr/local/php5/bin/php.cgi [Tue Dec 28 12:25:32 2004] [error] [client 69.86.**.***] client denied by server configuration: /usr/local/php5/bin/php script not found or unable to stat You see various different things after the "client denied by server configuration:" part because I was renaming the php binary and also I added a .htaccess in another subdirectory that looked like the following: AddHandler custom-php .php .pcgi Action custom-php /php5/php Options +ExecCGI But when I access http://myipaddress/php5/pinfo.php I get the following error: Access forbidden! You don't have permission to access the requested object. It is either read-protected or not readable by the server. If you think this is a server error, please contact the webmaster. Error 403 Does anyone know why this is happening? Thanks in advance! Best regards, - Jay From fields at hedge.net Tue Dec 28 12:51:21 2004 From: fields at hedge.net (Adam Fields) Date: Tue, 28 Dec 2004 12:51:21 -0500 Subject: [nycphp-talk] Re: Site Optimization In-Reply-To: <20041228173419.GA23016@uranus.faber.nom> References: <8d9a4280041228091214959ba1@mail.gmail.com> <41D19605.5080505@computer.org> <8d9a428004122809261fe1574e@mail.gmail.com> <8d9a428004122809264c739281@mail.gmail.com> <20041228173419.GA23016@uranus.faber.nom> Message-ID: <20041228175121.GH11264@lola.aquick.org> On Tue, Dec 28, 2004 at 12:34:19PM -0500, Faber Fedor wrote: > On 28/12/04 12:26 -0500, Joseph Crawford wrote: > > ack there has to be a GPL application out there that doesnt "require" > > you to pay to use it :D > > I thought there was a utility that came with Apache that did this kind > of testing. IIRC, it had a small name (three letters or so). I can't > find anything else at the moment... > > If you google 'load test site:www.apache.org' something called JMEter > pops up all over the place... There are a lot of load testing utilities. Here's a pretty comprehensive list: http://www.softwareqatest.com/qatweb1.html#LOAD I've used Siege, Webhammer, Loadrunner (not free), and I think WebAvalanche. I'd start with Siege and see if that works for you. If not, there's plenty of other stuff to try on that list. I believe JMeter used to be the ApacheBench tools, but it morphed into a bigger suite, so they changed the name. -- - Adam ----- [ http://www.aquick.org/blog ] [ http://www.adamfields.com ][ http://del.icio.us/fields ] [ http://www.aquick.org/photoblog ][ http://www.aquick.org/gallery ] From nestorflorez at earthlink.net Tue Dec 28 14:09:03 2004 From: nestorflorez at earthlink.net (Nestor Florez) Date: Tue, 28 Dec 2004 11:09:03 -0800 (PST) Subject: [nycphp-talk] help needed Message-ID: <5918529.1104260943388.JavaMail.root@scooter.psp.pas.earthlink.net> Henry, did not see a problem using mozilla for this site: http://www.php-developers.com.ar/ Nestor :-) -----Original Message----- From: Henry Ponce Sent: Dec 28, 2004 9:50 AM To: NYPHP Talk Subject: [nycphp-talk] help needed Hello people: i have a problem that is driving me crazy. i am developing a site that is currently in: http://www.php-developers.com.ar 1. With Opera Browser there are no problems. 2. with ie you can open the page once, and when you try refreshing there is a problem. 3. same problem with firefox. I'm using include() to include the different blocks. I don't know what the problem might be. can anyone point me in the right direction. i also tested with www.php-developers.com.ar/newsarticles.php and i get the same error, with the first include. i hope you understand my problem. thank you. Henry _______________________________________________ New York PHP Talk Supporting AMP Technology (Apache/MySQL/PHP) http://lists.nyphp.org/mailman/listinfo/talk http://www.nyphp.org From henry at beewh.com Tue Dec 28 14:18:20 2004 From: henry at beewh.com (Henry Ponce) Date: Tue, 28 Dec 2004 16:18:20 -0300 Subject: [nycphp-talk] help needed In-Reply-To: <5918529.1104260943388.JavaMail.root@scooter.psp.pas.earthlink.net> References: <5918529.1104260943388.JavaMail.root@scooter.psp.pas.earthlink.net> Message-ID: <200412281618.21019.henry@beewh.com> I am testing with Firefox and ie, and i can only refresh once. With opera and mozilla there is no problem. any help is appreciated. Thank you, Henry On Tuesday 28 December 2004 16:09, Nestor Florez wrote: > Henry, > > did not see a problem using mozilla for this site: > http://www.php-developers.com.ar/ > > Nestor :-) > > -----Original Message----- > From: Henry Ponce > Sent: Dec 28, 2004 9:50 AM > To: NYPHP Talk > Subject: [nycphp-talk] help needed > > Hello people: > > i have a problem that is driving me crazy. > > i am developing a site that is currently in: > > http://www.php-developers.com.ar > > 1. With Opera Browser there are no problems. > 2. with ie you can open the page once, and when you try refreshing there is > a problem. > 3. same problem with firefox. > > I'm using include() to include the different blocks. > > I don't know what the problem might be. can anyone point me in the right > direction. > > i also tested with www.php-developers.com.ar/newsarticles.php and i get the > same error, with the first include. i hope you understand my problem. > > thank you. > Henry > > > > _______________________________________________ > New York PHP Talk > Supporting AMP Technology (Apache/MySQL/PHP) > http://lists.nyphp.org/mailman/listinfo/talk > http://www.nyphp.org > > > > _______________________________________________ > New York PHP Talk > Supporting AMP Technology (Apache/MySQL/PHP) > http://lists.nyphp.org/mailman/listinfo/talk > http://www.nyphp.org From codebowl at gmail.com Tue Dec 28 14:22:52 2004 From: codebowl at gmail.com (Joseph Crawford) Date: Tue, 28 Dec 2004 14:22:52 -0500 Subject: [nycphp-talk] help needed In-Reply-To: <200412281618.21019.henry@beewh.com> References: <5918529.1104260943388.JavaMail.root@scooter.psp.pas.earthlink.net> <200412281618.21019.henry@beewh.com> Message-ID: <8d9a42800412281122678cf936@mail.gmail.com> i am not seeing the problem using firefox 1.0 can you be more specific as to what you are getting? I went to the site and refreshed about 4 times and the site loaded fine for me. -- Joseph Crawford Jr. Codebowl Solutions codebowl at gmail.com From jlacey at att.net Tue Dec 28 14:28:20 2004 From: jlacey at att.net (John Lacey) Date: Tue, 28 Dec 2004 12:28:20 -0700 Subject: [nycphp-talk] help needed In-Reply-To: <200412281618.21019.henry@beewh.com> References: <5918529.1104260943388.JavaMail.root@scooter.psp.pas.earthlink.net> <200412281618.21019.henry@beewh.com> Message-ID: <41D1B3D4.5070307@att.net> Henry Ponce wrote: > I am testing with Firefox and ie, and i can only refresh once. > > With opera and mozilla there is no problem. > > any help is appreciated. Henry, I ran the URL through the HTML validator at: http://validator.w3.org/ got a 'few errors' -- it's a place to start at least :) John From henry at beewh.com Tue Dec 28 14:31:48 2004 From: henry at beewh.com (Henry Ponce) Date: Tue, 28 Dec 2004 16:31:48 -0300 Subject: [nycphp-talk] help needed In-Reply-To: <8d9a42800412281122678cf936@mail.gmail.com> References: <5918529.1104260943388.JavaMail.root@scooter.psp.pas.earthlink.net> <200412281618.21019.henry@beewh.com> <8d9a42800412281122678cf936@mail.gmail.com> Message-ID: <200412281631.48489.henry@beewh.com> Joseph: the problem is that, using firefox or MS Internet Explorer, I can only open the page once, with no problems and I can only refresh once (in Firefox) and 0 times with Internet Explorer. With Mozilla or Opera explorer i get no mistakes. i can refresh as many times as i wish. the page http://www.php-developers.com.ar has a complete version with all the includes. I have created a smaller version in http://www.php-developers.com.ar/newsarticles.php with only one include. And i get the same error. This is very strange. I have checked all the mysql queries and the connection. Here is my phpinfo(): http://www.php-developers.com.ar/phpinfo.php I have been searching google all day for a solution. But i'm stuck. I don't think it has to do with timeouts, because i see it perfectly with Mozilla and Opera. I hope this explains my problem. Please help. Henry On Tuesday 28 December 2004 16:22, Joseph Crawford wrote: > i am not seeing the problem using firefox 1.0 can you be more specific > as to what you are getting? I went to the site and refreshed about 4 > times and the site loaded fine for me. From ajai at bitblit.net Tue Dec 28 14:39:25 2004 From: ajai at bitblit.net (Ajai Khattri) Date: Tue, 28 Dec 2004 14:39:25 -0500 Subject: [nycphp-talk] help needed In-Reply-To: <200412281631.48489.henry@beewh.com> References: <5918529.1104260943388.JavaMail.root@scooter.psp.pas.earthlink.net> <200412281618.21019.henry@beewh.com> <8d9a42800412281122678cf936@mail.gmail.com> <200412281631.48489.henry@beewh.com> Message-ID: <41D1B66D.8030600@bitblit.net> Henry Ponce wrote: >the problem is that, using firefox or MS Internet Explorer, I can only open >the page once, with no problems and I can only refresh once (in Firefox) and >0 times with Internet Explorer. > I am testing with IE5 - just wondering what the error is - do you mean the missing images in the middle??? -- Aj. Systems Administrator / Developer From henry at beewh.com Tue Dec 28 14:43:57 2004 From: henry at beewh.com (Henry Ponce) Date: Tue, 28 Dec 2004 16:43:57 -0300 Subject: [nycphp-talk] help needed In-Reply-To: <41D1B66D.8030600@bitblit.net> References: <5918529.1104260943388.JavaMail.root@scooter.psp.pas.earthlink.net> <200412281631.48489.henry@beewh.com> <41D1B66D.8030600@bitblit.net> Message-ID: <200412281643.58001.henry@beewh.com> the error i found is that i can't "refresh". the page "hangs" and then after a while i get a "not page found sign." or "no data". Henry On Tuesday 28 December 2004 16:39, Ajai Khattri wrote: > Henry Ponce wrote: > >the problem is that, using firefox or MS Internet Explorer, I can only > > open the page once, with no problems and I can only refresh once (in > > Firefox) and 0 times with Internet Explorer. > > I am testing with IE5 - just wondering what the error is - do you mean > the missing images in the middle??? From ajai at bitblit.net Tue Dec 28 14:49:59 2004 From: ajai at bitblit.net (Ajai Khattri) Date: Tue, 28 Dec 2004 14:49:59 -0500 Subject: [nycphp-talk] help needed In-Reply-To: <200412281643.58001.henry@beewh.com> References: <5918529.1104260943388.JavaMail.root@scooter.psp.pas.earthlink.net> <200412281631.48489.henry@beewh.com> <41D1B66D.8030600@bitblit.net> <200412281643.58001.henry@beewh.com> Message-ID: <41D1B8E7.2060905@bitblit.net> Henry Ponce wrote: >the error i found is that i can't "refresh". the page "hangs" and then after a >while i get a "not page found sign." or "no data". > I dont have that problem - using IE5. -- Aj. Systems Administrator / Developer From j.aponte at gmail.com Tue Dec 28 14:56:28 2004 From: j.aponte at gmail.com (Juancarlos Aponte) Date: Tue, 28 Dec 2004 14:56:28 -0500 Subject: [nycphp-talk] help needed In-Reply-To: <41D1B8E7.2060905@bitblit.net> References: <5918529.1104260943388.JavaMail.root@scooter.psp.pas.earthlink.net> <200412281631.48489.henry@beewh.com> <41D1B66D.8030600@bitblit.net> <200412281643.58001.henry@beewh.com> <41D1B8E7.2060905@bitblit.net> Message-ID: I was also able to refresh several times using IE6 through Maxthon. Strange. On Tue, 28 Dec 2004 14:49:59 -0500, Ajai Khattri wrote: > Henry Ponce wrote: > > >the error i found is that i can't "refresh". the page "hangs" and then after a > >while i get a "not page found sign." or "no data". > > > > I dont have that problem - using IE5. > > -- > Aj. > Systems Administrator / Developer > > _______________________________________________ > New York PHP Talk > Supporting AMP Technology (Apache/MySQL/PHP) > http://lists.nyphp.org/mailman/listinfo/talk > http://www.nyphp.org > -- .: Juancarlos :. "Any fool can know. The point is to understand." -Albert Einstein From ereyes at totalcreations.com Tue Dec 28 14:59:23 2004 From: ereyes at totalcreations.com (Edgar Reyes) Date: Tue, 28 Dec 2004 14:59:23 -0500 Subject: [nycphp-talk] help needed In-Reply-To: <200412281618.21019.henry@beewh.com> Message-ID: <003d01c4ed17$b9fca6f0$6400a8c0@ERENTR> Hello I tested it with IE and Firefox and with out a problem!! Was able to refresh it more than once.. ER -----Original Message----- From: talk-bounces at lists.nyphp.org [mailto:talk-bounces at lists.nyphp.org] On Behalf Of Henry Ponce Sent: Tuesday, December 28, 2004 2:18 PM To: NYPHP Talk Subject: Re: [nycphp-talk] help needed I am testing with Firefox and ie, and i can only refresh once. With opera and mozilla there is no problem. any help is appreciated. Thank you, Henry On Tuesday 28 December 2004 16:09, Nestor Florez wrote: > Henry, > > did not see a problem using mozilla for this site: > http://www.php-developers.com.ar/ > > Nestor :-) > > -----Original Message----- > From: Henry Ponce > Sent: Dec 28, 2004 9:50 AM > To: NYPHP Talk > Subject: [nycphp-talk] help needed > > Hello people: > > i have a problem that is driving me crazy. > > i am developing a site that is currently in: > > http://www.php-developers.com.ar > > 1. With Opera Browser there are no problems. > 2. with ie you can open the page once, and when you try refreshing there is > a problem. > 3. same problem with firefox. > > I'm using include() to include the different blocks. > > I don't know what the problem might be. can anyone point me in the right > direction. > > i also tested with www.php-developers.com.ar/newsarticles.php and i get the > same error, with the first include. i hope you understand my problem. > > thank you. > Henry > > > > _______________________________________________ > New York PHP Talk > Supporting AMP Technology (Apache/MySQL/PHP) > http://lists.nyphp.org/mailman/listinfo/talk > http://www.nyphp.org > > > > _______________________________________________ > New York PHP Talk > Supporting AMP Technology (Apache/MySQL/PHP) > http://lists.nyphp.org/mailman/listinfo/talk > http://www.nyphp.org _______________________________________________ New York PHP Talk Supporting AMP Technology (Apache/MySQL/PHP) http://lists.nyphp.org/mailman/listinfo/talk http://www.nyphp.org From codebowl at gmail.com Tue Dec 28 15:35:49 2004 From: codebowl at gmail.com (Joseph Crawford) Date: Tue, 28 Dec 2004 15:35:49 -0500 Subject: [nycphp-talk] help needed In-Reply-To: <003d01c4ed17$b9fca6f0$6400a8c0@ERENTR> References: <200412281618.21019.henry@beewh.com> <003d01c4ed17$b9fca6f0$6400a8c0@ERENTR> Message-ID: <8d9a4280041228123572e198dc@mail.gmail.com> i am having no problems here and without being able to re-create your error i am not sure how we can help you. one thing you might try is to delete your cache in both ie and firefox, restart both browsers, heck maybe even a reboot of the machine. I am not sure since i am not sitting at your keyboard :( -- Joseph Crawford Jr. Codebowl Solutions codebowl at gmail.com From henry at beewh.com Tue Dec 28 15:40:52 2004 From: henry at beewh.com (Henry Ponce) Date: Tue, 28 Dec 2004 17:40:52 -0300 Subject: [nycphp-talk] help needed In-Reply-To: <8d9a4280041228123572e198dc@mail.gmail.com> References: <200412281618.21019.henry@beewh.com> <003d01c4ed17$b9fca6f0$6400a8c0@ERENTR> <8d9a4280041228123572e198dc@mail.gmail.com> Message-ID: <200412281740.52216.henry@beewh.com> Joseph, thanks for your help. You know what I discovered by asking people to open the page... people in the US and Spain can open the web page correctly. But people in Estonia and Argentina (i am currently in Argentina) can't. I can't find the problem. Maybe it's the internet connection speed. don't know. I will keep trying to solve this. Henry On Tuesday 28 December 2004 17:35, Joseph Crawford wrote: > i am having no problems here and without being able to re-create your > error i am not sure how we can help you. > > one thing you might try is to delete your cache in both ie and > firefox, restart both browsers, heck maybe even a reboot of the > machine. I am not sure since i am not sitting at your keyboard :( From codebowl at gmail.com Tue Dec 28 18:16:42 2004 From: codebowl at gmail.com (Joseph Crawford) Date: Tue, 28 Dec 2004 18:16:42 -0500 Subject: [nycphp-talk] help needed In-Reply-To: <200412281740.52216.henry@beewh.com> References: <200412281618.21019.henry@beewh.com> <003d01c4ed17$b9fca6f0$6400a8c0@ERENTR> <8d9a4280041228123572e198dc@mail.gmail.com> <200412281740.52216.henry@beewh.com> Message-ID: <8d9a4280041228151642d5783b@mail.gmail.com> it could be latency issues, give it time might just be in the middle of an internet hiccup or something :D glad i could have helped. -- Joseph Crawford Jr. Codebowl Solutions codebowl at gmail.com From sajith.ml at gmail.com Tue Dec 28 20:12:42 2004 From: sajith.ml at gmail.com (Sajith A) Date: Wed, 29 Dec 2004 06:42:42 +0530 Subject: [nycphp-talk] Site Optimization In-Reply-To: <41D19605.5080505@computer.org> References: <8d9a4280041228091214959ba1@mail.gmail.com> <41D19605.5080505@computer.org> Message-ID: >Bill wrote > Perhaps, if there is no opensource version of this, we could > collectively build one on sourceforge? Between cron jobs and PHP to hit > sites, we might be able to build some kind of simulator. How about doing it in python. I'm new to python - still would like to know anyone interested here. From jayeshsh at ceruleansky.com Tue Dec 28 21:27:29 2004 From: jayeshsh at ceruleansky.com (Jayesh Sheth) Date: Tue, 28 Dec 2004 21:27:29 -0500 (EST) Subject: [nycphp-talk] trouble with PHP5 CGI Suse 9.1 - client denied by server configuration Message-ID: <33220.69.86.84.233.1104287249.spork@webmail.ceruleansky.com> Hi all, to save others endless hours of banging their heads against a wall made of green SuSe lizards, I am posting this fix, which I think did the trick (I need to check to see if all the extensions are working okay though). In /etc/apache2/httpd.conf the changes at the end should be slightly different: ScriptAlias /php5 /usr/local/php5_try2/bin Options +ExecCGI +FollowSymLinks Order allow,deny Allow from all AllowOverride None AddHandler php-cgi-script .php Action php-cgi-script /php5/php Options +ExecCGI The parts that are critical and needed is: Order allow,deny Allow from all Best regards, - Jay PS: Why does SuSe set up MySQL 4.0 with no user accounts created? Is the correct behavior? I guess I should edit the my.cnf file to add users ? From danielc at analysisandsolutions.com Wed Dec 29 00:51:45 2004 From: danielc at analysisandsolutions.com (Daniel Convissor) Date: Wed, 29 Dec 2004 00:51:45 -0500 Subject: [nycphp-talk] trouble with PHP5 CGI Suse 9.1 - client denied by server configuration In-Reply-To: <33220.69.86.84.233.1104287249.spork@webmail.ceruleansky.com> References: <33220.69.86.84.233.1104287249.spork@webmail.ceruleansky.com> Message-ID: <20041229055145.GA25010@panix.com> On Tue, Dec 28, 2004 at 09:27:29PM -0500, Jayesh Sheth wrote: > > to save others endless hours of banging their heads against a wall made of > green SuSe lizards, I am posting this fix, which I think did the trick (I Congrats. > Why does SuSe set up MySQL 4.0 with no user accounts created? Is the > correct behavior? I guess I should edit the my.cnf file to add users ? That's the best behavior, as far as I'm concerned. That way, no unexpected, unauthorized access can happen. my.cnf? No. Users go into the users table. Put them in there, but don't give them permission there. Give them permissions on a particular database via the db table. --Dan -- T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y data intensive web and database programming http://www.AnalysisAndSolutions.com/ 4015 7th Ave #4, Brooklyn NY 11232 v: 718-854-0335 f: 718-854-0409 From brent at landover.com Wed Dec 29 09:00:06 2004 From: brent at landover.com (Brent Baisley) Date: Wed, 29 Dec 2004 09:00:06 -0500 Subject: [nycphp-talk] Site Optimization In-Reply-To: <8d9a428004122809264c739281@mail.gmail.com> References: <8d9a4280041228091214959ba1@mail.gmail.com> <41D19605.5080505@computer.org> <8d9a428004122809261fe1574e@mail.gmail.com> <8d9a428004122809264c739281@mail.gmail.com> Message-ID: You could do a fairly simple load tester using Javascript. Just add an onLoad event handler to the body that refreshes or redirects the page. Open multiple browser windows to simulate multiple users, limited by the bandwidth of the machine. 5 machines * 10 browser windows = ~50 user simulation. That is truly a "poor mans" load tester. But it's something quick, easy and cheap. On Dec 28, 2004, at 12:26 PM, Joseph Crawford wrote: > ack there has to be a GPL application out there that doesnt "require" > you to pay to use it :D > > -- > Joseph Crawford Jr. > Codebowl Solutions > codebowl at gmail.com > _______________________________________________ > New York PHP Talk > Supporting AMP Technology (Apache/MySQL/PHP) > http://lists.nyphp.org/mailman/listinfo/talk > http://www.nyphp.org > > -- Brent Baisley Systems Architect Landover Associates, Inc. Search & Advisory Services for Advanced Technology Environments p: 212.759.6400/800.759.0577 From jayeshsh at ceruleansky.com Wed Dec 29 10:18:39 2004 From: jayeshsh at ceruleansky.com (Jayesh Sheth) Date: Wed, 29 Dec 2004 10:18:39 -0500 Subject: [nycphp-talk] trouble with PHP5 CGI Suse 9.1 - client denied by server configuration Message-ID: <41D2CACF.8090101@ceruleansky.com> Hi Dan, thanks for your followup and help with MySQL. I realized that on Linux the first time setup for MySQL is different. You are also right about not using my.cnf for user info (for some weird reason I remember that once on Windows using MySQL 3.23 I could add a user using a config file ... but I guess not on Linux.) Also - SuSe Linux 9.1 behaves in a non-standard way. So, the following instructions might be of use to others and save them loads of time. I am reformatting this information from another post on the Internet: First do the following: ----------------------------------------------------------- su - root cd /etc/init.d ./mysql start If the daemon comes up, then make sure the permissions in /var/lib/mysql are correct: cd /var/lib ls -lR mysql <= SHOULD BE "mysql:daemon" ( was root:root in my case) If necessary, then change the permissions manually: chown -R mysql:daemon /var/lib/mysql ---------------------------------------------------------- Then restart the SuSe box. Then the mysql daemon started automatically. ----------------------------------------------------------- Assuming the (initial Linux MySQL setup script) mysql_install_db was run correctly, you can now set the password for the two root MySQL accounts: /usr/bin/mysqladmin -u root password 'new-password' /usr/bin/mysqladmin -u root -h something.yourserver.com password 'new-password' ----------------------------------------------------------- Other MySQL paths for SuSe: Main config file: etc/my.cnf Socket: /var/lib/mysql/mysql.sock MySQL DB data dir: /var/lib/mysql/mysql/ MySQL binaries directory: /usr/bin/mysql* This should hopefully save others gobs of time on SuSe Linux. Best regards, - Jay From ajai at bitblit.net Wed Dec 29 10:51:54 2004 From: ajai at bitblit.net (Ajai Khattri) Date: Wed, 29 Dec 2004 10:51:54 -0500 Subject: [nycphp-talk] trouble with PHP5 CGI Suse 9.1 - client denied by server configuration In-Reply-To: <33220.69.86.84.233.1104287249.spork@webmail.ceruleansky.com> References: <33220.69.86.84.233.1104287249.spork@webmail.ceruleansky.com> Message-ID: <41D2D29A.8060405@bitblit.net> Jayesh Sheth wrote: >PS: >Why does SuSe set up MySQL 4.0 with no user accounts created? Is the >correct behavior? I guess I should edit the my.cnf file to add users ? > No: http://dev.mysql.com/doc/mysql/en/User_Account_Management.html -- Aj. Systems Administrator / Developer From jayeshsh at ceruleansky.com Wed Dec 29 14:07:14 2004 From: jayeshsh at ceruleansky.com (Jayesh Sheth) Date: Wed, 29 Dec 2004 14:07:14 -0500 Subject: [nycphp-talk] trouble with PHP5 CGI Suse 9.1 - client denied by server configuration Message-ID: <41D30062.2050209@ceruleansky.com> Hi Ajai, thanks for your post. I figured it out ... please see my previous post. It seems that the default MySQL accounts have to be initialized on Linux. Xampp for Windows really spoils you. Once you have downloaded the sources for 10 different libraries from 10 different sites, built them using 10 distinct set of ./configure directives, located the settings, binaries, log files, libary, source directories for Apache andMySQL - all in different places -, then built PHP three different times using different configure directives, and then fought with Apache over one Apache directive overriding another, then wondering why your particular distribution moved some configuration file from some/obscure/directory to someother/obscure/directory, you realize how wonderful Windows DLLs are. If you need a particular extension on Windows, all you have to do is uncomment it in php.ini and restart XAMPP. But no, on Linux you have to first go through the whole compile song and dance - first for the libraries you want, then again for PHP. I may not have said this before, but Thank God for Bill Gates and Microsoft for have spared me this misery of compilation so far! (If only Windows weren't so easily hackable, WAMP would be an AWESOME platform.) Best regards, - Jay From mitch.pirtle at gmail.com Wed Dec 29 14:29:31 2004 From: mitch.pirtle at gmail.com (Mitch Pirtle) Date: Wed, 29 Dec 2004 14:29:31 -0500 Subject: [nycphp-talk] trouble with PHP5 CGI Suse 9.1 - client denied by server configuration In-Reply-To: <41D30062.2050209@ceruleansky.com> References: <41D30062.2050209@ceruleansky.com> Message-ID: <330532b604122911297e414f1@mail.gmail.com> On Wed, 29 Dec 2004 14:07:14 -0500, Jayesh Sheth wrote: > > > Xampp for Windows really spoils you. Once you have downloaded the > sources for 10 different libraries from 10 different sites, built them > using 10 distinct set of ./configure directives, located the settings, > binaries, log files, libary, source directories for Apache andMySQL - > all in different places -, then built PHP three different times using > different configure directives, and then fought with Apache over one > Apache directive overriding another, then wondering why your particular > distribution moved some configuration file from some/obscure/directory > to someother/obscure/directory, you realize how wonderful Windows DLLs > are. If you need a particular extension on Windows, all you have to do > is uncomment it in php.ini and restart XAMPP. But no, on Linux you have > to first go through the whole compile song and dance - first for the > libraries you want, then again for PHP. I may not have said this before, > but Thank God for Bill Gates and Microsoft for have spared me this > misery of compilation so far! (If only Windows weren't so easily > hackable, WAMP would be an AWESOME platform.) > Great googely-moogely! What in the world are you trying to use? For every linux distro I ever installed (redhat, fedora, debian, knoppix, gentoo, suse, mandrake, slackware, CentOS, RHEL, dyne|bolic, ubuntu, and others I have forgotten) you have an automated way* of installing all of this. * apt-based or rpm-based (with apt): apt-get install php php-postgresql php-imap blah... Even gentoo was just an emerge away, and the most primitive system I know of (FreeBSD) has packages available... What distro you using, jurrassic linux? Did it come on floppies? (rimshot) Hey everybody, we gotta save Jay, he's trapped in some sort of wormhole and only has slackware with the 2.0 kernel!!! -- Mitch, with an evil grin From ajai at bitblit.net Wed Dec 29 14:29:48 2004 From: ajai at bitblit.net (Ajai Khattri) Date: Wed, 29 Dec 2004 14:29:48 -0500 Subject: [nycphp-talk] trouble with PHP5 CGI Suse 9.1 - client denied by server configuration In-Reply-To: <41D30062.2050209@ceruleansky.com> References: <41D30062.2050209@ceruleansky.com> Message-ID: <41D305AC.4050002@bitblit.net> Jayesh Sheth wrote: > you realize how wonderful Windows DLLs are. Or how difficult Windoze can be when you choose not to do things the M$ way. > But no, on Linux you have to first go through the whole compile song > and dance - first for the libraries you want, then again for PHP. Most Linux distros have great package managers that handle all this crap for you. > I may not have said this before, but Thank God for Bill Gates and > Microsoft for have spared me this misery of compilation so far! (If > only Windows weren't so easily hackable, WAMP would be an AWESOME > platform.) Source-based distros like Gentoo make rebuilding very very easy - I never configure stuff "by hand" anymore, don't need to. -- Aj. Systems Administrator / Developer From jlacey at att.net Wed Dec 29 14:38:26 2004 From: jlacey at att.net (John Lacey) Date: Wed, 29 Dec 2004 12:38:26 -0700 Subject: [nycphp-talk] trouble with PHP5 CGI Suse 9.1 - client denied by server configuration In-Reply-To: <41D30062.2050209@ceruleansky.com> References: <41D30062.2050209@ceruleansky.com> Message-ID: <41D307B2.8070609@att.net> Jayesh Sheth wrote: > Hi Ajai, > > thanks for your post. I figured it out ... please see my previous post. > > It seems that the default MySQL accounts have to be initialized on Linux. > > > Xampp for Windows really spoils you. Once you have downloaded the > sources for 10 different libraries from 10 different sites, built them > using 10 distinct set of ./configure directives, located the settings, > binaries, log files, libary, source directories for Apache andMySQL - > all in different places -, then built PHP three different times using > different configure directives, and then fought with Apache over one > Apache directive overriding another, then wondering why your particular > distribution moved some configuration file from some/obscure/directory > to someother/obscure/directory, you realize how wonderful Windows DLLs > are. If you need a particular extension on Windows, all you have to do > is uncomment it in php.ini and restart XAMPP. But no, on Linux you have > to first go through the whole compile song and dance - first for the > libraries you want, then again for PHP. I may not have said this before, > but Thank God for Bill Gates and Microsoft for have spared me this > misery of compilation so far! (If only Windows weren't so easily > hackable, WAMP would be an AWESOME platform.) > > I don't think one needs to go thru all that grief, but if it's any consolation Jay, XAMPP 1.4.11 was just released with the latest Zend Optimizer (2.5.7) that addresses various problems (like the foreach craziness) with using PHP 4.3.10 and the old ZO John From 1j0lkq002 at sneakemail.com Wed Dec 29 15:01:38 2004 From: 1j0lkq002 at sneakemail.com (inforequest) Date: Wed, 29 Dec 2004 15:01:38 -0500 Subject: [nycphp-talk] trouble with PHP5 CGI Suse 9.1 - client denied byserver configuration Message-ID: <20672-67944@sneakemail.com> Slackare? What's that? Sounds kewl. Does it run on XP? Can I borrow the CD? -=john andrews (oddly proud to put my name on this post :-) Original Message: ----------------- From: Mitch Pirtle mitch.pirtle-at-gmail.com |nyphp dev/internal group use| ... Date: Wed, 29 Dec 2004 14:29:31 -0500 To: talk at lists.nyphp.org Subject: Re: [nycphp-talk] trouble with PHP5 CGI Suse 9.1 - client denied byserver configuration Great googely-moogely! What in the world are you trying to use? For every linux distro I ever installed (redhat, fedora, debian, knoppix, gentoo, suse, mandrake, slackware, CentOS, RHEL, dyne|bolic, ubuntu, and others I have forgotten) you have an automated way* of installing all of this. * apt-based or rpm-based (with apt): apt-get install php php-postgresql php-imap blah... Even gentoo was just an emerge away, and the most primitive system I know of (FreeBSD) has packages available... What distro you using, jurrassic linux? Did it come on floppies? (rimshot) Hey everybody, we gotta save Jay, he's trapped in some sort of wormhole and only has slackware with the 2.0 kernel!!! -- Mitch, with an evil grin _____________________________ -------------------------------------------------------------------- mail2web - Check your email from the web at http://mail2web.com/ . From jayeshsh at ceruleansky.com Wed Dec 29 19:14:40 2004 From: jayeshsh at ceruleansky.com (Jayesh Sheth) Date: Wed, 29 Dec 2004 19:14:40 -0500 Subject: [nycphp-talk] trouble with PHP5 CGI Suse 9.1 - client denied by server configuration Message-ID: <41D34870.2060802@ceruleansky.com> Hi Mitch, >Great googely-moogely! What in the world are you trying to use? For >every linux distro I ever installed (redhat, fedora, debian, knoppix, >gentoo, suse, mandrake, slackware, CentOS, RHEL, dyne|bolic, ubuntu, >and others I have forgotten) you have an automated way* of installing >all of this. > I was using SuSe 9.1. The machine had Apache 2.0, PHP 4.x (as an Apache module) and MySQL 4.0 installed. But I just wanted to add PHP 5 as a CGI-binary mapped to a separate sub-directory of htdocs, while preserving Apache 2.0 and MySQL 4.0, and while keeping the PHP 4 Apache module as the parser for the rest of the htdocs files. In other words, I wanted to keep the same base system while adding the possibility to have a "php5docs" subdirectory where special PHP5 scripts/apps could run. Correct me if I am wrong, but I think there are no RPMs for PHP5 ? So I had to do this by hand. Also - I wanted PHP 5 with specific extensions. (After much compiling, the phpinfo file would still not show that mcrypt and mhash were installed. Must be some voodoo magic required to make it work.) >* apt-based or rpm-based (with apt): apt-get install php >php-postgresql php-imap blah... > >Even gentoo was just an emerge away, and the most primitive system I >know of (FreeBSD) has packages available... What distro you using, >jurrassic linux? Did it come on floppies? > >(rimshot) > >Hey everybody, we gotta save Jay, he's trapped in some sort of >wormhole and only has slackware with the 2.0 kernel!!! > >-- Mitch, with an evil grin Slackware did seem cool perhaps 5 years ago - but it is too Unixish for most people ... Best regards, - Jay From jayeshsh at ceruleansky.com Wed Dec 29 19:22:18 2004 From: jayeshsh at ceruleansky.com (Jayesh Sheth) Date: Wed, 29 Dec 2004 19:22:18 -0500 Subject: [nycphp-talk] trouble with PHP5 CGI Suse 9.1 - client denied by server configuration Message-ID: <41D34A3A.6060601@ceruleansky.com> Hi John, thanks for your note. >I don't think one needs to go thru all that grief, but if it's any >consolation Jay, XAMPP 1.4.11 was just released with the latest Zend >Optimizer (2.5.7) that addresses various problems (like the foreach >craziness) with using PHP 4.3.10 and the old ZO > >John I think there must be XAMPP version for Linux with PHP 5, but I did want to install it on top of my existing setup which had Apache 2, PHP 4 and MySQL 4.0 already installed. So then I would need uninstall all of those (AMP) and then install XAMPP. Another thing is that XAMPP is a distribution meant for local development, as opposed to server deployment. So it bundles every possible library, and leaves settings wide open. I think I read once that there is a secure settings script, but still there would hand tuning / human sanity checks required. I figured it would easier just to add PHP 5 as a CGI binary mapped to a specific subdirectory of my htdocs folder, so that I could continue to use PHP 4 while also using PHP 5-specfic apps. Note to Mitch (I forgot to mention this in my last reply to him) SuSe also comes out of the box with some strange settings and paths. For example, the mysql binaries are not owned by the mysql user! And Apache's configuration files are split into a million different includes. And when SuSe does things like that, it might compiling PHP as an Apache 2 module very problematic : http://www.trachtenberg.com/blog/programming/apache/apxs2-bug.html Best regards, - Jay From mitch.pirtle at gmail.com Wed Dec 29 19:30:59 2004 From: mitch.pirtle at gmail.com (Mitch Pirtle) Date: Wed, 29 Dec 2004 19:30:59 -0500 Subject: [nycphp-talk] trouble with PHP5 CGI Suse 9.1 - client denied by server configuration In-Reply-To: <41D34870.2060802@ceruleansky.com> References: <41D34870.2060802@ceruleansky.com> Message-ID: <330532b6041229163069dd7302@mail.gmail.com> Hey Jay, > Correct me if I am wrong, but I think there are no RPMs for PHP5 ? So I > had to do this by hand. Fedora has them available now, not touched SuSE since 8.0 so I'm rusty in the YAST2 department ;-) Take a look at this, it may provide some help: http://www.artima.com/forums/flat.jsp?forum=271&thread=70581 > Also - I wanted PHP 5 with specific extensions. (After much compiling, > the phpinfo file would still not show that mcrypt and mhash were > installed. Must be some voodoo magic required to make it work.) Yeah, those two are the biggest sticklers to deal with IMHO; but I can't remember how I got around it on the last install :-( Best of luck with getting PHP5 on your SuSE box though! -- Mitch From mitch.pirtle at gmail.com Wed Dec 29 19:36:13 2004 From: mitch.pirtle at gmail.com (Mitch Pirtle) Date: Wed, 29 Dec 2004 19:36:13 -0500 Subject: [nycphp-talk] trouble with PHP5 CGI Suse 9.1 - client denied by server configuration In-Reply-To: <41D34A3A.6060601@ceruleansky.com> References: <41D34A3A.6060601@ceruleansky.com> Message-ID: <330532b6041229163670c0884@mail.gmail.com> On Wed, 29 Dec 2004 19:22:18 -0500, Jayesh Sheth wrote: > > I think there must be XAMPP version for Linux with PHP 5, but I did want > to install it on top of my existing setup which had Apache 2, PHP 4 and > MySQL 4.0 already installed. So then I would need uninstall all of those > (AMP) and then install XAMPP. Another thing is that XAMPP is a > distribution meant for local development, as opposed to server > deployment. So it bundles every possible library, and leaves settings > wide open. I think I read once that there is a secure settings script, > but still there would hand tuning / human sanity checks required. I just got yet another replacement laptop from my fun-loving, prozac-popping friends at Acer; and with a clean XP I installed SP2, then apache2 (from apache.org), then mysql 4.1 (from mysql.com), then php5 (from php.net). Then I installed PostgreSQL 8.0 RC3, and then enabled the client DLL for php. I'm not a windows guy by any stretch of the imagination, but it was dead simple - anything with the registry or paths and I would have gone down in flames. Isn't it easier this way, so you can change versions of any/all of the components of the system? > Note to Mitch (I forgot to mention this in my last reply to him) > SuSe also comes out of the box with some strange settings and paths. For > example, the mysql binaries are not owned by the mysql user! And > Apache's configuration files are split into a million different > includes. And when SuSe does things like that, it might compiling PHP as > an Apache 2 module very problematic : > http://www.trachtenberg.com/blog/programming/apache/apxs2-bug.html Hehe I just sent you a link to a continuation of that thread. Yeah, that is tough, but I believe FreeBSD has a much higher 'hair-pulling' score in my book :-D -- Mitch From nyphp at aumcomputers.com Thu Dec 30 01:31:18 2004 From: nyphp at aumcomputers.com (Anirudh Zala) Date: Thu, 30 Dec 2004 12:01:18 +0530 Subject: [nycphp-talk] help needed References: <200412281618.21019.henry@beewh.com><003d01c4ed17$b9fca6f0$6400a8c0@ERENTR><8d9a4280041228123572e198dc@mail.gmail.com><200412281740.52216.henry@beewh.com> <8d9a4280041228151642d5783b@mail.gmail.com> Message-ID: <010f01c4ee39$40928ff0$10cc000a@aum1> Please check your ISP doesn't cache pages at their level. Such problem is prevailing in countries where internet connection is costly in terms of speed and bandwidth, so ISPs cache many websites and pages so that they can deliver them directly from their cache server instead of calling original server to server data. Ask for dedicated IP if possible where there is not any cache server in between. Some browser like Opera, and Firefox gives little protection by their in built mechanism of making pages "expired", so you might see such websites working properly (bcoz pages are now coming directly from server) in these browsers, but not all so you may face problems in those browsers. Hope this will help :) Anirudh Zala ----- Original Message ----- From: "Joseph Crawford" To: "NYPHP Talk" Sent: Wednesday, December 29, 2004 4:46 AM Subject: Re: [nycphp-talk] help needed > it could be latency issues, give it time might just be in the middle > of an internet hiccup or something :D glad i could have helped. > > -- > Joseph Crawford Jr. > Codebowl Solutions > codebowl at gmail.com > _______________________________________________ > New York PHP Talk > Supporting AMP Technology (Apache/MySQL/PHP) > http://lists.nyphp.org/mailman/listinfo/talk > http://www.nyphp.org > From henry at beewh.com Thu Dec 30 08:11:47 2004 From: henry at beewh.com (Henry Ponce) Date: Thu, 30 Dec 2004 10:11:47 -0300 Subject: [nycphp-talk] help needed In-Reply-To: <010f01c4ee39$40928ff0$10cc000a@aum1> References: <200412281618.21019.henry@beewh.com> <8d9a4280041228151642d5783b@mail.gmail.com> <010f01c4ee39$40928ff0$10cc000a@aum1> Message-ID: <200412301011.48023.henry@beewh.com> Thank you Anirudh. I will check into this. Good Luck, Henry From jlacey at att.net Thu Dec 30 12:38:31 2004 From: jlacey at att.net (John Lacey) Date: Thu, 30 Dec 2004 10:38:31 -0700 Subject: [nycphp-talk] trouble with PHP5 CGI Suse 9.1 - client denied by server configuration In-Reply-To: <41D34A3A.6060601@ceruleansky.com> References: <41D34A3A.6060601@ceruleansky.com> Message-ID: <41D43D17.2020609@att.net> Jayesh Sheth wrote: > > I think there must be XAMPP version for Linux with PHP 5, but I did want > to install it on top of my existing setup which had Apache 2, PHP 4 and > MySQL 4.0 already installed. So then I would need uninstall all of those > (AMP) and then install XAMPP. Another thing is that XAMPP is a > distribution meant for local development, as opposed to server > deployment. So it bundles every possible library, and leaves settings > wide open. I think I read once that there is a secure settings script, > but still there would hand tuning / human sanity checks required. a few thoughts: One of the things I like most about the way XAMPP is "installed" on Windows is that it's not really installed (ala registry entries), but puts everything in C:\xampp (assuming the default). As you know, you can either install Apache and MySQL as services or just run them with the ...start.bat files and keep the dos cmd windows open. The same holds true for XAMPP on Linux. If you take the default it wants to "install" into /opt/lampp (as opposed to say, /usr/bin/blah...) So, you don't really have to uninstall Apache PHP4, MySQL, but merely stop those services. Of course, as you've stated, XAMPP is not meant for production, security-wise, but for development [and learning]. For example, it sets register_globals to "On", etc. To that end, I've used XAMPP [on Windows] in both PHP5 and PHP4 "mode" by using the php_switch.bat "feature". XAMPP on Linux can also be switched back and forth: By the following command you can switch "back" to PHP 4.3.x: /opt/lampp/lampp php4 And with the following command you can switch back to PHP 5.0.x: /opt/lampp/lampp php5 > > I figured it would easier just to add PHP 5 as a CGI binary mapped to a > specific subdirectory of my htdocs folder, so that I could continue to > use PHP 4 while also using PHP 5-specfic apps. As to running them both --from a previous talk post re: John's note on running PHP4 and PHP5 on the same box... Here's the August post John Coggeshall wrote with regard to mod_proxy: http://lists.nyphp.org/pipermail/talk/2004-August/011613.html and the link to the instructions from the above post: http://wiki.coggeshall.org/Main/RunningPHP4AndPHP5Concurrently HTH, John From jayeshsh at ceruleansky.com Thu Dec 30 12:52:13 2004 From: jayeshsh at ceruleansky.com (Jayesh Sheth) Date: Thu, 30 Dec 2004 12:52:13 -0500 Subject: [nycphp-talk] trouble with PHP5 CGI Suse 9.1 - client denied by server configuration Message-ID: <41D4404D.10300@ceruleansky.com> Hello John, thanks a lot for links, I will take a look at them. I finally did get it to work although not with all the extensions I wanted. I guess when I have a bit more time (one of these weekends) I will try the compiling again. Best regards, - Jay From hans at nyphp.com Thu Dec 30 14:19:23 2004 From: hans at nyphp.com (Hans Zaunere) Date: Thu, 30 Dec 2004 11:19:23 -0800 Subject: [nycphp-talk] trouble with PHP5 CGI Suse 9.1 - client denied byserver configuration Message-ID: <41EE526EC2D3C74286415780D3BA9F8707348D30@ehost011-1.exch011.intermedia.net> > > > > Xampp for Windows really spoils you. Once you have downloaded the > > sources for 10 different libraries from 10 different sites, built them > > using 10 distinct set of ./configure directives, located the settings, > > binaries, log files, libary, source directories for Apache andMySQL - > > all in different places -, then built PHP three different times using > > different configure directives, and then fought with Apache over one > > Apache directive overriding another, then wondering why your particular > > distribution moved some configuration file from some/obscure/directory > > to someother/obscure/directory, you realize how wonderful Windows DLLs > > are. If you need a particular extension on Windows, all you have to do > > is uncomment it in php.ini and restart XAMPP. But no, on Linux you have > > to first go through the whole compile song and dance - first for the > > libraries you want, then again for PHP. I may not have said this before, > > but Thank God for Bill Gates and Microsoft for have spared me this > > misery of compilation so far! (If only Windows weren't so easily > > hackable, WAMP would be an AWESOME platform.) > > Of course, there's the FreeBSD ports system... > Even gentoo was just an emerge away, and the most primitive system I > know of (FreeBSD) has packages available... What distro you using, > jurrassic linux? Did it come on floppies? Whow... never heard that. The FreeBSD ports system is probably the most advanced, and all that Gentoo has made a feeble attempt at copying. I generally compile all key components/libs from source anyway, but there's nothing worse than getting caught up in a web of RPMs, except maybe apt-gets. But then there's no sense getting into a my-package-system-is-better-than-yours discussion, since there's never an answer :) --- Hans Zaunere President, Founder New York PHP http://www.nyphp.org From ajai at bitblit.net Thu Dec 30 14:50:44 2004 From: ajai at bitblit.net (Ajai Khattri) Date: Thu, 30 Dec 2004 14:50:44 -0500 Subject: [nycphp-talk] trouble with PHP5 CGI Suse 9.1 - client denied byserver configuration In-Reply-To: <41EE526EC2D3C74286415780D3BA9F8707348D30@ehost011-1.exch011.intermedia.net> References: <41EE526EC2D3C74286415780D3BA9F8707348D30@ehost011-1.exch011.intermedia.net> Message-ID: <41D45C14.5000104@bitblit.net> Hans Zaunere wrote: > >Whow... never heard that. The FreeBSD ports system is probably the most >advanced, and all that Gentoo has made a feeble attempt at copying. > And in some ways improved upon, but if you've never used it you wouldn't know... >But then there's no sense getting into a >my-package-system-is-better-than-yours discussion, since there's never >an answer :) > Right, so tell us why you started? -- Aj. Systems Administrator / Developer From hans at nyphp.com Thu Dec 30 19:27:29 2004 From: hans at nyphp.com (Hans Zaunere) Date: Thu, 30 Dec 2004 16:27:29 -0800 Subject: [nycphp-talk] NYPHP.org Server Upgrade Message-ID: <41EE526EC2D3C74286415780D3BA9F8707348E95@ehost011-1.exch011.intermedia.net> Hey folks, The servers will be offline for about 30 minutes while I do a standard upgrade of the base system. This includes all jails that the underlying system provides. I'll post out another message when things are back online to ensure everything is kosher. Regards, --- Hans Zaunere President, Founder New York PHP http://www.nyphp.org From hans at nyphp.com Thu Dec 30 21:52:12 2004 From: hans at nyphp.com (Hans Zaunere) Date: Thu, 30 Dec 2004 18:52:12 -0800 Subject: [nycphp-talk] RE: [nycbug-talk] NYPHP.org Server Upgrade Message-ID: <41EE526EC2D3C74286415780D3BA9F8707348EC9@ehost011-1.exch011.intermedia.net> Everything is back online and should be functioning without a problem. If there are any issues, contact me offlist. > -----Original Message----- > From: talk-bounces at lists.nycbug.org [mailto:talk-bounces at lists.nycbug.org] On Behalf Of Hans Zaunere > Sent: Thursday, December 30, 2004 7:27 PM > To: NYPHP Talk; nycbug List > Cc: Ben Ramsey > Subject: [nycbug-talk] NYPHP.org Server Upgrade > > > Hey folks, > > The servers will be offline for about 30 minutes while I do a standard > upgrade of the base system. This includes all jails that the underlying > system provides. > > I'll post out another message when things are back online to ensure > everything is kosher. > > Regards, > > > --- > Hans Zaunere > President, Founder > New York PHP > http://www.nyphp.org > > > _______________________________________________ > % NYC*BUG talk mailing list > http://lists.nycbug.org/mailman/listinfo/talk > %Be sure to check out our Jobs and NYCBUG-announce lists > %We meet the first Wednesday of the month From susan_shemin at yahoo.com Thu Dec 30 21:55:53 2004 From: susan_shemin at yahoo.com (Susan Shemin) Date: Thu, 30 Dec 2004 18:55:53 -0800 (PST) Subject: [nycphp-talk] [OT] recommend laptop repair place/Windows XP fixer-upper? Message-ID: <20041231025553.53107.qmail@web53704.mail.yahoo.com> I've been trying to fix my laptop for over a month now with RAM chip problems which have corrupted my XP Pro. I am quite subborn and was determined to fix it, but I guess it's time to ask for outside help besides from Microsoft which has been of little help. I'm looking for a place either in Manhattan or Westchester county. Thank goodness I haven't gotten my new site up yet, or I would have had to walk away from my computer and start with a blank new computer. The PHP files are safely on a web server, but all my recent Fireworks pngs are on the corrupted XP drive! Thanks, Susan --------------------------------- Do you Yahoo!? Yahoo! Mail - now with 250MB free storage. Learn more. -------------- next part -------------- An HTML attachment was scrubbed... URL: From webmaster at localnotion.com Thu Dec 30 21:38:51 2004 From: webmaster at localnotion.com (Matthew Terenzio) Date: Thu, 30 Dec 2004 21:38:51 -0500 Subject: [nycphp-talk] PEAR on shared servers Message-ID: <1AFBAA57-5AD5-11D9-B3B3-0003938BDF32@localnotion.com> A web hosting company is telling me they don't install PEAR (third party software) because of security reasons? I showed them a number of installed packages they already had and said. "you mean except these?" But how can most of these packages be less secure than the hundreds of PHP scripts running all over the server. Most likely the contrary right? MT From 1j0lkq002 at sneakemail.com Thu Dec 30 23:04:58 2004 From: 1j0lkq002 at sneakemail.com (inforequest) Date: Thu, 30 Dec 2004 23:04:58 -0500 Subject: [nycphp-talk] [OT] recommend laptop repair place/Windows XP fixer-upper? In-Reply-To: <20041231025553.53107.qmail@web53704.mail.yahoo.com> References: <20041231025553.53107.qmail@web53704.mail.yahoo.com> Message-ID: <23697-81790@sneakemail.com> Susan Shemin susan_shemin-at-yahoo.com |nyphp dev/internal group use| wrote: > I've been trying to fix my laptop for over a month now with RAM chip > problems which have corrupted my XP Pro. I am quite subborn and was > determined to fix it, but I guess it's time to ask for outside help > besides from Microsoft which has been of little help. > > I'm looking for a place either in Manhattan or Westchester county. > > Thank goodness I haven't gotten my new site up yet, or I would have > had to walk away from my computer and start with a blank new > computer. The PHP files are safely on a web server, but all my recent > Fireworks pngs are on the corrupted XP drive! > > Thanks, > > Susan > > ------------------------------------------------------------------------ I would not trust any Windows repair to not lose files that are on the disk. If you need those files I suggest you boot a Knoppix Live CD and read them off the hard drive onto a USB drive or out over the network connection. Knoppix will boot from the CD and leave your current HDD in "read only" state, so you can read the files off even if XP is hosed. Get knoppix here: http://www.knopper.net/knoppix/index-en.html Sorry I can't suggest a repair center. -=john andrews From tgales at tgaconnect.com Fri Dec 31 07:15:47 2004 From: tgales at tgaconnect.com (Tim Gales) Date: Fri, 31 Dec 2004 07:15:47 -0500 Subject: [nycphp-talk] [OT] recommend laptop repair place/Windows XPfixer-upper? In-Reply-To: <20041231025553.53107.qmail@web53704.mail.yahoo.com> Message-ID: <000e01c4ef32$75dbd140$e98d3818@oberon1> Susan Shemin writes: "I've been trying to fix my laptop for over a month now with RAM chip problems which have corrupted my XP Pro" Do you mean you have hardware problems, or software (O/S) problems, or both? Can you at least bring up Windows in 'Safe Mode'? T. Gales & Associates Helping People Connect with Technology http://www.tgaconnect.com From nasir81 at gmail.com Fri Dec 31 10:07:10 2004 From: nasir81 at gmail.com (Nasir Zubair) Date: Fri, 31 Dec 2004 10:07:10 -0500 Subject: [nycphp-talk] PEAR on shared servers In-Reply-To: <1AFBAA57-5AD5-11D9-B3B3-0003938BDF32@localnotion.com> References: <1AFBAA57-5AD5-11D9-B3B3-0003938BDF32@localnotion.com> Message-ID: <40fcda730412310707fdf94e9@mail.gmail.com> I have found that many hosts do not know what PEAR is. Some are lazy to look into it and some are paranoid, as you suggested :-) And there is usually not much you can do to change their attitude. I usually place the package file in a "lib" folder and change the include path to look for proper files there. On Thu, 30 Dec 2004 21:38:51 -0500, Matthew Terenzio wrote: > A web hosting company is telling me they don't install PEAR (third > party software) because of security reasons? > I showed them a number of installed packages they already had and said. > > "you mean except these?" > > But how can most of these packages be less secure than the hundreds of > PHP scripts running all over the server. > Most likely the contrary right? > > MT > > _______________________________________________ > New York PHP Talk > Supporting AMP Technology (Apache/MySQL/PHP) > http://lists.nyphp.org/mailman/listinfo/talk > http://www.nyphp.org > From jayeshsh at ceruleansky.com Fri Dec 31 10:36:23 2004 From: jayeshsh at ceruleansky.com (Jayesh Sheth) Date: Fri, 31 Dec 2004 10:36:23 -0500 Subject: [nycphp-talk] PEAR on shared servers Message-ID: <41D571F7.9080201@ceruleansky.com> Hello Matthew, In the past I have done "local installs" of PEAR libraries on shared servers. For examples, if you need the Auth package, you first find all its dependencies from its download page ( http://pear.php.net/package/Auth/download ). You then look up which libraries those dependencies depend on, and so on. So, if you need to include 'DB.php', you just install it to the directory you are working in. This is somewhat quick-and-dirty, but sometimes it is the only thing that works. You could also use the PEAR command line installer if you have SSH access, but I prefer to "hand install" my PEAR libraries, especially since I often have to "hand edit" them to get them to work on shared servers. The funny thing is that you are (theoretically) supposed to be able to set the include_path using the ini_set() function, but that has rarely worked for me. So theoretically, you are supposed to be able to install all PEAR libraries to a new directory and then set the include_path setting to point to that setting at the top of your script. But that often does not work and I do not know why. (PEAR uses the include_path setting in php.ini to determine where to find PEAR library files.) Best regards, - Jay From susan_shemin at yahoo.com Fri Dec 31 19:18:02 2004 From: susan_shemin at yahoo.com (Susan Shemin) Date: Fri, 31 Dec 2004 16:18:02 -0800 (PST) Subject: [nycphp-talk] [OT] recommend laptop repair place/Windows XPfixer-upper? In-Reply-To: <000e01c4ef32$75dbd140$e98d3818@oberon1> Message-ID: <20050101001802.45397.qmail@web53704.mail.yahoo.com> Hey, Tim, It began months ago with a RAM problem, sometimes the computer read one RAM chip and when I popped the chips out and then popped them back in, it rebooted fine with the whole amount. Then a month ago Windows started saying there were corrupt files. In the meantime I had one of my RAM chips replaced at Crucial. Now I cannot even get it up in Safe Mode. Susan Tim Gales wrote: Susan Shemin writes: "I've been trying to fix my laptop for over a month now with RAM chip problems which have corrupted my XP Pro" Do you mean you have hardware problems, or software (O/S) problems, or both? Can you at least bring up Windows in 'Safe Mode'? T. Gales & Associates Helping People Connect with Technology http://www.tgaconnect.com _______________________________________________ New York PHP Talk Supporting AMP Technology (Apache/MySQL/PHP) http://lists.nyphp.org/mailman/listinfo/talk http://www.nyphp.org --------------------------------- Do you Yahoo!? Meet the all-new My Yahoo! ? Try it today! -------------- next part -------------- An HTML attachment was scrubbed... URL: From susan_shemin at yahoo.com Fri Dec 31 19:24:41 2004 From: susan_shemin at yahoo.com (Susan Shemin) Date: Fri, 31 Dec 2004 16:24:41 -0800 (PST) Subject: [nycphp-talk] [OT] recommend laptop repair place/Windows XP fixer-upper? In-Reply-To: <23697-81790@sneakemail.com> Message-ID: <20050101002441.46504.qmail@web53704.mail.yahoo.com> Thanks for the link--I'll certainly check it out! inforequest <1j0lkq002 at sneakemail.com> wrote: Susan Shemin susan_shemin-at-yahoo.com |nyphp dev/internal group use| wrote: > I've been trying to fix my laptop for over a month now with RAM chip > problems which have corrupted my XP Pro. I am quite subborn and was > determined to fix it, but I guess it's time to ask for outside help > besides from Microsoft which has been of little help. > > I'm looking for a place either in Manhattan or Westchester county. > > Thank goodness I haven't gotten my new site up yet, or I would have > had to walk away from my computer and start with a blank new > computer. The PHP files are safely on a web server, but all my recent > Fireworks pngs are on the corrupted XP drive! > > Thanks, > > Susan > > ------------------------------------------------------------------------ I would not trust any Windows repair to not lose files that are on the disk. If you need those files I suggest you boot a Knoppix Live CD and read them off the hard drive onto a USB drive or out over the network connection. Knoppix will boot from the CD and leave your current HDD in "read only" state, so you can read the files off even if XP is hosed. Get knoppix here: http://www.knopper.net/knoppix/index-en.html Sorry I can't suggest a repair center. -=john andrews _______________________________________________ New York PHP Talk Supporting AMP Technology (Apache/MySQL/PHP) http://lists.nyphp.org/mailman/listinfo/talk http://www.nyphp.org --------------------------------- Do you Yahoo!? Meet the all-new My Yahoo! ? Try it today! -------------- next part -------------- An HTML attachment was scrubbed... URL: From prusak at gmail.com Fri Dec 31 21:01:27 2004 From: prusak at gmail.com (Ophir Prusak) Date: Fri, 31 Dec 2004 21:01:27 -0500 Subject: [nycphp-talk] php bulletin boards Message-ID: Hi all, I'm looking to install a bulletin board system on a site I run. I know this subject was discussed a while back. I was wondering what the current lowdown on my options are. Of course free is good but I'm willing to consider other options. When I checked a couple of years ago, the "big three" were phpbb, ipb and vbulletin. Can anyone share their bulletin board experiences ?? Thanx Ophir From codebowl at gmail.com Fri Dec 31 22:43:58 2004 From: codebowl at gmail.com (Joseph Crawford) Date: Fri, 31 Dec 2004 22:43:58 -0500 Subject: [nycphp-talk] php bulletin boards In-Reply-To: References: Message-ID: <8d9a42800412311943219cc987@mail.gmail.com> there is also woltlab burning board.... i havent used it though. as far as i know those are still the 3 big one's my friend wrote a board for php5 called k4 it's pretty good and you can see it in action on dotgeek.org in thier forums section. if you want to check it out i believe it's at newmediums.net if not lemme know and i will get you the url On Fri, 31 Dec 2004 21:01:27 -0500, Ophir Prusak wrote: > Hi all, > > I'm looking to install a bulletin board system on a site I run. > I know this subject was discussed a while back. I was wondering what > the current lowdown on my options are. > > Of course free is good but I'm willing to consider other options. > When I checked a couple of years ago, the "big three" were phpbb, ipb > and vbulletin. > > Can anyone share their bulletin board experiences ?? > > Thanx > Ophir > _______________________________________________ > New York PHP Talk > Supporting AMP Technology (Apache/MySQL/PHP) > http://lists.nyphp.org/mailman/listinfo/talk > http://www.nyphp.org > -- Joseph Crawford Jr. Codebowl Solutions codebowl at gmail.com From danielc at analysisandsolutions.com Fri Dec 31 23:44:09 2004 From: danielc at analysisandsolutions.com (Daniel Convissor) Date: Fri, 31 Dec 2004 23:44:09 -0500 Subject: [nycphp-talk] php bulletin boards In-Reply-To: References: Message-ID: <20050101044409.GA24129@panix.com> On Fri, Dec 31, 2004 at 09:01:27PM -0500, Ophir Prusak wrote: > phpbb All I can say is avoid that like the plague. --Dan -- T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y data intensive web and database programming http://www.AnalysisAndSolutions.com/ 4015 7th Ave #4, Brooklyn NY 11232 v: 718-854-0335 f: 718-854-0409