logs archiveIRC Archive / Freenode / #php / 2006 / May / 11 / 1
||cw
Pisterman: then use flash, which can auto install
Pisterman: the restriction is there for very valid and serious security reasons. many times "easy" means "please rape me"
sidey
when working with imagejpeg, is there a default maxsize for images being used?
UnixD4d
when im creating an register form, is better to use another .php file with the creation process or is better to put all in the same .php file using { action="<?php echo $_SERVER['PHP_SELF'];?> } ?
Pisterman
||cw: so there is no chance i can load that dll to use on the client side?
||cw
Pisterman: no. you need something that is signed, so it can extend beyond the sandbox and access the file systsem
as far as I know, you can't sign javascript
Pisterman
||cw: thanks
crrj
Javascript is too easy to alter on the way to the client
mattmcc
Well, you can, but nobody does.
And I think it's just a Mozilla thing, anyway.
Useful in extensions, not so much in websites.
MalMen
how can i check if variable is numeric?
         

mattmcc
Did you try searching the manual for 'numeric' ?
Stormchaser
MalMen: ctype_digit()?
(Action) ponders, if MalMen is even heard of php's manuals
sidey
nobody knows the maxsize allowed when using imagejpeg ?
MalMen
im know now the error
Stormchaser
sidey: That'd depend on the memory
MalMen
i put $is_numeric
:S
Stormchaser
*blink*
AfroTurf_
i'm upgrading from 4.4.0 to 5.1.* is there anything i need to change in my php.ini?
Stormchaser
not really
AfroTurf_
ok good
sidey
Stormchaser: can it be getimagesize() that doesnt allow too large images ?
Stormchaser
sidey: That shoudn't be important...
MalMen
if (is_numeric($quota) = FALSE)
Fatal error: Can't use function return value in write context in /var/www/painel/modulos/adduser.php on line 15
:S
CyaNox
sidey: what size image are you opening?
AfroTurf_
when i went to apache2.0.55 from 2.0.52 there was like a huge dir change and config's changed... so thats why i ask
ST00PiD
MalMen: RTFM :)
Stormchaser
*sigh*
ST00PiD
MalMen: = is for assignment. == is for comparison. === is for strict comparison.
sidey
1,26MB is okey, with the resolution 1000x1333
ST00PiD
Not too hard, plenty of examples per function.
         

MalMen
im pass long time far far away of php
CyaNox
sidey: that should work just fine if your php memory limit allows it.
AfroTurf_
and all i wanted was the pdflib... fu*king gentoo
Stormchaser
gentoo \o/
sidey
ahh, i think its the resolution-size that matterst
for example, 1000x1333 works
magox
hola
sidey
but 1944x2592 doesnt work
AfroTurf_
its like an audi, it works great when its working, but when there is a problem. you have change a ton of stuff
magox
pplication Error - Database misconfigured to use an unsupported driver: ADODB ¿?
sidey
can i set the maxsize of an image somehow ?
theGZA
Hello. I'm trying to list all the letters of the alphabet using the range and foreach functions. Can someone help me out here?
DepretioN
magox: #mysql
jjb_lyceum
is it possible to specify the path for a session cookie?
without having access to the ini configuration?
DepretioN
foreach (range('a', 'z') as $letter) echo $letter;
mattmcc
http://php.net/setcookie
Oh, a session cookie.
http://php.net/session-set-cookie-params
jjb_lyceum
mattmcc: thanks a bunch.
TheWarden
Hi. I'm using mod_auth_mysql apache module to handle the login procedure from the Apache to MySQL side. Now the passwords are stored encrypted (mysql encrypt()). I want to no longer use mod_auth_mysql and just use a PHP class I've written to handle everthing. How can I take a password and compare it to an encryted password?
theGZA
thank u, depretion
TheWarden
mod_auth_mysql does this some how, but I have no idea where to begin.
richardlynch
TheWarden: Figure out which encryption method it used, and use that method and compare the outputs.
mattmcc
Do the comparison in a query.
Only way to access mysql's special short-bus hashing method.
Stormchaser
!tell theGZA about u
TheWarden
richardlynch: it uses mysql encrypt() which is equivalent to C's, not sure if this matches crypt() in PHP. So grab the password from database and then take the submitted password crypt it and compare it? Whould these not match as it's never the same.. unless it creates some hash.
richardlynch
TheWarden: Errr. The encrypted version *IS* a hash, really. The question is which hashing function they used in mod_auth_mysql
TheWarden
oh encrypt() of MySQL uses the Unix crypt().. which should be the same as crypt() in PHP.
richardlynch: right... damn ahh that wlll be tough
Pisterman
||cw: can you give me some advice from where to start to do it with flash?
||cw: or with java?
richardlynch
TheWarden: Or just use: SELECT password = encrypt('$password') FROM whatever where username = '$username'
Stormchaser
(Action) munches dogmeat
dogmeat
enjoy !
Stormchaser
*urp*
DepretioN
Stormchaser : Do you chill in here all day whilst you are at work? :P
TheWarden
richardlynch: oh I didn't think that would work as I thought it changed each time the hash... so if I take a password that has been crypt() and then take another password and crypt() that they should always match?
richardlynch: well if the passwords are the same that is I mean.
DepretioN
the hash is always the same yes
AfroTurf_
ah now my mysql-connect doen't work, why am i not surpized
Stormchaser
DepretioN: I like to munch random people :)
angela24
where can I get mysql administrator
DepretioN
AfroTurf : You are not surprised because you know your level of knowledge :)
richardlynch
TheWarden: That's kinda how it works, yeah. Some hash functions bury a "salt" into the encrypted data -- E.G. the first 2 characters or everything between $1$ and $2$ in the middle or... You have to know the function, and how to get the salt back out, but it will always works out the same for the same inputs.
DepretioN
angela24 : jobs.com
Stormchaser
angela24: probably in some store as well...
mattmcc
A pet store, perhaps.
Stormchaser
yep :)
mattmcc
PHP parrots, mysql monkeys, linux llamas...
richardlynch
angela24: It should have been installed as mysql_admin right next to mysql binary, unless you installed only mysql-client, perhaps?
mattmcc
Wait, they don't sell llamas in pet stores.
Lateralus
Your pet store doesn't sell llamas? Do they carry alpacas?
mattmcc
Only on the TVs by the registers.
TheWarden
richardlynch: so to test this theory I should be able to do this then, SELECT * FROM WebAccounts WHERE Password=encrypt('passwordhere');. Test it against an account I know for a fact the password is. So far not working.. and I know I'm not using salt.
angela24
um richardlynch I was using my sql control center
mattmcc
Apparently they can make you rich.
angela24
but is deprecated
DepretioN
angela24 : #mysql
Lateralus
A male alpaca just sold recently for $600,000
AfroTurf_
where is /tmp usually at?
richardlynch
TheWarden: How do you know mod_auth_mysql did not use a random salt? You don't know that.
DepretioN
Yes TheWarden , if that failes the hash is different
Lateralus
AfroTurf: ...
AfroTurf_
nvm
ST00PiD
:D
angela24
DepretioN ?
TheWarden
richardlynch: oh no I mean mysql encrypt() is being used without salt.
AfroTurf_
i've just upgraded and now a bunch of sh*t doesn't work, same sh*t different day with gentoo
winmutt
pdo+forking==borked
TheWarden
damn it anyone how doesn't work...argh. Now what.. mmm
Lateralus
AfroTurf: No upgrade has ever moved /tmp.
richardlynch
TheWarden: Show us a sample password (encrypted) from your db.
DepretioN
AfroTurf : thats why Gentoo is so fun ... you get to fix things all the time and you learn so much :)
Lateralus
If you're asking where /tmp is, there's a problem here that is not Gentoo.
AfroTurf_
lateralus: i'm getting mysql_connect errors: Can't connect to local MySQL server through socket '/tmp/mysql.sock'
Lateralus
AfroTurf: So start mysql.
AfroTurf_
Lateralus: it is :)
DepretioN
put a cron job to emerge system && emerge world and get all the testing packages aswell.... now thats fun :)
AfroTurf : check your my.cnf where it sets the .sock file
Lateralus
richardlynch
AfroTurf_: Probably not started correctly... Or did they move the directory for mysql.sock in the distro?
DepretioN
then either symlink it to /tmp/mysql.sock , or recompile php with correct sock location
AfroTurf_
ya i'm checking whee the dir i sfor the mysql.sock
knowing gentoo they move it with every upgrade of something somewhere
DepretioN
they would have patched the php ebuild then aswell
TheWarden
richardlynch: okay sec...
AfroTurf_
i'll create a sym link and see if that will work
DepretioN
should, but it will probably break everytime you restart mysql
||cw
AfroTurf: sounds more like you've hacked in a non-standard location, I'd expect it to be somewhere more like /var/lib/mysql/mysql.sock
TheWarden
richardlynch: okay this is the stored password value inside quotes, "oZgARWaiOyqT6". The password actual value is "foobar".
richardlynch
||cw: Yeah, well the MySQL guys default it to /tmp, so that's where *I* expect it to be.
AfroTurf_
this is why i'm scared to upgrade all the time with gentoo
mattmcc
Debian packages change the default, because it's stupid.
Runfiles have no business being in /tmp.
DepretioN
TheWarden ... is that in your mysql.user or something?
TheWarden
richardlynch: I'm doing this to test it, SELECT * FROM Web_Accounts WHERE Password=encrypt('foobar');
||cw
AfroTurf: the official mysql source tarball does this?
richardlynch
TheWarden: It's the old old 2-char salt at the beginning algorithm whose name I forgot.
TheWarden
DepretioN: no this is stored in a table the stores all my users on the web site. this is for a web site not for mysql access.
AfroTurf_
||cw: everything in gentoo does this lol
DepretioN
SELECT * FROM Web_Accounts WHERE Password = OLD_PASSWORD('foobar');
try that
richardlynch
TheWarden: password = encrypt(password, substring(password, 1, 2))
TheWarden
richardlynch: oh great... ahh mmm
richardlynch
TheWarden: It's also not a particularly good algorithm anymore, as I recall...
AfroTurf_
||cw: been using gentoo for over 2 years and i've not had one easy simple emerge -uN world
shadfc
im having a script that uses gd functions fail silently (i have E_NOTICE on), and i cant figure out why. php5, apache2
Lateralus
AfroTurf: Then there is a problem here that is not Gentoo, as most people have no trouble. Perhaps you aren't cut out for Gentoo. Try debian.
takuan
is anybody in here used to getting php en mysql to work under windows with apache?
Stormchaser
AfroTurf: As said: gentoo \o/
mattmcc
AfroTurf: Not being cut out to run gentoo isn't necessarily a character flaw.
richardlynch
mattmcc: If you wanna argue with the MySQL guys where they ought to put their files, then argue with them. I don't care where they are, so long as the distro doesn't move them for only half my software..
« prev 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 next »