logs archiveIRC Archive / Freenode / #php / 2006 / May / 20 / 1
johndoe
turning off magic quote can be done but isn't it best if u can autodetect magic quote at the first place?
Advocated`
||cw thats what im not sure of, this "sanitizing" as you mention, ive never really done this kind of thing before, got any functions, i can then go look them up
madclicker
||cw, thank you for your input
||cw
Advocated`: read up on sql injection and cross site scripting
xnor
Hi, is it possible to return a auto_increment value from from mysql_query() ?
will[werk]
xnor, mysql_insert_id()
||cw
Advocated`: the basic idea is that a user would put in data, or craft a URL, that would cause your sql statement or html output the close early and then his content would get injected
Advocated`
||cw ahh, so even though im not insertingt the data into a table, i should treat it like that anyway to make sure no one can cause problems?
||cw
Advocated`: if you are echo'ing it to the browser you should treat it accordingly (slashes won't help much there)
         

Advocated`
||cw i was going to get all the POST variables, construct a single variable, then echo that single variable
TheWarden
I'm not very familiar with PEAR:HTTP_Header. Does anyone know if I can use it to handle HTTP Error Codes?
Very little docs are available it appears...
caffinated
!tell TheWarden about g10
madclicker
||cw, the php pages have a bunch of "addslashes" "stripslashes" how can i find out which one does the "addslashes" before the " ' " character?
Advocated`
||cw this kind of thing, ive used this ages ago: $theArticleId = mysql_real_escape_string($tempString, $link);
TheWarden
Well okay... never mind then. where is there a place to talk about pre-written scripts?
bosko
the internet
||cw
TheWarden: the poeple that wrote them
madclicker: by "the php pages" do you mean your code? debug it
Advocated`: XSS cleaning is more complex than escaping, just the basic idea is the same
madclicker
||cw, is there a debugger for linux?
||cw
madclicker: no idea
madclicker
k
||cw
madclicker: and debugging doens't usualy require a debugger, but it does require getting familar with the code
madclicker
||cw, :(
(Action) is not a coder
caffinated
madclicker: ZDE works in linux, and has debugging support
||cw
so disable magic quotes
Stormchaser
madclicker: echo, print_r or var_dump are usually ther best tools
caffinated: xdebug \o/
caffinated
actually, the best tool is a proper test suite
but nobody really does that when writing PHP code.
Stormchaser
I have to stop it... Someone might think, that I'm a programmer :)
||cw
hahah
yeah right
Shaba1
Hello folks
when I here read on a site that php needs to be compiled with some extension
         

caffinated
(Action) scans for legibility and finds none
Shaba1
does that mean I need the actual source code and libs for php and the extension ad a C compiler?
mattmcc
Not necessarily.
Shaba1
how so mattmcc
||cw
Shaba1: depends on the extention
Shaba1
To me it seems I just need the extension files and then to put ---with--whatever extention
mattmcc
Shaba1: Well, it depends. Many common extensions are available as packages themselves.
Shaba1
in php.ini
||cw
and how you installed php
mattmcc
Even those that aren't can be compiled on their own using phpize.
Shaba1
I mean everytime I read that( and I read a LOT of php tutorial) and it says compile
I am thinking I need a C compiler.
I have one and two different front ends for it.
mattmcc
Yeah, apparently it's a widely held misconception.
Shaba1
but I would rather not
mattmcc
It depends a lot on the extension, the nature of a PHP installation, etc.
Shaba1
It would be nice if the authors could come up with a better word
like say "plugin"
mattmcc
To replace extension? I don't see much of a semantic improvement there.
||cw
Shaba1: the basic idea is that once you install from packages you are no longer supported by the official install docs. tut's are going to stick witht he offical install docs and so they say compile. but you packages were compiiled, so you just have to see if the extention is available
Shaba1: and doing --with-foo for /everything/ leads to a large php binary and longer load times
jplibre
extension plugin module include-file
Qube
StormChaser ?
||cw
--with-foo=shared is better
Qube
got held up with a phone call
jplibre
"that thing you add into the main thingy"
Qube
Stormchaser, ||cw : http://www.google.com/support/webmasters/bin/answer.py?answer=35770
"Don't use "&id=" as a parameter in your URLs, as we don't include these pages in our index."
part of the "webmaster guidelines" area
mattmcc
Isn't that nice of google to encourage people to use better URL practices.
Qube
they re-orged the site, but it has been that way for years (see internet archive for proof)
mattmcc
Although what posesses them to think foo?id=N is any worse for their uses than foo/N is beyond me.
||cw
Qube: what about ?id= ?
Qube
||cw, conversation from 30 mins ago
||cw
Qube: the guidelien says &id=, not ?id=, is there a difference to them
mattmcc
I'd be pretty scared if google indexed one, but not the other.
Since they're functionally identical.
Qube
well, from the url perspective, there is a difference - underneith there isn't, but I would like to fight google on it
caffinated
Qube: um, that's not webmaster guidelines. that's good sitemap guidelines.
||cw
Qube: ?id=1 gives results, &id=100 doesn't
caffinated
Qube: it has absolutely nothing to do with crawling pages.
Qube
guess it is just &id= then
still, useful to know
mattmcc
caffinated: I'm not convinced of that.
caffinated: The only thing that suggests that to be the case is the contents of the left-hand nav.
Stormchaser
Qube: Well... that's ain't quite true, either: http://www.google.com/search?hs=xOr&hl=en&lr=&client=firefox&rls=org.mozilla%3Aen-US%3Aunofficial&q=%26id%3D10&btnG=Search and the last entry on first site
caffinated
mattmcc: which is the heading for it all
Qube
Stormchaser, s/site/page ?
still - it has a n/a page rank
Stormchaser
hm? Results 1 - 10 of about 16 for &id=10. (0.35 seconds) <-- that looks like reasonable number to me
Qube
do any have a page rank?
caffinated
mattmcc: if google doesn't crawl those pages, why can i find so many on google?
Stormchaser
Qube: I cannot know that, since I don't use google bar.... But does that change anything?
Qube
regardless - only 16 results for &id=10 kinda proves that google doesn't try to index them
caffinated
mattmcc: http://www.google.ca/search?hl=en&q=id%3D10&btnG=Google+Search&meta= note the URLs
Qube
maybe the results it has are old
mattmcc
caffinated: I didn't assert that they don't.. :)
Stormchaser
Qube: the point is: It *HAS* them.
caffinated
Qube: or perhaps they are speaking specificly about sitemap, the script used to generate a sitemap which is supposed to make googlebot's job easier.
Xsploit
bah this is the last fu*king network im on now
fu*king isp
what you guys all up to ?
Stormchaser
Xsploit: switch to AOL, then
(Action) runs
numist
so whats the best way to tell if an element in your array is an infinitely recursive reference
like 'GLOBALS' in get_defined_vars
||cw
numist: um, not to create one in the first place?
numist
cant. get_defined_vars will always contain an infinitely deep referenc
theotherlight|wo
what takes less strain on a system... reading/writing files, or reading/writing a database?
||cw
but globals is the only one that php will recurse
theotherlight|wo: depends on load, a db will have better caching at higher load
will[werk]
Depends on writing what.
theotherlight|wo
just writing long strings of text
no huge formatting... just simple text, but potentially in large loads
will[werk]
And then do what with it?
theotherlight|wo
access it.
probably quite frequently
potentially every page
TheWarden
How can I get the HTTP status code in PHP?
||cw
numist: um, globals doens't seem to be in that array
numist
||cw: The account has been created. Paul needs to sign the security statement
for the account and pick up his password. He can stop by CSE Help office
ugh
||cw
haha
numist
||cw: http://pastebin.com/727072
||cw
numist: what php version
numist
5.whatever
5.1.4 cli
||cw
hm, 4.4.0 cli deosn't have globals in it
via php -r 'print_r(get_defined_vars());'|less
mikefoo
Stormchaser: whats wrong with direct admin?
||cw
and 5.0 does
what kinda sucks
numist
yep
smaxor
any idea why my script here on my windows box running xampp runs fine, but when I up it to my linux server I get this error Error: 7 Connect failed; Operation now in progress
||cw
numist: but again, GLOBALS is the only one, so ignore it
eddiestone
hello, does anybody knows a good dao framework for php?
airboy
hello i need litle help
i want to make text lines into array
but every 10th lines gose into array
not one by one
numist
||cw: it would be nice to have a programmatic way to detect the recursion so I could catch future possibilities
its the Right Thing To Do
airboy
anybody home?
peyrol
I'm not here
;P
airboy
is there a way to save text lines into array
i know per line using $check = explode("\n", $txt);
but i want first to 10th line then 10th to 20th and so on?
will[werk]
airboy, file()?
airboy
no post[]
peyrol
airboy: maybe You should 2 arrays
airboy
how?
peyrol
temporary array
« prev 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 next »