From jkapron at newageweb.com  Sat Jun  1 01:30:03 2002
From: jkapron at newageweb.com (Jerry Kapron)
Date: Sat, 01 Jun 2002 01:30:03 -0400
Subject: PHP Object handling. A rant.
References: <200205311652.g4VGqEP62837@slipdisc.virul.net>
Message-ID: <3CF85BDA.2EDA20AD@NewAgeWeb.com>

Is it really that bad? -> http://www.itchyfeet.org.nz/local/phprant.php



From charles at softwareprototypes.com  Sat Jun  1 10:33:55 2002
From: charles at softwareprototypes.com (charles at softwareprototypes.com)
Date: Sat, 1 Jun 2002 10:33:55 -0400
Subject: [nycphp-talk] PHP Object handling. A rant.
Message-ID: <61040-22002661143355281@softwareprototypes.com>

Object oriented systems are notoriously hard to debug.

Smalltalks have excellent interactive debugging but that only works
if the IDE is present. On packaged apps. you don't ship the IDE. If
you do, the footprint becomes huge and your users have to be
Smalltalk developpers who know what to do with a Walkback Window.

The only ones who have a decent handle on the process are IBM with
VisualAge Smalltalk which is the same thing as saying OTI's
ENVY/Developper which is the engine. The entire stack and all objects
in RAM are serialized and streamed to a file when an application
crash occurs. That's a lot of over-head for a crash and those files
are huge and buggers to work with without the specialised tools.

What he's bitching about though, is the stateless nature of the web
and the fact that the entire system and the application that he's
working on has to be designed as a state machine which is forced to
recoved its relevant state information at every invocation and which
has to stuff its state information at every exit.

I say he's got it easy compared to programming in CICS or IDMS-DC
where the problems of releasing every resource between invocation are
compounded by a limit of 32k-words of memory per process.

Read a "Programming in Command -level CICS COBOL" for an
appreaciation of the problem.

His beef has dick-all to do with object-orientation and everything to
do with the fact that he doesn't know how to implement a state
machine or handle dialog flow.

Ripping out the object-oriented code won't help him. His problem is
that he's not thinking in objects so his logic flow is spanning
object methods and he doesn't know what to do.

State machines are perpendicular to structure in the same way that a
mobile is perpendicular to its hanging three dimensional structure or
that a true aquatic ballet is perpendicular to the position of the
swimmers in the pool. If you only look at the surface, you're missing
the true dimension of the problem and can't get the point of the
exercise.

The GUI is a state machine but only for the GUI. The rest of the
objects implement their own state machines as required.

To wax poetic, as I once did in "The Hot-Line on Object-Oriented
Technology" software development is like choreographing the dance of
electrons in n-dimensions. This poor flat-lander has two left feet.

-Charles-A.


> From: Jerry Kapron <jkapron at NewAgeWeb.com>
> Organization: New York PHP
> Reply-To: talk at nyphp.org
> Date: Sat,  1 Jun 2002 01:25:48 -0400
> To: NYPHP Talk <talk at nyphp.org>
> Subject: [nycphp-talk] PHP Object handling. A rant.
> 
> Is it really that bad? ->
http://www.itchyfeet.org.nz/local/phprant.php
> 
> 




From rderoo at supserv.com  Sat Jun  1 10:42:04 2002
From: rderoo at supserv.com (Raymond DeRoo)
Date: Sat, 1 Jun 2002 10:42:04 -0400
Subject: [nycphp-talk] PHP Object handling. A rant.
In-Reply-To: <200206010525.g515PmP67170@slipdisc.virul.net>
References: <200206010525.g515PmP67170@slipdisc.virul.net>
Message-ID: <200206011442.g51Eg36o015373@base.deroo.net>

Jerry--

> Is it really that bad? -> http://www.itchyfeet.org.nz/local/phprant.php

Some of the points he brings up where probably valid at the time of his 
writing. Though he does not mention specifically which version he's using, 
but I would guess 4.0.6. PHP 4.1.x> can put objects in sessions and be 
carried from one page to the next. Still at issue (at least for 4.2.1) is 
when you serialize() an object, methods are lost when you unserialize(). 
Though I've heard this has been corrected in Zend 2.0

As for is gripping about error handling, PHP 4.2 now ships default with E_ALL 
for error reporting as the default. A *great* way to write code, but I don't 
run production servers with error logging set that high. But that's just me, 
YMMV.

.r


From charles at softwareprototypes.com  Sat Jun  1 20:38:19 2002
From: charles at softwareprototypes.com (charles at softwareprototypes.com)
Date: Sat, 1 Jun 2002 20:38:19 -0400
Subject: The system date on dev is still screwed up... 
Message-ID: <301480-2200260203819156@softwareprototypes.com>

Hello Hans,

the system date on the dev box is still one day ahead.

Later,

-Charles-A.



From rainman at deroo.net  Sat Jun  1 21:25:43 2002
From: rainman at deroo.net (Raymond DeRoo)
Date: Sat, 1 Jun 2002 21:25:43 -0400
Subject: [nycphp-talk] PHP Object handling. A rant.
Message-ID: <200206020125.g521Pg6o017255@base.deroo.net>

Jerry--

> Is it really that bad? ->

http://www.itchyfeet.org.nz/local/phprant.php

Some of the points he brings up where probably valid at the time of his 
writing. Though he does not mention specifically which version he's using, 
but I would guess 4.0.6. PHP 4.1.x> can put objects in sessions and be 
carried from one page to the next. Still at issue (at least for 4.2.1) is 
when you serialize() an object, methods are lost when you unserialize(). 
Though I've heard this has been corrected in Zend 2.0

As for is gripping about error handling, PHP 4.2 now ships default with E_ALL 
for error reporting as the default. A *great* way to write code, but I don't 
run production servers with error logging set that high. But that's just me, 
YMMV.

.r


From ejp at well.com  Sun Jun  2 01:44:12 2002
From: ejp at well.com (Edward Potter)
Date: Sun, 02 Jun 2002 01:44:12 -0400
Subject: [nycphp-talk] PHP Object handling. A rant.
References: <200206011429.g51ETiP72907@slipdisc.virul.net>
Message-ID: <3CF9B0AC.20101@well.com>

O gosh, just pass the value in a hidden field. It's fool proof right?

:-) e



charles at softwareprototypes.com wrote:

> Object oriented systems are notoriously hard to debug.
> 
> Smalltalks have excellent interactive debugging but that only works
> if the IDE is present. On packaged apps. you don't ship the IDE. If
> you do, the footprint becomes huge and your users have to be
> Smalltalk developpers who know what to do with a Walkback Window.
> 
> The only ones who have a decent handle on the process are IBM with
> VisualAge Smalltalk which is the same thing as saying OTI's
> ENVY/Developper which is the engine. The entire stack and all objects
> in RAM are serialized and streamed to a file when an application
> crash occurs. That's a lot of over-head for a crash and those files
> are huge and buggers to work with without the specialised tools.
> 
> What he's bitching about though, is the stateless nature of the web
> and the fact that the entire system and the application that he's
> working on has to be designed as a state machine which is forced to
> recoved its relevant state information at every invocation and which
> has to stuff its state information at every exit.
> 
> I say he's got it easy compared to programming in CICS or IDMS-DC
> where the problems of releasing every resource between invocation are
> compounded by a limit of 32k-words of memory per process.
> 
> Read a "Programming in Command -level CICS COBOL" for an
> appreaciation of the problem.
> 
> His beef has dick-all to do with object-orientation and everything to
> do with the fact that he doesn't know how to implement a state
> machine or handle dialog flow.
> 
> Ripping out the object-oriented code won't help him. His problem is
> that he's not thinking in objects so his logic flow is spanning
> object methods and he doesn't know what to do.
> 
> State machines are perpendicular to structure in the same way that a
> mobile is perpendicular to its hanging three dimensional structure or
> that a true aquatic ballet is perpendicular to the position of the
> swimmers in the pool. If you only look at the surface, you're missing
> the true dimension of the problem and can't get the point of the
> exercise.
> 
> The GUI is a state machine but only for the GUI. The rest of the
> objects implement their own state machines as required.
> 
> To wax poetic, as I once did in "The Hot-Line on Object-Oriented
> Technology" software development is like choreographing the dance of
> electrons in n-dimensions. This poor flat-lander has two left feet.
> 
> -Charles-A.
> 
> 
> 
>>From: Jerry Kapron <jkapron at NewAgeWeb.com>
>>Organization: New York PHP
>>Reply-To: talk at nyphp.org
>>Date: Sat,  1 Jun 2002 01:25:48 -0400
>>To: NYPHP Talk <talk at nyphp.org>
>>Subject: [nycphp-talk] PHP Object handling. A rant.
>>
>>Is it really that bad? ->
>>
> http://www.itchyfeet.org.nz/local/phprant.php
> 
>>
> 
> 
> 
> 
> 




From ejp at well.com  Sun Jun  2 01:46:42 2002
From: ejp at well.com (Edward Potter)
Date: Sun, 02 Jun 2002 01:46:42 -0400
Subject: [nycphp-talk] The system date on dev is still screwed up...
References: <200206020034.g520Y6P76692@slipdisc.virul.net>
Message-ID: <3CF9B142.6060907@well.com>


The Clock Mini-HOWTO
http://www.tldp.org/HOWTO/mini/Clock.html


charles at softwareprototypes.com wrote:

> Hello Hans,
> 
> the system date on the dev box is still one day ahead.
> 
> Later,
> 
> -Charles-A.
> 
> 
> 
> 
> 




From charles at softwareprototypes.com  Sun Jun  2 12:41:42 2002
From: charles at softwareprototypes.com (charles at softwareprototypes.com)
Date: Sun, 2 Jun 2002 12:41:42 -0400
Subject: [nycphp-talk] PHP Object handling. A rant.
Message-ID: <280070-2200260216414278@softwareprototypes.com>

Until we get IPv6 and a client's IP address can be used as a  session
ID, YES, just pass the session ID and ONLY the session ID in a hidden
variable.

If the field coming in is isEmptyOrNil, you initialize the session
objects, the state machine and context objects. If the field
isNotEnptyOrNil, you load that session's context data from storage
(files are fine but it may actually be faster to bind to a database
and load an XML object since the previous session values may still be
in the database cache pool.)

Saving to a data store (file or data base) is performed using values
saved in the session context and NOT from what ever's coming from the
client machine. 

The GUI state machine must validate all incoming data and transfer it
to the 'context state' data store. From there it can be transferred
to a persistent data store (file or database.)

This state-store mechanism makes reestablishing the session and the
dialog trivial. This also allow the implementor to break the
conceptual link between a user session and the dialog flow. 

The page you're dealing is only the page you're dealing with. It is
only a part of a larger GUI state machine procession context which
itself is a part of a dialog flow within a dialog state machine.

Wheels within wheels.

This is how it is done on mainframes to reestablish context, maintain
run-units aka units-of-work, and it also allows you to apply error
security and recovery to whatever granularity you wish/need. It also
allows for secure call-back mechanisms, run-unit ownrship transfer
(to switch or prevent the switching betwen client machines,)
two-stage commits, logging and recovery (just store the stats machine
objects with versionning information.)

On (re)entry you (re)establish your GUI ans context variables and
jump to the appropriate position in the GUI state machine aka call
the appropriate function call /application object message send of the
GUI event loop.

Just because you're working in php doesn't mean you don't have an
event loop for your application.

-Charles-A.

---- Original Message ----
From: ejp at well.com
To: talk at nyphp.org, 
Subject: Re: [nycphp-talk] PHP Object handling. A rant.
Date: Sun,  2 Jun 2002 01:45:10 -0400

>O gosh, just pass the value in a hidden field. It's fool proof right?
>
>:-) e
>
>
>
>charles at softwareprototypes.com wrote:
>
>> Object oriented systems are notoriously hard to debug.
>> 
>> Smalltalks have excellent interactive debugging but that only works
>> if the IDE is present. On packaged apps. you don't ship the IDE. If
>> you do, the footprint becomes huge and your users have to be
>> Smalltalk developpers who know what to do with a Walkback Window.
>> 
>> The only ones who have a decent handle on the process are IBM with
>> VisualAge Smalltalk which is the same thing as saying OTI's
>> ENVY/Developper which is the engine. The entire stack and all 
>objects
>> in RAM are serialized and streamed to a file when an application
>> crash occurs. That's a lot of over-head for a crash and those files
>> are huge and buggers to work with without the specialised tools.
>> 
>> What he's bitching about though, is the stateless nature of the web
>> and the fact that the entire system and the application that he's
>> working on has to be designed as a state machine which is forced to
>> recoved its relevant state information at every invocation and 
>which
>> has to stuff its state information at every exit.
>> 
>> I say he's got it easy compared to programming in CICS or IDMS-DC
>> where the problems of releasing every resource between invocation 
>are
>> compounded by a limit of 32k-words of memory per process.
>> 
>> Read a "Programming in Command -level CICS COBOL" for an
>> appreaciation of the problem.
>> 
>> His beef has dick-all to do with object-orientation and everything 
>to
>> do with the fact that he doesn't know how to implement a state
>> machine or handle dialog flow.
>> 
>> Ripping out the object-oriented code won't help him. His problem is
>> that he's not thinking in objects so his logic flow is spanning
>> object methods and he doesn't know what to do.
>> 
>> State machines are perpendicular to structure in the same way that 
>a
>> mobile is perpendicular to its hanging three dimensional structure 
>or
>> that a true aquatic ballet is perpendicular to the position of the
>> swimmers in the pool. If you only look at the surface, you're 
>missing
>> the true dimension of the problem and can't get the point of the
>> exercise.
>> 
>> The GUI is a state machine but only for the GUI. The rest of the
>> objects implement their own state machines as required.
>> 
>> To wax poetic, as I once did in "The Hot-Line on Object-Oriented
>> Technology" software development is like choreographing the dance 
>of
>> electrons in n-dimensions. This poor flat-lander has two left feet.
>> 
>> -Charles-A.
>> 
>> 
>> 
>>>From: Jerry Kapron <jkapron at NewAgeWeb.com>
>>>Organization: New York PHP
>>>Reply-To: talk at nyphp.org
>>>Date: Sat,  1 Jun 2002 01:25:48 -0400
>>>To: NYPHP Talk <talk at nyphp.org>
>>>Subject: [nycphp-talk] PHP Object handling. A rant.
>>>
>>>Is it really that bad? ->
>>>
>> http://www.itchyfeet.org.nz/local/phprant.php
>> 
>>>



From charles at softwareprototypes.com  Sun Jun  2 12:43:10 2002
From: charles at softwareprototypes.com (charles at softwareprototypes.com)
Date: Sun, 2 Jun 2002 12:43:10 -0400
Subject: [nycphp-talk] The system date on dev is still screwed up...
Message-ID: <187060-22002602164310578@softwareprototypes.com>

Its not my box. I don't have root. I'm not going to screw with the
system date.

-Charles-A.

---- Original Message ----
From: ejp at well.com
To: talk at nyphp.org, 
Subject: Re: [nycphp-talk] The system date on dev is still screwed
up...
Date: Sun,  2 Jun 2002 01:47:40 -0400

>
>The Clock Mini-HOWTO
>http://www.tldp.org/HOWTO/mini/Clock.html
>
>
>charles at softwareprototypes.com wrote:
>
>> Hello Hans,
>> 
>> the system date on the dev box is still one day ahead.
>> 
>> Later,
>> 
>> -Charles-A.
>> 
>> 
>> 
>> 
>> 
>
>
>
>



From zaunere at yahoo.com  Sun Jun  2 14:42:22 2002
From: zaunere at yahoo.com (Hans Zaunere)
Date: Sun, 2 Jun 2002 11:42:22 -0700 (PDT)
Subject: [nycphp-talk] PHP Object handling. A rant.
In-Reply-To: <200206010525.g515PmP67170@slipdisc.virul.net>
Message-ID: <20020602184222.87070.qmail@web12806.mail.yahoo.com>


--- Jerry Kapron <jkapron at NewAgeWeb.com> wrote:
> Is it really that bad? ->
> http://www.itchyfeet.org.nz/local/phprant.php
>

Hardly.  A rant is just that; a rant - and usually overkill (I recently
sent a rant to the editors of the email RFCS - when I read what I wrote
the next day, I felt a *little* bad).

Anyway, rather than picking apart the rant (which way be an interesting
course of dicussion on the wiki - yes, it's stable, but slow), I can
only stress one thing, concerning OO in PHP.

http://www.zend.com/zend/art/mistake1.php#Heading13

PHP is not an OO language.  For the 100% anal-retentiveness that is
true OOP, you'll need Java or C# (I don't even think C++ is considered
kosher in this respect).  That said, OO is really a state of
organization and mind.  I've seen OO code in pure C.  To boot, PHP does
a nice job of bringing some of the fundementals of OO to help you in
this organization.

RantyDave probably wasn't using a modern version of PHP at the time,
and, a modern brain for problem solving (this line sums it up: "...and
would far rather return a blank result than kick you in the head for
not knowing what you're doing.")

You have to be smarter than the computer, RantyDave.

:)

Hans Z.





__________________________________________________
Do You Yahoo!?
Yahoo! - Official partner of 2002 FIFA World Cup
http://fifaworldcup.yahoo.com


From zaunere at yahoo.com  Mon Jun  3 09:13:15 2002
From: zaunere at yahoo.com (Hans Zaunere)
Date: Mon, 3 Jun 2002 06:13:15 -0700 (PDT)
Subject: PHP and XML and Soap
Message-ID: <20020603131315.50871.qmail@web12804.mail.yahoo.com>


If anyone catches the weekly newletter from Zend, it's apparent that
XML is making big strides in PHP.  As an XML freshmen, I found this
article exceptionally useful as a reference and roadmap:

http://bumblebury.com/phptodo/xmsl.html


Hans Z.

__________________________________________________
Do You Yahoo!?
Yahoo! - Official partner of 2002 FIFA World Cup
http://fifaworldcup.yahoo.com


From jonbaer at digitalanywhere.com  Mon Jun  3 19:22:08 2002
From: jonbaer at digitalanywhere.com (Jon Baer)
Date: Mon, 03 Jun 2002 19:22:08 -0400
Subject: [nycphp-talk] PHP and XML and Soap
References: <200206031313.g53DDJP03832@slipdisc.virul.net>
Message-ID: <3CFBFA20.3050505@digitalanywhere.com>

What are backend things in PHP that make the past XML/XSLT support so 
inadquate in the past that he mentions in the beginning?  Personally I 
don't find XML/XML-RPC/SOAP to be rocket science but it happens so often 
that session management pops up, other outside problems arise and its 
things that tend not to do with the original problems (if any) ...

There are some small things in general with XML/Envelopes that I 
personally would like to see ... things like document handling (either 
DOM nodes) or basic changes for XML documents tied to a backend 
database.  This isn't a PHP problem per se but just that there doesn't 
seem to be much info based on large document event handling, the same 
goes for SOAP ...

It would be nice to be able to get an Envelope from a server, modify it, 
and have those modifications be tied back to the originating server, but 
its obvious that the XML or SOAP can't do this but so many people I know 
have projects that revolve around SQL/XML (via network) that getting the 
two to tie together seems like 10 different ways to accomplish that one 
task.

- Jon

Hans Zaunere wrote:

>If anyone catches the weekly newletter from Zend, it's apparent that
>XML is making big strides in PHP.  As an XML freshmen, I found this
>article exceptionally useful as a reference and roadmap:
>
>http://bumblebury.com/phptodo/xmsl.html
>
>
>Hans Z.
>
>__________________________________________________
>Do You Yahoo!?
>Yahoo! - Official partner of 2002 FIFA World Cup
>http://fifaworldcup.yahoo.com
>
>  
>




From southwell at dneba.com  Tue Jun  4 10:39:32 2002
From: southwell at dneba.com (Michael Southwell)
Date: Tue, 04 Jun 2002 10:39:32 -0400
Subject: relative newbie needs installation help
Message-ID: <5.1.0.14.2.20020604103107.00b47e48@mail.optonline.net>

I have some scripts that are working beautifully on the host but are not 
working on my localhost installation (which I thought I had gotten 
working):  PHP 4.2.1 running under Apache 1.3.24 on Windows XP.  The 
problem comes in recognizing variables locally, so I get "undefined 
variable" and "undefined constant" messages.  PHPInfo() tells me that my 
local Server API is CGI, while on the host it's Apache.  I am guessing that 
this is the cause of the problems, though I don't really understand the 
difference.  Can anybody offer an explanation/possible solution?  TIA.

Michael G. Southwell =================================
DNEBA Enterprises
81 South Road
Bloomingdale, NJ 07403-1425
973/492-7873 (voice and fax)
southwell at dneba.com
http://www.dneba.com
======================================================




From jim at alliedtours.com  Tue Jun  4 11:13:24 2002
From: jim at alliedtours.com (Jim Suto)
Date: Tue, 4 Jun 2002 11:13:24 -0400
Subject: multiple gateways and linux
In-Reply-To: <200206041439.g54EdmP13804@slipdisc.virul.net>
Message-ID: <BHENLLKDPGGINNOELINJKEAMCCAA.jim@alliedtours.com>

I am looking for any ideas people might have to maximize the value of having
multiple T1s from different providers and being able to provide redundancy
and possibly performance gains from having a linux server utilize these
multiple gateways.  Some ideas I was thinking about:
1) enable linux to do dead gateway detection and avoid using a gateway if it
is not up
2) enable linux to distribute traffic among the gateways to whichever one is
least busy (this might be a little bit more difficult)
3) enable linux to figure out from a list of hosts which gateway would allow
connection to a specific host with minimum lag and/or hops

I guess some shell scripts could accomplish some of these tasks unless
someone knows a better way?

regards,
Jim




From LarryC at indexstock.com  Tue Jun  4 11:54:49 2002
From: LarryC at indexstock.com (Larry Chuon)
Date: Tue, 4 Jun 2002 11:54:49 -0400 
Subject: [nycphp-talk] multiple gateways and linux
Message-ID: <86713EAB93BD5F40B94A0C8E604C7C913F82FC@index-exchange.indexstock.com>

Keep in mind that when you have multiple circuits, you're running into some
complecity with your network design.  Here is a general guideline.
1. Are you planning to subscribe the add'l T1 from the same ISP of from a
different one?
Same: 
a. Easy to loadbalance (LB) your package both inbound and outbound
b. You don't require to have a heavy duty router.  This way you can accept
partial BGP route.  As a result your, hardware requirement is much less.
c. Use vendor assigned Autonymous System Number (ASN).
d. If the ISP is down, assuming both T1 are from the same c/o, you're out!
e. I recommend that you have two separate routers for each circuit.

Different:
a. You must apply for you own ASN from ARIN.
b. Tedious BGP configuration
c. Setup of LB might be difficult depends on your environment, but not
impossible
d. Complete ISP redundancy - due to two separate path in and out
e. Same as 1e above.

With the two routers as your gateway, you can configure HSRP/VSRP (depends
on the vendors).  Essentially, you have two real gateways and one virtual
one that everyone is pointing to.  When any of the real gateways is down, it
won't affect your connectivity at all.  Linux has something to that affect
as well.  I don't have experience with it nor do I know what it calls.


-----Original Message-----
From: Jim Suto [mailto:jim at alliedtours.com]
Sent: Tuesday, June 04, 2002 11:10 AM
To: NYPHP Talk
Subject: [nycphp-talk] multiple gateways and linux


I am looking for any ideas people might have to maximize the value of having
multiple T1s from different providers and being able to provide redundancy
and possibly performance gains from having a linux server utilize these
multiple gateways.  Some ideas I was thinking about:
1) enable linux to do dead gateway detection and avoid using a gateway if it
is not up
2) enable linux to distribute traffic among the gateways to whichever one is
least busy (this might be a little bit more difficult)
3) enable linux to figure out from a list of hosts which gateway would allow
connection to a specific host with minimum lag and/or hops

I guess some shell scripts could accomplish some of these tasks unless
someone knows a better way?

regards,
Jim




From jim at alliedtours.com  Tue Jun  4 12:18:10 2002
From: jim at alliedtours.com (Jim Suto)
Date: Tue, 4 Jun 2002 12:18:10 -0400
Subject: [nycphp-talk] multiple gateways and linux
In-Reply-To: <200206041554.g54FsvP14348@slipdisc.virul.net>
Message-ID: <BHENLLKDPGGINNOELINJEEAOCCAA.jim@alliedtours.com>

We have 3 T1s, 2 are from Worldcom, one is from Cable & Wireless.  These are
already in place with each provider having its own CISCO router.  If we use
HSRP, we are only going to be using one single router at any time and the
other one will sit by idle, right?  It's good for redundancy but not for
maximizing usage of the available bandwidth.  I was thinking of using
roundrobing DNS for incoming connections to our server using the 3 IPs (1
from each T1 block).  The outgoing connections could be returned via source
routing perhaps?  And if a gateway is down, use another gateway even if that
will create an assymetrical route?
In your point (e) if we got two routers for each circuit we would need to
have 6 routers, do you think the cost would be justified for slightly
reduced failover risk?  I think the company could live in a pinch even on
just a single working T1 but it seems like a waste to have all that other
bandwidth just sitting there unused.  Let me know what you think.

regards,
Jim

-----Original Message-----
From: Larry Chuon [mailto:LarryC at indexstock.com]
Sent: Tuesday, June 04, 2002 11:55 AM
To: NYPHP Talk
Subject: RE: [nycphp-talk] multiple gateways and linux


Keep in mind that when you have multiple circuits, you're running into some
complecity with your network design.  Here is a general guideline.
1. Are you planning to subscribe the add'l T1 from the same ISP of from a
different one?
Same:
a. Easy to loadbalance (LB) your package both inbound and outbound
b. You don't require to have a heavy duty router.  This way you can accept
partial BGP route.  As a result your, hardware requirement is much less.
c. Use vendor assigned Autonymous System Number (ASN).
d. If the ISP is down, assuming both T1 are from the same c/o, you're out!
e. I recommend that you have two separate routers for each circuit.

Different:
a. You must apply for you own ASN from ARIN.
b. Tedious BGP configuration
c. Setup of LB might be difficult depends on your environment, but not
impossible
d. Complete ISP redundancy - due to two separate path in and out
e. Same as 1e above.

With the two routers as your gateway, you can configure HSRP/VSRP (depends
on the vendors).  Essentially, you have two real gateways and one virtual
one that everyone is pointing to.  When any of the real gateways is down, it
won't affect your connectivity at all.  Linux has something to that affect
as well.  I don't have experience with it nor do I know what it calls.


-----Original Message-----
From: Jim Suto [mailto:jim at alliedtours.com]
Sent: Tuesday, June 04, 2002 11:10 AM
To: NYPHP Talk
Subject: [nycphp-talk] multiple gateways and linux


I am looking for any ideas people might have to maximize the value of having
multiple T1s from different providers and being able to provide redundancy
and possibly performance gains from having a linux server utilize these
multiple gateways.  Some ideas I was thinking about:
1) enable linux to do dead gateway detection and avoid using a gateway if it
is not up
2) enable linux to distribute traffic among the gateways to whichever one is
least busy (this might be a little bit more difficult)
3) enable linux to figure out from a list of hosts which gateway would allow
connection to a specific host with minimum lag and/or hops

I guess some shell scripts could accomplish some of these tasks unless
someone knows a better way?

regards,
Jim






From LarryC at indexstock.com  Tue Jun  4 12:17:09 2002
From: LarryC at indexstock.com (Larry Chuon)
Date: Tue, 4 Jun 2002 12:17:09 -0400 
Subject: [nycphp-talk] multiple gateways and linux
Message-ID: <86713EAB93BD5F40B94A0C8E604C7C913F8300@index-exchange.indexstock.com>

BTW, I found some interesting link to VRRP.  Hope this helps.

VRRP
http://w3.arobas.net/~jetienne/vrrpd/FAQ
http://w3.arobas.net/~jetienne/vrrpd/index.html
http://www.cs.fiu.edu/~flynnj/work/virtrouter.html
http://rpmfind.net/linux/RPM/cooker/cookfire/i386/Mandrake/RPMS/vrrpd-0.4-1m
dk.i386.html

Keepalive
http://www.keepalived.org/


-----Original Message-----
From: Larry Chuon [mailto:LarryC at indexstock.com]
Sent: Tuesday, June 04, 2002 11:55 AM
To: NYPHP Talk
Subject: RE: [nycphp-talk] multiple gateways and linux


Keep in mind that when you have multiple circuits, you're running into some
complecity with your network design.  Here is a general guideline.
1. Are you planning to subscribe the add'l T1 from the same ISP of from a
different one?
Same: 
a. Easy to loadbalance (LB) your package both inbound and outbound
b. You don't require to have a heavy duty router.  This way you can accept
partial BGP route.  As a result your, hardware requirement is much less.
c. Use vendor assigned Autonymous System Number (ASN).
d. If the ISP is down, assuming both T1 are from the same c/o, you're out!
e. I recommend that you have two separate routers for each circuit.

Different:
a. You must apply for you own ASN from ARIN.
b. Tedious BGP configuration
c. Setup of LB might be difficult depends on your environment, but not
impossible
d. Complete ISP redundancy - due to two separate path in and out
e. Same as 1e above.

With the two routers as your gateway, you can configure HSRP/VSRP (depends
on the vendors).  Essentially, you have two real gateways and one virtual
one that everyone is pointing to.  When any of the real gateways is down, it
won't affect your connectivity at all.  Linux has something to that affect
as well.  I don't have experience with it nor do I know what it calls.


-----Original Message-----
From: Jim Suto [mailto:jim at alliedtours.com]
Sent: Tuesday, June 04, 2002 11:10 AM
To: NYPHP Talk
Subject: [nycphp-talk] multiple gateways and linux


I am looking for any ideas people might have to maximize the value of having
multiple T1s from different providers and being able to provide redundancy
and possibly performance gains from having a linux server utilize these
multiple gateways.  Some ideas I was thinking about:
1) enable linux to do dead gateway detection and avoid using a gateway if it
is not up
2) enable linux to distribute traffic among the gateways to whichever one is
least busy (this might be a little bit more difficult)
3) enable linux to figure out from a list of hosts which gateway would allow
connection to a specific host with minimum lag and/or hops

I guess some shell scripts could accomplish some of these tasks unless
someone knows a better way?

regards,
Jim




From LarryC at indexstock.com  Tue Jun  4 12:32:04 2002
From: LarryC at indexstock.com (Larry Chuon)
Date: Tue, 4 Jun 2002 12:32:04 -0400 
Subject: [nycphp-talk] multiple gateways and linux
Message-ID: <86713EAB93BD5F40B94A0C8E604C7C913F8301@index-exchange.indexstock.com>

Since you already have three cisco routers, assuming that you have access to
them, you can create two sets of HSRP.  Then, divide the group of
servers/users into two.  Make one gateway as the primary for one group and
the other gateway the primary for the other group.  (Make the other as your
secondary for each).

You must run BGP to advertise your internal network to the Internet.
Otherwise, there is no use of having three circuits and only one of them can
accept inbound traffic.  You can configure your network to have some
traffics route through one T1 and other traffics through another T1.

-----Original Message-----
From: Jim Suto [mailto:jim at alliedtours.com]
Sent: Tuesday, June 04, 2002 12:15 PM
To: NYPHP Talk
Subject: RE: [nycphp-talk] multiple gateways and linux


We have 3 T1s, 2 are from Worldcom, one is from Cable & Wireless.  These are
already in place with each provider having its own CISCO router.  If we use
HSRP, we are only going to be using one single router at any time and the
other one will sit by idle, right?  It's good for redundancy but not for
maximizing usage of the available bandwidth.  I was thinking of using
roundrobing DNS for incoming connections to our server using the 3 IPs (1
from each T1 block).  The outgoing connections could be returned via source
routing perhaps?  And if a gateway is down, use another gateway even if that
will create an assymetrical route?
In your point (e) if we got two routers for each circuit we would need to
have 6 routers, do you think the cost would be justified for slightly
reduced failover risk?  I think the company could live in a pinch even on
just a single working T1 but it seems like a waste to have all that other
bandwidth just sitting there unused.  Let me know what you think.

regards,
Jim

-----Original Message-----
From: Larry Chuon [mailto:LarryC at indexstock.com]
Sent: Tuesday, June 04, 2002 11:55 AM
To: NYPHP Talk
Subject: RE: [nycphp-talk] multiple gateways and linux


Keep in mind that when you have multiple circuits, you're running into some
complecity with your network design.  Here is a general guideline.
1. Are you planning to subscribe the add'l T1 from the same ISP of from a
different one?
Same:
a. Easy to loadbalance (LB) your package both inbound and outbound
b. You don't require to have a heavy duty router.  This way you can accept
partial BGP route.  As a result your, hardware requirement is much less.
c. Use vendor assigned Autonymous System Number (ASN).
d. If the ISP is down, assuming both T1 are from the same c/o, you're out!
e. I recommend that you have two separate routers for each circuit.

Different:
a. You must apply for you own ASN from ARIN.
b. Tedious BGP configuration
c. Setup of LB might be difficult depends on your environment, but not
impossible
d. Complete ISP redundancy - due to two separate path in and out
e. Same as 1e above.

With the two routers as your gateway, you can configure HSRP/VSRP (depends
on the vendors).  Essentially, you have two real gateways and one virtual
one that everyone is pointing to.  When any of the real gateways is down, it
won't affect your connectivity at all.  Linux has something to that affect
as well.  I don't have experience with it nor do I know what it calls.


-----Original Message-----
From: Jim Suto [mailto:jim at alliedtours.com]
Sent: Tuesday, June 04, 2002 11:10 AM
To: NYPHP Talk
Subject: [nycphp-talk] multiple gateways and linux


I am looking for any ideas people might have to maximize the value of having
multiple T1s from different providers and being able to provide redundancy
and possibly performance gains from having a linux server utilize these
multiple gateways.  Some ideas I was thinking about:
1) enable linux to do dead gateway detection and avoid using a gateway if it
is not up
2) enable linux to distribute traffic among the gateways to whichever one is
least busy (this might be a little bit more difficult)
3) enable linux to figure out from a list of hosts which gateway would allow
connection to a specific host with minimum lag and/or hops

I guess some shell scripts could accomplish some of these tasks unless
someone knows a better way?

regards,
Jim






From jim at alliedtours.com  Tue Jun  4 12:56:16 2002
From: jim at alliedtours.com (Jim Suto)
Date: Tue, 4 Jun 2002 12:56:16 -0400
Subject: [nycphp-talk] multiple gateways and linux
In-Reply-To: <200206041632.g54GWCP14660@slipdisc.virul.net>
Message-ID: <BHENLLKDPGGINNOELINJMEAOCCAA.jim@alliedtours.com>

If you set up a secondary gateway for users, how does the PC know when to
use that (how does it determine that the primary gateway is down)?


> -----Original Message-----
> From: Larry Chuon [mailto:LarryC at indexstock.com]
> Sent: Tuesday, June 04, 2002 12:32 PM
> To: NYPHP Talk
> Subject: RE: [nycphp-talk] multiple gateways and linux
>
>
> Since you already have three cisco routers, assuming that you
> have access to
> them, you can create two sets of HSRP.  Then, divide the group of
> servers/users into two.  Make one gateway as the primary for one group and
> the other gateway the primary for the other group.  (Make the
> other as your
> secondary for each).
>




From chalu at egenius.com  Tue Jun  4 13:03:59 2002
From: chalu at egenius.com (Chalu Kim)
Date: Tue, 4 Jun 2002 13:03:59 -0400
Subject: [nycphp-talk] multiple gateways and linux
References: <200206041614.g54GEnP14494@slipdisc.virul.net>
Message-ID: <015c01c20be9$d4312030$5c00a8c0@mothergoose>

Why not check out IPROUTE which does fail-over and packet balancing? It is
available on Linux...
Instead of going the circuitous way of HSRP and VRRP or BGP, this is more in
the localized first step to high availability to the intranet.

----- Original Message -----
From: "Jim Suto" <jim at alliedtours.com>
To: "NYPHP Talk" <talk at nyphp.org>
Sent: Tuesday, June 04, 2002 12:14 PM
Subject: RE: [nycphp-talk] multiple gateways and linux


> We have 3 T1s, 2 are from Worldcom, one is from Cable & Wireless.  These
are
> already in place with each provider having its own CISCO router.  If we
use
> HSRP, we are only going to be using one single router at any time and the
> other one will sit by idle, right?  It's good for redundancy but not for
> maximizing usage of the available bandwidth.  I was thinking of using
> roundrobing DNS for incoming connections to our server using the 3 IPs (1
> from each T1 block).  The outgoing connections could be returned via
source
> routing perhaps?  And if a gateway is down, use another gateway even if
that
> will create an assymetrical route?
> In your point (e) if we got two routers for each circuit we would need to
> have 6 routers, do you think the cost would be justified for slightly
> reduced failover risk?  I think the company could live in a pinch even on
> just a single working T1 but it seems like a waste to have all that other
> bandwidth just sitting there unused.  Let me know what you think.
>
> regards,
> Jim
>
> -----Original Message-----
> From: Larry Chuon [mailto:LarryC at indexstock.com]
> Sent: Tuesday, June 04, 2002 11:55 AM
> To: NYPHP Talk
> Subject: RE: [nycphp-talk] multiple gateways and linux
>
>
> Keep in mind that when you have multiple circuits, you're running into
some
> complecity with your network design.  Here is a general guideline.
> 1. Are you planning to subscribe the add'l T1 from the same ISP of from a
> different one?
> Same:
> a. Easy to loadbalance (LB) your package both inbound and outbound
> b. You don't require to have a heavy duty router.  This way you can accept
> partial BGP route.  As a result your, hardware requirement is much less.
> c. Use vendor assigned Autonymous System Number (ASN).
> d. If the ISP is down, assuming both T1 are from the same c/o, you're out!
> e. I recommend that you have two separate routers for each circuit.
>
> Different:
> a. You must apply for you own ASN from ARIN.
> b. Tedious BGP configuration
> c. Setup of LB might be difficult depends on your environment, but not
> impossible
> d. Complete ISP redundancy - due to two separate path in and out
> e. Same as 1e above.
>
> With the two routers as your gateway, you can configure HSRP/VSRP (depends
> on the vendors).  Essentially, you have two real gateways and one virtual
> one that everyone is pointing to.  When any of the real gateways is down,
it
> won't affect your connectivity at all.  Linux has something to that affect
> as well.  I don't have experience with it nor do I know what it calls.
>
>
> -----Original Message-----
> From: Jim Suto [mailto:jim at alliedtours.com]
> Sent: Tuesday, June 04, 2002 11:10 AM
> To: NYPHP Talk
> Subject: [nycphp-talk] multiple gateways and linux
>
>
> I am looking for any ideas people might have to maximize the value of
having
> multiple T1s from different providers and being able to provide redundancy
> and possibly performance gains from having a linux server utilize these
> multiple gateways.  Some ideas I was thinking about:
> 1) enable linux to do dead gateway detection and avoid using a gateway if
it
> is not up
> 2) enable linux to distribute traffic among the gateways to whichever one
is
> least busy (this might be a little bit more difficult)
> 3) enable linux to figure out from a list of hosts which gateway would
allow
> connection to a specific host with minimum lag and/or hops
>
> I guess some shell scripts could accomplish some of these tasks unless
> someone knows a better way?
>
> regards,
> Jim
>
>
>
>
>
>


---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.368 / Virus Database: 204 - Release Date: 5/30/2002



From LarryC at indexstock.com  Tue Jun  4 13:04:09 2002
From: LarryC at indexstock.com (Larry Chuon)
Date: Tue, 4 Jun 2002 13:04:09 -0400 
Subject: [nycphp-talk] multiple gateways and linux
Message-ID: <86713EAB93BD5F40B94A0C8E604C7C913F8303@index-exchange.indexstock.com>

That's the task of the OS to figure out.  Some dump OSes, like Win9x,
doesn't know.  Anyway, with HSRP or VRRP, you don't really need secondary.
That's overkill.



-----Original Message-----
From: Jim Suto [mailto:jim at alliedtours.com]
Sent: Tuesday, June 04, 2002 12:53 PM
To: NYPHP Talk
Subject: RE: [nycphp-talk] multiple gateways and linux


If you set up a secondary gateway for users, how does the PC know when to
use that (how does it determine that the primary gateway is down)?


> -----Original Message-----
> From: Larry Chuon [mailto:LarryC at indexstock.com]
> Sent: Tuesday, June 04, 2002 12:32 PM
> To: NYPHP Talk
> Subject: RE: [nycphp-talk] multiple gateways and linux
>
>
> Since you already have three cisco routers, assuming that you
> have access to
> them, you can create two sets of HSRP.  Then, divide the group of
> servers/users into two.  Make one gateway as the primary for one group and
> the other gateway the primary for the other group.  (Make the
> other as your
> secondary for each).
>




From LarryC at indexstock.com  Tue Jun  4 13:16:55 2002
From: LarryC at indexstock.com (Larry Chuon)
Date: Tue, 4 Jun 2002 13:16:55 -0400 
Subject: [nycphp-talk] multiple gateways and linux
Message-ID: <86713EAB93BD5F40B94A0C8E604C7C913F8304@index-exchange.indexstock.com>

That won't solve your redundancy problem if your services are residing on a
subnet that goes down.  The rest of the world won't know how to
automatically get to your domain.  For instance, alliedtours.com's IP@ is
208.193.190.3. AlliedTours has three T1 and at least one circuit comes from
another provider.  You need a way to tell all the routing tables around the
world how to get to you when the circuit for 208.193.109.3 is down.  Going
out won't be a problem. One way to solve that problem is by implementing BGP
or IS-IS.


-----Original Message-----
From: Chalu Kim [mailto:chalu at egenius.com]
Sent: Tuesday, June 04, 2002 12:59 PM
To: NYPHP Talk
Subject: Re: [nycphp-talk] multiple gateways and linux


Why not check out IPROUTE which does fail-over and packet balancing? It is
available on Linux...
Instead of going the circuitous way of HSRP and VRRP or BGP, this is more in
the localized first step to high availability to the intranet.

----- Original Message -----
From: "Jim Suto" <jim at alliedtours.com>
To: "NYPHP Talk" <talk at nyphp.org>
Sent: Tuesday, June 04, 2002 12:14 PM
Subject: RE: [nycphp-talk] multiple gateways and linux


> We have 3 T1s, 2 are from Worldcom, one is from Cable & Wireless.  These
are
> already in place with each provider having its own CISCO router.  If we
use
> HSRP, we are only going to be using one single router at any time and the
> other one will sit by idle, right?  It's good for redundancy but not for
> maximizing usage of the available bandwidth.  I was thinking of using
> roundrobing DNS for incoming connections to our server using the 3 IPs (1
> from each T1 block).  The outgoing connections could be returned via
source
> routing perhaps?  And if a gateway is down, use another gateway even if
that
> will create an assymetrical route?
> In your point (e) if we got two routers for each circuit we would need to
> have 6 routers, do you think the cost would be justified for slightly
> reduced failover risk?  I think the company could live in a pinch even on
> just a single working T1 but it seems like a waste to have all that other
> bandwidth just sitting there unused.  Let me know what you think.
>
> regards,
> Jim
>
> -----Original Message-----
> From: Larry Chuon [mailto:LarryC at indexstock.com]
> Sent: Tuesday, June 04, 2002 11:55 AM
> To: NYPHP Talk
> Subject: RE: [nycphp-talk] multiple gateways and linux
>
>
> Keep in mind that when you have multiple circuits, you're running into
some
> complecity with your network design.  Here is a general guideline.
> 1. Are you planning to subscribe the add'l T1 from the same ISP of from a
> different one?
> Same:
> a. Easy to loadbalance (LB) your package both inbound and outbound
> b. You don't require to have a heavy duty router.  This way you can accept
> partial BGP route.  As a result your, hardware requirement is much less.
> c. Use vendor assigned Autonymous System Number (ASN).
> d. If the ISP is down, assuming both T1 are from the same c/o, you're out!
> e. I recommend that you have two separate routers for each circuit.
>
> Different:
> a. You must apply for you own ASN from ARIN.
> b. Tedious BGP configuration
> c. Setup of LB might be difficult depends on your environment, but not
> impossible
> d. Complete ISP redundancy - due to two separate path in and out
> e. Same as 1e above.
>
> With the two routers as your gateway, you can configure HSRP/VSRP (depends
> on the vendors).  Essentially, you have two real gateways and one virtual
> one that everyone is pointing to.  When any of the real gateways is down,
it
> won't affect your connectivity at all.  Linux has something to that affect
> as well.  I don't have experience with it nor do I know what it calls.
>
>
> -----Original Message-----
> From: Jim Suto [mailto:jim at alliedtours.com]
> Sent: Tuesday, June 04, 2002 11:10 AM
> To: NYPHP Talk
> Subject: [nycphp-talk] multiple gateways and linux
>
>
> I am looking for any ideas people might have to maximize the value of
having
> multiple T1s from different providers and being able to provide redundancy
> and possibly performance gains from having a linux server utilize these
> multiple gateways.  Some ideas I was thinking about:
> 1) enable linux to do dead gateway detection and avoid using a gateway if
it
> is not up
> 2) enable linux to distribute traffic among the gateways to whichever one
is
> least busy (this might be a little bit more difficult)
> 3) enable linux to figure out from a list of hosts which gateway would
allow
> connection to a specific host with minimum lag and/or hops
>
> I guess some shell scripts could accomplish some of these tasks unless
> someone knows a better way?
>
> regards,
> Jim
>
>
>
>
>
>


---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.368 / Virus Database: 204 - Release Date: 5/30/2002



From jim at alliedtours.com  Tue Jun  4 13:29:14 2002
From: jim at alliedtours.com (Jim Suto)
Date: Tue, 4 Jun 2002 13:29:14 -0400
Subject: [nycphp-talk] multiple gateways and linux
In-Reply-To: <200206041717.g54HH4P15104@slipdisc.virul.net>
Message-ID: <BHENLLKDPGGINNOELINJEEAPCCAA.jim@alliedtours.com>

Actually the circuits in question are not at the location you mentioned but
I could make address DNS records for www.alliedtours.com to point to
X.X.X.X, Y.Y.Y.Y, Z.Z.Z.Z where x,y,z represent public IPs that I got from
the three T1s and have all those IPs each assigned to one of three NICS in
the server.  This doesn't require bgp to work, right?



> -----Original Message-----
> From: Larry Chuon [mailto:LarryC at indexstock.com]
> Sent: Tuesday, June 04, 2002 1:17 PM
> To: NYPHP Talk
> Subject: RE: [nycphp-talk] multiple gateways and linux
>
>
> That won't solve your redundancy problem if your services are
> residing on a
> subnet that goes down.  The rest of the world won't know how to
> automatically get to your domain.  For instance, alliedtours.com's IP@ is
> 208.193.190.3. AlliedTours has three T1 and at least one circuit
> comes from
> another provider.  You need a way to tell all the routing tables
> around the
> world how to get to you when the circuit for 208.193.109.3 is down.  Going
> out won't be a problem. One way to solve that problem is by
> implementing BGP
> or IS-IS.
>
>
> -----Original Message-----
> From: Chalu Kim [mailto:chalu at egenius.com]
> Sent: Tuesday, June 04, 2002 12:59 PM
> To: NYPHP Talk
> Subject: Re: [nycphp-talk] multiple gateways and linux
>
>
> Why not check out IPROUTE which does fail-over and packet balancing? It is
> available on Linux...
> Instead of going the circuitous way of HSRP and VRRP or BGP, this
> is more in
> the localized first step to high availability to the intranet.
>
> ----- Original Message -----
> From: "Jim Suto" <jim at alliedtours.com>
> To: "NYPHP Talk" <talk at nyphp.org>
> Sent: Tuesday, June 04, 2002 12:14 PM
> Subject: RE: [nycphp-talk] multiple gateways and linux
>
>
> > We have 3 T1s, 2 are from Worldcom, one is from Cable & Wireless.  These
> are
> > already in place with each provider having its own CISCO router.  If we
> use
> > HSRP, we are only going to be using one single router at any
> time and the
> > other one will sit by idle, right?  It's good for redundancy but not for
> > maximizing usage of the available bandwidth.  I was thinking of using
> > roundrobing DNS for incoming connections to our server using
> the 3 IPs (1
> > from each T1 block).  The outgoing connections could be returned via
> source
> > routing perhaps?  And if a gateway is down, use another gateway even if
> that
> > will create an assymetrical route?
> > In your point (e) if we got two routers for each circuit we
> would need to
> > have 6 routers, do you think the cost would be justified for slightly
> > reduced failover risk?  I think the company could live in a
> pinch even on
> > just a single working T1 but it seems like a waste to have all
> that other
> > bandwidth just sitting there unused.  Let me know what you think.
> >
> > regards,
> > Jim
> >
> > -----Original Message-----
> > From: Larry Chuon [mailto:LarryC at indexstock.com]
> > Sent: Tuesday, June 04, 2002 11:55 AM
> > To: NYPHP Talk
> > Subject: RE: [nycphp-talk] multiple gateways and linux
> >
> >
> > Keep in mind that when you have multiple circuits, you're running into
> some
> > complecity with your network design.  Here is a general guideline.
> > 1. Are you planning to subscribe the add'l T1 from the same ISP
> of from a
> > different one?
> > Same:
> > a. Easy to loadbalance (LB) your package both inbound and outbound
> > b. You don't require to have a heavy duty router.  This way you
> can accept
> > partial BGP route.  As a result your, hardware requirement is much less.
> > c. Use vendor assigned Autonymous System Number (ASN).
> > d. If the ISP is down, assuming both T1 are from the same c/o,
> you're out!
> > e. I recommend that you have two separate routers for each circuit.
> >
> > Different:
> > a. You must apply for you own ASN from ARIN.
> > b. Tedious BGP configuration
> > c. Setup of LB might be difficult depends on your environment, but not
> > impossible
> > d. Complete ISP redundancy - due to two separate path in and out
> > e. Same as 1e above.
> >
> > With the two routers as your gateway, you can configure
> HSRP/VSRP (depends
> > on the vendors).  Essentially, you have two real gateways and
> one virtual
> > one that everyone is pointing to.  When any of the real
> gateways is down,
> it
> > won't affect your connectivity at all.  Linux has something to
> that affect
> > as well.  I don't have experience with it nor do I know what it calls.
> >
> >
> > -----Original Message-----
> > From: Jim Suto [mailto:jim at alliedtours.com]
> > Sent: Tuesday, June 04, 2002 11:10 AM
> > To: NYPHP Talk
> > Subject: [nycphp-talk] multiple gateways and linux
> >
> >
> > I am looking for any ideas people might have to maximize the value of
> having
> > multiple T1s from different providers and being able to provide
> redundancy
> > and possibly performance gains from having a linux server utilize these
> > multiple gateways.  Some ideas I was thinking about:
> > 1) enable linux to do dead gateway detection and avoid using a
> gateway if
> it
> > is not up
> > 2) enable linux to distribute traffic among the gateways to
> whichever one
> is
> > least busy (this might be a little bit more difficult)
> > 3) enable linux to figure out from a list of hosts which gateway would
> allow
> > connection to a specific host with minimum lag and/or hops
> >
> > I guess some shell scripts could accomplish some of these tasks unless
> > someone knows a better way?
> >
> > regards,
> > Jim
> >
> >
> >
> >
> >
> >
>
>
> ---
> Outgoing mail is certified Virus Free.
> Checked by AVG anti-virus system (http://www.grisoft.com).
> Version: 6.0.368 / Virus Database: 204 - Release Date: 5/30/2002
>
>




From zaunere at yahoo.com  Tue Jun  4 15:09:56 2002
From: zaunere at yahoo.com (Hans Zaunere)
Date: Tue, 4 Jun 2002 12:09:56 -0700 (PDT)
Subject: [nycphp-talk] relative newbie needs installation help
In-Reply-To: <200206041439.g54EdmP13804@slipdisc.virul.net>
Message-ID: <20020604190956.70005.qmail@web12801.mail.yahoo.com>


My first guess is it's a register_globals problem.  register_globals is
turned off by default in 4.2.1.  CGI vs Apache module shouldn't make a
difference in this case (I'm assuming you are only using the basic
variables, such as the post,get,server variables).

As a quick fix, goto your php.ini and find the register_globals
directive, changing it to 'On'.  If this works, let us know; if not,
what specific variables does it report it can't find/are undefined?

Hans Z.


--- Michael Southwell <southwell at dneba.com> wrote:
> I have some scripts that are working beautifully on the host but are
> not 
> working on my localhost installation (which I thought I had gotten 
> working):  PHP 4.2.1 running under Apache 1.3.24 on Windows XP.  The 
> problem comes in recognizing variables locally, so I get "undefined 
> variable" and "undefined constant" messages.  PHPInfo() tells me that
> my 
> local Server API is CGI, while on the host it's Apache.  I am
> guessing that 
> this is the cause of the problems, though I don't really understand
> the 
> difference.  Can anybody offer an explanation/possible solution? 
> TIA.
> 
> Michael G. Southwell =================================
> DNEBA Enterprises
> 81 South Road
> Bloomingdale, NJ 07403-1425
> 973/492-7873 (voice and fax)
> southwell at dneba.com
> http://www.dneba.com
> ======================================================
> 
> 
> 


__________________________________________________
Do You Yahoo!?
Yahoo! - Official partner of 2002 FIFA World Cup
http://fifaworldcup.yahoo.com


From jim at alliedtours.com  Tue Jun  4 15:35:11 2002
From: jim at alliedtours.com (Jim Suto)
Date: Tue, 4 Jun 2002 15:35:11 -0400
Subject: strange ifconfig error message
In-Reply-To: <200206041717.g54HH4P15104@slipdisc.virul.net>
Message-ID: <BHENLLKDPGGINNOELINJMEAPCCAA.jim@alliedtours.com>

Can anyone explain why this happens:

[root at reddy root]# ifconfig eth0:1 10.0.101.101/16
SIOCSIFNETMASK: Cannot assign requested address
[root at reddy root]# ifconfig eth0:1 10.0.101.101/16
[root at reddy root]#

If you notice, the second command is exactly the same as the first
(up-arrow) and the second time it takes and properly assigns the IP address
with no error.  Why not the first time?

Jim




From kenschwartz at nyc.rr.com  Tue Jun  4 15:59:38 2002
From: kenschwartz at nyc.rr.com (Kenneth Schwartz)
Date: Tue, 4 Jun 2002 15:59:38 -0400
Subject: [nycphp-talk] relative newbie needs installation help
References: <200206041910.g54JA1P16139@slipdisc.virul.net>
Message-ID: <001001c20c02$5c19ae50$e354c118@kenschwartz>

I think you're exactly right.  I am a relative newbie also and I had the
same problem.  I didn't realize at first that my local installation had a
default level of security that would require a more specific syntax for
variable declaration.


----- Original Message -----
From: "Hans Zaunere" <zaunere at yahoo.com>
To: "NYPHP Talk" <talk at nyphp.org>
Sent: Tuesday, June 04, 2002 3:10 PM
Subject: Re: [nycphp-talk] relative newbie needs installation help


>
> My first guess is it's a register_globals problem.  register_globals is
> turned off by default in 4.2.1.  CGI vs Apache module shouldn't make a
> difference in this case (I'm assuming you are only using the basic
> variables, such as the post,get,server variables).
>
> As a quick fix, goto your php.ini and find the register_globals
> directive, changing it to 'On'.  If this works, let us know; if not,
> what specific variables does it report it can't find/are undefined?
>
> Hans Z.
>
>
> --- Michael Southwell <southwell at dneba.com> wrote:
> > I have some scripts that are working beautifully on the host but are
> > not
> > working on my localhost installation (which I thought I had gotten
> > working):  PHP 4.2.1 running under Apache 1.3.24 on Windows XP.  The
> > problem comes in recognizing variables locally, so I get "undefined
> > variable" and "undefined constant" messages.  PHPInfo() tells me that
> > my
> > local Server API is CGI, while on the host it's Apache.  I am
> > guessing that
> > this is the cause of the problems, though I don't really understand
> > the
> > difference.  Can anybody offer an explanation/possible solution?
> > TIA.
> >
> > Michael G. Southwell =================================
> > DNEBA Enterprises
> > 81 South Road
> > Bloomingdale, NJ 07403-1425
> > 973/492-7873 (voice and fax)
> > southwell at dneba.com
> > http://www.dneba.com
> > ======================================================
> >
> >
> >
>
>
> __________________________________________________
> Do You Yahoo!?
> Yahoo! - Official partner of 2002 FIFA World Cup
> http://fifaworldcup.yahoo.com
>
>




From LarryC at indexstock.com  Tue Jun  4 16:33:19 2002
From: LarryC at indexstock.com (Larry Chuon)
Date: Tue, 4 Jun 2002 16:33:19 -0400 
Subject: Jobs on NYNMA.org
Message-ID: <86713EAB93BD5F40B94A0C8E604C7C913F8308@index-exchange.indexstock.com>

 
 
  <http://www.nynma.org/images/spacer.gif>
<http://www.nynma.org/images/spacer.gif> 	
  <http://www.nynma.org/images/spacer.gif>
<http://www.nynma.org/images/spacer.gif>
<http://www.nynma.org/images/spacer.gif>
<http://www.nynma.org/images/spacer.gif>
<http://www.nynma.org/images/spacer.gif>
<http://www.nynma.org/images/spacer.gif>
<http://www.nynma.org/images/spacer.gif> 	
  <http://www.nynma.org/images/spacer.gif>
<http://www.nynma.org/images/spacer.gif> 	PHP programmer with Systems
Admin skills needed
<http://www.nynma.org/images/spacer.gif>
<http://www.nynma.org/images/spacer.gif> 	
  <http://www.nynma.org/images/spacer.gif>
<http://www.nynma.org/images/spacer.gif>
<http://www.nynma.org/images/spacer.gif>
<http://www.nynma.org/images/spacer.gif>
<http://www.nynma.org/images/spacer.gif>
<http://www.nynma.org/images/spacer.gif>
<http://www.nynma.org/images/spacer.gif> 	
  <http://www.nynma.org/images/spacer.gif>
<http://www.nynma.org/images/spacer.gif> 	
  <http://www.nynma.org/images/spacer.gif> 	
We are looking for strong PHP /oracle programmer on unix with Systems Admin
skills. This is an oppty to lead our tech endeavors to develop new
applications and work on improving existing applications for internal
projects and for clients. 

Company Profile: 
StarChefs.com, New York is a leading culinary magazine and the "hot jobs"
for the foodservice industry. We have been in business for 7 years, and
cover our monthly burn with revenue. 

Because we are a small company (11 employees), you have the opportunity to
really make an impact on the company and the service we provide. 

You will need strong programming skills, strong systems admin skills, strong
interpersonal skills, an entrepreneurial spirit, and a drive for results.

http://www.nynma.org/careers/find_a_job?
<http://www.nynma.org/careers/find_a_job?&id[1]=107965&catName=Information%2
0Technology&object=jobs[job]&findField=cat_id_1&findFieldValue=8>
&id[1]=107965&catName=Information%20Technology&object=jobs[job]&findField=ca
t_id_1&findFieldValue=8
  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20020604/2f80e8aa/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: spacer.gif
Type: image/gif
Size: 67 bytes
Desc: not available
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20020604/2f80e8aa/attachment.gif>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Ivy.gif
Type: image/gif
Size: 5665 bytes
Desc: not available
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20020604/2f80e8aa/attachment-0001.gif>

From southwell at dneba.com  Tue Jun  4 17:40:09 2002
From: southwell at dneba.com (Michael Southwell)
Date: Tue, 04 Jun 2002 17:40:09 -0400
Subject: [nycphp-talk] relative newbie needs installation help
In-Reply-To: <200206041910.g54JA1P16139@slipdisc.virul.net>
Message-ID: <5.1.0.14.2.20020604173638.00b25048@mail.optonline.net>

Thanks, Klaus.  This suggestion sounded promising but didn't work.  I 
changed register_globals to On and
rebooted.  But I still got the following error:

Notice:  Undefined variable:  HTTP_USER_AGENT in g:\\dneba\\browsers.php on 
line 50

Here is the relevant code (it is obvious which is line 50):

<CODE>
Your choice of web browser is the single most important factor in 
controlling your experience
of a website.  Your browser seems to be

<?php
   $agent=$HTTP_USER_AGENT;

   $brow="";

   if ($brow==""){
     $pos=strpos($agent,"MSIE");
     if ($pos>0){
       $brow="MSIE";
       $level=substr($agent,$pos+5,3);
       $new=1;}}
</CODE>

I think $HTTP_USER_AGENT is about as basic a variable as you can 
get.  Needless to say,
this code works perfectly (within its limitations, which no doubt are 
plenty) at http://www.dneba.com/browsers.php.

So there must be something else going on.

At 03:10 PM 6/4/2002, you wrote:

>My first guess is it's a register_globals problem.  register_globals is
>turned off by default in 4.2.1.  CGI vs Apache module shouldn't make a
>difference in this case (I'm assuming you are only using the basic
>variables, such as the post,get,server variables).
>
>As a quick fix, goto your php.ini and find the register_globals
>directive, changing it to 'On'.  If this works, let us know; if not,
>what specific variables does it report it can't find/are undefined?
>
>Hans Z.
>
>
>--- Michael Southwell <southwell at dneba.com> wrote:
> > I have some scripts that are working beautifully on the host but are
> > not
> > working on my localhost installation (which I thought I had gotten
> > working):  PHP 4.2.1 running under Apache 1.3.24 on Windows XP.  The
> > problem comes in recognizing variables locally, so I get "undefined
> > variable" and "undefined constant" messages.  PHPInfo() tells me that
> > my
> > local Server API is CGI, while on the host it's Apache.  I am
> > guessing that
> > this is the cause of the problems, though I don't really understand
> > the
> > difference.  Can anybody offer an explanation/possible solution?
> > TIA.
> >
> > Michael G. Southwell =================================
> > DNEBA Enterprises
> > 81 South Road
> > Bloomingdale, NJ 07403-1425
> > 973/492-7873 (voice and fax)
> > southwell at dneba.com
> > http://www.dneba.com
> > ======================================================
> >
> >
> >
>
>
>__________________________________________________
>Do You Yahoo!?
>Yahoo! - Official partner of 2002 FIFA World Cup
>http://fifaworldcup.yahoo.com

Michael G. Southwell =================================
DNEBA Enterprises
81 South Road
Bloomingdale, NJ 07403-1425
973/492-7873 (voice and fax)
southwell at dneba.com
http://www.dneba.com
======================================================




From zaunere at yahoo.com  Tue Jun  4 18:22:54 2002
From: zaunere at yahoo.com (Hans Zaunere)
Date: Tue, 4 Jun 2002 15:22:54 -0700 (PDT)
Subject: [nycphp-talk] multiple gateways and linux
In-Reply-To: <200206041510.g54FA3P14018@slipdisc.virul.net>
Message-ID: <20020604222255.10585.qmail@web12807.mail.yahoo.com>


While I've been out of the game [network admin] for a while, let me say
that solving this The Right Way will be either hard, or expensive - or
both.

For one, you need to pin down exactly what it is you want to do:
ingress redundancy, egress redundancy, ingress load-balancing, egress
load-balancing, or multiplexing.  Each is at least slightly different,
and will require different solutions.

Egress stuff is much easier, since you have the most control.  But,
note that if a packet from your box goes out one T1, and then it goes
down, the return packets will still try to hit the downed T1.  AFAIK,
the only way to handle this is with some fancy routing/cooperation from
your providers/and possibly additional hardware.

Ingress is more involved.  Consider, even if you are announcing your
routes, and a T1 goes down, you'll most likely need cooperation from
your provuider, since the outside world won't know where to look for
your route broadcasts (since where it's expecting to find them, is
down).

Since you have two T1s from one provider, and one from an additional
provider, you may want to consider using the third T1 for general
Internet access, and with possible additional hardware/professional IP
network designer/cooperation from the provider, you could multiplex the
other two T1s to increase failover and bandwidth.

> 1) enable linux to do dead gateway detection and avoid using a
> gateway if it
> is not up

Fairly simple.  Best done in C, or there are probably utils for this
already.  Basically, once a dead gateway is discovered, you change your
routing table, but you will lose any existing connections I believe.

> 2) enable linux to distribute traffic among the gateways to whichever
> one is
> least busy (this might be a little bit more difficult)

Slightly more complex, because you need a reliable way to determine
"least busy", but basically the same as above.

> 3) enable linux to figure out from a list of hosts which gateway
> would allow
> connection to a specific host with minimum lag and/or hops

Again, harder to determine this, but same principals apply.

> I guess some shell scripts could accomplish some of these tasks
> unless someone knows a better way?

No.  This is a kernel, userland C at best, problem.  I wouldn't want to
do per packet analysis with any language except C (not even PHP).

A close look at some of the Open Source firewall utils would help, but
overall, to do what you really want (using 3 T1s as one, with aggregate
bandwidth and redundancy, no?) is not easy.  What is easy, is to
manually segragate your [office] to use each of the T1s.  Or, be
prepared to spend some money, on hardware and/or a IP network engineer.

To go the Open Source/Do-It-Yourself route: I generally follow the
ipfilter mailing list, which often has discussion about this sort of
thing.  The mailing list archives via:

http://www.google.com/search?hl=en&q=ipfilter+redundancy
http://www.google.com/search?hl=en&lr=&q=ipfilter+load-balancing

may get you a good start.  Also, they are very helpful/knowledgable, so
posting your own question would probably be good too.  I've always been
partial to ipfilter and BSD for this type of thing, but you can
substitute whatever they call the latest Linux firewall package for
'ipfilter' for more specific info.  But note that load-balancing, isn't
really across T1s, but within the same network, once your upstream link
has been crossed.

Also, some helpful links:
http://www.nwfusion.com/newsletters/linux/2001/00408537.html
http://linux-ha.org/

but also note most of these are per-machine high-availability -
crossing network links is a whole other ball of wax.

And if it makes you feel any better, I'd be happy to pay to colocate a
small web/email server with you, to take advantage of one of those T1s.
:)

Good luck, and keep us informed,

Hans Z.




__________________________________________________
Do You Yahoo!?
Yahoo! - Official partner of 2002 FIFA World Cup
http://fifaworldcup.yahoo.com


From zaunere at yahoo.com  Tue Jun  4 18:42:02 2002
From: zaunere at yahoo.com (Hans Zaunere)
Date: Tue, 4 Jun 2002 15:42:02 -0700 (PDT)
Subject: [nycphp-talk] relative newbie needs installation help
In-Reply-To: <200206042139.g54LdxP17560@slipdisc.virul.net>
Message-ID: <20020604224202.11824.qmail@web12802.mail.yahoo.com>


Change:
  $agent=$HTTP_USER_AGENT;

to:
  $agent=$_SERVER['HTTP_USER_AGENT'];

and that should do the trick.  From first thought, this seems like a
register_globals problem, but maybe it's track_vars or variable_order
or something.  Can't remember off the top.  Do a phpinfo(); to confirm
that that var is actually getting created as well.

HZ


--- Michael Southwell <southwell at dneba.com> wrote:
> Thanks, Klaus.  This suggestion sounded promising but didn't work.  I
> 
> changed register_globals to On and
> rebooted.  But I still got the following error:
> 
> Notice:  Undefined variable:  HTTP_USER_AGENT in
> g:\\dneba\\browsers.php on 
> line 50
> 
> Here is the relevant code (it is obvious which is line 50):
> 
> <CODE>
> Your choice of web browser is the single most important factor in 
> controlling your experience
> of a website.  Your browser seems to be
> 
> <?php
>    $agent=$HTTP_USER_AGENT;
> 
>    $brow="";
> 
>    if ($brow==""){
>      $pos=strpos($agent,"MSIE");
>      if ($pos>0){
>        $brow="MSIE";
>        $level=substr($agent,$pos+5,3);
>        $new=1;}}
> </CODE>
> 
> I think $HTTP_USER_AGENT is about as basic a variable as you can 
> get.  Needless to say,
> this code works perfectly (within its limitations, which no doubt are
> 
> plenty) at http://www.dneba.com/browsers.php.
> 
> So there must be something else going on.
> 
> At 03:10 PM 6/4/2002, you wrote:
> 
> >My first guess is it's a register_globals problem.  register_globals
> is
> >turned off by default in 4.2.1.  CGI vs Apache module shouldn't make
> a
> >difference in this case (I'm assuming you are only using the basic
> >variables, such as the post,get,server variables).
> >
> >As a quick fix, goto your php.ini and find the register_globals
> >directive, changing it to 'On'.  If this works, let us know; if not,
> >what specific variables does it report it can't find/are undefined?
> >
> >Hans Z.
> >
> >
> >--- Michael Southwell <southwell at dneba.com> wrote:
> > > I have some scripts that are working beautifully on the host but
> are
> > > not
> > > working on my localhost installation (which I thought I had
> gotten
> > > working):  PHP 4.2.1 running under Apache 1.3.24 on Windows XP. 
> The
> > > problem comes in recognizing variables locally, so I get
> "undefined
> > > variable" and "undefined constant" messages.  PHPInfo() tells me
> that
> > > my
> > > local Server API is CGI, while on the host it's Apache.  I am
> > > guessing that
> > > this is the cause of the problems, though I don't really
> understand
> > > the
> > > difference.  Can anybody offer an explanation/possible solution?
> > > TIA.
> > >
> > > Michael G. Southwell =================================
> > > DNEBA Enterprises
> > > 81 South Road
> > > Bloomingdale, NJ 07403-1425
> > > 973/492-7873 (voice and fax)
> > > southwell at dneba.com
> > > http://www.dneba.com
> > > ======================================================
> > >
> > >
> > >
> >
> >
> >__________________________________________________
> >Do You Yahoo!?
> >Yahoo! - Official partner of 2002 FIFA World Cup
> >http://fifaworldcup.yahoo.com
> 
> Michael G. Southwell =================================
> DNEBA Enterprises
> 81 South Road
> Bloomingdale, NJ 07403-1425
> 973/492-7873 (voice and fax)
> southwell at dneba.com
> http://www.dneba.com
> ======================================================
> 
> 
> 


__________________________________________________
Do You Yahoo!?
Yahoo! - Official partner of 2002 FIFA World Cup
http://fifaworldcup.yahoo.com


From zaunere at yahoo.com  Tue Jun  4 18:46:06 2002
From: zaunere at yahoo.com (Hans Zaunere)
Date: Tue, 4 Jun 2002 15:46:06 -0700 (PDT)
Subject: [nycphp-talk] strange ifconfig error message
In-Reply-To: <200206041931.g54JVqP16329@slipdisc.virul.net>
Message-ID: <20020604224606.6463.qmail@web12808.mail.yahoo.com>


And it works properly afterwords?  Seems like a driver bug.  If you
can, cycle the interface down/up and try again.  Or reboot/ensure your
hardware is good/exactly correct driver version for chipset.  I always
use the full netmask [255.255.0.0] but that shouldn't really make a
difference.

HZ


--- Jim Suto <jim at alliedtours.com> wrote:
> Can anyone explain why this happens:
> 
> [root at reddy root]# ifconfig eth0:1 10.0.101.101/16
> SIOCSIFNETMASK: Cannot assign requested address
> [root at reddy root]# ifconfig eth0:1 10.0.101.101/16
> [root at reddy root]#
> 
> If you notice, the second command is exactly the same as the first
> (up-arrow) and the second time it takes and properly assigns the IP
> address
> with no error.  Why not the first time?
> 
> Jim
> 
> 
> 


__________________________________________________
Do You Yahoo!?
Yahoo! - Official partner of 2002 FIFA World Cup
http://fifaworldcup.yahoo.com


From MSouthwell at bigfoot.com  Tue Jun  4 20:30:13 2002
From: MSouthwell at bigfoot.com (Michael Southwell)
Date: Tue, 04 Jun 2002 20:30:13 -0400
Subject: [nycphp-talk] relative newbie needs installation help
In-Reply-To: <200206042242.g54Mg5P18274@slipdisc.virul.net>
Message-ID: <5.1.0.14.2.20020604202754.00b2db98@mail.optonline.net>

That does the trick; I will pore over the documentation to try to figure 
out why.  Thanks,  Hans.

At 06:42 PM 6/4/2002, you wrote:

>Change:
>   $agent=$HTTP_USER_AGENT;
>
>to:
>   $agent=$_SERVER['HTTP_USER_AGENT'];
>
>and that should do the trick.  From first thought, this seems like a
>register_globals problem, but maybe it's track_vars or variable_order
>or something.  Can't remember off the top.  Do a phpinfo(); to confirm
>that that var is actually getting created as well.
>
>HZ
>
>
>--- Michael Southwell <southwell at dneba.com> wrote:
> > Thanks, Klaus.  This suggestion sounded promising but didn't work.  I
> >
> > changed register_globals to On and
> > rebooted.  But I still got the following error:
> >
> > Notice:  Undefined variable:  HTTP_USER_AGENT in
> > g:\\dneba\\browsers.php on
> > line 50
> >
> > Here is the relevant code (it is obvious which is line 50):
> >
> > <CODE>
> > Your choice of web browser is the single most important factor in
> > controlling your experience
> > of a website.  Your browser seems to be
> >
> > <?php
> >    $agent=$HTTP_USER_AGENT;
> >
> >    $brow="";
> >
> >    if ($brow==""){
> >      $pos=strpos($agent,"MSIE");
> >      if ($pos>0){
> >        $brow="MSIE";
> >        $level=substr($agent,$pos+5,3);
> >        $new=1;}}
> > </CODE>
> >
> > I think $HTTP_USER_AGENT is about as basic a variable as you can
> > get.  Needless to say,
> > this code works perfectly (within its limitations, which no doubt are
> >
> > plenty) at http://www.dneba.com/browsers.php.
> >
> > So there must be something else going on.
> >
> > At 03:10 PM 6/4/2002, you wrote:
> >
> > >My first guess is it's a register_globals problem.  register_globals
> > is
> > >turned off by default in 4.2.1.  CGI vs Apache module shouldn't make
> > a
> > >difference in this case (I'm assuming you are only using the basic
> > >variables, such as the post,get,server variables).
> > >
> > >As a quick fix, goto your php.ini and find the register_globals
> > >directive, changing it to 'On'.  If this works, let us know; if not,
> > >what specific variables does it report it can't find/are undefined?
> > >
> > >Hans Z.
> > >
> > >
> > >--- Michael Southwell <southwell at dneba.com> wrote:
> > > > I have some scripts that are working beautifully on the host but
> > are
> > > > not
> > > > working on my localhost installation (which I thought I had
> > gotten
> > > > working):  PHP 4.2.1 running under Apache 1.3.24 on Windows XP.
> > The
> > > > problem comes in recognizing variables locally, so I get
> > "undefined
> > > > variable" and "undefined constant" messages.  PHPInfo() tells me
> > that
> > > > my
> > > > local Server API is CGI, while on the host it's Apache.  I am
> > > > guessing that
> > > > this is the cause of the problems, though I don't really
> > understand
> > > > the
> > > > difference.  Can anybody offer an explanation/possible solution?
> > > > TIA.
> > > >
> > > > Michael G. Southwell =================================
> > > > DNEBA Enterprises
> > > > 81 South Road
> > > > Bloomingdale, NJ 07403-1425
> > > > 973/492-7873 (voice and fax)
> > > > southwell at dneba.com
> > > > http://www.dneba.com
> > > > ======================================================
> > > >
> > > >
> > > >
> > >
> > >
> > >__________________________________________________
> > >Do You Yahoo!?
> > >Yahoo! - Official partner of 2002 FIFA World Cup
> > >http://fifaworldcup.yahoo.com
> >
> > Michael G. Southwell =================================
> > DNEBA Enterprises
> > 81 South Road
> > Bloomingdale, NJ 07403-1425
> > 973/492-7873 (voice and fax)
> > southwell at dneba.com
> > http://www.dneba.com
> > ======================================================
> >
> >
> >
>
>
>__________________________________________________
>Do You Yahoo!?
>Yahoo! - Official partner of 2002 FIFA World Cup
>http://fifaworldcup.yahoo.com

Michael G. Southwell =================================
81 South Road
Bloomingdale, NJ 07403-1419
973-838-1022 (voice) 973-492-7873 (fax)
mailto:MSouthwell at bigfoot.com
http://www.dneba.com
======================================================




From zaunere at yahoo.com  Wed Jun  5 00:24:50 2002
From: zaunere at yahoo.com (Hans Zaunere)
Date: Tue, 4 Jun 2002 21:24:50 -0700 (PDT)
Subject: NYPHP Wiki  WAS:Making URLs Search Engine Friendly - Follow Up
In-Reply-To: <200205231443.g4NEhnp36113@slipdisc.virul.net>
Message-ID: <20020605042450.47083.qmail@web12807.mail.yahoo.com>


Hey Ophir and others,

Sorry I'm so late in getting back to this, but it kind of got lost in
my email stack.  I've cut and pasted Ophir's great info to the wiki
(http://dev.nyphp.org/wiki), as well as the follow-up messages, which
provide additional info.  It's still rough, but I hope people will work
with it and get it formatted and completed in more of an article
format.

Hopefully this will spark the building of additional articles and
information with this wiki, which then will be integrated with forums
and mailing lists, building a knowledge base.  To keep the wiki sane,
we have a wiki master/editor, available for contact at
wikimaster at nyphp.org.  Thank your Charles!

People interested in participating with this, should join the NYPHP
Development list, since we don't want to clutter other's mail boxes too
much.

Thank you,

Hans Z.


--- ophir prusak <prutwo at onebox.com> wrote:
> 
> Hi All,
> 
> I wanted to go over a few items as a follow up to my presentation
> last
> night (ok - I forgot to look at my notes :)
> 
> 1. I don't know how I forgot to mention this, but one of the biggest
> disadvantages of the PATH_INFO method is that it does not work with
> cgi
> versions of PHP.
> As in the nature of yesterday's presentation - does anyone know what
> error you get and why it doesn't work with cgi versions of PHP ?
> 
> 2. When making your URLs search engine friendly, there is an
> advantage
> of using URLs that looks like an .html file (and not just a path, as
> often done with the PATH_INFO method).
> In the future, if you should want to make any of your pages truly
> static,
> it makes life easier.
> For example, one of the pages on my web site was getting a lot of
> traffic,
> so instead of having it be created on the fly, I simply created a
> crontab
> entry that once a day grabbed the dynamic page and saved it to a
> static
> page. Something like this:
> wget http://www.mysite.com/dynamic-version.php -o static-version.html
> 
> Just a side note - I no longer do it this way, but instead use a
> output
> caching object to get almost the same performance gain.
> 
> 3. Someone asked how do I make ANY file in a directory be treated
> like
> a PHP file, regardless of filename (under apache of course). Add this
> line in your .htaccess file for the directory you want to use:
> 
> ForceType application/x-httpd-php   (or whatever mime type you use
> for
> php)
> 
> For more details see
> http://httpd.apache.org/docs/mod/mod_mime.html#forcetype
> 
> I've created an example at:
>
http://www.consolemonkey.com/nyphp/allphpfiles/example/name/ophir/city/nyc.html
> (I'll leave it up to the reader to write the regex to remove the
> .html
> from the PATH_INFO so your last value won't have .html appended to it
> ;)
> 
> Hope you all learned something.
> 
> Ophir
> 
> ----
> Ophir Prusak
> Internet developer 
> prutwo at onebox.com | http://www.prusak.com/ 
> 
>  
> 


__________________________________________________
Do You Yahoo!?
Yahoo! - Official partner of 2002 FIFA World Cup
http://fifaworldcup.yahoo.com


From zaunere at yahoo.com  Wed Jun  5 00:43:13 2002
From: zaunere at yahoo.com (Hans Zaunere)
Date: Tue, 4 Jun 2002 21:43:13 -0700 (PDT)
Subject: Fwd: [nyc-geeks] McGraw Hill Bookstore closing
Message-ID: <20020605044313.49044.qmail@web12807.mail.yahoo.com>

> ---------- Forwarded message ----------
> Date: Tue, 04 Jun 2002 13:18:18 -0700
> From: mjr40 at ix.netcom.com
> Reply-To: nyc-geeks at yahoogroups.com
> To: nyc-geeks at yahoogroups.com
> Subject: [nyc-geeks] McGraw Hill Bookstore closing
> 
> Hi all -
> 
> Just wanted to let you know that the McGraw Hill bookstore on 48th
> and 6th
> (Concourse level) is closing in a week or so.  All of their computer
> books
> are 20% off.  They have a wide range of titles: Java, PHP, Perl,
> Unix,
> Linux, networking, databases, and more Open Source things.  Also,
> Computer
> Book Works downtown at 78 Reade St. has a Sunday discount; I think it
> is
> 10%.  I think business is slow since 9/11.
> 
> Matt
>

__________________________________________________
Do You Yahoo!?
Yahoo! - Official partner of 2002 FIFA World Cup
http://fifaworldcup.yahoo.com


From ejp at well.com  Wed Jun  5 08:06:06 2002
From: ejp at well.com (Edward Potter)
Date: Wed, 05 Jun 2002 08:06:06 -0400
Subject: [nycphp-talk] Fwd: [nyc-geeks] McGraw Hill Bookstore closing
References: <200206050443.g554hHP22126@slipdisc.virul.net>
Message-ID: <3CFDFEAE.6020001@well.com>

2 bad, i remember many hours spent there checking out the racks of 
computer and science books. One of those Manhattan icons to me. Hmmmm, I 
guess if I had the $$$, it would be cool to open up a geek book store 
somewhere on Lower Ludlow Street, throw in some techno music, flat 
panels and power drinks. :-)

I heard the new Wolfram book is going to be big, some maybe science will 
be fun again!

 >>>>
The next Newton?
Recluse, maverick physicist and Mathematica developer Stephen Wolfram 
claims to have revolutionized science with his new, computer-based theories.

http://www.salon.com/books/feature/2002/05/15/wolfram/index.html

:-) e




Hans Zaunere wrote:

>>---------- Forwarded message ----------
>>Date: Tue, 04 Jun 2002 13:18:18 -0700
>>From: mjr40 at ix.netcom.com
>>Reply-To: nyc-geeks at yahoogroups.com
>>To: nyc-geeks at yahoogroups.com
>>Subject: [nyc-geeks] McGraw Hill Bookstore closing
>>
>>Hi all -
>>
>>Just wanted to let you know that the McGraw Hill bookstore on 48th
>>and 6th
>>(Concourse level) is closing in a week or so.  All of their computer
>>books
>>are 20% off.  They have a wide range of titles: Java, PHP, Perl,
>>Unix,
>>Linux, networking, databases, and more Open Source things.  Also,
>>Computer
>>Book Works downtown at 78 Reade St. has a Sunday discount; I think it
>>is
>>10%.  I think business is slow since 9/11.
>>
>>Matt
>>
>>
> 
> __________________________________________________
> Do You Yahoo!?
> Yahoo! - Official partner of 2002 FIFA World Cup
> http://fifaworldcup.yahoo.com
> 
> 
> 
> 




From jim at alliedtours.com  Wed Jun  5 09:44:13 2002
From: jim at alliedtours.com (Jim Suto)
Date: Wed, 5 Jun 2002 09:44:13 -0400
Subject: [nycphp-talk] strange ifconfig error message
In-Reply-To: <200206042246.g54MkAP18305@slipdisc.virul.net>
Message-ID: <BHENLLKDPGGINNOELINJCEBBCCAA.jim@alliedtours.com>

Yes, it works properly afterwards.  And I tried this on at least 2 machines
(RH 7.3) and they both exhibited the same behaviour.  I believe it's using
the tulip driver (netgear cards).


Jim

> -----Original Message-----
> From: Hans Zaunere [mailto:zaunere at yahoo.com]
> Sent: Tuesday, June 04, 2002 6:46 PM
> To: NYPHP Talk
> Subject: Re: [nycphp-talk] strange ifconfig error message
>
>
>
> And it works properly afterwords?  Seems like a driver bug.  If you
> can, cycle the interface down/up and try again.  Or reboot/ensure your
> hardware is good/exactly correct driver version for chipset.  I always
> use the full netmask [255.255.0.0] but that shouldn't really make a
> difference.
>
> HZ
>
>
> --- Jim Suto <jim at alliedtours.com> wrote:
> > Can anyone explain why this happens:
> >
> > [root at reddy root]# ifconfig eth0:1 10.0.101.101/16
> > SIOCSIFNETMASK: Cannot assign requested address
> > [root at reddy root]# ifconfig eth0:1 10.0.101.101/16
> > [root at reddy root]#
> >
> > If you notice, the second command is exactly the same as the first
> > (up-arrow) and the second time it takes and properly assigns the IP
> > address
> > with no error.  Why not the first time?
> >
> > Jim
> >
> >
> >
>
>
> __________________________________________________
> Do You Yahoo!?
> Yahoo! - Official partner of 2002 FIFA World Cup
> http://fifaworldcup.yahoo.com
>




From ssmith at tomega.com  Wed Jun  5 09:58:18 2002
From: ssmith at tomega.com (Sean Smith)
Date: Wed, 05 Jun 2002 09:58:18 -0400
Subject: [nycphp-talk] strange ifconfig error message
References: <200206051340.g55DesP28289@slipdisc.virul.net>
Message-ID: <3CFE18FA.3A3A2751@tomega.com>

Hello everyone,

    I joined the list about a month ago and have been reading some very
useful posts. They have helped a great deal. Thank you to everyone.

    About the ifconfig error, is this only happening on RH 7.3? I've
used the tulip drivers with netgears cards from RH 6.2 up to RH 7.1
(current running version at my office) without a problem. I have
downloaded 7.3 just haven't upgraded yet. I guess I won't until I hear
the results of this problem.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: ssmith.vcf
Type: text/x-vcard
Size: 316 bytes
Desc: Card for Sean Smith
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20020605/01fb21a3/attachment.vcf>

From MSouthwell at bigfoot.com  Wed Jun  5 17:21:15 2002
From: MSouthwell at bigfoot.com (Michael Southwell)
Date: Wed, 05 Jun 2002 17:21:15 -0400
Subject: [nycphp-talk] relative newbie needs installation help
In-Reply-To: <200206042242.g54Mg5P18274@slipdisc.virul.net>
Message-ID: <5.1.0.14.2.20020605171755.00b42e38@mail.optonline.net>

Many thanks, Hans; this makes it work perfectly.  I will now proceed to 
struggle through the documentation to try to figure out exactly how this is 
different from the original, and why this works while the other 
didn't.  Thanks also to others who chimed in; this list is very helpful!

At 06:42 PM 6/4/2002, you wrote:

>Change:
>   $agent=$HTTP_USER_AGENT;
>
>to:
>   $agent=$_SERVER['HTTP_USER_AGENT'];
>
>and that should do the trick.  From first thought, this seems like a
>register_globals problem, but maybe it's track_vars or variable_order
>or something.  Can't remember off the top.  Do a phpinfo(); to confirm
>that that var is actually getting created as well.
>
>HZ
>
>
>--- Michael Southwell <southwell at dneba.com> wrote:
> > Thanks, Klaus.  This suggestion sounded promising but didn't work.  I
> >
> > changed register_globals to On and
> > rebooted.  But I still got the following error:
> >
> > Notice:  Undefined variable:  HTTP_USER_AGENT in
> > g:\\dneba\\browsers.php on
> > line 50
> >
> > Here is the relevant code (it is obvious which is line 50):
> >
> > <CODE>
> > Your choice of web browser is the single most important factor in
> > controlling your experience
> > of a website.  Your browser seems to be
> >
> > <?php
> >    $agent=$HTTP_USER_AGENT;
> >
> >    $brow="";
> >
> >    if ($brow==""){
> >      $pos=strpos($agent,"MSIE");
> >      if ($pos>0){
> >        $brow="MSIE";
> >        $level=substr($agent,$pos+5,3);
> >        $new=1;}}
> > </CODE>
> >
> > I think $HTTP_USER_AGENT is about as basic a variable as you can
> > get.  Needless to say,
> > this code works perfectly (within its limitations, which no doubt are
> >
> > plenty) at http://www.dneba.com/browsers.php.
> >
> > So there must be something else going on.
> >
> > At 03:10 PM 6/4/2002, you wrote:
> >
> > >My first guess is it's a register_globals problem.  register_globals
> > is
> > >turned off by default in 4.2.1.  CGI vs Apache module shouldn't make
> > a
> > >difference in this case (I'm assuming you are only using the basic
> > >variables, such as the post,get,server variables).
> > >
> > >As a quick fix, goto your php.ini and find the register_globals
> > >directive, changing it to 'On'.  If this works, let us know; if not,
> > >what specific variables does it report it can't find/are undefined?
> > >
> > >Hans Z.
> > >
> > >
> > >--- Michael Southwell <southwell at dneba.com> wrote:
> > > > I have some scripts that are working beautifully on the host but
> > are
> > > > not
> > > > working on my localhost installation (which I thought I had
> > gotten
> > > > working):  PHP 4.2.1 running under Apache 1.3.24 on Windows XP.
> > The
> > > > problem comes in recognizing variables locally, so I get
> > "undefined
> > > > variable" and "undefined constant" messages.  PHPInfo() tells me
> > that
> > > > my
> > > > local Server API is CGI, while on the host it's Apache.  I am
> > > > guessing that
> > > > this is the cause of the problems, though I don't really
> > understand
> > > > the
> > > > difference.  Can anybody offer an explanation/possible solution?
> > > > TIA.
> > > >
> > > > Michael G. Southwell =================================
> > > > DNEBA Enterprises
> > > > 81 South Road
> > > > Bloomingdale, NJ 07403-1425
> > > > 973/492-7873 (voice and fax)
> > > > southwell at dneba.com
> > > > http://www.dneba.com
> > > > ======================================================
> > > >
> > > >
> > > >
> > >
> > >
> > >__________________________________________________
> > >Do You Yahoo!?
> > >Yahoo! - Official partner of 2002 FIFA World Cup
> > >http://fifaworldcup.yahoo.com
> >
> > Michael G. Southwell =================================
> > DNEBA Enterprises
> > 81 South Road
> > Bloomingdale, NJ 07403-1425
> > 973/492-7873 (voice and fax)
> > southwell at dneba.com
> > http://www.dneba.com
> > ======================================================
> >
> >
> >
>
>
>__________________________________________________
>Do You Yahoo!?
>Yahoo! - Official partner of 2002 FIFA World Cup
>http://fifaworldcup.yahoo.com

Michael G. Southwell =================================
81 South Road
Bloomingdale, NJ 07403-1419
973-838-1022 (voice) 973-492-7873 (fax)
mailto:MSouthwell at bigfoot.com
http://www.dneba.com
======================================================




From southwell at dneba.com  Wed Jun  5 23:12:23 2002
From: southwell at dneba.com (Michael Southwell)
Date: Wed, 05 Jun 2002 23:12:23 -0400
Subject: receiving params passed from one webpage to another
Message-ID: <5.1.0.14.2.20020605231046.00b48df0@mail.optonline.net>

Here I am with another elementary question; sorry about that.

I'm trying to pass parameters from one webpage to another.  So
I have something like this in the first one:
<CODE>
please help by <a href="browform.php?brow=<?php echo "$brow"; ?>">letting 
us know</a>
</CODE>
I can tell by the url that the parameter is being sent correctly.

Then in browform I have (for testing purposes)
<CODE>
<?php echo "$brow"; ?>
</CODE>
But this gives me the notice that "brow is an undefined variable."  So the 
problem
is that browform isn't receiving the parameter.

I'm sure there's some very simple answer to this (I have this
kind of thing working perfectly elsewhere in a POST), but right now I'm 
stumped.
Can somebody help?  Thanks in advance.


Michael G. Southwell =================================
DNEBA Enterprises
81 South Road
Bloomingdale, NJ 07403-1425
973/492-7873 (voice and fax)
southwell at dneba.com
http://www.dneba.com
======================================================




From nyphp at altunergil.com  Wed Jun  5 23:22:58 2002
From: nyphp at altunergil.com (Oktay Altunergil)
Date: Wed, 5 Jun 2002 23:22:58 -0400
Subject: [nycphp-talk] receiving params passed from one webpage to another
In-Reply-To: <200206060315.g563FPP36885@slipdisc.virul.net>
References: <200206060315.g563FPP36885@slipdisc.virul.net>
Message-ID: <20020605232258.20a15098.nyphp@altunergil.com>

Try to echo $GLOBALS[HTTP_GET_VARS]['brow']  on the receiving page. If this works, you might want to look into whether you should enable   register_globals in php.ini.

Oktay Altunergil

On Wed, 05 Jun 2002 23:15:25 -0400
Michael Southwell <southwell at dneba.com> wrote:

> Here I am with another elementary question; sorry about that.
> 
> I'm trying to pass parameters from one webpage to another.  So
> I have something like this in the first one:
> <CODE>
> please help by <a href="browform.php?brow=<?php echo "$brow"; ?>">letting 
> us know</a>
> </CODE>
> I can tell by the url that the parameter is being sent correctly.
> 
> Then in browform I have (for testing purposes)
> <CODE>
> <?php echo "$brow"; ?>
> </CODE>
> But this gives me the notice that "brow is an undefined variable."  So the 
> problem
> is that browform isn't receiving the parameter.
> 
> I'm sure there's some very simple answer to this (I have this
> kind of thing working perfectly elsewhere in a POST), but right now I'm 
> stumped.
> Can somebody help?  Thanks in advance.
> 
> 
> Michael G. Southwell =================================
> DNEBA Enterprises
> 81 South Road
> Bloomingdale, NJ 07403-1425
> 973/492-7873 (voice and fax)
> southwell at dneba.com
> http://www.dneba.com
> ======================================================
> 
> 
> 


From brian at preston-campbell.com  Wed Jun  5 23:29:32 2002
From: brian at preston-campbell.com (Preston-Campbell)
Date: Wed, 5 Jun 2002 23:29:32 -0400
Subject: [nycphp-talk] receiving params passed from one webpage to another
References: <200206060315.g563FPP36885@slipdisc.virul.net>
Message-ID: <006801c20d0a$60f1f960$6e7094ce@p1n1w5>

Wouldn't it be cleaner to do
echo "please help by <a href=\\"browform.php?brow$brow\\">letting us
know</a>";
???


----- Original Message -----
From: "Michael Southwell" <southwell at dneba.com>
To: "NYPHP Talk" <talk at nyphp.org>
Sent: Wednesday, June 05, 2002 11:15 PM
Subject: [nycphp-talk] receiving params passed from one webpage to another


> Here I am with another elementary question; sorry about that.
>
> I'm trying to pass parameters from one webpage to another.  So
> I have something like this in the first one:
> <CODE>
> please help by <a href="browform.php?brow=<?php echo "$brow"; ?>">letting
> us know</a>
> </CODE>
> I can tell by the url that the parameter is being sent correctly.
>
> Then in browform I have (for testing purposes)
> <CODE>
> <?php echo "$brow"; ?>
> </CODE>
> But this gives me the notice that "brow is an undefined variable."  So the
> problem
> is that browform isn't receiving the parameter.
>
> I'm sure there's some very simple answer to this (I have this
> kind of thing working perfectly elsewhere in a POST), but right now I'm
> stumped.
> Can somebody help?  Thanks in advance.
>
>
> Michael G. Southwell =================================
> DNEBA Enterprises
> 81 South Road
> Bloomingdale, NJ 07403-1425
> 973/492-7873 (voice and fax)
> southwell at dneba.com
> http://www.dneba.com
> ======================================================
>
>
>
>
>




From adam at ecamp.net  Wed Jun  5 23:36:21 2002
From: adam at ecamp.net (Adam)
Date: Wed, 5 Jun 2002 23:36:21 -0400
Subject: [nycphp-talk] receiving params passed from one webpage to another
In-Reply-To: <200206060329.g563TeP37051@slipdisc.virul.net>
Message-ID: <E1858F33EF60D411AC120008C74C668A465DB5@EXCHANGE>

Well style is one thing... 

As Oktay said, his problem is most likely he's using 4.2+ and
register_globals is off.


-----Original Message-----
From: Preston-Campbell [mailto:brian at preston-campbell.com] 
Sent: Wednesday, June 05, 2002 11:30 PM
To: NYPHP Talk
Subject: Re: [nycphp-talk] receiving params passed from one webpage to
another

Wouldn't it be cleaner to do
echo "please help by <a href=\\"browform.php?brow$brow\\">letting us
know</a>";
???


----- Original Message -----
From: "Michael Southwell" <southwell at dneba.com>
To: "NYPHP Talk" <talk at nyphp.org>
Sent: Wednesday, June 05, 2002 11:15 PM
Subject: [nycphp-talk] receiving params passed from one webpage to
another


> Here I am with another elementary question; sorry about that.
>
> I'm trying to pass parameters from one webpage to another.  So
> I have something like this in the first one:
> <CODE>
> please help by <a href="browform.php?brow=<?php echo "$brow";
?>">letting
> us know</a>
> </CODE>
> I can tell by the url that the parameter is being sent correctly.
>
> Then in browform I have (for testing purposes)
> <CODE>
> <?php echo "$brow"; ?>
> </CODE>
> But this gives me the notice that "brow is an undefined variable."  So
the
> problem
> is that browform isn't receiving the parameter.
>
> I'm sure there's some very simple answer to this (I have this
> kind of thing working perfectly elsewhere in a POST), but right now
I'm
> stumped.
> Can somebody help?  Thanks in advance.
>
>
> Michael G. Southwell =================================
> DNEBA Enterprises
> 81 South Road
> Bloomingdale, NJ 07403-1425
> 973/492-7873 (voice and fax)
> southwell at dneba.com
> http://www.dneba.com
> ======================================================
>
>
>
>
>






From rderoo at supserv.com  Thu Jun  6 09:32:02 2002
From: rderoo at supserv.com (Raymond DeRoo)
Date: Thu, 6 Jun 2002 09:32:02 -0400
Subject: [nycphp-talk] receiving params passed from one webpage to another
In-Reply-To: <200206060329.g563TeP37051@slipdisc.virul.net>
References: <200206060329.g563TeP37051@slipdisc.virul.net>
Message-ID: <200206061327.g56DRuY0006332@base.deroo.net>


> Wouldn't it be cleaner to do
> echo "please help by <a href=\\"browform.php?brow$brow\\">letting us
> know</a>";
> ???

I would say that is a matter of opinion. I go to great lengths not to have 
php output HTML. 

I personally find

please help by <a href="browform.php?brow=<?php echo "$brow"; ?>">letting us 
know</a>

to much easier easier to read than

echo "please help by <a href=\\"browform.php?brow$brow\\">letting us know</a>";

especially when working within syntax highlighting editors. Not to mention it 
is faster to not have PHP parse something it will do nothing with. Granted in 
this case no speed increase would be realized.

I tend to break a page into two parts. The first or top part has just about 
all the PHP code which the page is going to use. The second or bottom has the 
HTML and where I need to insert a value I simply <?=$var?>.  Now, as a rule, 
I do not use short tags (ie one will never find <? $php_code_here; ?>) but 
allowing for the ASP style output is *very* nice and, IMO, go a long way to 
making readable code.

.r


From zaunere at yahoo.com  Thu Jun  6 10:00:09 2002
From: zaunere at yahoo.com (Hans Zaunere)
Date: Thu, 6 Jun 2002 07:00:09 -0700 (PDT)
Subject: [nycphp-talk] relative newbie needs installation help
In-Reply-To: <200206052122.g55LMtP33307@slipdisc.virul.net>
Message-ID: <20020606140009.56765.qmail@web12808.mail.yahoo.com>


On a 4.1.2 install of PHP, I turned register_globals = On in php.ini
and stopped/started apache.  Voila, $HTTP_USER_AGENT is found.  So, you
might not be getting the proper setting of register_globals, and even
in 4.2.x this should still work.

However, I would move away from this, since depending on globally
scoped variables and register_globals is being deprecated quickly.
For this situation, get_browser() may be the way to go.

Hans Z.


--- Michael Southwell <MSouthwell at bigfoot.com> wrote:
> Many thanks, Hans; this makes it work perfectly.  I will now proceed
> to 
> struggle through the documentation to try to figure out exactly how
> this is 
> different from the original, and why this works while the other 
> didn't.  Thanks also to others who chimed in; this list is very
> helpful!
> 
> At 06:42 PM 6/4/2002, you wrote:
> 
> >Change:
> >   $agent=$HTTP_USER_AGENT;
> >
> >to:
> >   $agent=$_SERVER['HTTP_USER_AGENT'];
> >
> >and that should do the trick.  From first thought, this seems like a
> >register_globals problem, but maybe it's track_vars or
> variable_order
> >or something.  Can't remember off the top.  Do a phpinfo(); to
> confirm
> >that that var is actually getting created as well.
> >
> >HZ
> >
> >
> >--- Michael Southwell <southwell at dneba.com> wrote:
> > > Thanks, Klaus.  This suggestion sounded promising but didn't
> work.  I
> > >
> > > changed register_globals to On and
> > > rebooted.  But I still got the following error:
> > >
> > > Notice:  Undefined variable:  HTTP_USER_AGENT in
> > > g:\\dneba\\browsers.php on
> > > line 50
> > >
> > > Here is the relevant code (it is obvious which is line 50):
> > >
> > > <CODE>
> > > Your choice of web browser is the single most important factor in
> > > controlling your experience
> > > of a website.  Your browser seems to be
> > >
> > > <?php
> > >    $agent=$HTTP_USER_AGENT;
> > >
> > >    $brow="";
> > >
> > >    if ($brow==""){
> > >      $pos=strpos($agent,"MSIE");
> > >      if ($pos>0){
> > >        $brow="MSIE";
> > >        $level=substr($agent,$pos+5,3);
> > >        $new=1;}}
> > > </CODE>
> > >
> > > I think $HTTP_USER_AGENT is about as basic a variable as you can
> > > get.  Needless to say,
> > > this code works perfectly (within its limitations, which no doubt
> are
> > >
> > > plenty) at http://www.dneba.com/browsers.php.
> > >
> > > So there must be something else going on.
> > >
> > > At 03:10 PM 6/4/2002, you wrote:
> > >
> > > >My first guess is it's a register_globals problem. 
> register_globals
> > > is
> > > >turned off by default in 4.2.1.  CGI vs Apache module shouldn't
> make
> > > a
> > > >difference in this case (I'm assuming you are only using the
> basic
> > > >variables, such as the post,get,server variables).
> > > >
> > > >As a quick fix, goto your php.ini and find the register_globals
> > > >directive, changing it to 'On'.  If this works, let us know; if
> not,
> > > >what specific variables does it report it can't find/are
> undefined?
> > > >
> > > >Hans Z.
> > > >
> > > >
> > > >--- Michael Southwell <southwell at dneba.com> wrote:
> > > > > I have some scripts that are working beautifully on the host
> but
> > > are
> > > > > not
> > > > > working on my localhost installation (which I thought I had
> > > gotten
> > > > > working):  PHP 4.2.1 running under Apache 1.3.24 on Windows
> XP.
> > > The
> > > > > problem comes in recognizing variables locally, so I get
> > > "undefined
> > > > > variable" and "undefined constant" messages.  PHPInfo() tells
> me
> > > that
> > > > > my
> > > > > local Server API is CGI, while on the host it's Apache.  I am
> > > > > guessing that
> > > > > this is the cause of the problems, though I don't really
> > > understand
> > > > > the
> > > > > difference.  Can anybody offer an explanation/possible
> solution?
> > > > > TIA.
> > > > >
> > > > > Michael G. Southwell =================================
> > > > > DNEBA Enterprises
> > > > > 81 South Road
> > > > > Bloomingdale, NJ 07403-1425
> > > > > 973/492-7873 (voice and fax)
> > > > > southwell at dneba.com
> > > > > http://www.dneba.com
> > > > > ======================================================
> > > > >
> > > > >
> > > > >
> > > >
> > > >
> > > >__________________________________________________
> > > >Do You Yahoo!?
> > > >Yahoo! - Official partner of 2002 FIFA World Cup
> > > >http://fifaworldcup.yahoo.com
> > >
> > > Michael G. Southwell =================================
> > > DNEBA Enterprises
> > > 81 South Road
> > > Bloomingdale, NJ 07403-1425
> > > 973/492-7873 (voice and fax)
> > > southwell at dneba.com
> > > http://www.dneba.com
> > > ======================================================
> > >
> > >
> > >
> >
> >
> >__________________________________________________
> >Do You Yahoo!?
> >Yahoo! - Official partner of 2002 FIFA World Cup
> >http://fifaworldcup.yahoo.com
> 
> Michael G. Southwell =================================
> 81 South Road
> Bloomingdale, NJ 07403-1419
> 973-838-1022 (voice) 973-492-7873 (fax)
> mailto:MSouthwell at bigfoot.com
> http://www.dneba.com
> ======================================================
> 
> 
> 


__________________________________________________
Do You Yahoo!?
Yahoo! - Official partner of 2002 FIFA World Cup
http://fifaworldcup.yahoo.com


From zaunere at yahoo.com  Thu Jun  6 10:05:46 2002
From: zaunere at yahoo.com (Hans Zaunere)
Date: Thu, 6 Jun 2002 07:05:46 -0700 (PDT)
Subject: [nycphp-talk] strange ifconfig error message
In-Reply-To: <200206051358.g55DwLP28493@slipdisc.virul.net>
Message-ID: <20020606140546.70823.qmail@web12805.mail.yahoo.com>


I don't think this would be a problem in RedHat, per se, but rather the
kernel/NIC drivers of any given Linux distro.  Tulip NICs and their
drivers, from my expierence, have been notorisouly fickle - they seem
to have slight version changes and revisions regularly.  This may just
be a case of the NIC being a different revision than the driver - and
the ifconfig command needs to be pounded in a little harder, by way of
the extra call.

I have RH 7.3 on a couple production machines, and it's been running
great (it's beginning to rival my faith in 6.2).  I wouldn't let this
stop you from the upgrade, and you could always downgrade/recompile an
older driver revision for your NIC.

HZ


--- Sean Smith <ssmith at tomega.com> wrote:
> <paralist>This message contained 1 file(s) and is available at
> http://nyphp.org/list/paralist_archive.html?L_mid=294</paralist>
> 
> Hello everyone,
> 
>     I joined the list about a month ago and have been reading some
> very
> useful posts. They have helped a great deal. Thank you to everyone.
> 
>     About the ifconfig error, is this only happening on RH 7.3? I've
> used the tulip drivers with netgears cards from RH 6.2 up to RH 7.1
> (current running version at my office) without a problem. I have
> downloaded 7.3 just haven't upgraded yet. I guess I won't until I
> hear
> the results of this problem.
> 
> 


__________________________________________________
Do You Yahoo!?
Yahoo! - Official partner of 2002 FIFA World Cup
http://fifaworldcup.yahoo.com


From zaunere at yahoo.com  Thu Jun  6 10:13:07 2002
From: zaunere at yahoo.com (Hans Zaunere)
Date: Thu, 6 Jun 2002 07:13:07 -0700 (PDT)
Subject: [nycphp-talk] receiving params passed from one webpage to another
In-Reply-To: <200206060315.g563FPP36885@slipdisc.virul.net>
Message-ID: <20020606141307.30572.qmail@web12803.mail.yahoo.com>


This is certainly a register_globals issue - but don't turn it on! Code
better!

in a.php:

Please help by <a href="browform.php?brow=<?=$brow?>">letting us
know</a>


Then in browform.php:

Thank you for helping <?=$_GET['brow']?>!


Or something similar.  Note that <?= will only work if short_tags is on
- as it is by default (I think).  But register_globals defaults to off
for a reason - it's bad, as are most global vars.

HZ.


--- Michael Southwell <southwell at dneba.com> wrote:
> Here I am with another elementary question; sorry about that.
> 
> I'm trying to pass parameters from one webpage to another.  So
> I have something like this in the first one:
> <CODE>
> please help by <a href="browform.php?brow=<?php echo "$brow";
> ?>">letting 
> us know</a>
> </CODE>
> I can tell by the url that the parameter is being sent correctly.
> 
> Then in browform I have (for testing purposes)
> <CODE>
> <?php echo "$brow"; ?>
> </CODE>
> But this gives me the notice that "brow is an undefined variable." 
> So the 
> problem
> is that browform isn't receiving the parameter.
> 
> I'm sure there's some very simple answer to this (I have this
> kind of thing working perfectly elsewhere in a POST), but right now
> I'm 
> stumped.
> Can somebody help?  Thanks in advance.
> 
> 
> Michael G. Southwell =================================
> DNEBA Enterprises
> 81 South Road
> Bloomingdale, NJ 07403-1425
> 973/492-7873 (voice and fax)
> southwell at dneba.com
> http://www.dneba.com
> ======================================================
> 
> 
> 


__________________________________________________
Do You Yahoo!?
Yahoo! - Official partner of 2002 FIFA World Cup
http://fifaworldcup.yahoo.com


From southwell at dneba.com  Thu Jun  6 10:44:26 2002
From: southwell at dneba.com (Michael Southwell)
Date: Thu, 06 Jun 2002 10:44:26 -0400
Subject: [nycphp-talk] receiving params passed from one webpage to another
In-Reply-To: <200206060323.g563N3P36967@slipdisc.virul.net>
Message-ID: <5.1.0.14.2.20020606103718.00b4de88@mail.optonline.net>

Register_globals is already turned on, so that's not it.  The url 
"http://localhost/dneba/browform.php?brow=a%20new" shows me that the 
parameter is indeed being passed.  Echoing 
$GLOBALS[HTTP_GET_VARS]['brow']  produces "Array['brow']" which I don't 
find exactly comprehensible but is clearly not what I'm looking for.  So 
I'm still stuck.


At 11:23 PM 6/5/2002, you wrote:
>Try to echo $GLOBALS[HTTP_GET_VARS]['brow']  on the receiving page. If 
>this works, you might want to look into whether you should 
>enable   register_globals in php.ini.
>
>Oktay Altunergil
>
>On Wed, 05 Jun 2002 23:15:25 -0400
>Michael Southwell <southwell at dneba.com> wrote:
>
> > Here I am with another elementary question; sorry about that.
> >
> > I'm trying to pass parameters from one webpage to another.  So
> > I have something like this in the first one:
> > <CODE>
> > please help by <a href="browform.php?brow=<?php echo "$brow"; ?>">letting
> > us know</a>
> > </CODE>
> > I can tell by the url that the parameter is being sent correctly.
> >
> > Then in browform I have (for testing purposes)
> > <CODE>
> > <?php echo "$brow"; ?>
> > </CODE>
> > But this gives me the notice that "brow is an undefined variable."  So the
> > problem
> > is that browform isn't receiving the parameter.
> >
> > I'm sure there's some very simple answer to this (I have this
> > kind of thing working perfectly elsewhere in a POST), but right now I'm
> > stumped.
> > Can somebody help?  Thanks in advance.
> >
> >
> > Michael G. Southwell =================================
> > DNEBA Enterprises
> > 81 South Road
> > Bloomingdale, NJ 07403-1425
> > 973/492-7873 (voice and fax)
> > southwell at dneba.com
> > http://www.dneba.com
> > ======================================================
> >
> >
> >

Michael G. Southwell =================================
DNEBA Enterprises
81 South Road
Bloomingdale, NJ 07403-1425
973/492-7873 (voice and fax)
southwell at dneba.com
http://www.dneba.com
======================================================




From rderoo at byramhealthcare.com  Thu Jun  6 11:05:38 2002
From: rderoo at byramhealthcare.com (Raymond DeRoo)
Date: Thu, 6 Jun 2002 11:05:38 -0400
Subject: [nycphp-talk] receiving params passed from one webpage to another
In-Reply-To: <200206061444.g56EiEP44643@slipdisc.virul.net>
References: <200206061444.g56EiEP44643@slipdisc.virul.net>
Message-ID: <200206061501.g56F1TKs006580@mail01.byramhealthcare.com>

Michael--

> Register_globals is already turned on, so that's not it.  The url
> "http://localhost/dneba/browform.php?brow=a%20new" shows me that the
> parameter is indeed being passed.  Echoing
> $GLOBALS[HTTP_GET_VARS]['brow']  produces "Array['brow']" which I don't
> find exactly comprehensible but is clearly not what I'm looking for.  So
> I'm still stuck.

What version of PHP are you using? Although your php.ini may say it is on, 
what does the output of phpinfo() say?

.r


From zaunere at yahoo.com  Thu Jun  6 11:35:00 2002
From: zaunere at yahoo.com (Hans Zaunere)
Date: Thu, 6 Jun 2002 08:35:00 -0700 (PDT)
Subject: JOB FORUM Rescheduled
Message-ID: <20020606153500.83942.qmail@web12805.mail.yahoo.com>


Hello all,

As to not interfere with the Mozbash.NYC, the Job forum has been moved
up one day (6/13) and the RSVP date is (6/11).  I've also updated some
details on http://nyphp.org, so take a look there.

Thank you,

Hans Z.

__________________________________________________
Do You Yahoo!?
Yahoo! - Official partner of 2002 FIFA World Cup
http://fifaworldcup.yahoo.com


From rderoo at supserv.com  Thu Jun  6 12:01:55 2002
From: rderoo at supserv.com (Raymond DeRoo)
Date: Thu, 6 Jun 2002 12:01:55 -0400
Subject: [nycphp-talk] receiving params passed from one webpage to another
Message-ID: <200206061557.g56FvlY0006874@base.deroo.net>

Michael--

> Register_globals is already turned on, so that's not it.  The url
> "http://localhost/dneba/browform.php?brow=a%20new" shows me that the
> parameter is indeed being passed.  Echoing
> $GLOBALS[HTTP_GET_VARS]['brow']  produces "Array['brow']" which I don't
> find exactly comprehensible but is clearly not what I'm looking for.  So
> I'm still stuck.

What version of PHP are you using? Although your php.ini may say it is on,
what does the output of phpinfo() say?

.r


From southwell at dneba.com  Thu Jun  6 15:53:40 2002
From: southwell at dneba.com (Michael Southwell)
Date: Thu, 06 Jun 2002 15:53:40 -0400
Subject: Fwd: Re: [nycphp-talk] receiving params passed from one webpage to
 another -- SOLVED
Message-ID: <5.1.0.14.2.20020606155026.00b34590@wheresmymailserver.com>

Thanks a lot, guys.  It turns out that php was using php.ini in m:\\windows 
but I was modifying php.ini in m:\\windows\\system32.  stupid!!

>Date: Thu, 06 Jun 2002 10:44:26 -0400
>To: talk at nyphp.org
>From: Michael Southwell <southwell at dneba.com>
>Subject: Re: [nycphp-talk] receiving params passed from one webpage to another
>
>Register_globals is already turned on, so that's not it.  The url 
>"http://localhost/dneba/browform.php?brow=a%20new" shows me that the 
>parameter is indeed being passed.  Echoing 
>$GLOBALS[HTTP_GET_VARS]['brow']  produces "Array['brow']" which I don't 
>find exactly comprehensible but is clearly not what I'm looking for.  So 
>I'm still stuck.

Michael G. Southwell =================================
DNEBA Enterprises
81 South Road
Bloomingdale, NJ 07403-1425
973/492-7873 (voice and fax)
southwell at dneba.com
http://www.dneba.com
======================================================




From nyphp at altunergil.com  Thu Jun  6 16:01:57 2002
From: nyphp at altunergil.com (Oktay Altunergil)
Date: Thu, 6 Jun 2002 16:01:57 -0400
Subject: Fwd: Re: [nycphp-talk] receiving params passed from one webpage to another -- SOLVED
In-Reply-To: <200206061956.g56JuqP48396@slipdisc.virul.net>
References: <200206061956.g56JuqP48396@slipdisc.virul.net>
Message-ID: <20020606160157.65b43e19.nyphp@altunergil.com>

FYI,

You should check the output of  phpinfo();   to see if something like register_globals is turned on or off rather than the php.ini file itself. You might have multiple copies or your only copy might be in the incorrect directory which makes it unreliable. On the same page you will also find (towards the TOP) the location of the  php.ini file your PHP installation is reading when it's initialized.

Oktay ALtunergil

On Thu, 06 Jun 2002 15:56:52 -0400
Michael Southwell <southwell at dneba.com> wrote:

> Thanks a lot, guys.  It turns out that php was using php.ini in m:\\windows 
> but I was modifying php.ini in m:\\windows\\system32.  stupid!!
> 
> >Date: Thu, 06 Jun 2002 10:44:26 -0400
> >To: talk at nyphp.org
> >From: Michael Southwell <southwell at dneba.com>
> >Subject: Re: [nycphp-talk] receiving params passed from one webpage to another
> >
> >Register_globals is already turned on, so that's not it.  The url 
> >"http://localhost/dneba/browform.php?brow=a%20new" shows me that the 
> >parameter is indeed being passed.  Echoing 
> >$GLOBALS[HTTP_GET_VARS]['brow']  produces "Array['brow']" which I don't 
> >find exactly comprehensible but is clearly not what I'm looking for.  So 
> >I'm still stuck.
> 
> Michael G. Southwell =================================
> DNEBA Enterprises
> 81 South Road
> Bloomingdale, NJ 07403-1425
> 973/492-7873 (voice and fax)
> southwell at dneba.com
> http://www.dneba.com
> ======================================================
> 
> 
> 


From MSouthwell at bigfoot.com  Thu Jun  6 16:10:48 2002
From: MSouthwell at bigfoot.com (Michael Southwell)
Date: Thu, 06 Jun 2002 16:10:48 -0400
Subject: Fwd: Re: [nycphp-talk] receiving params passed from one webpage to
 another -- SOLVED
In-Reply-To: <200206062002.g56K21P48513@slipdisc.virul.net>
Message-ID: <5.1.0.14.2.20020606160919.00b232e0@mail.optonline.net>

yeah, that's exactly how I solved this after discovering that it all worked 
perfectly on my host but not on localhost.  Many thanks for your help in 
getting me going in the right direction.

At 04:02 PM 6/6/2002, you wrote:
>FYI,
>
>You should check the output of  phpinfo();   to see if something like 
>register_globals is turned on or off rather than the php.ini file itself. 
>You might have multiple copies or your only copy might be in the incorrect 
>directory which makes it unreliable. On the same page you will also find 
>(towards the TOP) the location of the  php.ini file your PHP installation 
>is reading when it's initialized.
>
>Oktay ALtunergil
>
>On Thu, 06 Jun 2002 15:56:52 -0400
>Michael Southwell <southwell at dneba.com> wrote:
>
> > Thanks a lot, guys.  It turns out that php was using php.ini in m:\\windows
> > but I was modifying php.ini in m:\\windows\\system32.  stupid!!
> >
> > >Date: Thu, 06 Jun 2002 10:44:26 -0400
> > >To: talk at nyphp.org
> > >From: Michael Southwell <southwell at dneba.com>
> > >Subject: Re: [nycphp-talk] receiving params passed from one webpage to 
> another
> > >
> > >Register_globals is already turned on, so that's not it.  The url
> > >"http://localhost/dneba/browform.php?brow=a%20new" shows me that the
> > >parameter is indeed being passed.  Echoing
> > >$GLOBALS[HTTP_GET_VARS]['brow']  produces "Array['brow']" which I don't
> > >find exactly comprehensible but is clearly not what I'm looking for.  So
> > >I'm still stuck.
> >
> > Michael G. Southwell =================================
> > DNEBA Enterprises
> > 81 South Road
> > Bloomingdale, NJ 07403-1425
> > 973/492-7873 (voice and fax)
> > southwell at dneba.com
> > http://www.dneba.com
> > ======================================================
> >
> >
> >

Michael G. Southwell =================================
81 South Road
Bloomingdale, NJ 07403-1419
973-838-1022 (voice) 973-492-7873 (fax)
mailto:MSouthwell at bigfoot.com
http://www.dneba.com
======================================================




From prutwo at onebox.com  Fri Jun  7 09:56:35 2002
From: prutwo at onebox.com (ophir prusak)
Date: Fri, 07 Jun 2002 06:56:35 -0700
Subject: Fwd:  [PHP Classes] comp.lang.php newsgroup to be approved with your help
Message-ID: <20020607135636.TIBU4694.mta07.onebox.com@onebox.com>


Please help create a comp.lang.php newsgroup !
I just got this in my email - every vote counts !
Ophir

Forwarded email:
---------------------
Another issue that is not really related with the PHP Classes site butis
very important for the recognition of PHP as a language well supported
within the programming community, is the fact that finally a newsgroup
named comp.lang.php is about to be voted for approval in the Usenet.



For those that do not know what this means, Usenet is probably the oldest
network of discussion groups distributed over the Internet. It has several
hierarchies of groups but only the Big 8 are well distributed among ISPs.
The comp hierarchy is one of the Big 8 hierarchies.



There are already the alt.php, alt.php.sql and the alt.comp.lang.phpnews
groups but the alt hierarchy is not one of the Big 8 hierarchies andso
it
is not so widely available as the comp hierarchy. There are also several
regional PHP newsgroups that are even less well distributed.



The official mailing lists maintained by the PHP Group are also available
via NNTP but AFAIK no ISP redistributes those news groups.



Having a PHP newsgroup sub-hierarchy under comp.lang.php is not justa
matter of having a better distributed hierarchy of PHP news groups. Itis
also a matter of status for PHP as well recognized language.



If you go to Google and see the list of languages under the comp.lang
hierarchy, you see there 55 languages and none of them is PHP, as ifPHP
would be such a minor language that would not justify a hierarchy for
itself.



http://groups.google.com/groups?hl=en&lr=&group=comp.lang



So, it is very important for PHP and all of those that work with it,that
the comp.lang.php group just submitted for voting becomes approved.



The Call For votes message was posted here:



http://groups.google.com/groups?selm=1023125386.82479%40isc.org



So, all you need to do to contribute to the process of approval is tosend
a message to vote at technopagan.org with the text "I vote YES on
comp.lang.php" in the body of the message.



Eventually this link will help you do it without much effort:



vote at technopagan.org?Body=I%20vote%20YES%20on%20comp.lang.php



Of course, you should only vote YES if you agree with the creation ofthe
news group, but as subscriber of the PHP Classes site I assume that you
most likely agree that it is a good idea.



In the name of the PHP community, thank you for your cooperation.



Regards,

Manuel Lemos

---------------------------
The original email is attached.

----
Ophir Prusak
Internet developer 
prutwo at onebox.com | http://www.prusak.com/ 

 
-------------- next part --------------
An embedded message was scrubbed...
From: PHP Classes <subscriber-help at phpclasses.org>
Subject: [PHP Classes] Latest PHP news in the site newsletter and comp.lang.php newsgroup to be approved with your help
Date: 7 Jun 2002 02:54:30 -0000
Size: 3947
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20020607/a41017a5/attachment.mht>

From prutwo at onebox.com  Fri Jun  7 10:47:23 2002
From: prutwo at onebox.com (ophir prusak)
Date: Fri, 07 Jun 2002 07:47:23 -0700
Subject: Object Oriented Question
Message-ID: <20020607144724.LTXG7375.mta06.onebox.com@onebox.com>


Hi All,

I've decided to clean up the code on my site, and at the same time use
object oriented code.
I have a few ideas in my head, but I really wanted to get some input
from others that have built projects in PHP using OO code.

Here's the problem I'm currently trying to solve (I've simplified it
a bit and left out un-necessary details).
My site is a video game site. Currently, my database has:
A games table which has basic game information for each game (game_id,
title, console, etc)
A reviews table which has game_id (foreign key to games table), review
date, review text, reviewer name and email.

If you look at this URL
http://ps2.consolemonkey.com/reviews_date.php3?order=rev_id 
you can see a page which shows a list of all the games and the date for
the most recent review for that game.

Currently I'm just doing this with a single SQL query (simple join of
the two tables) and echoing out the results.
Very fast.

I'm trying to envision how to create this page using object oriented
code.
My initial thought was to somehow use a game object, but if I have to
instantiate a game object for every game, this seems like it would have
an enormous amount of overhead and be slow.

How is this usually done on OO projects ?

Am I missing something or would you say that if your data sits in a relational
database and your doing a search or mass listing of data then OO code
is not the way to go.

comments/suggestions/thoughts/ideas/etc ?

Thanx
Ophir 

 
----
Ophir Prusak
Internet developer 
prutwo at onebox.com | http://www.prusak.com/ 

 


From adam at ecamp.net  Fri Jun  7 11:07:16 2002
From: adam at ecamp.net (Adam)
Date: Fri, 7 Jun 2002 11:07:16 -0400
Subject: [nycphp-talk] Object Oriented Question
In-Reply-To: <200206071447.g57ElWP62726@slipdisc.virul.net>
Message-ID: <E1858F33EF60D411AC120008C74C668A465E1B@EXCHANGE>

I generally use php classes for all my code, but mostly centered around
an OO design from the UI and second logic, especially for pages like
your.

I would have a class gamesite  with all my base functions that would be
use. User authentication, emails, voting functions etc... and if you
don't have that many feature you can keep everything in this one class.
Or if you have multiple sections, you can create different classes that
extend this one to keep things separate and neat.

So you can have something like in index.php
Include "gamesite.class";
$page=new gamesite;
$page->init(); //start session, whatever else u do every page
$page->checkLogin(); // checks to see if user is logged in, if not
redirect somewhere
$page->buildTop(); //builds top nav
$page->processForms(); //process any forms that may have been submitted
before displaying content
$page->showGameReview();  // here you can do that example you were
talking about
$page->footer();

and then inside class gamesite, you can build functions that these
master functions call... but this generally keeps things a little more
organized than complete top down programming I suppose.  PHP isn't C++
or Python, where it takes a lot more effort in some cases to really OO
something.

I find having a few base classes is nice and I just extend upon them,
using functions I've had for years as if they are native php I'm so used
to them.

If you check out http://madhive.com  it was done all PHP OO over the
past few years.  Site is a bit slow most likely because of lack of
attention to the servers for months.  The you login and notice the
content boxes on the right, those are all treated as separate php
objects throughout the users session and move from page to page.  Their
functionality is nicer throughout the site.  As well as skin color
changes, and other preferences. The OO method made changing these things
super easy.

-----Original Message-----
From: ophir prusak [mailto:prutwo at onebox.com] 
Sent: Friday, June 07, 2002 10:48 AM
To: NYPHP Talk
Subject: [nycphp-talk] Object Oriented Question


Hi All,

I've decided to clean up the code on my site, and at the same time use
object oriented code.
I have a few ideas in my head, but I really wanted to get some input
from others that have built projects in PHP using OO code.

Here's the problem I'm currently trying to solve (I've simplified it
a bit and left out un-necessary details).
My site is a video game site. Currently, my database has:
A games table which has basic game information for each game (game_id,
title, console, etc)
A reviews table which has game_id (foreign key to games table), review
date, review text, reviewer name and email.

If you look at this URL
http://ps2.consolemonkey.com/reviews_date.php3?order=rev_id 
you can see a page which shows a list of all the games and the date for
the most recent review for that game.

Currently I'm just doing this with a single SQL query (simple join of
the two tables) and echoing out the results.
Very fast.

I'm trying to envision how to create this page using object oriented
code.
My initial thought was to somehow use a game object, but if I have to
instantiate a game object for every game, this seems like it would have
an enormous amount of overhead and be slow.

How is this usually done on OO projects ?

Am I missing something or would you say that if your data sits in a
relational
database and your doing a search or mass listing of data then OO code
is not the way to go.

comments/suggestions/thoughts/ideas/etc ?

Thanx
Ophir 

 
----
Ophir Prusak
Internet developer 
prutwo at onebox.com | http://www.prusak.com/ 

 




From ian at plusfour.org  Fri Jun  7 11:26:25 2002
From: ian at plusfour.org (Ian Forsyth)
Date: Fri, 7 Jun 2002 11:26:25 -0400
Subject: [nycphp-talk] Object Oriented Question
In-Reply-To: <200206071447.g57ElWP62726@slipdisc.virul.net>
Message-ID: <DEEKJLBPBMNHDEECLKBEIEKMCFAA.ian@plusfour.org>


class game extends db //in teh db class you have a function db that
intialized connection so there is only on file with connection credentials..
{
	function game($gameid,$type = "single")
	{
		switch($gameid)
{
	case "0" :
	$this->getAllGames($type);
	break;
	default :
	$this->getGame($gameid);
}
	function getAllGames($type)
{
	$q = "select * from games g,reviews r where g.gameid = r.gameid ";
	$q .= " and g.console = '$type'";
	$this->query($q);
}
}

> -----Original Message-----
> From: ophir prusak [mailto:prutwo at onebox.com]
> Sent: Friday, June 07, 2002 10:48 AM
> To: NYPHP Talk
> Subject: [nycphp-talk] Object Oriented Question
>
>
>
> Hi All,
>
> I've decided to clean up the code on my site, and at the same time use
> object oriented code.
> I have a few ideas in my head, but I really wanted to get some input
> from others that have built projects in PHP using OO code.
>
> Here's the problem I'm currently trying to solve (I've simplified it
> a bit and left out un-necessary details).
> My site is a video game site. Currently, my database has:
> A games table which has basic game information for each game (game_id,
> title, console, etc)
> A reviews table which has game_id (foreign key to games table), review
> date, review text, reviewer name and email.
>
> If you look at this URL
> http://ps2.consolemonkey.com/reviews_date.php3?order=rev_id
> you can see a page which shows a list of all the games and the date for
> the most recent review for that game.
>
> Currently I'm just doing this with a single SQL query (simple join of
> the two tables) and echoing out the results.
> Very fast.
>
> I'm trying to envision how to create this page using object oriented
> code.
> My initial thought was to somehow use a game object, but if I have to
> instantiate a game object for every game, this seems like it would have
> an enormous amount of overhead and be slow.
>
> How is this usually done on OO projects ?
>
> Am I missing something or would you say that if your data sits in
> a relational
> database and your doing a search or mass listing of data then OO code
> is not the way to go.
>
> comments/suggestions/thoughts/ideas/etc ?
>
> Thanx
> Ophir
>
>
> ----
> Ophir Prusak
> Internet developer
> prutwo at onebox.com | http://www.prusak.com/
>
>
>
>



From charles at softwareprototypes.com  Fri Jun  7 11:52:52 2002
From: charles at softwareprototypes.com (charles at softwareprototypes.com)
Date: Fri, 7 Jun 2002 11:52:52 -0400
Subject: Object-Oriented answer
Message-ID: <2620-220026571552520@softwareprototypes.com>

Hello Ophir,

instantiation of a class is extremely fast and getting faster.
Basically, you're creating a small marker, an instance "frame", which
points back to the object class, and points to every slot variable in
the heap that's given a value. We're talking fractions of a
microsecond to instantiate an object.

There are different allocation schemes out there and I don't know
which one Zend uses but allocating an object is about as fast as
making a popping a frame onto the stack (making a subroutine call in
assembler.) 

Filling its slots is just as fast. You are sending the object a
message so you already have the object frame and you're setting a
slot value to point to a location in RAM where the value is already
located.

The "for Instance" you gave is a perfect example. How do you think
MySQL keeps track of the rows? Each table is an object which defines
each row and each row is an object with values loaded from disk.

Don't worry about time, instantiation is bloody fast. You can also
redesign your algorithm to peel out any waste and optimize it once
you get it working properly.

The three rules of software design and implementation are:
1) Make it RIGHT. (Insure the correctness [1+1 = 2 and only 2])
2) Make it FAST. (Without screwing up #1.)(see optimization)
3) Make it SMALL. (Until you screw up #2.)

The two rules of optimization are:
 Don't do anything you don't need to. (a)
 Don't do anything twice. Cache cache, cache.

a.1) That means don't go through loops any forther than you
absolutely need to. When filling a window, do not transfer a byte
that's not visible because that's a waste of time.

a.1.a) Time is something you can't buy. Not even Bill Gates can buy a
second once its gone.

a.2) That means don't hit the disk unless you absolutely need the
data. Use lazy evaluation when you instantiate a class to fetch
instances when you need them and not a moment before and ONLY if you
use them. Prefetch is nice until you've fetched something you don't
need. Then it was a waste of time. (See a.1.a)

Hope this helps,

-Charles-A.

> From: "ophir prusak" <prutwo at onebox.com>
> Organization: New York PHP
> Reply-To: talk at nyphp.org
> Date: Fri,  7 Jun 2002 10:47:32 -0400
> To: NYPHP Talk <talk at nyphp.org>
> Subject: [nycphp-talk] Object Oriented Question
> 
> 
> Hi All,
> 
> I've decided to clean up the code on my site, and at the same time
use
> object oriented code.
> I have a few ideas in my head, but I really wanted to get some input
> from others that have built projects in PHP using OO code.
> 
> Here's the problem I'm currently trying to solve (I've simplified it
> a bit and left out un-necessary details).
> My site is a video game site. Currently, my database has:
> A games table which has basic game information for each game
(game_id,
> title, console, etc)
> A reviews table which has game_id (foreign key to games table),
review
> date, review text, reviewer name and email.
> 
> If you look at this URL
> http://ps2.consolemonkey.com/reviews_date.php3?order=rev_id 
> you can see a page which shows a list of all the games and the date
for
> the most recent review for that game.
> 
> Currently I'm just doing this with a single SQL query (simple join
of
> the two tables) and echoing out the results.
> Very fast.
> 
> I'm trying to envision how to create this page using object oriented
> code.
> My initial thought was to somehow use a game object, but if I have
to
> instantiate a game object for every game, this seems like it would
have
> an enormous amount of overhead and be slow.
> 
> How is this usually done on OO projects ?
> 
> Am I missing something or would you say that if your data sits in a
relational
> database and your doing a search or mass listing of data then OO
code
> is not the way to go.
> 
> comments/suggestions/thoughts/ideas/etc ?
> 
> Thanx
> Ophir 
> 
> 
> ----
> Ophir Prusak
> Internet developer 
> prutwo at onebox.com | http://www.prusak.com/ 
> 
> 
> 




From jim at nettmedia.com  Fri Jun  7 12:49:20 2002
From: jim at nettmedia.com (Jim Musil)
Date: Fri, 07 Jun 2002 12:49:20 -0400
Subject: Encrypt info in an email
Message-ID: <B9265C50.33AB%jim@nettmedia.com>


Hi,

What options are good if I want to encrypt just some information sent in an
email?

For example, let's say I send an order from a website to the store owner,
how can I scramble the credit card in a way that the owner can descramble it
when he/she receives it.

Any ideas?

Jim M



From andrew at digitalpulp.com  Fri Jun  7 12:59:34 2002
From: andrew at digitalpulp.com (Andrew M. Yochum)
Date: Fri, 7 Jun 2002 12:59:34 -0400 (EDT)
Subject: [nycphp-talk] Encrypt info in an email
In-Reply-To: <200206071649.g57GnPP64347@slipdisc.virul.net>
Message-ID: <Pine.LNX.4.44.0206071256350.28983-100000@thighmaster.digitalpulp.com>

You can take a look at the Crypt libraries in PEAR.  I've used the HCE_MD5
library for exactly what you're looking for.  This allows you to encrypt
the data with a password.

However, that requires the data be fed through a script on the recipients
computer to decode it.

If that is a problem, the better option for you might be use PGP to encrypt
it for the recipient.  Many mail programs support PGP to automagically
decrypt an email upon receipt, given the users passphrase for their private
key.

Andrew

On Fri, 7 Jun 2002, Jim Musil wrote:

> 
> Hi,
> 
> What options are good if I want to encrypt just some information sent in an
> email?
> 
> For example, let's say I send an order from a website to the store owner,
> how can I scramble the credit card in a way that the owner can descramble it
> when he/she receives it.
> 
> Any ideas?
> 
> Jim M
> 
> 

-- 
Andrew Yochum
Digital Pulp, Inc.
212.679.0676x255
andrew at digitalpulp.com



From prutwo at onebox.com  Fri Jun  7 13:48:20 2002
From: prutwo at onebox.com (ophir prusak)
Date: Fri, 07 Jun 2002 10:48:20 -0700
Subject: [nycphp-talk] Object Oriented Question
Message-ID: <20020607174820.VCVY4876.mta09.onebox.com@onebox.com>

thanx for the code.

That's what I currently have more or less.
My questions was really - does it make sense to create a game object
for every result returned from a sql query ?

I'm currently leaning towards no - despite what charles said - especialy
for PHP (though Java might be a different story).

Any more thoughts about helping me do the work for StationPlay or maybe
even starting vgsp.com from scratch with me - http://www.consolemonkey.com/twiki/bin/view.cgi/Stationplay/VideoGameStartingPoint

write back
ophir

----
Ophir Prusak
Internet developer 
prutwo at onebox.com | http://www.prusak.com/ 



---- "Ian Forsyth" <ian at plusfour.org> wrote:
> 
> class game extends db //in teh db class you have a function db that
> intialized connection so there is only on file with connection credentials..
> {
> 	function game($gameid,$type = "single")
> 	{
> 		switch($gameid)
> {
> 	case "0" :
> 	$this->getAllGames($type);
> 	break;
> 	default :
> 	$this->getGame($gameid);
> }
> 	function getAllGames($type)
> {
> 	$q = "select * from games g,reviews r where g.gameid = r.gameid
> ";
> 	$q .= " and g.console = '$type'";
> 	$this->query($q);
> }
> }
> 
> > -----Original Message-----
> > From: ophir prusak [mailto:prutwo at onebox.com]
> > Sent: Friday, June 07, 2002 10:48 AM
> > To: NYPHP Talk
> > Subject: [nycphp-talk] Object Oriented Question
> >
> >
> >
> > Hi All,
> >
> > I've decided to clean up the code on my site, and at the same time
> use
> > object oriented code.
> > I have a few ideas in my head, but I really wanted to get some input
> > from others that have built projects in PHP using OO code.
> >
> > Here's the problem I'm currently trying to solve (I've simplified
> it
> > a bit and left out un-necessary details).
> > My site is a video game site. Currently, my database has:
> > A games table which has basic game information for each game (game_id,
> > title, console, etc)
> > A reviews table which has game_id (foreign key to games table), review
> > date, review text, reviewer name and email.
> >
> > If you look at this URL
> > http://ps2.consolemonkey.com/reviews_date.php3?order=rev_id
> > you can see a page which shows a list of all the games and the date
> for
> > the most recent review for that game.
> >
> > Currently I'm just doing this with a single SQL query (simple join
> of
> > the two tables) and echoing out the results.
> > Very fast.
> >
> > I'm trying to envision how to create this page using object oriented
> > code.
> > My initial thought was to somehow use a game object, but if I have
> to
> > instantiate a game object for every game, this seems like it would
> have
> > an enormous amount of overhead and be slow.
> >
> > How is this usually done on OO projects ?
> >
> > Am I missing something or would you say that if your data sits in
> > a relational
> > database and your doing a search or mass listing of data then OO
> code
> > is not the way to go.
> >
> > comments/suggestions/thoughts/ideas/etc ?
> >
> > Thanx
> > Ophir
> >
> >
> > ----
> > Ophir Prusak
> > Internet developer
> > prutwo at onebox.com | http://www.prusak.com/
> >
> >
> >
> >
> 
> 
>  


From prutwo at onebox.com  Fri Jun  7 13:50:38 2002
From: prutwo at onebox.com (ophir prusak)
Date: Fri, 07 Jun 2002 10:50:38 -0700
Subject: [nycphp-talk] Object Oriented Question
Message-ID: <20020607175039.QXPP4635.mta08.onebox.com@onebox.com>


This was not supposed to go to the whole list.
my apologies.

----
Ophir Prusak
Internet developer 
prutwo at onebox.com | http://www.prusak.com/ 



---- "ophir prusak" <prutwo at onebox.com> wrote:
> thanx for the code.
> 
> That's what I currently have more or less.
> My questions was really - does it make sense to create a game object
> for every result returned from a sql query ?
> 
> I'm currently leaning towards no - despite what charles said - especialy
> for PHP (though Java might be a different story).
> 
> Any more thoughts about helping me do the work for StationPlay or maybe
> even starting vgsp.com from scratch with me - http://www.consolemonkey.com/twiki/bin/view.cgi/Stationplay/VideoGameStartingPoint
> 
> write back
> ophir
> 
> ----
> Ophir Prusak
> Internet developer 
> prutwo at onebox.com | http://www.prusak.com/ 
> 
> 
> 
> ---- "Ian Forsyth" <ian at plusfour.org> wrote:
> > 
> > class game extends db //in teh db class you have a function db that
> > intialized connection so there is only on file with connection credentials..
> > {
> > 	function game($gameid,$type = "single")
> > 	{
> > 		switch($gameid)
> > {
> > 	case "0" :
> > 	$this->getAllGames($type);
> > 	break;
> > 	default :
> > 	$this->getGame($gameid);
> > }
> > 	function getAllGames($type)
> > {
> > 	$q = "select * from games g,reviews r where g.gameid = r.gameid
> > ";
> > 	$q .= " and g.console = '$type'";
> > 	$this->query($q);
> > }
> > }
> > 
> > > -----Original Message-----
> > > From: ophir prusak [mailto:prutwo at onebox.com]
> > > Sent: Friday, June 07, 2002 10:48 AM
> > > To: NYPHP Talk
> > > Subject: [nycphp-talk] Object Oriented Question
> > >
> > >
> > >
> > > Hi All,
> > >
> > > I've decided to clean up the code on my site, and at the same time
> > use
> > > object oriented code.
> > > I have a few ideas in my head, but I really wanted to get some
> input
> > > from others that have built projects in PHP using OO code.
> > >
> > > Here's the problem I'm currently trying to solve (I've simplified
> > it
> > > a bit and left out un-necessary details).
> > > My site is a video game site. Currently, my database has:
> > > A games table which has basic game information for each game (game_id,
> > > title, console, etc)
> > > A reviews table which has game_id (foreign key to games table),
> review
> > > date, review text, reviewer name and email.
> > >
> > > If you look at this URL
> > > http://ps2.consolemonkey.com/reviews_date.php3?order=rev_id
> > > you can see a page which shows a list of all the games and the
> date
> > for
> > > the most recent review for that game.
> > >
> > > Currently I'm just doing this with a single SQL query (simple join
> > of
> > > the two tables) and echoing out the results.
> > > Very fast.
> > >
> > > I'm trying to envision how to create this page using object oriented
> > > code.
> > > My initial thought was to somehow use a game object, but if I have
> > to
> > > instantiate a game object for every game, this seems like it would
> > have
> > > an enormous amount of overhead and be slow.
> > >
> > > How is this usually done on OO projects ?
> > >
> > > Am I missing something or would you say that if your data sits
> in
> > > a relational
> > > database and your doing a search or mass listing of data then OO
> > code
> > > is not the way to go.
> > >
> > > comments/suggestions/thoughts/ideas/etc ?
> > >
> > > Thanx
> > > Ophir
> > >
> > >
> > > ----
> > > Ophir Prusak
> > > Internet developer
> > > prutwo at onebox.com | http://www.prusak.com/
> > >
> > >
> > >
> > >
> > 
> > 
> >  
>  


From phpny at websapp.com  Fri Jun  7 13:59:57 2002
From: phpny at websapp.com (Daniel Kushner)
Date: Fri, 7 Jun 2002 13:59:57 -0400
Subject: [nycphp-talk] Object Oriented Question
In-Reply-To: <200206071748.g57HmSP65081@slipdisc.virul.net>
Message-ID: <OKEHLLMAFAOHECBMOGEPEEKJCDAA.phpny@websapp.com>

There's an article in the Dr. Dobb's journal this month addressing that
exact problem. Hope to find some time to read it and maybe get a summary up!

--Daniel Kushner


-----Original Message-----
From: ophir prusak [mailto:prutwo at onebox.com]
Sent: Friday, June 07, 2002 1:48 PM
To: NYPHP Talk
Subject: RE: [nycphp-talk] Object Oriented Question


thanx for the code.

That's what I currently have more or less.
My questions was really - does it make sense to create a game object
for every result returned from a sql query ?

I'm currently leaning towards no - despite what charles said - especialy
for PHP (though Java might be a different story).

Any more thoughts about helping me do the work for StationPlay or maybe
even starting vgsp.com from scratch with me -
http://www.consolemonkey.com/twiki/bin/view.cgi/Stationplay/VideoGameStartin
gPoint

write back
ophir

----
Ophir Prusak
Internet developer
prutwo at onebox.com | http://www.prusak.com/



---- "Ian Forsyth" <ian at plusfour.org> wrote:
>
> class game extends db //in teh db class you have a function db that
> intialized connection so there is only on file with connection
credentials..
> {
> 	function game($gameid,$type = "single")
> 	{
> 		switch($gameid)
> {
> 	case "0" :
> 	$this->getAllGames($type);
> 	break;
> 	default :
> 	$this->getGame($gameid);
> }
> 	function getAllGames($type)
> {
> 	$q = "select * from games g,reviews r where g.gameid = r.gameid
> ";
> 	$q .= " and g.console = '$type'";
> 	$this->query($q);
> }
> }
>
> > -----Original Message-----
> > From: ophir prusak [mailto:prutwo at onebox.com]
> > Sent: Friday, June 07, 2002 10:48 AM
> > To: NYPHP Talk
> > Subject: [nycphp-talk] Object Oriented Question
> >
> >
> >
> > Hi All,
> >
> > I've decided to clean up the code on my site, and at the same time
> use
> > object oriented code.
> > I have a few ideas in my head, but I really wanted to get some input
> > from others that have built projects in PHP using OO code.
> >
> > Here's the problem I'm currently trying to solve (I've simplified
> it
> > a bit and left out un-necessary details).
> > My site is a video game site. Currently, my database has:
> > A games table which has basic game information for each game (game_id,
> > title, console, etc)
> > A reviews table which has game_id (foreign key to games table), review
> > date, review text, reviewer name and email.
> >
> > If you look at this URL
> > http://ps2.consolemonkey.com/reviews_date.php3?order=rev_id
> > you can see a page which shows a list of all the games and the date
> for
> > the most recent review for that game.
> >
> > Currently I'm just doing this with a single SQL query (simple join
> of
> > the two tables) and echoing out the results.
> > Very fast.
> >
> > I'm trying to envision how to create this page using object oriented
> > code.
> > My initial thought was to somehow use a game object, but if I have
> to
> > instantiate a game object for every game, this seems like it would
> have
> > an enormous amount of overhead and be slow.
> >
> > How is this usually done on OO projects ?
> >
> > Am I missing something or would you say that if your data sits in
> > a relational
> > database and your doing a search or mass listing of data then OO
> code
> > is not the way to go.
> >
> > comments/suggestions/thoughts/ideas/etc ?
> >
> > Thanx
> > Ophir
> >
> >
> > ----
> > Ophir Prusak
> > Internet developer
> > prutwo at onebox.com | http://www.prusak.com/
> >
> >
> >
> >
>
>
>




From evan.heller at alum.rpi.edu  Fri Jun  7 15:20:37 2002
From: evan.heller at alum.rpi.edu (evan heller)
Date: Fri, 07 Jun 2002 15:20:37 -0400
Subject: [nycphp-talk] Object Oriented Question
References: <200206071750.g57HomP65124@slipdisc.virul.net>
Message-ID: <3D010785.996BC8B1@alum.rpi.edu>

ophir-

I tend to make everything I do now into classes
partly because I'm sick and tired of reinventing
the wheel everytime I make a new site.

Anyhow, for example, I'm building the site:
http://www.comicinfosource.com and everything is a
class.

So for example I have a basic database class that 
knows how to handle a mysql, odbc or a oracle
database
and returns all results as an 2 dimensional
associative array
but when using it all I have to say is such: 
$db = New DB($username,$database,$databasetype);
$db->Connect();
$somesql = "select username,password from users";
$results = $db->Select($somesql);
if (is_array($results)) {
	for ($i=0;$i<count($results);$i++) {
		print $results[$i]["username"];
	}
}
$db->Close();

Now I know that's more code than just going to the
database,
however I can now feed that database object to
other objects
or better yet, not have to worry about
transactions,deletes,inserts
or whatever depending on the database types, as
the database class
 will handle all of that, plus its easier for
others to work with
if they would like to help add to your site.

On my site I also have bookreviews which is really
a class called
Bookreviews (a collection of books) with a
subclass called Book 
(which is a generic book class) which has a
subclass called Database.
As you go higher up the class chain, it becomes
more and more 
abstracted. So the final page may only access a
book, or a 
collection of books based on a search or a
category. It becomes
very flexible and the best part is I can easily
reuse it
later on in another program with minimal or (if
its well done) no
modification at all.

A good example is that a friend of mine was able
to adapt my book
review class system to his site with no changes at
all but the types
of books and the database were different 
(from comics books to real books).

-Evan


--
Evan Heller     
evan.heller at alum.rpi.edu


From jim at nettmedia.com  Fri Jun  7 15:47:32 2002
From: jim at nettmedia.com (Jim Musil)
Date: Fri, 07 Jun 2002 15:47:32 -0400
Subject: SSL Alternatives
Message-ID: <B9268614.33E0%jim@nettmedia.com>


What are the ramifications of using an SSL certificate that costs $49/year
versus Verisign's $600-800 certs?

Jim M



From LarryC at indexstock.com  Fri Jun  7 16:05:19 2002
From: LarryC at indexstock.com (Larry Chuon)
Date: Fri, 7 Jun 2002 16:05:19 -0400 
Subject: [nycphp-talk] SSL Alternatives
Message-ID: <86713EAB93BD5F40B94A0C8E604C7C91AEB326@index-exchange.indexstock.com>

Actually, Verisign only costs $248 per year if you subscribe to the very
basic service.  You actually are paying for their name.  There is no
different.  $600 and up comes with other services such setting merchant
account and fraud protection.  I personally use openSSL :)

-----Original Message-----
From: Jim Musil [mailto:jim at nettmedia.com]
Sent: Friday, June 07, 2002 3:48 PM
To: NYPHP Talk
Subject: [nycphp-talk] SSL Alternatives



What are the ramifications of using an SSL certificate that costs $49/year
versus Verisign's $600-800 certs?

Jim M



From adam at ecamp.net  Fri Jun  7 16:07:23 2002
From: adam at ecamp.net (Adam)
Date: Fri, 7 Jun 2002 16:07:23 -0400
Subject: [nycphp-talk] SSL Alternatives
In-Reply-To: <200206071947.g57JlbP66757@slipdisc.virul.net>
Message-ID: <E1858F33EF60D411AC120008C74C668A465E23@EXCHANGE>

As long as it is one of the companies trusted in IE and Netscape, it's
the same thing.

-----Original Message-----
From: Jim Musil [mailto:jim at nettmedia.com] 
Sent: Friday, June 07, 2002 3:48 PM
To: NYPHP Talk
Subject: [nycphp-talk] SSL Alternatives


What are the ramifications of using an SSL certificate that costs
$49/year
versus Verisign's $600-800 certs?

Jim M





From gherson at snet.net  Fri Jun  7 16:08:27 2002
From: gherson at snet.net (George Herson)
Date: Fri, 07 Jun 2002 16:08:27 -0400
Subject: [nycphp-talk] SSL Alternatives
References: <200206071947.g57JlbP66757@slipdisc.virul.net>
Message-ID: <3D0112BB.90703@snet.net>

Name recognition by your users of the various CAs differs of course, with 
Verisign winning there, but more important is that your cert be recognized by 
the popular browsers without alerts about an unrecognized CA popping up.

The low cost GeoTrust.com meets that requirement and has worked out well for me. 
  (I recommend also getting their "SmartIcon" service, also cheap, so users can 
click the SSL CA's seal at your site and get reassuring "website identity 
confirmed" popup.)

george

Jim Musil wrote:
> What are the ramifications of using an SSL certificate that costs $49/year
> versus Verisign's $600-800 certs?
> 
> Jim M
> 
> 
> 





From nyphp at altunergil.com  Fri Jun  7 16:15:20 2002
From: nyphp at altunergil.com (Oktay Altunergil)
Date: Fri, 7 Jun 2002 16:15:20 -0400
Subject: [nycphp-talk] SSL Alternatives
In-Reply-To: <200206071947.g57JlbP66757@slipdisc.virul.net>
References: <200206071947.g57JlbP66757@slipdisc.virul.net>
Message-ID: <20020607161520.63655fa4.nyphp@altunergil.com>

Some of the cheaper ones such as those from Thawte require an additional level of server configuration because browsers are not configured to trust it automatically. You sort of have to configure apache to verify the legitimacy of the certificate authority itself before verifying that the certificate is authentic.

There's plenty of docs on how to do this though. It's not a big problem

Oktay Altunergil

On Fri, 07 Jun 2002 15:47:37 -0400
Jim Musil <jim at nettmedia.com> wrote:

> 
> What are the ramifications of using an SSL certificate that costs $49/year
> versus Verisign's $600-800 certs?
> 
> Jim M
> 
> 


From ian at plusfour.org  Fri Jun  7 16:21:35 2002
From: ian at plusfour.org (Ian Forsyth)
Date: Fri, 7 Jun 2002 16:21:35 -0400
Subject: [nycphp-talk] SSL Alternatives
In-Reply-To: <200206072007.g57K7TP67006@slipdisc.virul.net>
Message-ID: <DEEKJLBPBMNHDEECLKBEEELDCFAA.ian@plusfour.org>

but you can always create your cert with openssl, for free.. there is just
the a warning saying not from a trusted source.. or something like that..

http://www.devshed.com/Server_Side/Administration/Certificates/page1.html

but if there is money to be spent, and it is a consumer site.. I guess its a
god idea to pay for what ever IE and Netscape have as trusted by default..
which it seems are more than a few, not just thawte and verisign..

> -----Original Message-----
> From: Adam [mailto:adam at ecamp.net]
> Sent: Friday, June 07, 2002 4:07 PM
> To: NYPHP Talk
> Subject: RE: [nycphp-talk] SSL Alternatives
>
>
> As long as it is one of the companies trusted in IE and Netscape, it's
> the same thing.
>
> -----Original Message-----
> From: Jim Musil [mailto:jim at nettmedia.com]
> Sent: Friday, June 07, 2002 3:48 PM
> To: NYPHP Talk
> Subject: [nycphp-talk] SSL Alternatives
>
>
> What are the ramifications of using an SSL certificate that costs
> $49/year
> versus Verisign's $600-800 certs?
>
> Jim M
>
>
>
>
>



From ejp at well.com  Sat Jun  8 09:51:36 2002
From: ejp at well.com (Edward Potter)
Date: Sat, 08 Jun 2002 09:51:36 -0400
Subject: Using Yahoo groups for project management...
References: <200206072015.g57KFOP67109@slipdisc.virul.net>
Message-ID: <3D020BE8.9080105@well.com>

I'm  finally getting hungry enough to start actively seeking clients, 
ecommerce, wireless, hosting, blah, blah, etc.

Anyway, I was looking into building some project management tools when I 
spent some time looking at yahoo groups. It all looks pretty cool. They 
seem to include every widget you need.

I wondering if anyone swears by them or uses one of the competing 
portals for this time of client tracking. Yep, I could build them all in 
php, but right now I'm trying to learn all i can about embedding java in 
the nokia and other crazy things like that.

:-)


thanks
ed




From petr at linux.ru  Sun Jun  9 01:30:07 2002
From: petr at linux.ru (Petr Pomorov)
Date: Sun, 9 Jun 2002 01:30:07 -0400
Subject: [nycphp-talk] Message Boards
In-Reply-To: <200205311426.g4VEQAP62096@slipdisc.virul.net>
References: <200205311426.g4VEQAP62096@slipdisc.virul.net>
Message-ID: <200206090530.g595U7e09867@biggie>

There are many many many true :)
I have more experience with perl forums, Yabb is a favourite, but 
as far as PHP is concerned, phpBB  http://www.phpbb.com/ and the 
abovementioned  phorum.org come to mind first....
Both easy to install and implement- though i prefer phpBB myself 
HTH
On Friday 31 May 20phorum.org02 10:26 am, you wrote:
> I need to find a fairly simple and customizable open-source message board
> application written in PHP using either mySQL or flat files.
>
> Using google and other web sources I have no problem finding hundreds, but
> how does one sift through all the junk?
>
> Can anyone recommend a good one?
>
> Jim Musil
> Senior Developer
> Nettmedia
>
> jim at nettmedia.com


From hans at cathcart.org  Sun Jun  9 12:08:19 2002
From: hans at cathcart.org (Hans Cathcart)
Date: Sun, 9 Jun 2002 12:08:19 -0400
Subject: O'Reilly Open Source Convention/PHP Conference 2 (20% UG discount)
Message-ID: <E17H5Fx-0005o2-00@tisch.mail.mindspring.net>

O'Reilly is hosting their annual Open Source Convention in San Diego, 
California this year on July 22-26th, 2002.

O'Reilly has sent NYPHP a User Group discount coupon in case anyone wants to 
attend either the Convention and/or the Conferences (PHP Conf 2, Perl Conf 6, 
XTech2002).

http://conferences.oreilly.com/oscon

Save 20% off if you register with the User Group discount code: DSUG
also,
if you register by June 10, 2002 you will also get the $200 early-bird 
discount.

(Full-time Students 65%, Academic Instructors 50%, Academic Staff 25%, Fed 
Gov 20%, and Company Team $50 discounts are also available.)

During the Tutorial days there are several PHP sessions, including:

  Introduction to PHP
  Pragmatic PHP
  PHP: FSP (Frequently Solved Problems)
  PHP & PostgreSQL
  Advanced PHP
  Getting the Most from MySQL and PHP
and also a lot of other Perl, XML, Java, Linux and Apache sessions.

enjoy...

Hans Cathcart
NYPHP Dir. of Communications
hans at cathcart.org
917-681-7990


From zaunere at yahoo.com  Sun Jun  9 14:18:00 2002
From: zaunere at yahoo.com (Hans Zaunere)
Date: Sun, 9 Jun 2002 11:18:00 -0700 (PDT)
Subject: [nycphp-talk] Encrypt info in an email
In-Reply-To: <200206071649.g57GnPP64347@slipdisc.virul.net>
Message-ID: <20020609181800.59146.qmail@web12804.mail.yahoo.com>



I would certainly go with PGP, which means using PHP's program
execution functions
(http://www.php.net/manual/en/function.proc-open.php etc) and probably
GPG.

However, I would avoid sending sensitive info. through email.  If at
all possible, simply send a link, where these details can be looked at
via the web.

That said, PGP is pretty solid.

HZ


--- Jim Musil <jim at nettmedia.com> wrote:
> 
> Hi,
> 
> What options are good if I want to encrypt just some information sent
> in an
> email?
> 
> For example, let's say I send an order from a website to the store
> owner,
> how can I scramble the credit card in a way that the owner can
> descramble it
> when he/she receives it.
> 
> Any ideas?
> 
> Jim M
> 
> 


__________________________________________________
Do You Yahoo!?
Yahoo! - Official partner of 2002 FIFA World Cup
http://fifaworldcup.yahoo.com


From zaunere at yahoo.com  Sun Jun  9 14:38:28 2002
From: zaunere at yahoo.com (Hans Zaunere)
Date: Sun, 9 Jun 2002 11:38:28 -0700 (PDT)
Subject: [nycphp-talk] Object Oriented Question
In-Reply-To: <200206071447.g57ElWP62726@slipdisc.virul.net>
Message-ID: <20020609183828.35367.qmail@web12803.mail.yahoo.com>


> Currently I'm just doing this with a single SQL query (simple join of
> the two tables) and echoing out the results.
> Very fast.

The way to go.

> 
> I'm trying to envision how to create this page using object oriented
> code.
> My initial thought was to somehow use a game object, but if I have to
> instantiate a game object for every game, this seems like it would
> have
> an enormous amount of overhead and be slow.
> 
> How is this usually done on OO projects ?

I don't know how to do this in conformance with true OO, but I run into
this type of problem a lot (ie, looking at the medical history of an
individual, joined from multiple tables and disparat databases). 
Basically, the best way I've found to handle this, is using
PopulateAll(), PopulateByID(), etc type methods.  Then when the
database returns multiple rows for a single query, I make the
properties into arrays, where each element is a row from the DB.

> 
> Am I missing something or would you say that if your data sits in a
> relational
> database and your doing a search or mass listing of data then OO code
> is not the way to go.

I think OO is generally a good idea, however you need to be careful not
to over do it.  My basic premise is to use objects as small, self
contained programs (taking advantage of the "global" scope within
them).  Otherwise, I've spent hours trying to figure how everything
should fit together, and then realizing that PHP isn't anywhere near a
full OO language.

I really would like to see some kind of multiple inheritance (or
interfaces as Java calls them I believe), because without, I find that
OOP becomes very limited.  In an effort to get around this in PHP, I've
done what is probably a very bad thing.

class ImStatic
{
  function external_functionality() {
     $this->Result = mysql_query("SELECT * FROM sometable", $this->DB);
  }
}


class MyRealClass
{
  var $DB;
  var $Result;

  function MyRealClass() {
     $this->DB = connect_up_database();
  }

  function some_external_functionality() {
    ImStatic::external_functionality();
  }
}


$myrealobj = new MyRealClass();
$myrealobj->some_external_functionality();

And bam, $myrealobj->Result is filled it.  Now, admitingly, there is
something wrong feeling about this, however it comes in handy.  What
I've been doing lately, is building a master class, which is primarily
properties and some wrapper functions.  Then, I have a couple other
classes, that are static, and only contain functions, which end up
operating on the master classes' properties.  It's a little backwards
and awkward, but so far I haven't gotten burned... yet.

Anyway, I would not create a new object for every game/review.  Use
arrays (either internally to an object, or externally).

HZ




> 
> comments/suggestions/thoughts/ideas/etc ?
> 
> Thanx
> Ophir 
> 
>  
> ----
> Ophir Prusak
> Internet developer 
> prutwo at onebox.com | http://www.prusak.com/ 
> 
>  
> 


__________________________________________________
Do You Yahoo!?
Yahoo! - Official partner of 2002 FIFA World Cup
http://fifaworldcup.yahoo.com


From ben at tanjero.com  Sun Jun  9 21:18:31 2002
From: ben at tanjero.com (Benjamin Stiglitz)
Date: Sun, 9 Jun 2002 21:18:31 -0400
Subject: WebObjects-like system
Message-ID: <FA041DD9-7C0F-11D6-8CEC-00039396A660@tanjero.com>

Hi everyone. <waves> I'm new to the group, just discovered through 
php.net.

This is a sort of survey (sorry, being commercial, but business is the 
nature of...I'll shut up now). Has anyone here worked with Apple/NeXT's 
WebObjects, and if so, would you be interested in seeing a framework for 
PHP app development somewhat like it? Elaborating, what features would 
you like to see for PHP that WebObjects in Java does not provide?

My company is developing such a system for internal use?it has already 
helped us greatly accelerate application development time?and we've 
thought of licensing it to other companies. We'd be willing to do a 
technology demo, both/either online and/or at a meeting. (Speaking of 
which, where are the time/dates for those posted?)

Hope some of you are interested! I look forward to your responses.

Thank you,
Benjamin Stiglitz
Tanjero
ben at tanjero.com



From nyphp at websapp.com  Mon Jun 10 09:13:14 2002
From: nyphp at websapp.com (Daniel Kushner)
Date: Mon, 10 Jun 2002 09:13:14 -0400
Subject: Initial Alpha Release of PHP w/ the Zend Engine 2
In-Reply-To: <200206072021.g57KLbP67193@slipdisc.virul.net>
Message-ID: <OKEHLLMAFAOHECBMOGEPKELECDAA.nyphp@websapp.com>

Good morning,

The first alpha release of PHP w/ Zend Engine 2 is out. Great new features.
http://www.php.net/

--Daniel Kushner



From zaunere at yahoo.com  Mon Jun 10 10:26:15 2002
From: zaunere at yahoo.com (Hans Zaunere)
Date: Mon, 10 Jun 2002 07:26:15 -0700 (PDT)
Subject: [nycphp-talk] Initial Alpha Release of PHP w/ the Zend Engine 2
In-Reply-To: <200206101315.g5ADFEP15542@slipdisc.virul.net>
Message-ID: <20020610142615.64505.qmail@web12802.mail.yahoo.com>


I like it!

And I could certainly use some of the new features today!

HZ


--- Daniel Kushner <nyphp at websapp.com> wrote:
> Good morning,
> 
> The first alpha release of PHP w/ Zend Engine 2 is out. Great new
> features.
> http://www.php.net/
> 
> --Daniel Kushner
> 
> 


__________________________________________________
Do You Yahoo!?
Yahoo! - Official partner of 2002 FIFA World Cup
http://fifaworldcup.yahoo.com


From zaunere at yahoo.com  Mon Jun 10 10:27:06 2002
From: zaunere at yahoo.com (Hans Zaunere)
Date: Mon, 10 Jun 2002 07:27:06 -0700 (PDT)
Subject: [nycphp-talk] O'Reilly Open Source Convention/PHP Conference 2
In-Reply-To: <200206091609.g59G9dP02862@slipdisc.virul.net>
Message-ID: <20020610142706.64612.qmail@web12802.mail.yahoo.com>


This would be great.  Is anyone planning on going? (I have some
frequent flyer miles I think).

HZ


--- Hans Cathcart <hans at cathcart.org> wrote:
> O'Reilly is hosting their annual Open Source Convention in San Diego,
> 
> California this year on July 22-26th, 2002.
> 
> O'Reilly has sent NYPHP a User Group discount coupon in case anyone
> wants to 
> attend either the Convention and/or the Conferences (PHP Conf 2, Perl
> Conf 6, 
> XTech2002).
> 
> http://conferences.oreilly.com/oscon
> 
> Save 20% off if you register with the User Group discount code: DSUG
> also,
> if you register by June 10, 2002 you will also get the $200
> early-bird 
> discount.
> 
> (Full-time Students 65%, Academic Instructors 50%, Academic Staff
> 25%, Fed 
> Gov 20%, and Company Team $50 discounts are also available.)
> 
> During the Tutorial days there are several PHP sessions, including:
> 
>   Introduction to PHP
>   Pragmatic PHP
>   PHP: FSP (Frequently Solved Problems)
>   PHP & PostgreSQL
>   Advanced PHP
>   Getting the Most from MySQL and PHP
> and also a lot of other Perl, XML, Java, Linux and Apache sessions.
> 
> enjoy...
> 
> Hans Cathcart
> NYPHP Dir. of Communications
> hans at cathcart.org
> 917-681-7990
> 


__________________________________________________
Do You Yahoo!?
Yahoo! - Official partner of 2002 FIFA World Cup
http://fifaworldcup.yahoo.com


From zaunere at yahoo.com  Mon Jun 10 10:32:53 2002
From: zaunere at yahoo.com (Hans Zaunere)
Date: Mon, 10 Jun 2002 07:32:53 -0700 (PDT)
Subject: [nycphp-talk] WebObjects-like system
In-Reply-To: <200206100118.g5A1IaP08631@slipdisc.virul.net>
Message-ID: <20020610143253.59590.qmail@web12808.mail.yahoo.com>


Not speaking for everyone, but I would be very interested, especially
since I'm writing what seems to be some similar systems (in PHP).  I've
never used WebObjects myself, however I seem to remember some people
that have (anyone?).

Meetings are the 4th Wed. of the month (details at http://nyphp.org). 
Contact me off list (zaunere at yahoo.com) if you'd like to present at one
of our meetings and/or give an online presentation.


HZ



--- Benjamin Stiglitz <ben at tanjero.com> wrote:
> Hi everyone. <waves> I'm new to the group, just discovered through 
> php.net.
> 
> This is a sort of survey (sorry, being commercial, but business is
> the 
> nature of...I'll shut up now). Has anyone here worked with
> Apple/NeXT's 
> WebObjects, and if so, would you be interested in seeing a framework
> for 
> PHP app development somewhat like it? Elaborating, what features
> would 
> you like to see for PHP that WebObjects in Java does not provide?
> 
> My company is developing such a system for internal use?it has
> already 
> helped us greatly accelerate application development time?and we've 
> thought of licensing it to other companies. We'd be willing to do a 
> technology demo, both/either online and/or at a meeting. (Speaking of
> 
> which, where are the time/dates for those posted?)
> 
> Hope some of you are interested! I look forward to your responses.
> 
> Thank you,
> Benjamin Stiglitz
> Tanjero
> ben at tanjero.com
> 
> 


__________________________________________________
Do You Yahoo!?
Yahoo! - Official partner of 2002 FIFA World Cup
http://fifaworldcup.yahoo.com


From enunez at tiaa-cref.org  Mon Jun 10 10:56:30 2002
From: enunez at tiaa-cref.org (Nunez, Eddy)
Date: Mon, 10 Jun 2002 10:56:30 -0400
Subject: [nycphp-talk] O'Reilly Open Source Convention/PHP Conference 2
Message-ID: <7CE0EC1FC2D0D411910700508BE38D0F016A34C6@msxnyusr01.msx.ops.tiaa-cref.org>


I was planning on going for a few months, but then company did some
not-so-funny crap with the training/conference money.

Was actually more looking forward to spending some time on Cali beach.
It's not fair I tell ya. :^(

-EN

-----Original Message-----
From: Hans Zaunere [mailto:zaunere at yahoo.com]
Sent: Monday, June 10, 2002 10:27 AM
To: NYPHP Talk
Subject: Re: [nycphp-talk] O'Reilly Open Source Convention/PHP Conference
2



This would be great.  Is anyone planning on going? (I have some
frequent flyer miles I think).

HZ


--- Hans Cathcart <hans at cathcart.org> wrote:
> O'Reilly is hosting their annual Open Source Convention in San Diego,
> 
> California this year on July 22-26th, 2002.
> 
> O'Reilly has sent NYPHP a User Group discount coupon in case anyone
> wants to 
> attend either the Convention and/or the Conferences (PHP Conf 2, Perl
> Conf 6, 
> XTech2002).
> 
> http://conferences.oreilly.com/oscon
> 
> Save 20% off if you register with the User Group discount code: DSUG
> also,
> if you register by June 10, 2002 you will also get the $200
> early-bird 
> discount.
> 
> (Full-time Students 65%, Academic Instructors 50%, Academic Staff
> 25%, Fed 
> Gov 20%, and Company Team $50 discounts are also available.)
> 
> During the Tutorial days there are several PHP sessions, including:
> 
>   Introduction to PHP
>   Pragmatic PHP
>   PHP: FSP (Frequently Solved Problems)
>   PHP & PostgreSQL
>   Advanced PHP
>   Getting the Most from MySQL and PHP
> and also a lot of other Perl, XML, Java, Linux and Apache sessions.
> 
> enjoy...
> 
> Hans Cathcart
> NYPHP Dir. of Communications
> hans at cathcart.org
> 917-681-7990
> 


__________________________________________________
Do You Yahoo!?
Yahoo! - Official partner of 2002 FIFA World Cup
http://fifaworldcup.yahoo.com


**********************************************************************
This message, including any attachments, contains confidential information intended for a specific individual and purpose, and is protected by law.  If you are not the intended recipient, please contact sender immediately by reply e-mail and destroy all copies.  You are hereby notified that any disclosure, copying, or distribution of this message, or the taking of any action based on it, is strictly prohibited.
TIAA-CREF
**********************************************************************


From terran11355 at yahoo.com  Mon Jun 10 11:27:29 2002
From: terran11355 at yahoo.com (sean wang)
Date: Mon, 10 Jun 2002 08:27:29 -0700 (PDT)
Subject: Does anyone know how to do this?
Message-ID: <20020610152729.13104.qmail@web9106.mail.yahoo.com>

hi, everyone
I saw this website ( www.chinese-treasure.com ) by
accidently. I found that each item ends time is same
as ebay't time, everytime i refreshed pages the ends
time are all same as ebay'time. I just want to know
how to do this?
Does this website use mysql db?

I really want to know this!!

thanks 

sean
 

__________________________________________________
Do You Yahoo!?
Yahoo! - Official partner of 2002 FIFA World Cup
http://fifaworldcup.yahoo.com


From jay at trans-city.com  Mon Jun 10 11:55:40 2002
From: jay at trans-city.com (Jay Greenspan)
Date: Mon, 10 Jun 2002 11:55:40 -0400
Subject: [nycphp-talk] O'Reilly Open Source Convention/PHP Conference 2
In-Reply-To: <200206101427.g5AER9P16184@slipdisc.virul.net>
Message-ID: <837561CC-7C8A-11D6-B999-003065C48B4C@trans-city.com>

Bought my ticket this morning. Without tutorials, came to $719 with the 
NYPHP discount. Very nice, Hans C. You saved me almost $200 bucks.

-j


On Monday, June 10, 2002, at 10:27 AM, Hans Zaunere wrote:

>
> This would be great.  Is anyone planning on going? (I have some
> frequent flyer miles I think).
>



From dkrook at hotmail.com  Mon Jun 10 12:06:12 2002
From: dkrook at hotmail.com (D C Krook)
Date: Mon, 10 Jun 2002 12:06:12 -0400
Subject: [nycphp-talk] O'Reilly Open Source Convention/PHP Conference 2
Message-ID: <F250DtMVK9vJdgko3Yq00017277@hotmail.com>

I'm going too... and saved lots of money with the early registration heads 
up and discount.

Thanks Hans!


>From: Jay Greenspan <jay at trans-city.com>
>Reply-To: talk at nyphp.org
>To: NYPHP Talk <talk at nyphp.org>
>Subject: Re: [nycphp-talk] O'Reilly Open Source Convention/PHP Conference 2
>Date: Mon, 10 Jun 2002 11:51:49 -0400
>Received: from [66.114.66.188] by hotmail.com (3.2) with ESMTP id 
>MHotMailBECE184400984004325A427242BC09880; Mon, 10 Jun 2002 09:01:21 -0700
>Received: from nyphp.org (slipdisc.virul.net [66.114.66.188])by 
>slipdisc.virul.net (8.11.6/8.11.6) with ESMTP id g5AFpnP16957;Mon, 10 Jun 
>2002 11:51:49 -0400 (EDT)(envelope-from listmaster at nyphp.org)
>From listmaster at nyphp.org Mon, 10 Jun 2002 09:02:12 -0700
>Message-Id: <200206101551.g5AFpnP16957 at slipdisc.virul.net>
>X-Paralist-Archived: 
><http://nyphp.org/list/paralist_archive.html?L_mid=353>
>X-List-Software: Paralist 0.6
>List-ID: <nyphptalk.nyphp.org>
>List-Owner: <mailto:listmaster at nyphp.org>
>List-Archive: <http://nyphp.org/list/paralist_archive.html?L_lid=1>
>List-Subscribe: <http://nyphp.org/list/>
>List-Unsubscribe: <http://nyphp.org/list/>
>Organization: New York PHP
>X-Mailer: Paramail 0.5
>
>Bought my ticket this morning. Without tutorials, came to $719 with the
>NYPHP discount. Very nice, Hans C. You saved me almost $200 bucks.
>
>-j
>
>
>On Monday, June 10, 2002, at 10:27 AM, Hans Zaunere wrote:
>
> >
> > This would be great.  Is anyone planning on going? (I have some
> > frequent flyer miles I think).
> >
>
>


_________________________________________________________________
MSN Photos is the easiest way to share and print your photos: 
http://photos.msn.com/support/worldwide.aspx



From heli_travel at yahoo.com  Mon Jun 10 12:13:05 2002
From: heli_travel at yahoo.com (LY)
Date: Mon, 10 Jun 2002 09:13:05 -0700 (PDT)
Subject: [nycphp-talk] Does anyone know how to do this?
In-Reply-To: <200206101527.g5AFRXP16747@slipdisc.virul.net>
Message-ID: <20020610161305.38155.qmail@web12202.mail.yahoo.com>

it open ebay's page, get that time and posted it on they
website.
syntax like:
$str =
fopen("http://cgi.ebay.com/ws/eBayISAPI.dll?ViewItem&item=2110024616",
"r")
then use regular expression to capture the data they want(time).
they should have an agreement between each other foring doing
this.
you can check this out form php books in i/o functions.



--- sean wang <terran11355 at yahoo.com> wrote:
> hi, everyone
> I saw this website ( www.chinese-treasure.com ) by
> accidently. I found that each item ends time is same
> as ebay't time, everytime i refreshed pages the ends
> time are all same as ebay'time. I just want to know
> how to do this?
> Does this website use mysql db?
> 
> I really want to know this!!
> 
> thanks 
> 
> sean
>  
> 
> __________________________________________________
> Do You Yahoo!?
> Yahoo! - Official partner of 2002 FIFA World Cup
> http://fifaworldcup.yahoo.com
> 


__________________________________________________
Do You Yahoo!?
Yahoo! - Official partner of 2002 FIFA World Cup
http://fifaworldcup.yahoo.com


From jim at nettmedia.com  Mon Jun 10 13:27:25 2002
From: jim at nettmedia.com (Jim Musil)
Date: Mon, 10 Jun 2002 13:27:25 -0400
Subject: .html as .php
Message-ID: <B92A59BD.34E1%jim@nettmedia.com>


Hi,

Is there a way using .htaccess to have all files with the .html extension
execute as .php, but only for one directory.

Jim Musil



From ian at plusfour.org  Mon Jun 10 13:39:46 2002
From: ian at plusfour.org (Ian Forsyth)
Date: Mon, 10 Jun 2002 13:39:46 -0400
Subject: MySQL Database permisions.. 
In-Reply-To: <200206101613.g5AGDAP17179@slipdisc.virul.net>
Message-ID: <DEEKJLBPBMNHDEECLKBEMELOCFAA.ian@plusfour.org>

Hi,

I am setting up a server for several different accounts. Every account
requires a database.

I am restricting database access to localhost, and some ips..

I am trying to limit a user to just use one database.. I have put an entry
into the mysql.db table an it seems to do nothing.. i have flushed
privileges, and done use dbname.. and to no avail the new user i created has
access to all databases..

Do have have use GRANT in order to do this correctly? I thought i could just
do a manual insert into the mysql.db table..

Ian

> -----Original Message-----
> From: LY [mailto:heli_travel at yahoo.com]
> Sent: Monday, June 10, 2002 12:13 PM
> To: NYPHP Talk
> Subject: Re: [nycphp-talk] Does anyone know how to do this?
>
>
> it open ebay's page, get that time and posted it on they
> website.
> syntax like:
> $str =
> fopen("http://cgi.ebay.com/ws/eBayISAPI.dll?ViewItem&item=2110024616",
> "r")
> then use regular expression to capture the data they want(time).
> they should have an agreement between each other foring doing
> this.
> you can check this out form php books in i/o functions.
>
>
>
> --- sean wang <terran11355 at yahoo.com> wrote:
> > hi, everyone
> > I saw this website ( www.chinese-treasure.com ) by
> > accidently. I found that each item ends time is same
> > as ebay't time, everytime i refreshed pages the ends
> > time are all same as ebay'time. I just want to know
> > how to do this?
> > Does this website use mysql db?
> >
> > I really want to know this!!
> >
> > thanks
> >
> > sean
> >
> >
> > __________________________________________________
> > Do You Yahoo!?
> > Yahoo! - Official partner of 2002 FIFA World Cup
> > http://fifaworldcup.yahoo.com
> >
>
>
> __________________________________________________
> Do You Yahoo!?
> Yahoo! - Official partner of 2002 FIFA World Cup
> http://fifaworldcup.yahoo.com
>
>



From jahmon at jahmon.com  Mon Jun 10 13:52:32 2002
From: jahmon at jahmon.com (jahmon :-))
Date: Mon, 10 Jun 2002 13:52:32 -0400
Subject: [nycphp-talk] MySQL Database permisions..
In-Reply-To: <200206101739.g5AHddP18186@slipdisc.virul.net>
References: <200206101739.g5AHddP18186@slipdisc.virul.net>
Message-ID: <20020610175232.GA17924@ekovista.com>

you don't have to use GRANT for this to work correctly but that's probably
the easiest and quickest way.

CREATE $database
GRANT all privileges on $database.* to $user at localhost identified by
'$password';

no need to flush privileges

jahmon ;-)

On Mon, Jun 10, 2002 at 01:39:39PM -0400, Ian Forsyth wrote:
> Hi,
> 
> I am setting up a server for several different accounts. Every account
> requires a database.
> 
> I am restricting database access to localhost, and some ips..
> 
> I am trying to limit a user to just use one database.. I have put an entry
> into the mysql.db table an it seems to do nothing.. i have flushed
> privileges, and done use dbname.. and to no avail the new user i created has
> access to all databases..
> 
> Do have have use GRANT in order to do this correctly? I thought i could just
> do a manual insert into the mysql.db table..
> 
> Ian
> 
> > -----Original Message-----
> > From: LY [mailto:heli_travel at yahoo.com]
> > Sent: Monday, June 10, 2002 12:13 PM
> > To: NYPHP Talk
> > Subject: Re: [nycphp-talk] Does anyone know how to do this?
> >
> >
> > it open ebay's page, get that time and posted it on they
> > website.
> > syntax like:
> > $str =
> > fopen("http://cgi.ebay.com/ws/eBayISAPI.dll?ViewItem&item=2110024616",
> > "r")
> > then use regular expression to capture the data they want(time).
> > they should have an agreement between each other foring doing
> > this.
> > you can check this out form php books in i/o functions.
> >
> >
> >
> > --- sean wang <terran11355 at yahoo.com> wrote:
> > > hi, everyone
> > > I saw this website ( www.chinese-treasure.com ) by
> > > accidently. I found that each item ends time is same
> > > as ebay't time, everytime i refreshed pages the ends
> > > time are all same as ebay'time. I just want to know
> > > how to do this?
> > > Does this website use mysql db?
> > >
> > > I really want to know this!!
> > >
> > > thanks
> > >
> > > sean
> > >
> > >
> > > __________________________________________________
> > > Do You Yahoo!?
> > > Yahoo! - Official partner of 2002 FIFA World Cup
> > > http://fifaworldcup.yahoo.com
> > >
> >
> >
> > __________________________________________________
> > Do You Yahoo!?
> > Yahoo! - Official partner of 2002 FIFA World Cup
> > http://fifaworldcup.yahoo.com
> >
> >
> 
> 

-- 


From prutwo at onebox.com  Mon Jun 10 13:59:29 2002
From: prutwo at onebox.com (ophir prusak)
Date: Mon, 10 Jun 2002 10:59:29 -0700
Subject: [nycphp-talk] .html as .php
Message-ID: <20020610175929.QXRI4694.mta07.onebox.com@onebox.com>


I have this line in my .htaccess file for http://www.stationplay.com

AddType application/x-httpd-php php php3 phtml php4 html htm

keep in mind that something like this will affect everything in that
directory and all it's subdirectories.

Ophir

----
Ophir Prusak
Internet developer 
prutwo at onebox.com | http://www.prusak.com/ 



---- Jim Musil <jim at nettmedia.com> wrote:
> 
> Hi,
> 
> Is there a way using .htaccess to have all files with the .html extension
> execute as .php, but only for one directory.
> 
> Jim Musil
> 
> 
>  


From hostmaster at chatsrus.com  Mon Jun 10 18:38:46 2002
From: hostmaster at chatsrus.com (hostmaster at chatsrus.com)
Date: Mon, 10 Jun 2002 15:38:46 -0700
Subject: Best code for Login
Message-ID: <001201c210cf$9515be20$b35efea9@w3j5c4>

greetin' folks ! ^-^

me and a friend was trying to pick
the best way to the most simple and scure code
for Login 
with already existing user and password in Mysql.


best regards !
snir 'shalom' gal.
www.ChatsRus.com

A pig's orgasm lasts for 30 minutes.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20020610/cf5b2bb0/attachment.html>

From vze289hz at verizon.net  Mon Jun 10 19:36:17 2002
From: vze289hz at verizon.net (louie)
Date: Mon, 10 Jun 2002 16:36:17 -0700
Subject: best code for Login.
Message-ID: <00b101c210d7$9e8c40c0$b35efea9@w3j5c4>

greetin' folks ! ^-^

me and a friend was trying to pick
the best way to the most simple and scure code
for Login 
with already existing user and password in Mysql.


best regards !
snir 'shalom' gal.
www.ChatsRus.com

A pig's orgasm lasts for 30 minutes.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20020610/db675657/attachment.html>

From LarryC at indexstock.com  Mon Jun 10 17:18:55 2002
From: LarryC at indexstock.com (Larry Chuon)
Date: Mon, 10 Jun 2002 17:18:55 -0400
Subject: Question
Message-ID: <86713EAB93BD5F40B94A0C8E604C7C91AEB331@index-exchange.indexstock.com>

I'm working on a sample code and have some questions.  My php and html files
are below.  I'm running on IIS and MySQL.  This code gives me the following
error:
 
 
Notice: Undefined variable: first in d:\\example\\datain.php on line 5

Notice: Undefined variable: last in d:\\example\\datain.php on line 5

Notice: Undefined variable: nickname in d:\\example\\datain.php on line 5

Notice: Undefined variable: email in d:\\example\\datain.php on line 5

Notice: Undefined variable: salary in d:\\example\\datain.php on line 5
Thank you! Information entered. 
 
If I add the following lines prior to the insert statement, it works fine.
$first = $HTTP_POST_VARS['first'];

$last = $HTTP_POST_VARS['last'];

$nickname = $HTTP_POST_VARS['nickname'];

$email = $HTTP_POST_VARS['email'];

$salary = $HTTP_POST_VARS['salary'];

Why do I need $HTTP_POST_VARS???? Thanks in advance.
 
--------------------
 
datain.php
<html>

<?php

$db = mysql_connect("172.21.6.25","root","123456");

mysql_select_db("learndb",$db);

$sql="insert into personnel (firstname, lastname, nick, email, salary)
VALUES ('$first','$last','$nickname','$email','$salary')";

$result = mysql_query($sql);

echo "Thank you! Information entered.\
";

?>

</html>

 
datain.html
<html>

<body>

<form action="datain.php" method="post">

First name:<input type="text" name="first"><br>

Last name:<input type="text" name="last"><br>

Nick name:<input type="text" name="nickname"><br>

E-mail:<input type="text" name="email"><br>

Salary:<input type="text" name="salary"><br>

<input type="Submit" name="submit" value="Enter information">

</form>

</body>

</html> 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20020610/0663db55/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Ivy.gif
Type: image/gif
Size: 5665 bytes
Desc: not available
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20020610/0663db55/attachment.gif>

From louie at zibi.co.il  Mon Jun 10 21:08:27 2002
From: louie at zibi.co.il (louie)
Date: Mon, 10 Jun 2002 18:08:27 -0700
Subject: best code for Login !.
Message-ID: <010901c210e4$7e2902c0$b35efea9@w3j5c4>

greetin' folks ! ^-^

me and a friend was trying to pick
the best way to the most simple and scure code
for Login 
with already existing user and password in Mysql.


best regards !
snir 'shalom' gal.
www.ChatsRus.com

A pig's orgasm lasts for 30 minutes.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20020610/f69c59cc/attachment.html>

From ken_11223 at yahoo.com  Mon Jun 10 18:55:37 2002
From: ken_11223 at yahoo.com (ken wu)
Date: Mon, 10 Jun 2002 15:55:37 -0700 (PDT)
Subject: [nycphp-talk] Question
In-Reply-To: <200206102119.g5ALJHP20790@slipdisc.virul.net>
Message-ID: <20020610225537.29200.qmail@web12802.mail.yahoo.com>

are you running php4.1.2 or above? i know it is
slightly different to deal with the form variables if
u running such versions of php.  For example. u have
to echo $HTTP_POST_VARS['first'} which is the form
variables.  But i know that if u use the php 4.0.6 or
below. u don't have to do so. just simply use $first
or $last.  


 
--- Larry Chuon <LarryC at indexstock.com> wrote:
> <paralist>This message contained 1 file(s) and is
> available at
>
http://nyphp.org/list/paralist_archive.html?L_mid=364</paralist>
> 
> I'm working on a sample code and have some
> questions.  My php and html files
> are below.  I'm running on IIS and MySQL.  This code
> gives me the following
> error:
>  
>  
> Notice: Undefined variable: first in
> d:\\example\\datain.php on line 5
> 
> Notice: Undefined variable: last in
> d:\\example\\datain.php on line 5
> 
> Notice: Undefined variable: nickname in
> d:\\example\\datain.php on line 5
> 
> Notice: Undefined variable: email in
> d:\\example\\datain.php on line 5
> 
> Notice: Undefined variable: salary in
> d:\\example\\datain.php on line 5
> Thank you! Information entered. 
>  
> If I add the following lines prior to the insert
> statement, it works fine.
> $first = $HTTP_POST_VARS['first'];
> 
> $last = $HTTP_POST_VARS['last'];
> 
> $nickname = $HTTP_POST_VARS['nickname'];
> 
> $email = $HTTP_POST_VARS['email'];
> 
> $salary = $HTTP_POST_VARS['salary'];
> 
> Why do I need $HTTP_POST_VARS???? Thanks in advance.
>  
> --------------------
>  
> datain.php
> <html>
> 
> <?php
> 
> $db = mysql_connect("172.21.6.25","root","123456");
> 
> mysql_select_db("learndb",$db);
> 
> $sql="insert into personnel (firstname, lastname,
> nick, email, salary)
> VALUES
> ('$first','$last','$nickname','$email','$salary')";
> 
> $result = mysql_query($sql);
> 
> echo "Thank you! Information entered.\
";
> 
> ?>
> 
> </html>
> 
>  
> datain.html
> <html>
> 
> <body>
> 
> <form action="datain.php" method="post">
> 
> First name:<input type="text" name="first"><br>
> 
> Last name:<input type="text" name="last"><br>
> 
> Nick name:<input type="text" name="nickname"><br>
> 
> E-mail:<input type="text" name="email"><br>
> 
> Salary:<input type="text" name="salary"><br>
> 
> <input type="Submit" name="submit" value="Enter
> information">
> 
> </form>
> 
> </body>
> 
> </html> 
> 
> 
> 


=====
Ken Wu

718-788-0661
168 35 Street Apt 2
Broooklyn, NY 11232-2320

http://www.kenfile.com

__________________________________________________
Do You Yahoo!?
Yahoo! - Official partner of 2002 FIFA World Cup
http://fifaworldcup.yahoo.com


From radiox at go.ro  Mon Jun 10 19:07:45 2002
From: radiox at go.ro (RADIO X)
Date: Tue, 11 Jun 2002 02:07:45 +0300
Subject: Do you know a free hosting for PHP and MySQL?
In-Reply-To: <200206102249.g5AMn0P21855@slipdisc.virul.net>
Message-ID: <000001c210d3$a248d060$1440e9d5@xenon>

Do you?

www.radiox.go.ro
www.guardoneas.ro



From terran11355 at yahoo.com  Mon Jun 10 21:12:28 2002
From: terran11355 at yahoo.com (sean wang)
Date: Mon, 10 Jun 2002 18:12:28 -0700 (PDT)
Subject: [nycphp-talk] Do you know a free hosting for PHP and MySQL?
In-Reply-To: <200206102303.g5AN3rP22059@slipdisc.virul.net>
Message-ID: <20020611011228.68477.qmail@web9103.mail.yahoo.com>

hi,
 i know the place where you can find both paid
web-hosting and free web-hosting.
  http://www.freewebspace.net/forums/

 GoodLuck!
 sean



--- RADIO X <radiox at go.ro> wrote:
> Do you?
> 
> www.radiox.go.ro
> www.guardoneas.ro
> 
> 


__________________________________________________
Do You Yahoo!?
Yahoo! - Official partner of 2002 FIFA World Cup
http://fifaworldcup.yahoo.com


From zaunere at yahoo.com  Mon Jun 10 22:18:08 2002
From: zaunere at yahoo.com (Hans Zaunere)
Date: Mon, 10 Jun 2002 19:18:08 -0700 (PDT)
Subject: require/include inside a function
Message-ID: <20020611021808.51763.qmail@web12808.mail.yahoo.com>


I'm using the unserialize_callback_func ini setting, from
http://www.php.net/manual/en/function.unserialize.php like so:

ini_set('unserialize_callback_func','handlestdclass');

function handlestdclass( $classname ) {
   require_once("{$classname}/{$classname}.inc");
}

Now I may be overlooking something very obvious, but when code is
require/included in a function, it is locally scoped inside that
function.  If that's the case, and no way around it, what good is this
directive?

Any thoughts would be helpful.  Thanks guys,

Hans Z

__________________________________________________
Do You Yahoo!?
Yahoo! - Official partner of 2002 FIFA World Cup
http://fifaworldcup.yahoo.com


From LarryC at indexstock.com  Tue Jun 11 09:41:24 2002
From: LarryC at indexstock.com (Larry Chuon)
Date: Tue, 11 Jun 2002 09:41:24 -0400
Subject: [nycphp-talk] Question
Message-ID: <86713EAB93BD5F40B94A0C8E604C7C91AEB333@index-exchange.indexstock.com>

I use v4.2.1.  A colleague of mine forwarded me this which makes sense.

Using Register Globals
One feature of PHP that can be used to enhance security is configuring PHP
with register_globals = off.
By turning off the ability for any user-submitted variable to be injected
into PHP code, you can reduce
the amount of variable poisoning a potential attacker may inflict. They will
have to take the additional
time to forge submissions, and your internal variables are effectively
isolated from user submitted data.
While it does slightly increase the amount of effort required to work with
PHP, it has been argued that
the benefits far outweigh the effort.
Example 4-8. Working without register_globals=off
<?php
if ($username) { // can be forged by a user in get/post/cookies
$good_login = 1;
}
if ($good_login == 1) { // can be forged by a user in get/post/cookies,
fpassthru ("/highly/sensitive/data/index.html");
}
?>
Example 4-9. Working with register_globals = off
<?php
if($HTTP_COOKIE_VARS['username']){
// can only come from a cookie, forged or otherwise
$good_login = 1;
fpassthru ("/highly/sensitive/data/index.html");
}
?>
By using this wisely, it's even possible to take preventative measures to
warn when forging is being
attempted. If you know ahead of time exactly where a variable should be
coming from, you can check to
see if submitted data is coming from an inappropriate kind of submission.
While it doesn't guarantee that
data has not been forged, it does require an attacker to guess the right
kind of forging.
Example 4-10. Detecting simple variable poisoning
<?php
if ($HTTP_COOKIE_VARS['username'] &&
!$HTTP_POST_VARS['username'] &&
!$HTTP_GET_VARS['username'] ) {
// Perform other checks to validate the user name...
$good_login = 1;
fpassthru ("/highly/sensitive/data/index.html");
} else {
mail("admin at example.com", "Possible breakin attempt",
$HTTP_SERVER_VARS['REMOTE_ADDR']);
echo "Security violation, admin has been alerted.";
exit;
}
?>
Of course, simply turning on register globals does not mean code is secure.
For every piece of data that is
submitted, it should also be checked in other ways.

-----Original Message-----
From: ken wu [mailto:ken_11223 at yahoo.com]
Sent: Monday, June 10, 2002 6:56 PM
To: NYPHP Talk
Subject: Re: [nycphp-talk] Question


are you running php4.1.2 or above? i know it is
slightly different to deal with the form variables if
u running such versions of php.  For example. u have
to echo $HTTP_POST_VARS['first'} which is the form
variables.  But i know that if u use the php 4.0.6 or
below. u don't have to do so. just simply use $first
or $last.  


 
--- Larry Chuon <LarryC at indexstock.com> wrote:
> <paralist>This message contained 1 file(s) and is
> available at
>
http://nyphp.org/list/paralist_archive.html?L_mid=364</paralist>
> 
> I'm working on a sample code and have some
> questions.  My php and html files
> are below.  I'm running on IIS and MySQL.  This code
> gives me the following
> error:
>  
>  
> Notice: Undefined variable: first in
> d:\\example\\datain.php on line 5
> 
> Notice: Undefined variable: last in
> d:\\example\\datain.php on line 5
> 
> Notice: Undefined variable: nickname in
> d:\\example\\datain.php on line 5
> 
> Notice: Undefined variable: email in
> d:\\example\\datain.php on line 5
> 
> Notice: Undefined variable: salary in
> d:\\example\\datain.php on line 5
> Thank you! Information entered. 
>  
> If I add the following lines prior to the insert
> statement, it works fine.
> $first = $HTTP_POST_VARS['first'];
> 
> $last = $HTTP_POST_VARS['last'];
> 
> $nickname = $HTTP_POST_VARS['nickname'];
> 
> $email = $HTTP_POST_VARS['email'];
> 
> $salary = $HTTP_POST_VARS['salary'];
> 
> Why do I need $HTTP_POST_VARS???? Thanks in advance.
>  
> --------------------
>  
> datain.php
> <html>
> 
> <?php
> 
> $db = mysql_connect("172.21.6.25","root","123456");
> 
> mysql_select_db("learndb",$db);
> 
> $sql="insert into personnel (firstname, lastname,
> nick, email, salary)
> VALUES
> ('$first','$last','$nickname','$email','$salary')";
> 
> $result = mysql_query($sql);
> 
> echo "Thank you! Information entered.\
";
> 
> ?>
> 
> </html>
> 
>  
> datain.html
> <html>
> 
> <body>
> 
> <form action="datain.php" method="post">
> 
> First name:<input type="text" name="first"><br>
> 
> Last name:<input type="text" name="last"><br>
> 
> Nick name:<input type="text" name="nickname"><br>
> 
> E-mail:<input type="text" name="email"><br>
> 
> Salary:<input type="text" name="salary"><br>
> 
> <input type="Submit" name="submit" value="Enter
> information">
> 
> </form>
> 
> </body>
> 
> </html> 
> 
> 
> 


=====
Ken Wu

718-788-0661
168 35 Street Apt 2
Broooklyn, NY 11232-2320

http://www.kenfile.com

__________________________________________________
Do You Yahoo!?
Yahoo! - Official partner of 2002 FIFA World Cup
http://fifaworldcup.yahoo.com


From delta at rochester.rr.com  Tue Jun 11 10:15:31 2002
From: delta at rochester.rr.com (delta)
Date: Tue, 11 Jun 2002 10:15:31 -0400
Subject: [nycphp-talk] Question regarding $HTTP_POST_VARS
References: <200206102119.g5ALJHP20790@slipdisc.virul.net>
Message-ID: <002501c21152$7218bed0$8100fe0a@localdomain>

This can be fixed in the PHP.ini file
with:

register_globals = on

It is more secure to leave this off though,
and use code like this:

$first = $HTTP_POST_VARS['first'];

As mentioned by Ken Wu, that works fine.

----- Original Message -----
From: "Larry Chuon" <LarryC at indexstock.com>
To: "NYPHP Talk" <talk at nyphp.org>
Sent: Monday, June 10, 2002 5:19 PM
Subject: [nycphp-talk] Question


> <paralist>This message contained 1 file(s) and is available at
http://nyphp.org/list/paralist_archive.html?L_mid=364</paralist>
>
> I'm working on a sample code and have some questions.  My php and html
files
> are below.  I'm running on IIS and MySQL.  This code gives me the
following
> error:
>
>
> Notice: Undefined variable: first in d:\\example\\datain.php on line 5
>
> Notice: Undefined variable: last in d:\\example\\datain.php on line 5
>
> Notice: Undefined variable: nickname in d:\\example\\datain.php on line 5
>
> Notice: Undefined variable: email in d:\\example\\datain.php on line 5
>
> Notice: Undefined variable: salary in d:\\example\\datain.php on line 5
> Thank you! Information entered.
>
> If I add the following lines prior to the insert statement, it works fine.
> $first = $HTTP_POST_VARS['first'];
>
> $last = $HTTP_POST_VARS['last'];
>
> $nickname = $HTTP_POST_VARS['nickname'];
>
> $email = $HTTP_POST_VARS['email'];
>
> $salary = $HTTP_POST_VARS['salary'];
>
> Why do I need $HTTP_POST_VARS???? Thanks in advance.
>
> --------------------
>
> datain.php
> <html>
>
> <?php
>
> $db = mysql_connect("172.21.6.25","root","123456");
>
> mysql_select_db("learndb",$db);
>
> $sql="insert into personnel (firstname, lastname, nick, email, salary)
> VALUES ('$first','$last','$nickname','$email','$salary')";
>
> $result = mysql_query($sql);
>
> echo "Thank you! Information entered.\
";
>
> ?>
>
> </html>
>
>
> datain.html
> <html>
>
> <body>
>
> <form action="datain.php" method="post">
>
> First name:<input type="text" name="first"><br>
>
> Last name:<input type="text" name="last"><br>
>
> Nick name:<input type="text" name="nickname"><br>
>
> E-mail:<input type="text" name="email"><br>
>
> Salary:<input type="text" name="salary"><br>
>
> <input type="Submit" name="submit" value="Enter information">
>
> </form>
>
> </body>
>
> </html>
>
>
>
>



From LarryC at indexstock.com  Tue Jun 11 10:21:49 2002
From: LarryC at indexstock.com (Larry Chuon)
Date: Tue, 11 Jun 2002 10:21:49 -0400
Subject: [nycphp-talk] Question regarding $HTTP_POST_VARS
Message-ID: <86713EAB93BD5F40B94A0C8E604C7C91AEB335@index-exchange.indexstock.com>

Thanks you and Ken for your quick response.  I leave register_globals = off
for now.  I think the add'l effort worth the security.

-----Original Message-----
From: delta [mailto:delta at rochester.rr.com]
Sent: Tuesday, June 11, 2002 10:13 AM
To: NYPHP Talk
Subject: Re: [nycphp-talk] Question regarding $HTTP_POST_VARS


This can be fixed in the PHP.ini file
with:

register_globals = on

It is more secure to leave this off though,
and use code like this:

$first = $HTTP_POST_VARS['first'];

As mentioned by Ken Wu, that works fine.

----- Original Message -----
From: "Larry Chuon" <LarryC at indexstock.com>
To: "NYPHP Talk" <talk at nyphp.org>
Sent: Monday, June 10, 2002 5:19 PM
Subject: [nycphp-talk] Question


> <paralist>This message contained 1 file(s) and is available at
http://nyphp.org/list/paralist_archive.html?L_mid=364</paralist>
>
> I'm working on a sample code and have some questions.  My php and html
files
> are below.  I'm running on IIS and MySQL.  This code gives me the
following
> error:
>
>
> Notice: Undefined variable: first in d:\\example\\datain.php on line 5
>
> Notice: Undefined variable: last in d:\\example\\datain.php on line 5
>
> Notice: Undefined variable: nickname in d:\\example\\datain.php on line 5
>
> Notice: Undefined variable: email in d:\\example\\datain.php on line 5
>
> Notice: Undefined variable: salary in d:\\example\\datain.php on line 5
> Thank you! Information entered.
>
> If I add the following lines prior to the insert statement, it works fine.
> $first = $HTTP_POST_VARS['first'];
>
> $last = $HTTP_POST_VARS['last'];
>
> $nickname = $HTTP_POST_VARS['nickname'];
>
> $email = $HTTP_POST_VARS['email'];
>
> $salary = $HTTP_POST_VARS['salary'];
>
> Why do I need $HTTP_POST_VARS???? Thanks in advance.
>
> --------------------
>
> datain.php
> <html>
>
> <?php
>
> $db = mysql_connect("172.21.6.25","root","123456");
>
> mysql_select_db("learndb",$db);
>
> $sql="insert into personnel (firstname, lastname, nick, email, salary)
> VALUES ('$first','$last','$nickname','$email','$salary')";
>
> $result = mysql_query($sql);
>
> echo "Thank you! Information entered.\
";
>
> ?>
>
> </html>
>
>
> datain.html
> <html>
>
> <body>
>
> <form action="datain.php" method="post">
>
> First name:<input type="text" name="first"><br>
>
> Last name:<input type="text" name="last"><br>
>
> Nick name:<input type="text" name="nickname"><br>
>
> E-mail:<input type="text" name="email"><br>
>
> Salary:<input type="text" name="salary"><br>
>
> <input type="Submit" name="submit" value="Enter information">
>
> </form>
>
> </body>
>
> </html>
>
>
>
>



From delta at rochester.rr.com  Tue Jun 11 10:57:50 2002
From: delta at rochester.rr.com (delta)
Date: Tue, 11 Jun 2002 10:57:50 -0400
Subject: [nycphp-talk] SSL Alternatives
References: <200206071947.g57JlbP66757@slipdisc.virul.net>
Message-ID: <000f01c21158$5b355010$8100fe0a@localdomain>

just was looking at some verisign info and found this list of certificates
impressive- guess you get your money's worth! i think with Verisign the
additional money is related to the value of the reputation.  There is
extensive backround checks etc with signing with Verisign because they only
want to maintain their reputation.

Managed PKI for SSL - Supported Servers

Advanced Businesslink Ingrian Networks Quarterdeck/StarNine
AliBaba (WarpGroup) Intel Red Hat
AOL/Navisoft Internet Factory r3
Apache Freeware with SSLeay iPlanet Radnet
Aventail Iserver Roxen
BEA WebLogic JavaSoft s2
Backweb Lotus SilverStream Software
Beyond Software Luckman Silver Stream
Brokat Marimba Sirius Software
C2Net Apache SSL-US Microsoft Sonic WALL
Cacheflow Microsoft FrontPage 98 Sterling Software
Compaq Microsoft Visual InterDev 6.0 Stronghold (C2Net)
Compuserve/Spry Mirapoint Sun Microsystems
Connect - OneServer Mitem Tandem
Consensus Nanoteq Tektonic
Control Data Systems NetCentric Tempest Software
Covalent Netscape Tenon (WebTen)
Dascom Netscreen Transarc
F5 Netscape Merchant Thawte Consulting
Frontier Technologies Nokia Unify
FTP Software Novell Unisys
GLACI OpenConnect Systems Unwired Planet
Gradient Open Market Velocity Software
Hummingbird Oracle Volera
IBM O'Reilly & Associates Wall Data
I/NET Preview Software WebMethods
Information Builders Process Software WebSTAR
Information Hyperlink Purveyor Zeus
    V1 Server

Managed PKI for SSL - Premium Edition(aka Global Server Certificate
128-bit )

AOL Intel Silver Stream
Apache iPlanet Sonic WALL
Aventail Lotus O'Reilly WebSite 2.5
BEA WebLogic Microsoft (or higher)
C2Net Stronghold Microsoft FrontPage 98 Red Hat
Cacheflow Microsoft Visual InterDev 6.0 Tandem
Compaq Mirapoint Velocity Software
Covalent Nanoteq WebMethods
F5 Netscape Zeus
Hummingbird Netscreen
IBM HTTP Nokia
Ingrian Networks

----- Original Message -----
From: "Jim Musil" <jim at nettmedia.com>
To: "NYPHP Talk" <talk at nyphp.org>
Sent: Friday, June 07, 2002 3:47 PM
Subject: [nycphp-talk] SSL Alternatives


>
> What are the ramifications of using an SSL certificate that costs $49/year
> versus Verisign's $600-800 certs?
>
> Jim M
>
>
>



From delta at rochester.rr.com  Tue Jun 11 11:02:56 2002
From: delta at rochester.rr.com (delta)
Date: Tue, 11 Jun 2002 11:02:56 -0400
Subject: verisign's managed pki for ssl
Message-ID: <003201c21159$11f4e9a0$8100fe0a@localdomain>

sorry the info looks better like this...
Managed PKI for SSL - Supported Servers


      Advanced Businesslink Ingrian Networks Quarterdeck/StarNine 
      AliBaba (WarpGroup) Intel Red Hat 
      AOL/Navisoft Internet Factory r3 
      Apache Freeware with SSLeay iPlanet Radnet 
      Aventail Iserver Roxen 
      BEA WebLogic JavaSoft s2 
      Backweb Lotus SilverStream Software 
      Beyond Software Luckman Silver Stream 
      Brokat Marimba Sirius Software 
      C2Net Apache SSL-US Microsoft Sonic WALL 
      Cacheflow Microsoft FrontPage 98 Sterling Software 
      Compaq Microsoft Visual InterDev 6.0 Stronghold (C2Net) 
      Compuserve/Spry Mirapoint Sun Microsystems 
      Connect - OneServer Mitem Tandem 
      Consensus Nanoteq Tektonic 
      Control Data Systems NetCentric Tempest Software 
      Covalent Netscape Tenon (WebTen) 
      Dascom Netscreen Transarc 
      F5 Netscape Merchant Thawte Consulting 
      Frontier Technologies Nokia Unify 
      FTP Software Novell Unisys 
      GLACI OpenConnect Systems Unwired Planet 
      Gradient Open Market Velocity Software 
      Hummingbird Oracle Volera 
      IBM O'Reilly & Associates Wall Data 
      I/NET Preview Software WebMethods 
      Information Builders Process Software WebSTAR 
      Information Hyperlink Purveyor Zeus 
          V1 Server 


Managed PKI for SSL - Premium Edition1


      AOL Intel Silver Stream 
      Apache iPlanet Sonic WALL 
      Aventail Lotus O'Reilly WebSite 2.5 
      BEA WebLogic Microsoft (or higher) 
      C2Net Stronghold Microsoft FrontPage 98 Red Hat 
      Cacheflow Microsoft Visual InterDev 6.0 Tandem 
      Compaq Mirapoint Velocity Software 
      Covalent Nanoteq WebMethods 
      F5 Netscape Zeus 
      Hummingbird Netscreen   
      IBM HTTP Nokia   
      Ingrian Networks     


1 Previously referred to as Global Server Certificate 128-bit 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20020611/06e0b996/attachment.html>

From enunez at tiaa-cref.org  Tue Jun 11 12:12:30 2002
From: enunez at tiaa-cref.org (Nunez, Eddy)
Date: Tue, 11 Jun 2002 10:12:30 -0600
Subject: [nycphp-talk] require/include inside a function
Message-ID: <7CE0EC1FC2D0D411910700508BE38D0F016A34C7@msxnyusr01.msx.ops.tiaa-cref.org>


I believe functions and class definitions are globally scoped.
I think the local scoping only applies to variables.

I exec'd this bit of code and it supports my statement:
-----------------------------------------------------------------------
function definer() {
        include_once("./foo.inc");
        function func_foo() { echo 'foo was here'; }
}

echo ( class_exists( 'foo' ) ) 
	?  'foo is out there!' : 'foo not there.'; print "<br>";
echo ( function_exists( 'func_foo' ) )
	?  'func foo is out there!' : 'func foo not there.'; print "<br>";

definer();

echo ( class_exists( 'foo' ) )
	?  'foo is out there!' : 'foo not there.'; print "<br>";
echo ( function_exists( 'func_foo' ) )
	?  'func foo is out there!' : 'func foo not there.';
-----------------------------------------------------------------------
Output:
foo not there.
func foo not there.
foo is out there!
func foo is out there!
-----------------------------------------------------------------------

Hope this helps.
-Eddy

-----Original Message-----
From: Hans Zaunere [mailto:zaunere at yahoo.com]
Sent: Monday, June 10, 2002 10:18 PM
To: NYPHP Talk
Subject: [nycphp-talk] require/include inside a function



I'm using the unserialize_callback_func ini setting, from
http://www.php.net/manual/en/function.unserialize.php like so:

ini_set('unserialize_callback_func','handlestdclass');

function handlestdclass( $classname ) {
   require_once("{$classname}/{$classname}.inc");
}

Now I may be overlooking something very obvious, but when code is
require/included in a function, it is locally scoped inside that
function.  If that's the case, and no way around it, what good is this
directive?

Any thoughts would be helpful.  Thanks guys,

Hans Z

__________________________________________________
Do You Yahoo!?
Yahoo! - Official partner of 2002 FIFA World Cup
http://fifaworldcup.yahoo.com


**********************************************************************
This message, including any attachments, contains confidential information intended for a specific individual and purpose, and is protected by law.  If you are not the intended recipient, please contact sender immediately by reply e-mail and destroy all copies.  You are hereby notified that any disclosure, copying, or distribution of this message, or the taking of any action based on it, is strictly prohibited.
TIAA-CREF
**********************************************************************


From dev at thebinarylab.com  Wed Jun 12 17:41:14 2002
From: dev at thebinarylab.com (John Ensign)
Date: Wed, 12 Jun 2002 15:41:14 -0600
Subject: [nycphp-talk] Encrypt info in an email
In-Reply-To: <200206071649.g57GnPP64347@slipdisc.virul.net>
Message-ID: <IAEDLCHIBCFLOLAIDFCOIEOLCAAA.dev@thebinarylab.com>

I would use PGP, odds are client is on win, and he/she can install a ns
pretty outlook integrated pgp client right into the mail client to auto
decrypt.  As for encrypting the original mail on the server, here is a link
with source.

http://cvs.horde.org/co.php/imp/pgp.php?r=2.26

As well, the book "Web Application Developement with PHP" by Rathskiller,
has a fully worked PGP class.... code is clean, tight, and understandable to
boot. )


Hope this helps.....

john

-----Original Message-----
From: Jim Musil [mailto:jim at nettmedia.com]
Sent: Friday, June 07, 2002 10:49 AM
To: NYPHP Talk
Subject: [nycphp-talk] Encrypt info in an email



Hi,

What options are good if I want to encrypt just some information sent in an
email?

For example, let's say I send an order from a website to the store owner,
how can I scramble the credit card in a way that the owner can descramble it
when he/she receives it.

Any ideas?

Jim M





From soazine at erols.com  Wed Jun 12 20:02:12 2002
From: soazine at erols.com (Phil Powell)
Date: Wed, 12 Jun 2002 20:02:12 -0400
Subject: Creatng a PHP chatroom
Message-ID: <005b01c2126d$921a2f40$53bd6444@scandinawa1bo6>

I am intrested in creating a chatroom entirely in PHP involving streaming text.  Where can someone help me to find such a means of doing so?

Thanx
Phil
http://valsignalandet.com

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20020612/22b1e026/attachment.html>

From kayraotaner at yahoo.com  Wed Jun 12 20:15:13 2002
From: kayraotaner at yahoo.com (Kayra Otaner)
Date: Wed, 12 Jun 2002 17:15:13 -0700 (PDT)
Subject: [nycphp-talk] Creatng a PHP chatroom
In-Reply-To: <200206130002.g5D02iP54564@slipdisc.virul.net>
Message-ID: <20020613001513.91343.qmail@web10101.mail.yahoo.com>


http://www.phpwizard.net/projects/phpIRC/

--- Phil Powell <soazine at erols.com> wrote:
> I am intrested in creating a chatroom entirely in PHP involving streaming text.  Where can
> someone help me to find such a means of doing so?
> 
> Thanx
> Phil
> http://valsignalandet.com
> 
> 
> 


__________________________________________________
Do You Yahoo!?
Yahoo! - Official partner of 2002 FIFA World Cup
http://fifaworldcup.yahoo.com


From soazine at erols.com  Wed Jun 12 20:45:45 2002
From: soazine at erols.com (Phil Powell)
Date: Wed, 12 Jun 2002 20:45:45 -0400
Subject: [nycphp-talk] Creatng a PHP chatroom
References: <200206130015.g5D0FHP54670@slipdisc.virul.net>
Message-ID: <006601c21273$a7b80830$53bd6444@scandinawa1bo6>

Augh! The Windows .zip version is not available! But thanx, looks good!

Phil

----- Original Message -----
From: "Kayra Otaner" <kayraotaner at yahoo.com>
To: "NYPHP Talk" <talk at nyphp.org>
Sent: Wednesday, June 12, 2002 8:15 PM
Subject: Re: [nycphp-talk] Creatng a PHP chatroom


>
> http://www.phpwizard.net/projects/phpIRC/
>
> --- Phil Powell <soazine at erols.com> wrote:
> > I am intrested in creating a chatroom entirely in PHP involving
streaming text.  Where can
> > someone help me to find such a means of doing so?
> >
> > Thanx
> > Phil
> > http://valsignalandet.com
> >
> >
> >
>
>
> __________________________________________________
> Do You Yahoo!?
> Yahoo! - Official partner of 2002 FIFA World Cup
> http://fifaworldcup.yahoo.com
>
>



From tomatdolemite at hotmail.com  Wed Jun 12 22:27:12 2002
From: tomatdolemite at hotmail.com (Tom O'Neill)
Date: Wed, 12 Jun 2002 21:27:12 -0500
Subject: [nycphp-talk] Creatng a PHP chatroom
References: <200206130046.g5D0kYP54915@slipdisc.virul.net>
Message-ID: <DAV42WwNi5LhhwRJh9m0000c2a2@hotmail.com>

Winzip can unpack a tar....


----- Original Message ----- 
From: "Phil Powell" <soazine at erols.com>
To: "NYPHP Talk" <talk at nyphp.org>
Sent: Wednesday, June 12, 2002 7:46 PM
Subject: Re: [nycphp-talk] Creatng a PHP chatroom


> Augh! The Windows .zip version is not available! But thanx, looks good!
> 
> Phil
> 
> ----- Original Message -----
> From: "Kayra Otaner" <kayraotaner at yahoo.com>
> To: "NYPHP Talk" <talk at nyphp.org>
> Sent: Wednesday, June 12, 2002 8:15 PM
> Subject: Re: [nycphp-talk] Creatng a PHP chatroom
> 
> 
> >
> > http://www.phpwizard.net/projects/phpIRC/
> >
> > --- Phil Powell <soazine at erols.com> wrote:
> > > I am intrested in creating a chatroom entirely in PHP involving
> streaming text.  Where can
> > > someone help me to find such a means of doing so?
> > >
> > > Thanx
> > > Phil
> > > http://valsignalandet.com
> > >
> > >
> > >
> >
> >
> > __________________________________________________
> > Do You Yahoo!?
> > Yahoo! - Official partner of 2002 FIFA World Cup
> > http://fifaworldcup.yahoo.com
> >
> >
> 


From ejp at well.com  Thu Jun 13 09:16:48 2002
From: ejp at well.com (Edward Potter)
Date: Thu, 13 Jun 2002 09:16:48 -0400
Subject: [nycphp-talk] Creatng a PHP chatroom
References: <200206130046.g5D0kYP54915@slipdisc.virul.net>
Message-ID: <3D089B40.3060708@well.com>

I think every language has it's strengths and weaknesses. Building 
ecommerce, site prototyping, forms processing, etc is what php does 
really well, I think chat room construction would probably be more fun 
to code in Java, however here's a bunch of php chat applications...

http://php.resourceindex.com/Complete_Scripts/Chat/

- e



Phil Powell wrote:

> Augh! The Windows .zip version is not available! But thanx, looks good!
> 
> Phil
> 
> ----- Original Message -----
> From: "Kayra Otaner" <kayraotaner at yahoo.com>
> To: "NYPHP Talk" <talk at nyphp.org>
> Sent: Wednesday, June 12, 2002 8:15 PM
> Subject: Re: [nycphp-talk] Creatng a PHP chatroom
> 
> 
> 
>>http://www.phpwizard.net/projects/phpIRC/
>>
>>--- Phil Powell <soazine at erols.com> wrote:
>>
>>>I am intrested in creating a chatroom entirely in PHP involving
>>>
> streaming text.  Where can
> 
>>>someone help me to find such a means of doing so?
>>>
>>>Thanx
>>>Phil
>>>http://valsignalandet.com
>>>
>>>
>>>
>>>
>>
>>__________________________________________________
>>Do You Yahoo!?
>>Yahoo! - Official partner of 2002 FIFA World Cup
>>http://fifaworldcup.yahoo.com
>>
>>
>>
> 
> 
> 




From beef at interport.net  Thu Jun 13 11:35:35 2002
From: beef at interport.net (Wellington Fan)
Date: Thu, 13 Jun 2002 11:35:35 -0400
Subject: Timezone weirdness
In-Reply-To: <200206111500.g5BF0iP33389@slipdisc.virul.net>
Message-ID: <NFBBIDLHGLOBBAAHFLBAKEBCDCAA.beef@interport.net>

Folks,

Sometimes I just don't understand time...

I ran this on a server:
-------------------------------------------
<?php
echo '<br>TZ offset HR: '.date('O');
echo '<br>'.strftime('%Z');
?>
-------------------------------------------

and I get:

-------------------------------------------
TZ offset HR: +0400
Eastern Daylight Time
-------------------------------------------

I don't understand; if strftime('%Z') reports 'EDT', how does that jive with
date('O') reporting +0400, which to my understanding would put the server TZ
around Kabul?

Thanks!

--
Wellington



From beef at interport.net  Thu Jun 13 10:33:07 2002
From: beef at interport.net (Wellington Fan)
Date: Thu, 13 Jun 2002 10:33:07 -0400
Subject: Timezone weirdness
In-Reply-To: <200206111500.g5BF0iP33389@slipdisc.virul.net>
Message-ID: <NFBBIDLHGLOBBAAHFLBAAEBCDCAA.beef@interport.net>

Folks,

Sometimes I just don't understand time...

I ran this on a server:
-------------------------------------------
<?php
echo '<br>TZ offset HR: '.date('O');
echo '<br>'.strftime('%Z');
?>
-------------------------------------------

and I get:

-------------------------------------------
TZ offset HR: +0400
Eastern Daylight Time
-------------------------------------------

I don't understand; if strftime('%Z') reports 'EDT', how does that jive with
date('O') reporting +0400, which to my understanding would put the server TZ
around Kabul?

Thanks!

--
Wellington



From delta at rochester.rr.com  Thu Jun 13 14:58:53 2002
From: delta at rochester.rr.com (delta)
Date: Thu, 13 Jun 2002 14:58:53 -0400
Subject: [nycphp-talk]Web Application Development with PHP by Ratschiller
References: <200206122136.g5CLafP53360@slipdisc.virul.net>
Message-ID: <001601c2130c$5cc2f0d0$8100fe0a@localdomain>

thanks for the tip on the book Web Application Development with PHP by
Tobias Ratschiller - found www.amazon.com has it listed for 27.99 but
there's also priced starting as low as $8.48
thanks again for the tip
----- Original Message -----
From: "John Ensign" <dev at thebinarylab.com>
To: "NYPHP Talk" <talk at nyphp.org>
Sent: Wednesday, June 12, 2002 5:36 PM
Subject: RE: [nycphp-talk] Encrypt info in an email


> I would use PGP, odds are client is on win, and he/she can install a ns
> pretty outlook integrated pgp client right into the mail client to auto
> decrypt.  As for encrypting the original mail on the server, here is a
link
> with source.
>
> http://cvs.horde.org/co.php/imp/pgp.php?r=2.26
>
> As well, the book "Web Application Developement with PHP" by Rathskiller,
> has a fully worked PGP class.... code is clean, tight, and understandable
to
> boot. )
>
>
> Hope this helps.....
>
> john
>
> -----Original Message-----
> From: Jim Musil [mailto:jim at nettmedia.com]
> Sent: Friday, June 07, 2002 10:49 AM
> To: NYPHP Talk
> Subject: [nycphp-talk] Encrypt info in an email
>
>
>
> Hi,
>
> What options are good if I want to encrypt just some information sent in
an
> email?
>
> For example, let's say I send an order from a website to the store owner,
> how can I scramble the credit card in a way that the owner can descramble
it
> when he/she receives it.
>
> Any ideas?
>
> Jim M
>
>
>
>
>



From ken_11223 at yahoo.com  Thu Jun 13 19:49:18 2002
From: ken_11223 at yahoo.com (ken wu)
Date: Thu, 13 Jun 2002 16:49:18 -0700 (PDT)
Subject: [nycphp-talk]Web Application Development with PHP by Ratschiller
In-Reply-To: <200206131856.g5DIuaP65603@slipdisc.virul.net>
Message-ID: <20020613234918.18535.qmail@web12808.mail.yahoo.com>

hey. guys. wanna get the copy of some newest book?
here is the link

http://blacksun.box.sk/books.html

enjoy it ^_^

--- delta <delta at rochester.rr.com> wrote:
> thanks for the tip on the book Web Application
> Development with PHP by
> Tobias Ratschiller - found www.amazon.com has it
> listed for 27.99 but
> there's also priced starting as low as $8.48
> thanks again for the tip
> ----- Original Message -----
> From: "John Ensign" <dev at thebinarylab.com>
> To: "NYPHP Talk" <talk at nyphp.org>
> Sent: Wednesday, June 12, 2002 5:36 PM
> Subject: RE: [nycphp-talk] Encrypt info in an email
> 
> 
> > I would use PGP, odds are client is on win, and
> he/she can install a ns
> > pretty outlook integrated pgp client right into
> the mail client to auto
> > decrypt.  As for encrypting the original mail on
> the server, here is a
> link
> > with source.
> >
> > http://cvs.horde.org/co.php/imp/pgp.php?r=2.26
> >
> > As well, the book "Web Application Developement
> with PHP" by Rathskiller,
> > has a fully worked PGP class.... code is clean,
> tight, and understandable
> to
> > boot. )
> >
> >
> > Hope this helps.....
> >
> > john
> >
> > -----Original Message-----
> > From: Jim Musil [mailto:jim at nettmedia.com]
> > Sent: Friday, June 07, 2002 10:49 AM
> > To: NYPHP Talk
> > Subject: [nycphp-talk] Encrypt info in an email
> >
> >
> >
> > Hi,
> >
> > What options are good if I want to encrypt just
> some information sent in
> an
> > email?
> >
> > For example, let's say I send an order from a
> website to the store owner,
> > how can I scramble the credit card in a way that
> the owner can descramble
> it
> > when he/she receives it.
> >
> > Any ideas?
> >
> > Jim M
> >
> >
> >
> >
> >
> 
> 


=====
Ken Wu

718-788-0661
168 35 Street Apt 2
Broooklyn, NY 11232-2320

http://www.kenfile.com

__________________________________________________
Do You Yahoo!?
Yahoo! - Official partner of 2002 FIFA World Cup
http://fifaworldcup.yahoo.com


From zaunere at yahoo.com  Thu Jun 13 21:19:16 2002
From: zaunere at yahoo.com (Hans Zaunere)
Date: Thu, 13 Jun 2002 18:19:16 -0700 (PDT)
Subject: [nycphp-talk] Question
In-Reply-To: <200206111341.g5BDfZP32403@slipdisc.virul.net>
Message-ID: <20020614011916.68996.qmail@web12802.mail.yahoo.com>


register_globals is certainly the issue here, as later versions come
with it off by default.  And I HIGHLY recommend working your code with
register_globals off.  Although it may be a quick fix to turn it on
now, register_globals is deprecated and will be nonexistent soon, not
to mention the security and performance implications.

HZ


--- Larry Chuon <LarryC at indexstock.com> wrote:
> I use v4.2.1.  A colleague of mine forwarded me this which makes
> sense.
> 
> Using Register Globals
> One feature of PHP that can be used to enhance security is
> configuring PHP
> with register_globals = off.
> By turning off the ability for any user-submitted variable to be
> injected
> into PHP code, you can reduce
> the amount of variable poisoning a potential attacker may inflict.
> They will
> have to take the additional
> time to forge submissions, and your internal variables are
> effectively
> isolated from user submitted data.
> While it does slightly increase the amount of effort required to work
> with
> PHP, it has been argued that
> the benefits far outweigh the effort.
> Example 4-8. Working without register_globals=off
> <?php
> if ($username) { // can be forged by a user in get/post/cookies
> $good_login = 1;
> }
> if ($good_login == 1) { // can be forged by a user in
> get/post/cookies,
> fpassthru ("/highly/sensitive/data/index.html");
> }
> ?>
> Example 4-9. Working with register_globals = off
> <?php
> if($HTTP_COOKIE_VARS['username']){
> // can only come from a cookie, forged or otherwise
> $good_login = 1;
> fpassthru ("/highly/sensitive/data/index.html");
> }
> ?>
> By using this wisely, it's even possible to take preventative
> measures to
> warn when forging is being
> attempted. If you know ahead of time exactly where a variable should
> be
> coming from, you can check to
> see if submitted data is coming from an inappropriate kind of
> submission.
> While it doesn't guarantee that
> data has not been forged, it does require an attacker to guess the
> right
> kind of forging.
> Example 4-10. Detecting simple variable poisoning
> <?php
> if ($HTTP_COOKIE_VARS['username'] &&
> !$HTTP_POST_VARS['username'] &&
> !$HTTP_GET_VARS['username'] ) {
> // Perform other checks to validate the user name...
> $good_login = 1;
> fpassthru ("/highly/sensitive/data/index.html");
> } else {
> mail("admin at example.com", "Possible breakin attempt",
> $HTTP_SERVER_VARS['REMOTE_ADDR']);
> echo "Security violation, admin has been alerted.";
> exit;
> }
> ?>
> Of course, simply turning on register globals does not mean code is
> secure.
> For every piece of data that is
> submitted, it should also be checked in other ways.
> 
> -----Original Message-----
> From: ken wu [mailto:ken_11223 at yahoo.com]
> Sent: Monday, June 10, 2002 6:56 PM
> To: NYPHP Talk
> Subject: Re: [nycphp-talk] Question
> 
> 
> are you running php4.1.2 or above? i know it is
> slightly different to deal with the form variables if
> u running such versions of php.  For example. u have
> to echo $HTTP_POST_VARS['first'} which is the form
> variables.  But i know that if u use the php 4.0.6 or
> below. u don't have to do so. just simply use $first
> or $last.  
> 
> 
>  
> --- Larry Chuon <LarryC at indexstock.com> wrote:
> > <paralist>This message contained 1 file(s) and is
> > available at
> >
> http://nyphp.org/list/paralist_archive.html?L_mid=364</paralist>
> > 
> > I'm working on a sample code and have some
> > questions.  My php and html files
> > are below.  I'm running on IIS and MySQL.  This code
> > gives me the following
> > error:
> >  
> >  
> > Notice: Undefined variable: first in
> > d:\\example\\datain.php on line 5
> > 
> > Notice: Undefined variable: last in
> > d:\\example\\datain.php on line 5
> > 
> > Notice: Undefined variable: nickname in
> > d:\\example\\datain.php on line 5
> > 
> > Notice: Undefined variable: email in
> > d:\\example\\datain.php on line 5
> > 
> > Notice: Undefined variable: salary in
> > d:\\example\\datain.php on line 5
> > Thank you! Information entered. 
> >  
> > If I add the following lines prior to the insert
> > statement, it works fine.
> > $first = $HTTP_POST_VARS['first'];
> > 
> > $last = $HTTP_POST_VARS['last'];
> > 
> > $nickname = $HTTP_POST_VARS['nickname'];
> > 
> > $email = $HTTP_POST_VARS['email'];
> > 
> > $salary = $HTTP_POST_VARS['salary'];
> > 
> > Why do I need $HTTP_POST_VARS???? Thanks in advance.
> >  
> > --------------------
> >  
> > datain.php
> > <html>
> > 
> > <?php
> > 
> > $db = mysql_connect("172.21.6.25","root","123456");
> > 
> > mysql_select_db("learndb",$db);
> > 
> > $sql="insert into personnel (firstname, lastname,
> > nick, email, salary)
> > VALUES
> > ('$first','$last','$nickname','$email','$salary')";
> > 
> > $result = mysql_query($sql);
> > 
> > echo "Thank you! Information entered.\
";
> > 
> > ?>
> > 
> > </html>
> > 
> >  
> > datain.html
> > <html>
> > 
> > <body>
> > 
> > <form action="datain.php" method="post">
> > 
> > First name:<input type="text" name="first"><br>
> > 
> > Last name:<input type="text" name="last"><br>
> > 
> > Nick name:<input type="text" name="nickname"><br>
> > 
> > E-mail:<input type="text" name="email"><br>
> > 
> > Salary:<input type="text" name="salary"><br>
> > 
> > <input type="Submit" name="submit" value="Enter
> > information">
> > 
> > </form>
> > 
> > </body>
> > 
> > </html> 
> > 
> > 
> > 
> 
> 
> =====
> Ken Wu
> 
> 718-788-0661
> 168 35 Street Apt 2
> Broooklyn, NY 11232-2320
> 
> http://www.kenfile.com
> 
> __________________________________________________
> Do You Yahoo!?
> Yahoo! - Official partner of 2002 FIFA World Cup
> http://fifaworldcup.yahoo.com
> 


__________________________________________________
Do You Yahoo!?
Yahoo! - Official partner of 2002 FIFA World Cup
http://fifaworldcup.yahoo.com


From zaunere at yahoo.com  Thu Jun 13 21:23:36 2002
From: zaunere at yahoo.com (Hans Zaunere)
Date: Thu, 13 Jun 2002 18:23:36 -0700 (PDT)
Subject: [nycphp-talk] Do you know a free hosting for PHP and MySQL?
In-Reply-To: <200206102303.g5AN3rP22059@slipdisc.virul.net>
Message-ID: <20020614012336.70960.qmail@web12806.mail.yahoo.com>


NYPHP will be providing free space for development purposes, although I
can't promise a timeframe.  I'll post developments as they happen.

HZ


--- RADIO X <radiox at go.ro> wrote:
> Do you?
> 
> www.radiox.go.ro
> www.guardoneas.ro
> 
> 


__________________________________________________
Do You Yahoo!?
Yahoo! - Official partner of 2002 FIFA World Cup
http://fifaworldcup.yahoo.com


From zaunere at yahoo.com  Thu Jun 13 21:27:00 2002
From: zaunere at yahoo.com (Hans Zaunere)
Date: Thu, 13 Jun 2002 18:27:00 -0700 (PDT)
Subject: [nycphp-talk] require/include inside a function
In-Reply-To: <200206111612.g5BGCqP34225@slipdisc.virul.net>
Message-ID: <20020614012700.69593.qmail@web12802.mail.yahoo.com>


Yeah, exactly right.  Drat.

Thanks,

HZ


--- "Nunez, Eddy" <enunez at tiaa-cref.org> wrote:
> 
> I believe functions and class definitions are globally scoped.
> I think the local scoping only applies to variables.
> 
> I exec'd this bit of code and it supports my statement:
>
-----------------------------------------------------------------------
> function definer() {
>         include_once("./foo.inc");
>         function func_foo() { echo 'foo was here'; }
> }
> 
> echo ( class_exists( 'foo' ) ) 
> 	?  'foo is out there!' : 'foo not there.'; print "<br>";
> echo ( function_exists( 'func_foo' ) )
> 	?  'func foo is out there!' : 'func foo not there.'; print "<br>";
> 
> definer();
> 
> echo ( class_exists( 'foo' ) )
> 	?  'foo is out there!' : 'foo not there.'; print "<br>";
> echo ( function_exists( 'func_foo' ) )
> 	?  'func foo is out there!' : 'func foo not there.';
>
-----------------------------------------------------------------------
> Output:
> foo not there.
> func foo not there.
> foo is out there!
> func foo is out there!
>
-----------------------------------------------------------------------
> 
> Hope this helps.
> -Eddy
> 
> -----Original Message-----
> From: Hans Zaunere [mailto:zaunere at yahoo.com]
> Sent: Monday, June 10, 2002 10:18 PM
> To: NYPHP Talk
> Subject: [nycphp-talk] require/include inside a function
> 
> 
> 
> I'm using the unserialize_callback_func ini setting, from
> http://www.php.net/manual/en/function.unserialize.php like so:
> 
> ini_set('unserialize_callback_func','handlestdclass');
> 
> function handlestdclass( $classname ) {
>    require_once("{$classname}/{$classname}.inc");
> }
> 
> Now I may be overlooking something very obvious, but when code is
> require/included in a function, it is locally scoped inside that
> function.  If that's the case, and no way around it, what good is
> this
> directive?
> 
> Any thoughts would be helpful.  Thanks guys,
> 
> Hans Z
> 
> __________________________________________________
> Do You Yahoo!?
> Yahoo! - Official partner of 2002 FIFA World Cup
> http://fifaworldcup.yahoo.com
> 
> 
>
**********************************************************************
> This message, including any attachments, contains confidential
> information intended for a specific individual and purpose, and is
> protected by law.  If you are not the intended recipient, please
> contact sender immediately by reply e-mail and destroy all copies. 
> You are hereby notified that any disclosure, copying, or distribution
> of this message, or the taking of any action based on it, is strictly
> prohibited.
> TIAA-CREF
>
**********************************************************************
> 


__________________________________________________
Do You Yahoo!?
Yahoo! - Official partner of 2002 FIFA World Cup
http://fifaworldcup.yahoo.com


From zaunere at yahoo.com  Thu Jun 13 21:37:40 2002
From: zaunere at yahoo.com (Hans Zaunere)
Date: Thu, 13 Jun 2002 18:37:40 -0700 (PDT)
Subject: [nycphp-talk] Timezone weirdness
In-Reply-To: <200206131750.g5DHouP64862@slipdisc.virul.net>
Message-ID: <20020614013740.70768.qmail@web12802.mail.yahoo.com>

> 
> I ran this on a server:
> -------------------------------------------
> <?php
> echo '<br>TZ offset HR: '.date('O');
> echo '<br>'.strftime('%Z');
> ?>
> -------------------------------------------
> 
> and I get:
> 
> -------------------------------------------
> TZ offset HR: +0400
> Eastern Daylight Time
> -------------------------------------------

Odd.  I ran this exact code on FreeBSD and Linux boxes and it worked as
expected, -0400.  What platform is this?  If *nix check that your TZ
setting is correct (man tzsetup I think).  If it is, I can only see
this as a bug.  Check bugs.php.net for this, noting your PHP version
and platform.

HZ


> 
> I don't understand; if strftime('%Z') reports 'EDT', how does that
> jive with
> date('O') reporting +0400, which to my understanding would put the
> server TZ
> around Kabul?
> 
> Thanks!
> 
> --
> Wellington
> 
> 


__________________________________________________
Do You Yahoo!?
Yahoo! - Official partner of 2002 FIFA World Cup
http://fifaworldcup.yahoo.com


From soazine at erols.com  Thu Jun 13 21:37:41 2002
From: soazine at erols.com (Phil Powell)
Date: Thu, 13 Jun 2002 21:37:41 -0400
Subject: [nycphp-talk] Creatng a PHP chatroom
References: <200206131729.g5DHTQP64610@slipdisc.virul.net>
Message-ID: <00a401c21344$13016e80$53bd6444@scandinawa1bo6>

More fun to code in Java.. provided you know how to get a servlet to talk to
an applet or whatever else out there is more modern than an applet.. I am
clueless at this!

Phil

----- Original Message -----
From: "Edward Potter" <ejp at well.com>
To: "NYPHP Talk" <talk at nyphp.org>
Sent: Thursday, June 13, 2002 1:29 PM
Subject: Re: [nycphp-talk] Creatng a PHP chatroom


> I think every language has it's strengths and weaknesses. Building
> ecommerce, site prototyping, forms processing, etc is what php does
> really well, I think chat room construction would probably be more fun
> to code in Java, however here's a bunch of php chat applications...
>
> http://php.resourceindex.com/Complete_Scripts/Chat/
>
> - e
>
>
>
> Phil Powell wrote:
>
> > Augh! The Windows .zip version is not available! But thanx, looks good!
> >
> > Phil
> >
> > ----- Original Message -----
> > From: "Kayra Otaner" <kayraotaner at yahoo.com>
> > To: "NYPHP Talk" <talk at nyphp.org>
> > Sent: Wednesday, June 12, 2002 8:15 PM
> > Subject: Re: [nycphp-talk] Creatng a PHP chatroom
> >
> >
> >
> >>http://www.phpwizard.net/projects/phpIRC/
> >>
> >>--- Phil Powell <soazine at erols.com> wrote:
> >>
> >>>I am intrested in creating a chatroom entirely in PHP involving
> >>>
> > streaming text.  Where can
> >
> >>>someone help me to find such a means of doing so?
> >>>
> >>>Thanx
> >>>Phil
> >>>http://valsignalandet.com
> >>>
> >>>
> >>>
> >>>
> >>
> >>__________________________________________________
> >>Do You Yahoo!?
> >>Yahoo! - Official partner of 2002 FIFA World Cup
> >>http://fifaworldcup.yahoo.com
> >>
> >>
> >>
> >
> >
> >
>
>
>



From zaunere at yahoo.com  Thu Jun 13 21:41:49 2002
From: zaunere at yahoo.com (Hans Zaunere)
Date: Thu, 13 Jun 2002 18:41:49 -0700 (PDT)
Subject: [nycphp-talk] best code for Login !.
In-Reply-To: <200206102249.g5AMn0P21855@slipdisc.virul.net>
Message-ID: <20020614014149.37394.qmail@web12804.mail.yahoo.com>


How would this work:

$myparadigm = new Paradigm;
$myparadigm->Authorize('username','password');
if( $myparadigm->Result === LOGGED_IN )
  header('Location: http://me.com/protected.php');
else
  header('Location: http://me.com/login.php');

I'm working on delivering this as a web service.  I'll have beta code
up within the next few days (I had it done, but didn't like it).

HZ



--- louie <louie at zibi.co.il> wrote:
> greetin' folks ! ^-^
> 
> me and a friend was trying to pick
> the best way to the most simple and scure code
> for Login 
> with already existing user and password in Mysql.
> 
> 
> best regards !
> snir 'shalom' gal.
> www.ChatsRus.com
> 
> A pig's orgasm lasts for 30 minutes.
> 
> 
> 


__________________________________________________
Do You Yahoo!?
Yahoo! - Official partner of 2002 FIFA World Cup
http://fifaworldcup.yahoo.com


From dkrook at hotmail.com  Thu Jun 13 23:00:09 2002
From: dkrook at hotmail.com (D C Krook)
Date: Thu, 13 Jun 2002 23:00:09 -0400
Subject: Job: SysAd, human rights, open source and free software.. in DC 
Message-ID: <F264NWWXUh97UC131lS000177ee@hotmail.com>

Damn,

This would be my dream job if not for the Linux guru part (and the ap't 
lease I just signed..).

I couldn't imagine a better use for one's LAMP skills, so please pass it on:




Abstracted from:
http://shr.aaas.org/sysad/


"We're looking for someone who loves free software, wants to support human 
rights, and is eager to travel some of the most difficult places in the 
world.

We work to apply science to human rights. One way we do that is by building 
information management systems and doing statistical analysis of large-scale 
human rights atrocities. We've done projects in Guatemala, Honduras, Haiti, 
South Africa, Kosovo, Cambodia, and Sri Lanka. We work with non-governmental 
organizations, UN missions, truth commissions, and tribunals.

We think that freedom is pretty important, and we are deeply concerned about 
how copyright enforcement legislation might be used to repress human rights 
organizations. We have a long-standing interest in the use of cryptography 
to promote human rights. These interests (and many other observations too 
numerous to discuss here) have led us to conclude that open source and free 
software promotes human rights values, and so we are trying to do all our 
work in open source and free software.


Skills Required:

You need to be very comfortable with GNU/Linux systems. In particular, some 
of the skills you should have include a mastery of GNU/Linux installations, 
boot loaders, and init scripts; a wide knowledge of system demons; 
experience installing, configuring, and deploying free software office & 
productivity applications; script experience (perl, Python, shell); and at 
minimum, a working understanding of SQL, free software implementations of 
SQL back ends (MySQL, PostgreSQL), and of rapid ways to provide UIs to SQL 
systems (glade, PHP/HTML).

Things that would help but aren't essential would be a working knowledge of 
make/autoconf, C/C++, Apache, PHP, Java, and javascript. Knowing something 
about statistics and statistical graphics under GNU/Linux (e.g., R) would be 
helpful. Do you have an opinion about vi(m?) versus (Xe|e)macs?"





=======================================
D C Krook
http://krook.net/ || http://krook.info/

_________________________________________________________________
Send and receive Hotmail on your mobile device: http://mobile.msn.com



From rainman at deroo.net  Fri Jun 14 08:11:46 2002
From: rainman at deroo.net (Raymond DeRoo)
Date: Fri, 14 Jun 2002 08:11:46 -0400
Subject: [nycphp-talk] best code for Login !.
In-Reply-To: <200206140141.g5E1fqP69545@slipdisc.virul.net>
References: <200206140141.g5E1fqP69545@slipdisc.virul.net>
Message-ID: <200206141211.g5ECBj1G026283@base.deroo.net>

Hans--

> How would this work:
>
> $myparadigm = new Paradigm;
> $myparadigm->Authorize('username','password');
> if( $myparadigm->Result === LOGGED_IN )
>   header('Location: http://me.com/protected.php');
> else
>   header('Location: http://me.com/login.php');

I used to use this type of approach. However I found that more and more 
clients have files which they want protected, not just pages. A such I've 
moved towards mod_auth_mysql or mod_auth_ldap (depending up on size and 
availability). I realize that I can (and have) write a page that will get a 
file on the file-system and pass it through to the user. However the added 
URL complexity tends to confuse the most users.

.r


From kevin at sycoward.com  Fri Jun 14 10:19:27 2002
From: kevin at sycoward.com (Kevin)
Date: Fri, 14 Jun 2002 10:19:27 -0400
Subject: [nycphp-talk] best code for Login !.
In-Reply-To: <200206141211.g5ECBmP76361@slipdisc.virul.net>
Message-ID: <BC47B938-7FA1-11D6-9098-000502DB72E6@sycoward.com>

I have used the approach of storing md5 encrypted passwords in the
database, with no copy of the real password. Then when the user logs in 
with
a password, md5 that and check it against the encrypted password in the 
database.
I use a random password generator for when users lose their passwords, 
and send it
to them via email. Its not all that original, but its secure enough, and 
has worked for me.
Good luck



From beef at interport.net  Fri Jun 14 10:19:38 2002
From: beef at interport.net (Wellington Fan)
Date: Fri, 14 Jun 2002 10:19:38 -0400
Subject: [nycphp-talk] Timezone weirdness
In-Reply-To: <200206140137.g5E1biP69478@slipdisc.virul.net>
Message-ID: <EHEGKIAIBINBMDDIAEODGEBBCAAA.beef@interport.net>

Yes! I also ran on a different server and got the results you describe
below. The first (bad) box is PHP 4.04pl1 on WinNT. The second (good) box is
PHP 4.1.2 on FreeBSD.

I'll poke around bugs and report back to the list...


Thanks!
--
WF

> -----Original Message-----
> From: Hans Zaunere [mailto:zaunere at yahoo.com]
> Sent: Thursday, June 13, 2002 9:38 PM
> To: NYPHP Talk
> Subject: Re: [nycphp-talk] Timezone weirdness
>
>

> Odd.  I ran this exact code on FreeBSD and Linux boxes and it worked as
> expected, -0400.  What platform is this?  If *nix check that your TZ
> setting is correct (man tzsetup I think).  If it is, I can only see
> this as a bug.  Check bugs.php.net for this, noting your PHP version
> and platform.
>
> HZ



From ian at plusfour.org  Fri Jun 14 12:16:06 2002
From: ian at plusfour.org (Ian Forsyth)
Date: Fri, 14 Jun 2002 12:16:06 -0400
Subject: HTTP_REFERER
In-Reply-To: <200206141420.g5EEKqP77748@slipdisc.virul.net>
Message-ID: <DEEKJLBPBMNHDEECLKBEAEOFCFAA.ian@plusfour.org>

 Hi,

wierd firewall happening..

I worked on this site that had a splash page to it, in the home page there
is a little animation, then click here to enter the site..

so I put some conditional logic in the index page saying

$refer = getenv('HTTP_REFERER');
if(!strpos($refer,"mysite.com"))
{
	splashpage();
}
else
{
	homepage();
}

I never had a problem till, some one at BigBank.com went to look at the site
from their office and they went in an infinte loop always going to the
splash page, and this happened at several computers on the same network at
bigbank.com .. for some reason the http_referer from the client could not be
captured..

did this happen because some particular firewall filtering? Whats up with
that?

Ian



From andrew at digitalpulp.com  Fri Jun 14 09:45:20 2002
From: andrew at digitalpulp.com (Andrew M. Yochum)
Date: Fri, 14 Jun 2002 09:45:20 -0400 (EDT)
Subject: [nycphp-talk] HTTP_REFERER
In-Reply-To: <200206141616.g5EGFxP79022@slipdisc.virul.net>
Message-ID: <Pine.LNX.4.44.0206140935560.2256-100000@localhost.localdomain>

On Fri, 14 Jun 2002, Ian Forsyth wrote:

> I never had a problem till, some one at BigBank.com went to look at the site
> from their office and they went in an infinte loop always going to the
> splash page, and this happened at several computers on the same network at
> bigbank.com .. for some reason the http_referer from the client could not be
> captured..
> 
> did this happen because some particular firewall filtering? Whats up with
> that?

Sounds like a proxy server, most likely, intercepting the requests and
suppressing the Referer header being sent by the client.

Also, unfortunately, the Referer header can't be relied on.  Not all
clients support it, and some give the option of disabling it for
security/privacy concerns.

See:
http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.36
and
http://www.w3.org/Protocols/rfc2616/rfc2616-sec15.html#sec15.1.3

Andrew



From jim at nettmedia.com  Fri Jun 14 14:28:37 2002
From: jim at nettmedia.com (Jim Musil)
Date: Fri, 14 Jun 2002 14:28:37 -0400
Subject: Good Manhattan Source for Ethernet Cable
Message-ID: <B92FAE15.373D%jim@nettmedia.com>


Hi,

Can anyone recommend a good source for raw UTP cat5 ethernet cable?

Preferably somewhere near madison square garden...

Jim



From brent at landover.com  Fri Jun 14 15:12:56 2002
From: brent at landover.com (Brent Baisley)
Date: Fri, 14 Jun 2002 15:12:56 -0400
Subject: [nycphp-talk] Good Manhattan Source for Ethernet Cable
In-Reply-To: <200206141828.g5EIShP80469@slipdisc.virul.net>
Message-ID: <B92FB876.A013%brent@landover.com>

I've got two boxes of cable left over from a move/renovation we did about
2.5 years ago. I suppose there is a few hundred feet left in each box
(yellow), they were originally 1000 feet each.

Anyway, the company/address on the side of the box is:
Midtown Electric Supply
157 West 18th Street

http://www.midtownelectric.com

> 
> Hi,
> 
> Can anyone recommend a good source for raw UTP cat5 ethernet cable?
> 
> Preferably somewhere near madison square garden...
> 
> Jim
> 

-- 
Brent Baisley
Systems Architect
Landover Associates, Inc.
Search & Advisory Services for Advanced Technology Environments
p: 212.759.6400/800.759.0577



From jhise at linuxforbusiness.org  Fri Jun 14 18:20:07 2002
From: jhise at linuxforbusiness.org (Jeremy Hise)
Date: 14 Jun 2002 18:20:07 -0400
Subject: Oracle NLS_LANG problem
Message-ID: <1024093210.3194.102.camel@localhost.localdomain>

Hi All:

I'm running oracle on NT and connecting via the oracle client on RH 6.2
Kernel version 2.2.14-5.0 ... Oracle 8.1.6

The PHP error I'm getting is:

Warning: OCIStmtExecute: ORA-06550: line 1, column 30: PLS-00553:
character set name is not recognized ORA-06550: line 0, column 0:
PL/SQL: Compilation unit analysis terminated in
/development/jhise/dbmerge_src/class/login.pclass on line 178

I've been looking all over the place and all the pages I've found say to
correctly set up the NLS_LANG env variable...which I do. I've stopped
and started apache...even rebooted the whole machine...doesn't seem as
though any of it makes any difference.

Anyway have any insight?

Thanks!

jhise






From jhise at linuxforbusiness.org  Fri Jun 14 18:25:21 2002
From: jhise at linuxforbusiness.org (Jeremy Hise)
Date: 14 Jun 2002 18:25:21 -0400
Subject: [nycphp-talk] Oracle NLS_LANG problem: ADD
In-Reply-To: <200206142221.g5EMLOP83048@slipdisc.virul.net>
References: <200206142221.g5EMLOP83048@slipdisc.virul.net>
Message-ID: <1024093523.3233.104.camel@localhost.localdomain>

On line 178 I'm also calling a stored procedure that generates a value,
which is bound to a PHP variable for use.

On Fri, 2002-06-14 at 18:21, Jeremy Hise wrote:
> Hi All:
> 
> I'm running oracle on NT and connecting via the oracle client on RH 6.2
> Kernel version 2.2.14-5.0 ... Oracle 8.1.6
> 
> The PHP error I'm getting is:
> 
> Warning: OCIStmtExecute: ORA-06550: line 1, column 30: PLS-00553:
> character set name is not recognized ORA-06550: line 0, column 0:
> PL/SQL: Compilation unit analysis terminated in
> /development/jhise/dbmerge_src/class/login.pclass on line 178
> 
> I've been looking all over the place and all the pages I've found say to
> correctly set up the NLS_LANG env variable...which I do. I've stopped
> and started apache...even rebooted the whole machine...doesn't seem as
> though any of it makes any difference.
> 
> Anyway have any insight?
> 
> Thanks!
> 
> jhise
> 
> 
> 
> 
> 
> 
> 





From zaunere at yahoo.com  Fri Jun 14 22:03:42 2002
From: zaunere at yahoo.com (Hans Zaunere)
Date: Fri, 14 Jun 2002 19:03:42 -0700 (PDT)
Subject: [nycphp-talk] best code for Login !.
In-Reply-To: <200206141211.g5ECBmP76361@slipdisc.virul.net>
Message-ID: <20020615020342.55356.qmail@web12805.mail.yahoo.com>


--- Raymond DeRoo <rainman at deroo.net> wrote:
> Hans--
> 
> > How would this work:
> >
> > $myparadigm = new Paradigm;
> > $myparadigm->Authorize('username','password');
> > if( $myparadigm->Result === LOGGED_IN )
> >   header('Location: http://me.com/protected.php');
> > else
> >   header('Location: http://me.com/login.php');
> 
> I used to use this type of approach. However I found that more and
> more 
> clients have files which they want protected, not just pages. A such
> I've 
> moved towards mod_auth_mysql or mod_auth_ldap (depending up on size
> and 
> availability).

This certainly is an issue; ie this only protects URLs that are parsed
by PHP, even when used in a auto_prepend scheme.  However, for normal
site protection (member's area, for instance) I find this gives much
more flexibility and ease of setup/maintainence than mod_* schemes.

> I realize that I can (and have) write a page that will
> get a file on the file-system and pass it through to the user.
> However the added  URL complexity tends to confuse the most users.

I've done something similar to handle protected files (ie tarballs). 
Generally I use either a script or virtual URL scheme which then maps a
request to a randomly generated (md5 works well) filesystem path.  With
the help of MySQL these mappings have proven easy to implement, and
very secure, since the user never can see what the actual filename is.

I'm working on getting this in a deliverable format, so hopefully it'll
be publicly useful some time soon.

HZ



__________________________________________________
Do You Yahoo!?
Yahoo! - Official partner of 2002 FIFA World Cup
http://fifaworldcup.yahoo.com


From zaunere at yahoo.com  Fri Jun 14 22:27:52 2002
From: zaunere at yahoo.com (Hans Zaunere)
Date: Fri, 14 Jun 2002 19:27:52 -0700 (PDT)
Subject: [nycphp-talk] Oracle NLS_LANG problem: ADD
In-Reply-To: <200206142226.g5EMQbP83111@slipdisc.virul.net>
Message-ID: <20020615022752.90754.qmail@web12804.mail.yahoo.com>


I might be able to help on this one.

If you don't know already, consider http://orafaq.com and
http://oradoc.photo.net invaluable.  On orafaq.com somewhere, there is
a directory of every ORA-* error message, in addition to the search
ability.  I have the URL at work and will post Monday.

Anyway, although you say you're using the Oracle client, I'm assuming
this is running from Apache/PHP (as opposed to the actual Oracle
client).

If running Apache, you need to make sure that the proper Oracle
environment is actually available via Apache and permissions for the
Apache user.  I generally setup the environment in the apachectl script
in some way.  This ensures that Apache itself actually has the proper
environment, and cane be confirmed with a phpinfo() call.  Also, be
sure Apache has access to the Oracle client resource, which are
generally installed as a different user.

Let me know if this helps, and if not, any more details on the
situation (I use 8i client libs on RH 6.2 to connect to a NT server).

HZ




--- Jeremy Hise <jhise at linuxforbusiness.org> wrote:
> On line 178 I'm also calling a stored procedure that generates a
> value,
> which is bound to a PHP variable for use.
> 
> On Fri, 2002-06-14 at 18:21, Jeremy Hise wrote:
> > Hi All:
> > 
> > I'm running oracle on NT and connecting via the oracle client on RH
> 6.2
> > Kernel version 2.2.14-5.0 ... Oracle 8.1.6
> > 
> > The PHP error I'm getting is:
> > 
> > Warning: OCIStmtExecute: ORA-06550: line 1, column 30: PLS-00553:
> > character set name is not recognized ORA-06550: line 0, column 0:
> > PL/SQL: Compilation unit analysis terminated in
> > /development/jhise/dbmerge_src/class/login.pclass on line 178
> > 
> > I've been looking all over the place and all the pages I've found
> say to
> > correctly set up the NLS_LANG env variable...which I do. I've
> stopped
> > and started apache...even rebooted the whole machine...doesn't seem
> as
> > though any of it makes any difference.
> > 
> > Anyway have any insight?
> > 
> > Thanks!
> > 
> > jhise
> > 
> > 
> > 
> > 
> > 
> > 
> > 
> 
> 
> 
> 


__________________________________________________
Do You Yahoo!?
Yahoo! - Official partner of 2002 FIFA World Cup
http://fifaworldcup.yahoo.com


From liquidm3 at hotmail.com  Sun Jun 16 19:13:31 2002
From: liquidm3 at hotmail.com (Ted Shieh)
Date: Sun, 16 Jun 2002 19:13:31 -0400
Subject: Zend Encoder, microCODE, POBS
Message-ID: <F46OT3BOFZtBfKoHIbL00011d6d@hotmail.com>

I have some code that I need to deliver to a client in obfuscated form.  Any 
comments about microCODE ( 
http://www.microcode.de/index.php3?LANGUAGE=english ) or POBS ( 
http://pobs.mywalhalla.net/ )?  Zend Encoder is little bit too expensive for 
me.

Ted
Place a free classified ad with LiquidMarkets
http://www.liquidmarkets.com/m.php?m=ads

_________________________________________________________________
MSN Photos is the easiest way to share and print your photos: 
http://photos.msn.com/support/worldwide.aspx



From zaunere at yahoo.com  Mon Jun 17 13:15:42 2002
From: zaunere at yahoo.com (Hans Zaunere)
Date: Mon, 17 Jun 2002 10:15:42 -0700 (PDT)
Subject: ISS Advisory: Remote Compromise Vulnerability in  ApacheHTTP Server
Message-ID: <20020617171542.88407.qmail@web12802.mail.yahoo.com>


FYI...


> Internet Security Systems Security Advisory
> June 17, 2002
> 
> Remote Compromise Vulnerability in Apache HTTP Server
> 
> Synopsis:
> 
> ISS X-Force has discovered a serious vulnerability in the default
> version of Apache HTTP Server. Apache is the most popular Web server
> and
> is used on over half of all Web servers on the Internet. It may be
> possible for remote attackers to exploit this vulnerability to
> compromise Apache Web servers. Successful exploitation may lead to
> modified Web content, denial of service, or further compromise.
> 
> Affected Versions:
> 
> Apache 1.x
> 
> Note: Many commercial Web Application Servers such as Oracle 9ias and
> IBM Websphere use Apache HTTP Server to process HTTP requests.
> Additional products that bundle Apache HTTP Server for Windows may be
> affected.
> 
> Description:
> 
> The Apache HTTP Server is maintained by the Apache Software
> Foundation.
> Apache is an extremely popular open-source Web server. Netcraft
> (http://www.netcraft.com) reports that as of May 2002, Apache
> accounts
> for over 63% of all active Web sites. Apache?s installed base is
> larger
> than all other Web servers combined.
> 
> The Apache Project is an open-source and volunteer collaboration
> aimed
> to create and maintain a free, feature-rich, powerful, and secure Web
> server implementation. Apache is well regarded as the best, freely
> available Web server.
> 
> Apache contains a flawed mechanism meant to calculate the size of
> "chunked" encoding. Chunked encoding is part of the HTTP Protocol
> Specification used for accepting data from Web users. When data is
> sent
> from the user, the Web server needs to allocate a memory buffer of a
> certain size to hold the submitted data. When the size of the data
> being
> submitted is unknown, the client or Web browser will communicate with
> the server by creating "chunks" of data of a negotiated size.
> 
> The Apache HTTP Server has a software flaw that misinterprets the
> size
> of incoming data chunks. This error may lead to a signal race, heap
> overflow, and to exploitation of malicious code.
> 
> X-Force has verified that this issue is exploitable on Apache for
> Windows (Win32) version 1.3.24. Apache 1.x for Unix contains the same
> source code, but X-Force believes that successful exploitation on
> most
> Unix platforms is unlikely.
> 
> Recommendations:
> 
> Internet Scanner X-Press Update 6.12 includes a check,
> ApacheChunkedEncodingBo, to detect installations of Apache HTTP
> Server
> for Win32. XPU 6.12 is available from the ISS Download Center at:
> http://www.iss.net/download. For questions about downloading and
> installing this XPU, email support at iss.net.
> 
> Detection support for this attack will be included in future X-Press
> Updates for RealSecure Network Sensor 6.x and 7.0. These XPUs will be
> available from the ISS Download Center, and this alert will be
> updated
> when these updates become available.
> 
> ISS X-Force has developed a patch for this issue. Follow the
> instructions below, or contact your vendor for assistance:
> 
> To apply a source code patch to your Apache package:
> 
> 1. Locate your source directory and navigate into the "main" sub-
> directory.
> 2. Verify that "http_protocol.c" is present in the current directory.
> 3. To update your http_protocol.c file, create a file named
> "apache_patch.diff", containing the following text:
> 
> - --- http_protocol.c.vuln	Fri Jun 14 16:12:50 2002
> +++ http_protocol.c	Fri Jun 14 16:13:47 2002
> @@ -2171,7 +2171,7 @@
> 
>       /* Otherwise, we are in the midst of reading a chunk of data */
> 
> - -    len_to_read = (r->remaining > bufsiz) ? bufsiz : r->remaining;
> +    len_to_read = (r->remaining > (unsigned int)bufsiz) ? bufsiz :
> r->
> remaining;
> 
>       len_read = ap_bread(r->connection->client, buffer,
> len_to_read);
>       if (len_read <= 0) {
> 
> 4. Apply the source code update using the "patch" command, or a
> similar
>     utility.
> 5. Build new binaries and reinstall.
> 
> The Apache Server Project has been notified and will make a formal
> patch
> available soon. Please refer to the Apache Server Project?s homepage
> for
> more information: http://httpd.apache.org/
> 
> Additional Information:
> 
> http://www.iss.net/security_center
> http://www.apache.org
> http://httpd.apache.org/
> 
> Credits:
> 
> This vulnerability was discovered and researched by Neel Mehta of the
> ISS X-Force.
>

__________________________________________________
Do You Yahoo!?
Yahoo! - Official partner of 2002 FIFA World Cup
http://fifaworldcup.yahoo.com


From matthew_van_horn at yahoo.com  Mon Jun 17 20:39:42 2002
From: matthew_van_horn at yahoo.com (Matthew Van Horn)
Date: 18 Jun 2002 09:39:42 +0900
Subject: linux hosting with php-xslt
Message-ID: <1024360782.4798.36.camel@katana.mattvanhorn.com>

I'm having a crisis - does anyone know of a linux virtual host provider
that has php compiled with xslt support?

Can someone walk me through putting my own compiled version in my home
directory (assuming it's not supported at the host) and using that?

I would need to have sources for PHP and Sablotron, but what about
expat? and could I compile on my machine, and then move it to their
machine? Honestly, I don't know much about any of this and I am in over
my head. There is some money involved, so I would be willing to pay some
money for help, or even a temporary host (3 weeks) that meets my
requirements (Linux/Apache/MySQL/PHP with XSLT(sablotron))

Thanks
Matt Van Horn





From ian at plusfour.org  Mon Jun 17 21:21:53 2002
From: ian at plusfour.org (Ian Forsyth)
Date: Mon, 17 Jun 2002 21:21:53 -0400
Subject: [nycphp-talk] linux hosting with php-xslt
In-Reply-To: <200206180039.g5I0dpP23265@slipdisc.virul.net>
Message-ID: <DEEKJLBPBMNHDEECLKBEOEPGCFAA.ian@plusfour.org>

phpwebhosting.com has xml/xslt support with mysql and some other useful
extensions..

http://venus.phpwebhosting.com/phphoststest.phtml

> -----Original Message-----
> From: Matthew Van Horn [mailto:matthew_van_horn at yahoo.com]
> Sent: Monday, June 17, 2002 8:40 PM
> To: NYPHP Talk
> Subject: [nycphp-talk] linux hosting with php-xslt
>
>
> I'm having a crisis - does anyone know of a linux virtual host provider
> that has php compiled with xslt support?
>
> Can someone walk me through putting my own compiled version in my home
> directory (assuming it's not supported at the host) and using that?
>
> I would need to have sources for PHP and Sablotron, but what about
> expat? and could I compile on my machine, and then move it to their
> machine? Honestly, I don't know much about any of this and I am in over
> my head. There is some money involved, so I would be willing to pay some
> money for help, or even a temporary host (3 weeks) that meets my
> requirements (Linux/Apache/MySQL/PHP with XSLT(sablotron))
>
> Thanks
> Matt Van Horn
>
>
>
>
>



From delta at rochester.rr.com  Mon Jun 17 23:57:18 2002
From: delta at rochester.rr.com (delta)
Date: Mon, 17 Jun 2002 23:57:18 -0400
Subject: [nycphp-talk] linux hosting with php-xslt
References: <200206180039.g5I0dpP23265@slipdisc.virul.net>
Message-ID: <002101c2167c$3e1b7da0$8100fe0a@localdomain>

i was out at www.phpbuilder.com and found some good tips and info about
sablotron...also on this website found a link to Step by step instructions
for installing Sablotron/Expat/PHP_SABLOT etc at

http://www.shanx.com/php/xsl/getXsl.htm

hope this helps,
regards,
delta


----- Original Message -----
From: "Matthew Van Horn" <matthew_van_horn at yahoo.com>
To: "NYPHP Talk" <talk at nyphp.org>
Sent: Monday, June 17, 2002 8:39 PM
Subject: [nycphp-talk] linux hosting with php-xslt


> I'm having a crisis - does anyone know of a linux virtual host provider
> that has php compiled with xslt support?
>
> Can someone walk me through putting my own compiled version in my home
> directory (assuming it's not supported at the host) and using that?
>
> I would need to have sources for PHP and Sablotron, but what about
> expat? and could I compile on my machine, and then move it to their
> machine? Honestly, I don't know much about any of this and I am in over
> my head. There is some money involved, so I would be willing to pay some
> money for help, or even a temporary host (3 weeks) that meets my
> requirements (Linux/Apache/MySQL/PHP with XSLT(sablotron))
>
> Thanks
> Matt Van Horn
>
>
>
>
>



From matthew_van_horn at yahoo.com  Tue Jun 18 07:57:09 2002
From: matthew_van_horn at yahoo.com (Matthew Van Horn)
Date: 18 Jun 2002 20:57:09 +0900
Subject: [nycphp-talk] linux hosting with php-xslt
In-Reply-To: <200206180355.g5I3t2P24561@slipdisc.virul.net>
References: <200206180355.g5I3t2P24561@slipdisc.virul.net>
Message-ID: <1024401429.3362.2.camel@katana.mattvanhorn.com>

Thanks for the info, but I have it working on my machine just fine -
it's just that my machine is in Japan (with me), and behind a router,
firewall, and a TOS that prevents me from serving it to the world. So I
just need a host with a similar setup to mine. THe previous response
about phpwebhosting.com seems like it will work, I am gonna venture the
$10 or so it takes to find out, I think.

On Tue, 2002-06-18 at 12:55, delta wrote:
> i was out at www.phpbuilder.com and found some good tips and info about
> sablotron...also on this website found a link to Step by step instructions
> for installing Sablotron/Expat/PHP_SABLOT etc at
> 
> http://www.shanx.com/php/xsl/getXsl.htm
> 
> hope this helps,
> regards,
> delta
> 
> 
> ----- Original Message -----
> From: "Matthew Van Horn" <matthew_van_horn at yahoo.com>
> To: "NYPHP Talk" <talk at nyphp.org>
> Sent: Monday, June 17, 2002 8:39 PM
> Subject: [nycphp-talk] linux hosting with php-xslt
> 
> 
> > I'm having a crisis - does anyone know of a linux virtual host provider
> > that has php compiled with xslt support?
> >
> > Can someone walk me through putting my own compiled version in my home
> > directory (assuming it's not supported at the host) and using that?
> >
> > I would need to have sources for PHP and Sablotron, but what about
> > expat? and could I compile on my machine, and then move it to their
> > machine? Honestly, I don't know much about any of this and I am in over
> > my head. There is some money involved, so I would be willing to pay some
> > money for help, or even a temporary host (3 weeks) that meets my
> > requirements (Linux/Apache/MySQL/PHP with XSLT(sablotron))
> >
> > Thanks
> > Matt Van Horn
> >
> >
> >
> >
> >
> 



From zaunere at yahoo.com  Tue Jun 18 09:42:46 2002
From: zaunere at yahoo.com (Hans Zaunere)
Date: Tue, 18 Jun 2002 06:42:46 -0700 (PDT)
Subject: [nycphp-talk] UPDATED Advisory: Remote Compromise Vulnerability in  Apache HTTP Server
In-Reply-To: <200206171715.g5HHFmP20172@slipdisc.virul.net>
Message-ID: <20020618134246.93594.qmail@web12808.mail.yahoo.com>


Some updated info. follows.  Basically, this vulnerability is only seen
as exploitable on Windows and 64bit UNICES.  That said, there is a REAL
patch (not an ISS marketing tool *snicker*) from Apache at

http://www.apache.org/dist/httpd/patches/apply_to_1.3.24/

And there is an 1.3.25 release eminent.  The CERT advisory follows.

But before we get to that, I'd like to quickly rant about ISS.  There
has been a lot of hub-bub about ISS rushing this announcement out the
door, while Apache was expecting to make an announcement when they had
a solid patch/release ready.  And on top of that, ISS pretends to have
a remedy for it.  Funny how Microsoft has become a major partner with
ISS, pushing their secure IIS solutions.  And it's funny how the ISS
announcement says basically "buy our [security scanner] product, and
you'll be fine!"

Frankly, it pisses me off.

Anyway, the CERT advisory is below:



>CERT Advisory CA-2002-17 Apache Web Server Chunk Handling
Vulnerability
>
>    Original release date: June 17, 2002
>    Last revised: --
>    Source: CERT/CC
>
>    A complete revision history can be found at the end of this file.
>
>Systems Affected
>
>      * Web servers based on Apache code versions 1.3 through 1.3.24
>      * Web servers based on Apache code versions 2.0 through 2.0.36
>
>Overview
>
>    There is a remotely exploitable vulnerability in the handling of
large
>    chunks  of  data  in web servers that are based on Apache source
code.
>    This  vulnerability  is present by default in configurations of
Apache
>    web  servers  versions  1.3  through  1.3.24  and versions 2.0
through
>    2.0.36.  The  impact  of  this  vulnerability  is  dependent  upon
the
>    software version and the hardware platform the server is running
on.
>
>I. Description
>
>    Apache is a popular web server that includes support for
chunk-encoded
>    data according to the HTTP 1.1 standard as described in RFC2616.
There
>    is  a  vulnerability  in  the  handling  of certain chunk-encoded
HTTP
>    requests that may allow remote attackers to execute arbitrary
code.
>
>    The  Apache  Software  Foundation has published an advisory
describing
>    the details of this vulnerability. This advisory is available on
their
>    web site at
>
>           http://httpd.apache.org/info/security_bulletin_20020617.txt
>
>II. Impact
>
>    For  Apache  versions 1.3 through 1.3.24 inclusive, this
vulnerability
>    may allow the execution of arbitrary code by remote attackers.
Several
>    sources have reported that this vulnerability can be used by
intruders
>    to  execute  arbitrary  code  on  Windows platforms. Additionally,
the
>    Apache  Software  Foundation  has  reported  that a similar attack
may
>    allow the execution of arbitrary code on 64-bit UNIX systems.
>
>    For  Apache  versions  2.0  through  2.0.36  inclusive,  the
condition
>    causing  the  vulnerability is correctly detected and causes the
child
>    process  to  exit.  Depending  on  a variety of factors, including
the
>    threading model supported by the vulnerable system, this may lead
to a
>    denial-of-service attack against the Apache web server.
>
>III. Solution
>
>Apply a patch from your vendor
>
>    Apply  a  patch  from  your  vendor to correct this vulnerability.
The
>    CERT/CC  has  been informed by the Apache Software Foundation that
the
>    patch  provided  in the ISS advisory on this topic does not
completely
>    correct  this  vulnerability.  More  information about
vendor-specific
>    patches  can  be found in the vendor section of this document.
Because
>    the   publication  of  this  advisory  was  unexpectedly 
accelerated,
>    statements  from  all  of  the  affected vendors were not
available at
>    publication  time.  As  additional  information  from  vendors
becomes
>    available, this document will be updated.
>
>Upgrade to the latest version
>
>    The Apache Software Foundation has released two new versions of
Apache
>    that correct this vulnerability. System administrators can prevent
the
>    vulnerability  from  being  exploited  by  upgrading to Apache
version
>    1.3.25  or  2.0.39.  The new versions of Apache will be available
from
>    their web site at
>
>           http://httpd.apache.org/
>
>Appendix A. - Vendor Information
>
>    This  appendix  contains  information  provided  by  vendors  for
this
>    advisory.  As  vendors  report new information to the CERT/CC, we
will
>    update this section and note the changes in our revision history.
If a
>    particular  vendor  is  not  listed  below, we have not received
their
>    comments.
>
>Apache Software Foundation
>
>    New versions of the Apache software are available from:
>
>           http://httpd.apache.org/
>
>Conectiva Linux
>
>    The  Apache  webserver  shipped  with Conectiva Linux is
vulnerable to
>    this  problem.  New  packages fixing this problem will be
announced to
>    our mailing list after an official fix becomes available.
>
>Cray, Inc.
>
>    Cray,  Inc.  does  not  distribute  Apache  with  any of its
operating
>    systems.
>
>IBM Corporation
>
>    IBM  makes  the Apache Server availble for AIX customers as a
software
>    package  under  the  AIX-Linux  Affinity  initiative.  This
package is
>    included  on  the  AIX  Toolbox  for Linux Applications CD, and
can be
>    downloaded via the IBM Linux Affinity website. The currently
available
>    version of Apache Server is susceptible to the vulnerability
described
>    here.  We  will  update  our Apache Server offering shortly to
version
>    1.3.23,  including  the patch for this vulnerability; this update
will
>    be made available for downloading by accessing this URL:
>
>          
http://www-1.ibm.com/servers/aix/products/aixos/linux/download.
>           html
>
>    and following the instructions presented there.
>
>    Please  note  that  Apache Server, and all Linux Affinity
software, is
>    offered on an "as-is" basis. IBM does not own the source code for
this
>    software,  nor  has  it developed and fully tested this code. IBM
does
>    not support these software packages.
>
>Lotus
>
>    We have verified that the Lotus Domino web server is not
vulnerable to
>    this  type of problem. Also, we do not ship Apache code with any
Lotus
>    products.
>
>Microsoft Corporation
>
>    Microsoft does not ship the Apache web server.
>
>Network Appliance
>
>    NetApp systems are not vulnerable to this problem.
>
>RedHat Inc.
>
>    Red  Hat  distributes  Apache  1.3  versions  in  all  Red  Hat 
Linux
>    distributions, and as part of Stronghold. However we do not
distribute
>    Apache  for Windows. We are currently investigating the issue and
will
>    work on producing errata packages when an official fix for the
problem
>    is  made  available.  When  these  updates  are  complete they
will be
>    available  from  the  URL below. At the same time users of the Red
Hat
>    Network will be able to update their systems using the 'up2date'
tool.
>
>           http://rhn.redhat.com/errata/RHSA-2002-103.html
>
>Unisphere Networks
>
>    The  Unisphere  Networks  SDX-300 Service Deployment System (aka.
SSC)
>    uses  Apache  1.3.24. We are releasing Version 3.0 using Apache
1.3.25
>    soon, and will be issuing a patch release for SSC Version 2.0.3 in
the
>    very near future.
>     
_________________________________________________________________
>
>    The CERT/CC thanks Mark Litchfield for reporting this
vulnerability to
>    the  Apache  Software  Foundation,  and  Mark  Cox  for reporting
this
>    vulnerability to the CERT/CC.
>     
_________________________________________________________________
>
>    Author: Cory F. Cohen
>   
______________________________________________________________________
>
>    This document is available from:
>    http://www.cert.org/advisories/CA-2002-17.html
>   
______________________________________________________________________
>
>CERT/CC Contact Information
>
>    Email: cert at cert.org
>           Phone: +1 412-268-7090 (24-hour hotline)
>           Fax: +1 412-268-6989
>           Postal address:
>           CERT Coordination Center
>           Software Engineering Institute
>           Carnegie Mellon University
>           Pittsburgh PA 15213-3890
>           U.S.A.
>
>    CERT/CC   personnel   answer  the  hotline  08:00-17:00 
EST(GMT-5)  /
>    EDT(GMT-4)  Monday  through  Friday;  they are on call for
emergencies
>    during other hours, on U.S. holidays, and on weekends.
>
>Using encryption
>
>    We  strongly  urge you to encrypt sensitive information sent by
email.
>    Our public PGP key is available from
>    http://www.cert.org/CERT_PGP.key
>
>    If  you  prefer  to  use  DES,  please  call the CERT hotline for
more
>    information.
>
>Getting security information
>
>    CERT  publications  and  other security information are available
from
>    our web site
>    http://www.cert.org/
>
>    To  subscribe  to  the CERT mailing list for advisories and
bulletins,
>    send  email  to majordomo at cert.org. Please include in the body of
your
>    message
>
>    subscribe cert-advisory
>
>    *  "CERT"  and  "CERT  Coordination Center" are registered in the
U.S.
>    Patent and Trademark Office.
>   
______________________________________________________________________
>
>    NO WARRANTY
>    Any  material furnished by Carnegie Mellon University and the
Software
>    Engineering  Institute  is  furnished  on  an  "as is" basis.
Carnegie
>    Mellon University makes no warranties of any kind, either
expressed or
>    implied  as  to  any matter including, but not limited to,
warranty of
>    fitness  for  a  particular purpose or merchantability,
exclusivity or
>    results  obtained from use of the material. Carnegie Mellon
University
>    does  not  make  any warranty of any kind with respect to freedom
from
>    patent, trademark, or copyright infringement.
>     
_________________________________________________________________
>
>    Conditions for use, disclaimers, and sponsorship information
>
>    Copyright 2002 Carnegie Mellon University.
>
>    Revision History
>June 17, 2002:  Initial release





--- Hans Zaunere <zaunere at yahoo.com> wrote:
> 
> FYI...
> 
> 
> > Internet Security Systems Security Advisory
> > June 17, 2002
> > 
> > Remote Compromise Vulnerability in Apache HTTP Server
> > 
> > Synopsis:
> > 
> > ISS X-Force has discovered a serious vulnerability in the default
> > version of Apache HTTP Server. Apache is the most popular Web
> server
> > and
> > is used on over half of all Web servers on the Internet. It may be
> > possible for remote attackers to exploit this vulnerability to
> > compromise Apache Web servers. Successful exploitation may lead to
> > modified Web content, denial of service, or further compromise.
> > 
> > Affected Versions:
> > 
> > Apache 1.x
> > 
> > Note: Many commercial Web Application Servers such as Oracle 9ias
> and
> > IBM Websphere use Apache HTTP Server to process HTTP requests.
> > Additional products that bundle Apache HTTP Server for Windows may
> be
> > affected.
> > 
> > Description:
> > 
> > The Apache HTTP Server is maintained by the Apache Software
> > Foundation.
> > Apache is an extremely popular open-source Web server. Netcraft
> > (http://www.netcraft.com) reports that as of May 2002, Apache
> > accounts
> > for over 63% of all active Web sites. Apache?s installed base is
> > larger
> > than all other Web servers combined.
> > 
> > The Apache Project is an open-source and volunteer collaboration
> > aimed
> > to create and maintain a free, feature-rich, powerful, and secure
> Web
> > server implementation. Apache is well regarded as the best, freely
> > available Web server.
> > 
> > Apache contains a flawed mechanism meant to calculate the size of
> > "chunked" encoding. Chunked encoding is part of the HTTP Protocol
> > Specification used for accepting data from Web users. When data is
> > sent
> > from the user, the Web server needs to allocate a memory buffer of
> a
> > certain size to hold the submitted data. When the size of the data
> > being
> > submitted is unknown, the client or Web browser will communicate
> with
> > the server by creating "chunks" of data of a negotiated size.
> > 
> > The Apache HTTP Server has a software flaw that misinterprets the
> > size
> > of incoming data chunks. This error may lead to a signal race, heap
> > overflow, and to exploitation of malicious code.
> > 
> > X-Force has verified that this issue is exploitable on Apache for
> > Windows (Win32) version 1.3.24. Apache 1.x for Unix contains the
> same
> > source code, but X-Force believes that successful exploitation on
> > most
> > Unix platforms is unlikely.
> > 
> > Recommendations:
> > 
> > Internet Scanner X-Press Update 6.12 includes a check,
> > ApacheChunkedEncodingBo, to detect installations of Apache HTTP
> > Server
> > for Win32. XPU 6.12 is available from the ISS Download Center at:
> > http://www.iss.net/download. For questions about downloading and
> > installing this XPU, email support at iss.net.
> > 
> > Detection support for this attack will be included in future
> X-Press
> > Updates for RealSecure Network Sensor 6.x and 7.0. These XPUs will
> be
> > available from the ISS Download Center, and this alert will be
> > updated
> > when these updates become available.
> > 
> > ISS X-Force has developed a patch for this issue. Follow the
> > instructions below, or contact your vendor for assistance:
> > 
> > To apply a source code patch to your Apache package:
> > 
> > 1. Locate your source directory and navigate into the "main" sub-
> > directory.
> > 2. Verify that "http_protocol.c" is present in the current
> directory.
> > 3. To update your http_protocol.c file, create a file named
> > "apache_patch.diff", containing the following text:
> > 
> > - --- http_protocol.c.vuln	Fri Jun 14 16:12:50 2002
> > +++ http_protocol.c	Fri Jun 14 16:13:47 2002
> > @@ -2171,7 +2171,7 @@
> > 
> >       /* Otherwise, we are in the midst of reading a chunk of data
> */
> > 
> > - -    len_to_read = (r->remaining > bufsiz) ? bufsiz :
> r->remaining;
> > +    len_to_read = (r->remaining > (unsigned int)bufsiz) ? bufsiz :
> > r->
> > remaining;
> > 
> >       len_read = ap_bread(r->connection->client, buffer,
> > len_to_read);
> >       if (len_read <= 0) {
> > 
> > 4. Apply the source code update using the "patch" command, or a
> > similar
> >     utility.
> > 5. Build new binaries and reinstall.
> > 
> > The Apache Server Project has been notified and will make a formal
> > patch
> > available soon. Please refer to the Apache Server Project?s
> homepage
> > for
> > more information: http://httpd.apache.org/
> > 
> > Additional Information:
> > 
> > http://www.iss.net/security_center
> > http://www.apache.org
> > http://httpd.apache.org/
> > 
> > Credits:
> > 
> > This vulnerability was discovered and researched by Neel Mehta of
> the
> > ISS X-Force.
> >
> 
> __________________________________________________
> Do You Yahoo!?
> Yahoo! - Official partner of 2002 FIFA World Cup
> http://fifaworldcup.yahoo.com
> 


__________________________________________________
Do You Yahoo!?
Yahoo! - Official partner of 2002 FIFA World Cup
http://fifaworldcup.yahoo.com


From zaunere at yahoo.com  Tue Jun 18 09:46:35 2002
From: zaunere at yahoo.com (Hans Zaunere)
Date: Tue, 18 Jun 2002 06:46:35 -0700 (PDT)
Subject: Guide to FreeHosting
Message-ID: <20020618134635.18212.qmail@web12802.mail.yahoo.com>



Great resource.  Thanks Navin and Evolt!
I've attached the same info in a nice .txt file as well.

HZ


> From: "N.a.v.i.n ....D.h.a.n.u.k.a" <navin_dhanuka at yahoo.com>
> To: thelist at lists.evolt.org
> Subject: [thelist] Guide to FreeHosting
> Date: Tue, 18 Jun 2002 06:30:54 -0700 (PDT)
> 
> Hi,
> 
> Some Free WebHosting Tips :
> 
> "I don't need much space, and all I need is a host with no
> advertisements. A
> decent amount of transfer would be good enough for me."
> 
> http://www.liquid2k.com/ (recommended)
> http://www.brinkster.com/ (recommended)
> http://www.demented.org/
> http://www.cfm-resources.com/
> http://www.digitalrice.com/
> 
> "I desperately need PHP and a decent amount of space (maybe 15-25
> MB). I
> would be willing to accept a few ads (banner or pop-under, but not
> both!),
> but I would definitely prefer it if the host had no-ads. I need as
> much
> transfer as possible. MySQL is optional."
> 
> http://www.host.sk/ (no-ads)
> http://www.php50.com/ (pop-up)
> http://www.t35.com/ (pop-up)
> http://www.clawz.com/ (banner)
> http://www.tripod.co.uk/ (pop-up, MySQL included)
> "I need a host that will accept large files and provides quite a
> large
> amount of transfer. I do need FTP, but no scripting languages are
> necessary.
> Ads should be kept to a minimum, as I am keeping my entire site here
> as
> well."
> 
> http://www.freewebsites.com/
> http://www.gizba.com/
> http://www.webavenue.org/
> http://www.hut.ru/
> http://www.web1000.com/
> 
> "I don't care about space or ads or transfer. 5-10 MB space, a pop-up
> +
> banners, 300 MB a month transfer would even be enough. All I need is
> reliability. A host that is not likely to go down soon, and a host
> that has
> minimal downtime. Do you know of any hosts?"
> 
> http://www.geocities.com/
> http://www.angelfire.com/
> http://www.tripod.com/
> http://www.topcities.com/
> 
> "I desperately need CGI for an Ikonboard or YaBB I am looking to
> host. I
> don't mind ads, as long as they aren't too annoying. I just need 10
> MB of
> space, and the host must have FTP. Please recommend some hosts!"
> 
> http://www.netfirms.com/
> http://www.spaceports.com/
> http://www.4gigs.com/
> http://free.prohosting.com/ (only if board doesn't require SMTP)
> http://www.clawz.com/
> http://www.amzweb.net/signup.php
> http://www.hut.ru/
> 
> "I really need 20-30 MB of space, a fair amount of transfer, and ASP.
> FTP
> would be nice, but it's not required. Thanks!"
> 
> http://www.brinkster.com/ (no FTP, and no ads)
> http://www.raketnet.nl/
> http://www.cfm-resources.com/
> http://www.aspfreeserver.com/
> http://www.websamba.com/
> 
> "I am looking for a host that offers at least 15 MB space and 1 GB
> transfer,
> as well as PHP/MySQL and CGI. Do you know of any hosts?"
> 
> http://www.amzweb.net/signup.php (also offers ASP)
> http://www.spaceports.com/
> http://www.digitalrice.com/ (only 5 MB space)
> http://www.portland.co.uk/ (only 100 MB transfer)
> 
> "I need 20-30 MB of space with PHP and MySQL. FTP is a necessity.
> Keep the
> ads to a minimum, but I wouldn't mind a pop-up or a banner. I also
> would
> like at least 1 GB of transfer. I might need it for a forum, like
> phpBB or
> IBForums, so I would appreciate it if they allowed forums."
> 
> http://www.host.sk/ (no ads)
> http://www.spaceports.com/
> http://www.tripod.co.uk/
> http://www.multimania.com/
> http://www.amzweb.net/signup.php
> http://www.web1000.com/ (use at your own risk!)
> 
> "I need at least 20 MB of space, with somewhere around a gig of
> transfer.
> FTP would be cool, but what I'm really looking for is domain hosting.
> PHP or
> CGI would be helpful. "
> 
> http://www.webavenue.org/ (no ads)
> http://www.ghs20.com/ (no ads)
> http://www.host.sk/ (no ads)
> http://www.amzweb.net/signup.php
> http://www.netfirms.com/
> http://www.fateback.com/
> 
> "I have a free Opensource Project. Where can i host it ?"
> http://www.sourceforge.net
> http://savannah.gnu.org
> http://www.berlios.de
> 
> Best Regards
> N.D.



__________________________________________________
Do You Yahoo!?
Yahoo! - Official partner of 2002 FIFA World Cup
http://fifaworldcup.yahoo.com
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: freeweb.txt
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20020618/27cfb161/attachment.txt>

From zaunere at yahoo.com  Tue Jun 18 09:56:59 2002
From: zaunere at yahoo.com (Hans Zaunere)
Date: Tue, 18 Jun 2002 06:56:59 -0700 (PDT)
Subject: NYPHP Updates and News
Message-ID: <20020618135659.14631.qmail@web12804.mail.yahoo.com>


Hello all,

Our next monthly meeting is about a week away, and I'd like to start
planning some things.

First, I have had some offers for presentations/seminars/exhibits at
our next meeting.  If you intend to present at our next meeting, PLEASE
contact me off-list ASAP (hans at nyphp.org) with what you are planning so
I can include it in the announcements and make sure we have enough time
for everything.  If you haven't planned on presenting anything,
remember that anyone is welcome to present just about anything; just
give us a fair warning so we can prepare.

I myself will try to exhibit some software I'm working on, but I'm
going camping and have a wedding (not mine), so it's going to be a
rough few days.

Lastly, we have had an offer to colocate a box for NYPHP and Open
Source projects.  While I have a box to put there, I'd like something
with a little more guts, so please contact me directly (hans at nyphp.org)
if this is something you can help with.  Also, we would be a mirror for
Mozilla (great party by the by!) so this would be great!

Thanks everyone,

Hans Z.





__________________________________________________
Do You Yahoo!?
Yahoo! - Official partner of 2002 FIFA World Cup
http://fifaworldcup.yahoo.com


From charles at softwareprototypes.com  Tue Jun 18 13:38:51 2002
From: charles at softwareprototypes.com (charles at softwareprototypes.com)
Date: Tue, 18 Jun 2002 13:38:51 -0400
Subject: Per-/con-ceptual problems with object orientation code loading
Message-ID: <11910-220026218173851250@softwareprototypes.com>

Hi people,

while I was talking with the grand-poobah of Community Connect at the
Job Fair last Thursday (never heard from 'em, [don't expect to,
{tough shit, I'm becoming a Dog Groomer, < B.S. & > $,}]) about
object orientation, he made a couple of comments which, with my usual
"esprit d'escalier" didn't get around to retorting until after we'd
all gone out the door.

First:

The problem with loading an object class is that people don't know
how to break up a class to save their gonads and keep trying to
define a class as a single file which results in a lot of unused code
being loaded and inter-piled uselessly.

Ever thought of breaking up the code into one __directory__ per class
containing one file for the static object definition (the Class and
instance variables that all the methods will depend on,) and one file
per method with an "IncludeOnce" pragma of the static definition?
(Sorry if I'm showing my "Ada" but I learned about Pragmas reading
the DND "Green Book.")

When I was working for the CGI Group on the Common Departmental
Financial System for Supply and Services Canada, I had to write a CM
system to track every friggin' component (ConfigurationItem,) all the
specs, APIs, window layouts, Netron CAP COBOL code fragments, test
scripts, environment pathes, migration strategies, piece of hardware,
software, chair & desk and human resource spread across 3,849,674
square miles (9,970,610 square km), of which 291,576 square miles
(755,180 square km) are inland water. Now there's a sparse Set for
you. :-)  

You can then create "load sets" which include "IncludeOnce" pragmas
for only the methods you will actually be using. That means that you
can keep the foot print "lean and mean" by including the "load set"
instead of loading the whole class.

This would take care of 99% of the objections to the ridiculously
broad foot print that Smalltalk and Java source code (mis-)management
have.

Next:

Paths are great and should be used to full advantage. You should also
use your NFS machines/servers to the fullest. You should use your DNS
to implement subdomains for development and test and have ONE box for
running test & QA and ONE box for development. These can even be
re-using the same box in addition to the induvudual developper's
boxes.

Production machines/servers ONLY know production paths. They execute
code, access data bases and serve pages from/in the production
environment. They are "www." boxen. 

Test machines/servers know about test paths AND production paths.
They execute code, access data bases and serve pages from/in the
production environment AND the test environment. They are "tst."
subdomain boxen.

Development machines/servers know about test paths AND production
paths. They execute code, access data bases and serve pages from/in
the production environment AND the test environment AND the
development environment. They are "dev." subdomain boxen.

Individual developer's boxes know about development paths AND test
paths AND production paths. They execute code, access data bases and
serve pages from/in the production environment AND the test
environment AND the development environment and their own box. They
are "<developper>." subdomain boxen.

Last:

Just because the code has to be attached to the object that's
actually involved doesn't mean that it doesn't require and can't
intermingle execution with code from other objects. Some objects are
ONLY there to provide services (like StateMachines, StateEngines,
DialogManagers, etc.)

The same principles of optimization still apply: 
1) Don't execute any instructions or allocate any storage you don't
absolutely need to. (Make it fast) (This is the WORST offender and a
measure of how lousy programmers are at designing efficient
algorithms. M$ Windows makes me weep. At least the Mac only let you
fill a TERec (TextEditing pane model object) with a maximum of 4K
Bytes. Windows would acept megabytes of data even though it could
only show one or two K of it. What a waste of time. Bill Gates owes
me HOURS!) 
2) Never execute any code twice when you can cache the result. (Make
it faster) 
3) Never cache a result you won't reuse. (Make it smaller.)

-Charles-A. 

Got a dog you need clipped? 

Let it get shaggier until I've finished my course in August.




From brent at landover.com  Tue Jun 18 15:28:13 2002
From: brent at landover.com (Brent Baisley)
Date: Tue, 18 Jun 2002 15:28:13 -0400
Subject: Object Oriented Programming question
Message-ID: <B935020B.A321%brent@landover.com>

Most of my experience has been in scripting and procedural programming and I
am now trying to get my brain around class files and such. I have a question
about whether I'm heading down the right road or not. I've tried looking
into PEAR, but I think it's a bit too much for me right now, I need more
foundation to really understand what's going on.

I've setup a "settings" file that I would like to contain "default" values
like the mysql login name, password and database. One of the functions in my
class file is a db connection function. I've set it up to accept the login
name, password and database as parameters that can be passed.

What I would like to do is use default values set in the settings file if
parameters aren't passed. I tried using the syntax for setting a default
value for a parameter if a value isn't passed, but I guess you can't use
variables in this since I get errors. I want to only pass values to the
function if I don't want to use the default values.

Would like something like this:
function db_connect($db_user = $dflt_user, $db_pswd = $dflt_pswd, $db_dbname
= $dflt_dbname);

Any enlightenment would be appreciated.
-- 
Brent Baisley
Systems Architect
Landover Associates, Inc.
Search & Advisory Services for Advanced Technology Environments
p: 212.759.6400/800.759.0577



From eshepard at slower.net  Tue Jun 18 16:16:55 2002
From: eshepard at slower.net (Eliot Shepard)
Date: Tue, 18 Jun 2002 16:16:55 -0400 (EDT)
Subject: [nycphp-talk] Per-/con-ceptual problems with object orientation
 code loading
In-Reply-To: <200206181734.g5IHYXP30570@slipdisc.virul.net>
Message-ID: <Pine.BSF.4.30.0206181605520.88299-100000@jera.pair.com>

> The problem with loading an object class is that people don't know
> how to break up a class to save their gonads and keep trying to
> define a class as a single file which results in a lot of unused code
> being loaded and inter-piled uselessly.

Not if you use an shared memory compiled-code cache like Zend Accelerator
or PHP Accelerator (http://www.php-accelerator.co.uk). Cuts out both load
from disk and compilation. Latter is a great free product BTW.

> Ever thought of breaking up the code into one __directory__ per class
> containing one file for the static object definition (the Class and
> instance variables that all the methods will depend on,) and one file
> per method with an "IncludeOnce" pragma of the static definition?
> (Sorry if I'm showing my "Ada" but I learned about Pragmas reading
> the DND "Green Book.")

Sounds like a maintenance and usefulness nightmare, which would undercut a
lot of the benefits of OO design. It also would seem to have bad
worst-case performance (where you need a lot of the class' functionality.)

If your classes are too big, you might be at the point where you can
abstract stuff out into a base class or generalized utility functions.
That's the trigger I look for.

> The same principles of optimization still apply:
> 1) Don't execute any instructions or allocate any storage you don't
> absolutely need to. (Make it fast) (This is the WORST offender and a
> measure of how lousy programmers are at designing efficient
> algorithms. M$ Windows makes me weep. At least the Mac only let you
> fill a TERec (TextEditing pane model object) with a maximum of 4K
> Bytes. Windows would acept megabytes of data even though it could
> only show one or two K of it. What a waste of time. Bill Gates owes
> me HOURS!)
> 2) Never execute any code twice when you can cache the result. (Make
> it faster)
> 3) Never cache a result you won't reuse. (Make it smaller.)

4) Never overconcern yourself with optimality before profiling.
5) Never create the potential for bugs by trying to make every code path
optimal.

Just some thoughts. Thanks for an entertaining post.

Eliot

--
Eliot Shepard
http://slower.net/



From charles at softwareprototypes.com  Tue Jun 18 16:48:36 2002
From: charles at softwareprototypes.com (charles at softwareprototypes.com)
Date: Tue, 18 Jun 2002 16:48:36 -0400
Subject: [nycphp-talk] Object Oriented Programming answer
Message-ID: <233410-220026218204836156@softwareprototypes.com>

Hello Brent,

the object instance you are creating with your "settings file" is an
Environment object and I would create an Environment Class and a
method to fill it from that file (or from another source, [now you
could use that method to connect the environment variable over a
socket to your local machine... lets say] :-) and other methods to to
set/get a DBConnection instance variable to permit any other method
in any class to use the connection.

Environment class
  class method
    new -> answers a new initialized instance of the Environment
      get used to thinking of instantiation as occurring in context
and
      the code having to validate the context before answering
      a) raising an error/exception and answer nil
      b) the instance
  instance variables 
    dbUser, 
    dbPasswd, 
    dbName,
    <whatever else you need from your environment> ...
  instance method
    load ($stream) -> sets values from source stream
      (file, socket, parm, lottery ticket, ESP, whatever.)
    loadFile ($fileName) -> open the file named fileName & call
      load($source) with $source set to whatever you're connected to.
    <instVar>($value) -> sets and answers the value of the instvar
    <instVar>() -> gets the value of the instVar

Say  your instVars are dbUser, dbPwd, dbName

You should instantiate the Environment Class at the beginning of your
session or run-unit or unit_of_work (there's a dozern aliases for
this.)

 $env = Environmenr new; /* check for an error */
 $env loadFile($yourFileNameOrALitteral);

 ...

  function db_connect(
    $db_user   = $env.dbUser(), 
    $db_pswd   = $env.dbPwd(), 
    $db_dbname = $env.dbName() );

 ...

In addition, you could write your Environment.<instVar> methods to
use lazy evaluation and, if there in no value for <instVar> already
set, say from reconnecting to a session, you could then call
loadFile() from within the Environment.<instVar>() method, uh,
OOP-speek, sorry, function.

The idea is that you now have an single object which has the
responsability for getting and setting all environment valueand the
rest of your code doesn't have to worry about or care if it gets the
vaues from a default, a file, a session or if it pulls off a Kresgin
and reads the guy's inseam.




From webmaster at localnotion.com  Tue Jun 18 16:46:37 2002
From: webmaster at localnotion.com (webmaster at localnotion.com)
Date: Tue, 18 Jun 2002 20:46:37 +0000
Subject: include() called twice
Message-ID: <1024433197.3d0f9c2dedfcb@webmail.localnotion.com>


Howdy,

I want the following code to see if a file is present, 6then include it if it 
is. I use3d the @ to supress an error if the file is not present. It works, but 
mysteriously writes the file to the page TWICE. I tried require() instead and 
the same results. Why is this? Thanks.

$file-location = /path/to/file/;

if (@readfile($file-location) != FALSE) {
include($file-location);
}


-------------------------------------------------
This mail sent through IMP: http://horde.org/imp/



From nyphp at jimbishop.org  Tue Jun 18 17:10:38 2002
From: nyphp at jimbishop.org (nyphp at jimbishop.org)
Date: Tue, 18 Jun 2002 14:10:38 -0700 (PDT)
Subject: [nycphp-talk] include called twice
In-Reply-To: <200206182046.g5IKkjP32182@slipdisc.virul.net>
Message-ID: <Pine.LNX.4.21.0206181409550.27780-100000@cypress.he.net>


when you use @readfile to test for the file, it actually loads the
file.  use is_file(/path/to/file) instead.





> I want the following code to see if a file is present, 6then include it if it 
> is. I use3d the @ to supress an error if the file is not present. It works, but 
> mysteriously writes the file to the page TWICE. I tried require() instead and 
> the same results. Why is this? Thanks.
> 
> $file-location = /path/to/file/;
> 
> if (@readfile($file-location) != FALSE) {
> include($file-location);
> }
> 
> 
> -------------------------------------------------
> This mail sent through IMP: http://horde.org/imp/
> 
> 





|| jim.bishop
|| i heart n y
|| http://www.jimbishop.org/tidbytes/




From charles at softwareprototypes.com  Tue Jun 18 17:22:07 2002
From: charles at softwareprototypes.com (charles at softwareprototypes.com)
Date: Tue, 18 Jun 2002 17:22:07 -0400
Subject: [nycphp-talk] Per-/con-ceptual problems with object orientation code loading
Message-ID: <6350-22002621821227828@softwareprototypes.com>

ARRRGH! 

YOU DON'T EVEN UNDERSTAND THE PROBLEM!!!! I'D FIRE YOU ON THE SPOT!

IF MY CODE LOADS ONE FRIGGIN' BYTE THAT ISN'T NEEDED, IT WASTES A
BYTE IN RAM AND THE TIME IT TOOK TO LOAD IT. DO YOU UNDERSTRAND THAT?

OF THOSE, THE TIME IS THE MOST PRECIOUS. 

When you can point me to a store that sells time, then you can start
telling me I'm SCREAMING at you because I'm HYSTERICAL.

The Zend accelerator is NOT magic. It doesn't use persistence so you
still incurr that first hit and if you swap out or otherwise run out
of RAM, you incurr that first hit again and again and again. 

If you REALLY run out of RAM and swap space due to memory contention
because you've got too many pages being hit too many times, you are
SO SCREWED! You have just set your system up to fail at precisely the
WORST possible time.

Load-units are only a nightmare if your code is not organized. They
are NOT the concern of the coder/developper.

If the code IS organized, then the optimizations occur BELOW the
packaging and the coder/developper doesn't even know about it.

Nobody will know exactly what's used most until its actually deployed
and its possible to gather up some usage stats. Then you gather up
code unto load-units. That's NOT the codes worry.

The system tuner can optimize load-units according to what's really
encountered and the developper just codes one method at a time and
doesn't have to worry about tuning in the larger view. There may be
inter-application contentions that he can't do anything about.

Abstracting doesn't work if theres ONLY ONE CLASS. Subclassing
doesn't help in those conditions either. The Object class will have
thousands of methods if you can't trim it to only what the
application needs.

Concern yourself with writing optinal code because the crap you spew
will return to haunt you on the unemployment line.

Make every code path as clean as you can and never waste the user's
time. Your code will run X millions of time. Take a minute more to
write something which will run z% faster because, z% multiplied by X
million times a month can make the difference between needing another
expensive server, which will not make your employer happy, or worse,
having a site that's unusable, that  users will bitch about and not
come back to.

-Charles-A.



From nyphp at websapp.com  Tue Jun 18 17:32:37 2002
From: nyphp at websapp.com (Daniel Kushner)
Date: Tue, 18 Jun 2002 17:32:37 -0400
Subject: [nycphp-talk] Per-/con-ceptual problems with object orientation code loading
In-Reply-To: <200206182117.g5ILHoP32435@slipdisc.virul.net>
Message-ID: <OKEHLLMAFAOHECBMOGEPKEMLCEAA.nyphp@websapp.com>

Here: buy some time...
http://www.washingtonpost.com/wp-dyn/articles/A61282-2002Jun16.html

--Daniel

-----Original Message-----
From: charles at softwareprototypes.com
[mailto:charles at softwareprototypes.com]
Sent: Tuesday, June 18, 2002 5:18 PM
To: NYPHP Talk
Subject: Re: [nycphp-talk] Per-/con-ceptual problems with object
orientation code loading


ARRRGH! 

YOU DON'T EVEN UNDERSTAND THE PROBLEM!!!! I'D FIRE YOU ON THE SPOT!

IF MY CODE LOADS ONE FRIGGIN' BYTE THAT ISN'T NEEDED, IT WASTES A
BYTE IN RAM AND THE TIME IT TOOK TO LOAD IT. DO YOU UNDERSTRAND THAT?

OF THOSE, THE TIME IS THE MOST PRECIOUS. 

When you can point me to a store that sells time, then you can start
telling me I'm SCREAMING at you because I'm HYSTERICAL.

The Zend accelerator is NOT magic. It doesn't use persistence so you
still incurr that first hit and if you swap out or otherwise run out
of RAM, you incurr that first hit again and again and again. 

If you REALLY run out of RAM and swap space due to memory contention
because you've got too many pages being hit too many times, you are
SO SCREWED! You have just set your system up to fail at precisely the
WORST possible time.

Load-units are only a nightmare if your code is not organized. They
are NOT the concern of the coder/developper.

If the code IS organized, then the optimizations occur BELOW the
packaging and the coder/developper doesn't even know about it.

Nobody will know exactly what's used most until its actually deployed
and its possible to gather up some usage stats. Then you gather up
code unto load-units. That's NOT the codes worry.

The system tuner can optimize load-units according to what's really
encountered and the developper just codes one method at a time and
doesn't have to worry about tuning in the larger view. There may be
inter-application contentions that he can't do anything about.

Abstracting doesn't work if theres ONLY ONE CLASS. Subclassing
doesn't help in those conditions either. The Object class will have
thousands of methods if you can't trim it to only what the
application needs.

Concern yourself with writing optinal code because the crap you spew
will return to haunt you on the unemployment line.

Make every code path as clean as you can and never waste the user's
time. Your code will run X millions of time. Take a minute more to
write something which will run z% faster because, z% multiplied by X
million times a month can make the difference between needing another
expensive server, which will not make your employer happy, or worse,
having a site that's unusable, that  users will bitch about and not
come back to.

-Charles-A.





From eshepard at slower.net  Tue Jun 18 17:40:23 2002
From: eshepard at slower.net (Eliot Shepard)
Date: Tue, 18 Jun 2002 17:40:23 -0400 (EDT)
Subject: [nycphp-talk] Per-/con-ceptual problems with object orientation
 code loading
In-Reply-To: <200206182117.g5ILHoP32435@slipdisc.virul.net>
Message-ID: <Pine.BSF.4.30.0206181727460.88299-100000@jera.pair.com>

> IF MY CODE LOADS ONE FRIGGIN' BYTE THAT ISN'T NEEDED, IT WASTES A
> BYTE IN RAM AND THE TIME IT TOOK TO LOAD IT. DO YOU UNDERSTRAND THAT?

Experience is the skill of prioritizing one cost against others in order
to maximize efficiency, in my opinion. You can go ahead writing
conceptually optimal machine code to your heart's desire. I'll just get
more done than you. :^)

> ARRRGH!

Clearly you're going to write your code just the way you like. That's
fine. It's a great big open free world where all you need is a text
editor. Ain't it something?

But if you've no interest in hearing responses to your thoughts, my
preference would be that you troll somewhere else.

> YOU DON'T EVEN UNDERSTAND THE PROBLEM!!!! I'D FIRE YOU ON THE SPOT!

First you'd have to be my boss, and based on the tenor of your note, I'm
not too worried about that happening anytime soon.

Cheers!

Eliot

--
Eliot Shepard
http://slower.net/





From ian at plusfour.org  Tue Jun 18 17:43:04 2002
From: ian at plusfour.org (Ian Forsyth)
Date: Tue, 18 Jun 2002 17:43:04 -0400
Subject: apache log file utilities
In-Reply-To: <200206182117.g5ILHoP32435@slipdisc.virul.net>
Message-ID: <DEEKJLBPBMNHDEECLKBEAEPNCFAA.ian@plusfour.org>

Hi,

does any one know of some sort of log file miniturizer? I was just wondering
if someone has already written something that allows one to delete traffic
by date.. ?



From zaunere at yahoo.com  Tue Jun 18 22:52:38 2002
From: zaunere at yahoo.com (Hans Zaunere)
Date: Tue, 18 Jun 2002 19:52:38 -0700 (PDT)
Subject: Apache vulnerability testing
Message-ID: <20020619025238.42918.qmail@web12801.mail.yahoo.com>


This might come in handy for detecting the Apache vulnerability. 
Thanks to Dave Aitel on NYLUG-Talk.

HZ


--- Dave Aitel <dave at immunitysec.com> wrote:
> Subject: [nylug-talk] Apache vuln
>
> For those of you testing your apache boxes I have a test script up at
> http://www.immunitysec.com/spike.html
> 
> If you ARN'T testing your apache, then you probably should. :>
> 
> -dave
> 


__________________________________________________
Do You Yahoo!?
Yahoo! - Official partner of 2002 FIFA World Cup
http://fifaworldcup.yahoo.com


From andrew at digitalpulp.com  Tue Jun 18 16:39:52 2002
From: andrew at digitalpulp.com (Andrew M. Yochum)
Date: Tue, 18 Jun 2002 16:39:52 -0400 (EDT)
Subject: [nycphp-talk] apache log file utilities
In-Reply-To: <200206182142.g5ILgoP32673@slipdisc.virul.net>
Message-ID: <Pine.LNX.4.44.0206181635040.2144-100000@localhost.localdomain>

Hi Ian,

Have a look at logrotate.  Its a pretty standard way of cycling out old log
files after a given amount of time.  The idea is that you keep somthing like
4 weeks of data, and every week they get rotated to the next number so you
get files like

access_log   -> current log
access_log.1 -> last weeks
access_log.2 -> 2 weeks ago
access_log.3 -> 3 weeks ago
access_log.4 -> 4 weeks ago

After a log file goes beyond your maximum number to hold, it gets dumped.

There are options to gzip past log files to save on space, too.  Keeps those
nasty files from filling up your var partition too fast.

Hope that helps.

Andrew

On Tue, 18 Jun 2002, Ian Forsyth wrote:

> Hi,
> 
> does any one know of some sort of log file miniturizer? I was just wondering
> if someone has already written something that allows one to delete traffic
> by date.. ?
> 
> 



From petr at linux.ru  Wed Jun 19 03:21:47 2002
From: petr at linux.ru (Petr Pomorov)
Date: Wed, 19 Jun 2002 03:21:47 -0400
Subject: what do you call this? $dollar $dollar.
Message-ID: <200206190721.g5J7LlA02359@biggie>

Hi all, what do you call this in English?
$dollar=1
$dollar.=2
$dollar.=3
Best regards.


From ktuskey at exostream.com  Wed Jun 19 03:28:02 2002
From: ktuskey at exostream.com (Kyle Tuskey)
Date: Wed, 19 Jun 2002 03:28:02 -0400
Subject: [nycphp-talk] what do you call this? $dollar $dollar.
In-Reply-To: <200206190717.g5J7HNP37527@slipdisc.virul.net>
Message-ID: <000801c21762$d8ac9ca0$e1072744@win2kbox>

Concatenation


Kyle Tuskey
eXostream Communications

-----Original Message-----
From: Petr Pomorov [mailto:petr at linux.ru] 
Sent: Wednesday, June 19, 2002 3:17 AM
To: NYPHP Talk
Subject: [nycphp-talk] what do you call this? $dollar $dollar.

Hi all, what do you call this in English?
$dollar=1
$dollar.=2
$dollar.=3
Best regards.




From gherson at snet.net  Wed Jun 19 05:44:15 2002
From: gherson at snet.net (George Herson)
Date: Wed, 19 Jun 2002 05:44:15 -0400
Subject: session problem
References: <200206190440.g5J4eTP36097@slipdisc.virul.net>
Message-ID: <3D10526F.5000204@snet.net>

When i click an <a> link to move to another page on my site, a new session is 
being created, and i don't know why.  (I've had sessions working before, even in 
this program that's now giving me problems.) On the page the click brings me to, 
$PHPSESSID's value is predefined to the original session id, so PHP remembers 
its value.  But when i re-start the session, PHP creates a new session with a 
new id, and any variables registered to the session are forgotten.

I've tried manually assigning this session id to the session, as shown below, 
but still, as soon as I call session_start() a new session is created.  What am 
i doing wrong?


On the page I hyperlink to:
.
.
.
ob_start();
$zerothsessid=$PHPSESSID;
session_id( $PHPSESSID );
$firstsessid=session_id();
session_start();              // Starts a brand new session.
$secondsessid=session_id();  // This assigns a new value.
.
.
.
echo "zerothsessid=$zerothsessid<br/>\
";
echo "firstsessid=$firstsessid<br/>\
";
echo "secondsessid=$secondsessid<br/>\
";
ob_end_flush();
?>

In my output I'll have, for example:
zerothsessid=782e68bc3beabe79b50e3b1b0d32ba9c
firstsessid=782e68bc3beabe79b50e3b1b0d32ba9c
secondsessid=11dae9d39bc2b72a5783569472bd2532

 From http://www.php.net/manual/en/function.session-id.php:
"string session_id ( [string id]) ...
If id is specified, it will replace the current session id. session_id() needs 
to be called before session_start() for that purpose."

About one in 15 tries this will work, i.e., all of $zerothsessid, $firstsessid, 
and $secondsessid are the same value.

My mod_php is 4.0.5.

thanks,
george



From gherson at snet.net  Wed Jun 19 07:22:07 2002
From: gherson at snet.net (George Herson)
Date: Wed, 19 Jun 2002 07:22:07 -0400
Subject: session problem
Message-ID: <3D10695F.3070202@snet.net>

The last attempt obviously got cut off (where i had three dots, one per line) so 
resending...

When i click an <a> link to move to another page on my site, a new session is
being created, and i don't know why.  (I've had sessions working before, even in
this program that's now giving me problems.) On the page the click brings me to,
$PHPSESSID's value is predefined to the original session id, so PHP remembers
its value.  But when i re-start the session, PHP creates a new session with a
new id, and any variables registered to the session are forgotten.

I've tried manually assigning this session id to the session, as shown below,
but still, as soon as I call session_start() a new session is created.  What am
i doing wrong?


On the page I hyperlink to:
. . .
ob_start();
$zerothsessid=$PHPSESSID;
session_id( $PHPSESSID );
$firstsessid=session_id();
session_start();              // Starts a brand new session.
$secondsessid=session_id();  // This assigns a new value.
. . .
echo "zerothsessid=$zerothsessid<br/>\
";
echo "firstsessid=$firstsessid<br/>\
";
echo "secondsessid=$secondsessid<br/>\
";
ob_end_flush();
?>

In my output I'll have, for example:
zerothsessid=782e68bc3beabe79b50e3b1b0d32ba9c
firstsessid=782e68bc3beabe79b50e3b1b0d32ba9c
secondsessid=11dae9d39bc2b72a5783569472bd2532

  From http://www.php.net/manual/en/function.session-id.php:
"string session_id ( [string id]) ...
If id is specified, it will replace the current session id. session_id() needs
to be called before session_start() for that purpose."

About one in 15 tries this will work, i.e., all of $zerothsessid, $firstsessid,
and $secondsessid are the same value.

My mod_php is 4.0.5.  Its configure command, according to phpinfo():
'./configure' '--with-pgsql=/var/lib/pgsql' '--with-apxs'

Other settings:

session.use_trans_sid
1 1

Session Support enabled

Directive Local Value Master Value
session.auto_start
Off Off
session.cache_expire
180 180
session.cache_limiter
nocache nocache
session.cookie_domain
no value no value
session.cookie_lifetime
0 0
session.cookie_path
/ /
session.cookie_secure
Off Off
session.entropy_file
/dev/urandom /dev/urandom
session.entropy_length
16 16
session.gc_maxlifetime
600 600
session.gc_probability
20 20
session.name
PHPSESSID PHPSESSID
session.referer_check
1 1
session.save_handler
files files
session.save_path
/tmp /tmp
session.serialize_handler
php php
session.use_cookies
On On


thanks,
george




From jonbaer at digitalanywhere.com  Wed Jun 19 08:56:48 2002
From: jonbaer at digitalanywhere.com (Jon Baer)
Date: Wed, 19 Jun 2002 08:56:48 -0400
Subject: [nycphp-talk] what do you call this? $dollar $dollar.
References: <200206190717.g5J7HNP37527@slipdisc.virul.net>
Message-ID: <3D107F90.3040601@digitalanywhere.com>

Petr Pomorov wrote:

>Hi all, what do you call this in English?
>$dollar=1
>$dollar.=2
>$dollar.=3
>Best regards.
>
>  
>
Unemployement :-)




From luis at response-marketing.com  Wed Jun 19 09:12:46 2002
From: luis at response-marketing.com (Luis Silvestre)
Date: Wed, 19 Jun 2002 09:12:46 -0400
Subject: [nycphp-talk] what do you call this? $dollar $dollar.
In-Reply-To: <200206190717.g5J7HNP37527@slipdisc.virul.net>
Message-ID: <OBEGILNHGJDMEGANEHINIEEDCBAA.luis@response-marketing.com>

it's an example of the english term "concatentation operator"

-----Original Message-----
From: Petr Pomorov [mailto:petr at linux.ru]
Sent: Wednesday, June 19, 2002 3:17 AM
To: NYPHP Talk
Subject: [nycphp-talk] what do you call this? $dollar $dollar.


Hi all, what do you call this in English?
$dollar=1
$dollar.=2
$dollar.=3
Best regards.



From zaunere at yahoo.com  Wed Jun 19 10:29:10 2002
From: zaunere at yahoo.com (Hans Zaunere)
Date: Wed, 19 Jun 2002 07:29:10 -0700 (PDT)
Subject: testers wanted - phpguardian.com (source protection)
Message-ID: <20020619142910.9578.qmail@web12801.mail.yahoo.com>


There's been some talk lately of source protection.  This package looks
very nice after a quick glance.

> From: "ade_inovica" <mrwowza at hotmail.com>
> 
> Hi there
> 
> We're just about ready to release an application called phpguardian -
>  an application which will protect php source code.  We are really 
> keen to get some people to try it, so if anyone is interested, 
> please visit http://www.phpguardian.com and go to the download link
> 
> All the best to everyone!
> 
> Ade


__________________________________________________
Do You Yahoo!?
Yahoo! - Official partner of 2002 FIFA World Cup
http://fifaworldcup.yahoo.com


From gherson at snet.net  Wed Jun 19 11:43:54 2002
From: gherson at snet.net (George Herson)
Date: Wed, 19 Jun 2002 11:43:54 -0400
Subject: [nycphp-talk] session problem
References: <200206191122.g5JBMiP39558@slipdisc.virul.net>
Message-ID: <3D10A6BA.5060304@snet.net>

Never mind :)  The problem was my
session.referer_check     = 1
setting in php.ini.

PHP considers one of my own domains foreign and was killing the session for that 
reason (without mentioning this in the php error log, though i did get a few 
"PHP Warning:  Failed to write session data (files). Please verify that the 
current setting of session.save_path is correct (/tmp) in Unknown on line 0").

Wow this stuff can be time-consuming.

george

George Herson wrote:
> The last attempt obviously got cut off (where i had three dots, one per line) so 
> resending...
> 
> When i click an <a> link to move to another page on my site, a new session is
> being created, and i don't know why.  (I've had sessions working before, even in
> this program that's now giving me problems.) On the page the click brings me to,
> $PHPSESSID's value is predefined to the original session id, so PHP remembers
> its value.  But when i re-start the session, PHP creates a new session with a
> new id, and any variables registered to the session are forgotten.
> 
> I've tried manually assigning this session id to the session, as shown below,
> but still, as soon as I call session_start() a new session is created.  What am
> i doing wrong?
> <snip>





From jhise at linuxforbusiness.org  Wed Jun 19 13:18:25 2002
From: jhise at linuxforbusiness.org (Jeremy Hise)
Date: 19 Jun 2002 13:18:25 -0400
Subject: [nycphp-talk] Oracle NLS_LANG problem: ADD
In-Reply-To: <200206150227.g5F2RuP85842@slipdisc.virul.net>
References: <200206150227.g5F2RuP85842@slipdisc.virul.net>
Message-ID: <1024507108.3875.16.camel@localhost.localdomain>

Ok. I figured out the problem.

For some reason, the Oracle on NT (where the database actually was) had:
	ORA_NLS33=$ORACLE_HOME/ocommon/nls/admin/data

But on the RH box, the oracle install script had set it to:
	ORA_NLS33=$ORACLE_HOME/ocommon/nls/admin/oracle

So, I went and simple changed the /oracle to /data

And my day just got a hell of a lot better.

As the great Homer says:
	WHOOOOOOOOOOO HOOOOOOOOOOOO

I do have the following in my apachectl script:

export ORACLE_BASE=/ora8/m01/app/oracle
export ORACLE_HOME=$ORACLE_BASE/product/8.1.6
export PATH=$PATH:$ORACLE_HOME/bin
export LD_LIBRARY_PATH=$ORACLE_HOME/lib:/lib:/usr
export ORACLE_SID=ora8
export ORACLE_TERM=vt100
export ORA_NLS33=$ORACLE_HOME/ocommon/nls/admin/data
export NLS_LANG=AMERICAN_AMERICA.WE8ISO8859P1


I really hope this helps others.

Thanks!

Jeremy


On Fri, 2002-06-14 at 22:27, Hans Zaunere wrote:
> 
> I might be able to help on this one.
> 
> If you don't know already, consider http://orafaq.com and
> http://oradoc.photo.net invaluable.  On orafaq.com somewhere, there is
> a directory of every ORA-* error message, in addition to the search
> ability.  I have the URL at work and will post Monday.
> 
> Anyway, although you say you're using the Oracle client, I'm assuming
> this is running from Apache/PHP (as opposed to the actual Oracle
> client).
> 
> If running Apache, you need to make sure that the proper Oracle
> environment is actually available via Apache and permissions for the
> Apache user.  I generally setup the environment in the apachectl script
> in some way.  This ensures that Apache itself actually has the proper
> environment, and cane be confirmed with a phpinfo() call.  Also, be
> sure Apache has access to the Oracle client resource, which are
> generally installed as a different user.
> 
> Let me know if this helps, and if not, any more details on the
> situation (I use 8i client libs on RH 6.2 to connect to a NT server).
> 
> HZ
> 
> 
> 
> 
> --- Jeremy Hise <jhise at linuxforbusiness.org> wrote:
> > On line 178 I'm also calling a stored procedure that generates a
> > value,
> > which is bound to a PHP variable for use.
> > 
> > On Fri, 2002-06-14 at 18:21, Jeremy Hise wrote:
> > > Hi All:
> > > 
> > > I'm running oracle on NT and connecting via the oracle client on RH
> > 6.2
> > > Kernel version 2.2.14-5.0 ... Oracle 8.1.6
> > > 
> > > The PHP error I'm getting is:
> > > 
> > > Warning: OCIStmtExecute: ORA-06550: line 1, column 30: PLS-00553:
> > > character set name is not recognized ORA-06550: line 0, column 0:
> > > PL/SQL: Compilation unit analysis terminated in
> > > /development/jhise/dbmerge_src/class/login.pclass on line 178
> > > 
> > > I've been looking all over the place and all the pages I've found
> > say to
> > > correctly set up the NLS_LANG env variable...which I do. I've
> > stopped
> > > and started apache...even rebooted the whole machine...doesn't seem
> > as
> > > though any of it makes any difference.
> > > 
> > > Anyway have any insight?
> > > 
> > > Thanks!
> > > 
> > > jhise
> > > 
> > > 
> > > 
> > > 
> > > 
> > > 
> > > 
> > 
> > 
> > 
> > 
> 
> 
> __________________________________________________
> Do You Yahoo!?
> Yahoo! - Official partner of 2002 FIFA World Cup
> http://fifaworldcup.yahoo.com
> 
> 
> 





From zaunere at yahoo.com  Wed Jun 19 13:48:01 2002
From: zaunere at yahoo.com (Hans Zaunere)
Date: Wed, 19 Jun 2002 10:48:01 -0700 (PDT)
Subject: [nycphp-talk] Oracle NLS_LANG problem: ADD
In-Reply-To: <200206191719.g5JHJtP42872@slipdisc.virul.net>
Message-ID: <20020619174801.38792.qmail@web12801.mail.yahoo.com>


And oh, here's that link:
http://www.oracle-error.com

Sorry about that, and alas it doesn't seem to have your particular
error message, but hopefully it'll be useful at somepoint to someone.

That's great you got it working.  I know Oracle can be a real beast, I
can only imagine the cross-platform issues that would arise.

HZ


--- Jeremy Hise <jhise at linuxforbusiness.org> wrote:
> Ok. I figured out the problem.
> 
> For some reason, the Oracle on NT (where the database actually was)
> had:
> 	ORA_NLS33=$ORACLE_HOME/ocommon/nls/admin/data
> 
> But on the RH box, the oracle install script had set it to:
> 	ORA_NLS33=$ORACLE_HOME/ocommon/nls/admin/oracle
> 
> So, I went and simple changed the /oracle to /data
> 
> And my day just got a hell of a lot better.
> 
> As the great Homer says:
> 	WHOOOOOOOOOOO HOOOOOOOOOOOO
> 
> I do have the following in my apachectl script:
> 
> export ORACLE_BASE=/ora8/m01/app/oracle
> export ORACLE_HOME=$ORACLE_BASE/product/8.1.6
> export PATH=$PATH:$ORACLE_HOME/bin
> export LD_LIBRARY_PATH=$ORACLE_HOME/lib:/lib:/usr
> export ORACLE_SID=ora8
> export ORACLE_TERM=vt100
> export ORA_NLS33=$ORACLE_HOME/ocommon/nls/admin/data
> export NLS_LANG=AMERICAN_AMERICA.WE8ISO8859P1
> 
> 
> I really hope this helps others.
> 
> Thanks!
> 
> Jeremy
> 
> 
> On Fri, 2002-06-14 at 22:27, Hans Zaunere wrote:
> > 
> > I might be able to help on this one.
> > 
> > If you don't know already, consider http://orafaq.com and
> > http://oradoc.photo.net invaluable.  On orafaq.com somewhere, there
> is
> > a directory of every ORA-* error message, in addition to the search
> > ability.  I have the URL at work and will post Monday.
> > 
> > Anyway, although you say you're using the Oracle client, I'm
> assuming
> > this is running from Apache/PHP (as opposed to the actual Oracle
> > client).
> > 
> > If running Apache, you need to make sure that the proper Oracle
> > environment is actually available via Apache and permissions for
> the
> > Apache user.  I generally setup the environment in the apachectl
> script
> > in some way.  This ensures that Apache itself actually has the
> proper
> > environment, and cane be confirmed with a phpinfo() call.  Also, be
> > sure Apache has access to the Oracle client resource, which are
> > generally installed as a different user.
> > 
> > Let me know if this helps, and if not, any more details on the
> > situation (I use 8i client libs on RH 6.2 to connect to a NT
> server).
> > 
> > HZ
> > 
> > 
> > 
> > 
> > --- Jeremy Hise <jhise at linuxforbusiness.org> wrote:
> > > On line 178 I'm also calling a stored procedure that generates a
> > > value,
> > > which is bound to a PHP variable for use.
> > > 
> > > On Fri, 2002-06-14 at 18:21, Jeremy Hise wrote:
> > > > Hi All:
> > > > 
> > > > I'm running oracle on NT and connecting via the oracle client
> on RH
> > > 6.2
> > > > Kernel version 2.2.14-5.0 ... Oracle 8.1.6
> > > > 
> > > > The PHP error I'm getting is:
> > > > 
> > > > Warning: OCIStmtExecute: ORA-06550: line 1, column 30:
> PLS-00553:
> > > > character set name is not recognized ORA-06550: line 0, column
> 0:
> > > > PL/SQL: Compilation unit analysis terminated in
> > > > /development/jhise/dbmerge_src/class/login.pclass on line 178
> > > > 
> > > > I've been looking all over the place and all the pages I've
> found
> > > say to
> > > > correctly set up the NLS_LANG env variable...which I do. I've
> > > stopped
> > > > and started apache...even rebooted the whole machine...doesn't
> seem
> > > as
> > > > though any of it makes any difference.
> > > > 
> > > > Anyway have any insight?
> > > > 
> > > > Thanks!
> > > > 
> > > > jhise
> > > > 
> > > > 
> > > > 
> > > > 
> > > > 
> > > > 
> > > > 
> > > 
> > > 
> > > 
> > > 
> > 
> > 
> > __________________________________________________
> > Do You Yahoo!?
> > Yahoo! - Official partner of 2002 FIFA World Cup
> > http://fifaworldcup.yahoo.com
> > 
> > 
> > 
> 
> 
> 
> 


__________________________________________________
Do You Yahoo!?
Yahoo! - Official partner of 2002 FIFA World Cup
http://fifaworldcup.yahoo.com


From charles at softwareprototypes.com  Wed Jun 19 12:02:13 2002
From: charles at softwareprototypes.com (charles at softwareprototypes.com)
Date: Wed, 19 Jun 2002 12:02:13 -0400
Subject: .= is the catenation assignment operator
Message-ID: <230770-22002631916213140@softwareprototypes.com>

If you want to be picky,

 its "catenation",
 the "con" is redundant (I'm a linguistics major, I know these
things. :-)

And if you really want to be picky,

 ".=" is the catenation asignment operator.

-Ch-A.

> From: "Kyle Tuskey" <ktuskey at exostream.com>
> Organization: New York PHP
> Reply-To: talk at nyphp.org
> Date: Wed, 19 Jun 2002 03:27:10 -0400
> To: NYPHP Talk <talk at nyphp.org>
> Subject: RE: [nycphp-talk] what do you call this? $dollar $dollar.
> 
> Concatenation
> 
> 
> Kyle Tuskey
> eXostream Communications
> 
> -----Original Message-----
> From: Petr Pomorov [mailto:petr at linux.ru] 
> Sent: Wednesday, June 19, 2002 3:17 AM
> To: NYPHP Talk
> Subject: [nycphp-talk] what do you call this? $dollar $dollar.
> 
> Hi all, what do you call this in English?
> $dollar=1
> $dollar.=2
> $dollar.=3
> Best regards.
> 
> 
> 




From charles at softwareprototypes.com  Wed Jun 19 12:10:07 2002
From: charles at softwareprototypes.com (charles at softwareprototypes.com)
Date: Wed, 19 Jun 2002 12:10:07 -0400
Subject: [nycphp-talk] testers wanted - phpguardian.com
Message-ID: <101930-22002631916107328@softwareprototypes.com>

uh, php runs on the server side. It never gets off of the server
because that's pointless.

Just who are we shielding the code from exactly? 

- Ourselves? Get real.
- The "competition"? It entirely defeats the purpose and spirit of
open source. 
- "Crackers?" They just stress test your back-up and recovery
procedures. 

Use CVS or SourceSafe or some other file versioning system and put
checked-out copies of the the files in a tree under a shared
directory or under the various home directories.

This abomination entirely defeats the purpose and spirit of open
source. I say ignore it. If you're really in a snit, boycott it.

Its a __bad__ idea. ON par with charging for your OS.

-Ch-A.

> From: Hans Zaunere <zaunere at yahoo.com>
> Organization: New York PHP
> Reply-To: talk at nyphp.org
> Date: Wed, 19 Jun 2002 10:29:14 -0400
> To: NYPHP Talk <talk at nyphp.org>
> Subject: [nycphp-talk] testers wanted - phpguardian.com
> 
> 
> There's been some talk lately of source protection.  This package
looks
> very nice after a quick glance.
> 
>> From: "ade_inovica" <mrwowza at hotmail.com>
>> 
>> Hi there
>> 
>> We're just about ready to release an application called
phpguardian -
>> an application which will protect php source code.  We are really 
>> keen to get some people to try it, so if anyone is interested, 
>> please visit http://www.phpguardian.com and go to the download link
>> 
>> All the best to everyone!
>> 
>> Ade
> 
> 
> __________________________________________________
> Do You Yahoo!?
> Yahoo! - Official partner of 2002 FIFA World Cup
> http://fifaworldcup.yahoo.com
> 




From zaunere at yahoo.com  Wed Jun 19 14:45:38 2002
From: zaunere at yahoo.com (Hans Zaunere)
Date: Wed, 19 Jun 2002 11:45:38 -0700 (PDT)
Subject: [nycphp-talk] Object Oriented Programming question
In-Reply-To: <200206181928.g5IJSIP31525@slipdisc.virul.net>
Message-ID: <20020619184538.19785.qmail@web12804.mail.yahoo.com>


--- Brent Baisley <brent at landover.com> wrote:
> I've setup a "settings" file that I would like to contain "default"
> values like the mysql login name, password and database.

I of course don't know your complete situation, but I would do the
inverse: a settings file contains the normal values, and default
settings are hardcoded.

> One of the functions in my class file is a db connection function. 
> I've set it up to accept the login name, password and database as
> parameters that can be passed.
> 
> What I would like to do is use default values set in the settings
> file if parameters aren't passed.

OK, if you say so :)

class SettingsFile
{
  var $DB_User              = NULL;
  var $DB_Password          = NULL;
  var $DB_DB                = NULL;

  function HandleSettingsFile() {
    $filehandle = fopen(blahblah);
    $this->DB_User = parseblahblah($filehandle);
    $this->DB_Password = parseblahblah($filehandle);
    $this->DB_DB = parseblahblah($filehandle);
  }
}

class MyDBStuff extends SettingsFile
{
  var $DB_Handle           = NULL;

  function DB_Connect( $user = NULL, $password = NULL, $db = NULL ) {
    if( $user !== NULL )
      $this->DB_User = $user;
    if( $password !== NULL )
      $this->DB_Password = $password;
    if( $db !== NULL )
      $this->DB_DB = $db;

    $dbhandle = 
      connectblah($this->DB_User,$this->DB_Password,$this->DB_DB);
  }
}

$dbstuff = new MyDBStuff;

if( $I_HAVE_A_SETTINGS_FILE === 1 ) {
  $dbstuff->HandleSettingsFile();
  $dbstuff->DB_Connect();
} else
  $dbstuff->DB_Connect('user','password','a_db');



> I tried using the syntax for setting a default
> value for a parameter if a value isn't passed, but I guess you can't
> use variables in this since I get errors. 

Right.. only constants work with that.

> I want to only pass values to the function if I don't want to use the
> default values.

The heart of my lousy example is the $this->DB_Connect method. 
Personally, I would avoid this all together, since if anyone is
including your code, they can see what your login/password/db name is. 
Instead, I would only NOT use default values if something from the
settings file was supplied.  There is a fine line here between the two,
but there is a different.  I always hardwire my password/login info at
the top include file; then if someone needs to supply something
different down the road, they can, yet they can never see what my
defaults are.


parseblahblah,

HZ



__________________________________________________
Do You Yahoo!?
Yahoo! - Official partner of 2002 FIFA World Cup
http://fifaworldcup.yahoo.com


From jim at alliedtours.com  Wed Jun 19 16:00:27 2002
From: jim at alliedtours.com (Jim Suto)
Date: Wed, 19 Jun 2002 16:00:27 -0400
Subject: [nycphp-talk] .= is the catenation assignment operator
In-Reply-To: <200206191759.g5JHxrP43269@slipdisc.virul.net>
Message-ID: <BHENLLKDPGGINNOELINJIEDBCCAA.jim@alliedtours.com>





> its "catenation",
> the "con" is redundant (I'm a linguistics major, I know these
>things. :-)
>
>And if you really want to be picky,

> ".=" is the catenation asignment operator.

>-Ch-A.


And if you really, really want to be picky, you would spell assignment with
a double "s". :)

Jim




From zaunere at yahoo.com  Wed Jun 19 16:12:45 2002
From: zaunere at yahoo.com (Hans Zaunere)
Date: Wed, 19 Jun 2002 13:12:45 -0700 (PDT)
Subject: [nycphp-talk] what do you call this? $dollar $dollar.
In-Reply-To: <200206190717.g5J7HNP37527@slipdisc.virul.net>
Message-ID: <20020619201245.11280.qmail@web12808.mail.yahoo.com>


--- Petr Pomorov <petr at linux.ru> wrote:
> Hi all, what do you call this in English?
> $dollar=1
> $dollar.=2
> $dollar.=3
> Best regards.

Bad programming?

Oh, not to beat a dead horse, but that really should be:

$dollar = '1';
$dollar .= '2';
$dollar .= '3';

where $dollar will now be '123'

Since the concatenating assignment operator
(http://www.php.net/manual/en/language.operators.string.php) is for
strings, and makes no sense with ints.  For ints:

$dollar = 1;
$dollar += 2;
$dollar += 3;

and now $dollar is 6 by way of the combined operators.
http://www.php.net/manual/en/language.operators.assignment.php

Also note the important distinction about references in the last
paragraph (as noted in my references presentation, when using .= made
PHP loop endlessly).

HZ




__________________________________________________
Do You Yahoo!?
Yahoo! - Official partner of 2002 FIFA World Cup
http://fifaworldcup.yahoo.com


From petr at linux.ru  Wed Jun 19 16:48:59 2002
From: petr at linux.ru (Petr Pomorov)
Date: Wed, 19 Jun 2002 16:48:59 -0400
Subject: [nycphp-talk] what do you call this? $dollar $dollar.
In-Reply-To: <200206192012.g5JKCoP44606@slipdisc.virul.net>
References: <200206192012.g5JKCoP44606@slipdisc.virul.net>
Message-ID: <200206192049.g5JKn0p02316@biggie>

Thanks Hans i allways forget what the damn thing is called


From jim at nettmedia.com  Wed Jun 19 16:50:10 2002
From: jim at nettmedia.com (Jim Musil)
Date: Wed, 19 Jun 2002 16:50:10 -0400
Subject: POST method not passing on a cgi-version of PHP 4.1.2
Message-ID: <B93666C2.394E%jim@nettmedia.com>


Hi,

I've run across a client who is using a cgi-version of php and for some
reason it will not allow me to submit data from a form via POST. Submitting
via GET works great, POST gives nothing.

I realize this is vague, but I'm hoping someone else has run across the same
problem.

Jim



From kenschwartz at nyc.rr.com  Wed Jun 19 18:03:56 2002
From: kenschwartz at nyc.rr.com (Kenneth Schwartz)
Date: Wed, 19 Jun 2002 18:03:56 -0400
Subject: browser issue?
Message-ID: <002a01c217dd$35bee770$e354c118@kenschwartz>

I have my first PHP site up in production right now (I've developed ColdFusion for years and recently jumped on the PHP bandwagon) and I've got a funny problem I'm wondering if anyone out there can assist me with.

The main client tested all of my scripts when they were in beta and everything was fine.  He was using his home box at the time.  Now that we went to production and he is using his work machine, the script is erroring out.  I'm not having any problems when I hit the production site, none of my colleagues are, and we've checked it out with numerous friends who can all use the page successfully across a wide variety of browsers and platforms.

This client appears to be the only one using IE 6.0.  Any potential problems there or anyone have an idea of what I should pursue?  His security settings are all apparently nornal.


Thanks
Kenneth Schwartz

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20020619/cc2f5080/attachment.html>

From ktuskey at exostream.com  Wed Jun 19 19:55:56 2002
From: ktuskey at exostream.com (Kyle Tuskey)
Date: Wed, 19 Jun 2002 19:55:56 -0400
Subject: [nycphp-talk] testers wanted - phpguardian.com
In-Reply-To: <200206191759.g5JHxrP43271@slipdisc.virul.net>
Message-ID: <000501c217ec$daada910$e1072744@win2kbox>

I don't necessarily think this product is amazing, but I think saying
that code obfuscation isn't needed because "it isn't open source
friendly" is a bold statement.  Some of us develop commercial
redistributable software that needs obfuscation to protect the code.  It
is also a valuable tool for certain contracting circumstances.  I do
feel that the zend encoder is the best obfuscator on the market, but
then again I'm jaded since I know zeev and support his company.


-- Kyle



-----Original Message-----
From: charles at softwareprototypes.com
[mailto:charles at softwareprototypes.com] 
Sent: Wednesday, June 19, 2002 2:00 PM
To: NYPHP Talk
Subject: Re: [nycphp-talk] testers wanted - phpguardian.com

uh, php runs on the server side. It never gets off of the server
because that's pointless.

Just who are we shielding the code from exactly? 

- Ourselves? Get real.
- The "competition"? It entirely defeats the purpose and spirit of
open source. 
- "Crackers?" They just stress test your back-up and recovery
procedures. 

Use CVS or SourceSafe or some other file versioning system and put
checked-out copies of the the files in a tree under a shared
directory or under the various home directories.

This abomination entirely defeats the purpose and spirit of open
source. I say ignore it. If you're really in a snit, boycott it.

Its a __bad__ idea. ON par with charging for your OS.

-Ch-A.

> From: Hans Zaunere <zaunere at yahoo.com>
> Organization: New York PHP
> Reply-To: talk at nyphp.org
> Date: Wed, 19 Jun 2002 10:29:14 -0400
> To: NYPHP Talk <talk at nyphp.org>
> Subject: [nycphp-talk] testers wanted - phpguardian.com
> 
> 
> There's been some talk lately of source protection.  This package
looks
> very nice after a quick glance.
> 
>> From: "ade_inovica" <mrwowza at hotmail.com>
>> 
>> Hi there
>> 
>> We're just about ready to release an application called
phpguardian -
>> an application which will protect php source code.  We are really 
>> keen to get some people to try it, so if anyone is interested, 
>> please visit http://www.phpguardian.com and go to the download link
>> 
>> All the best to everyone!
>> 
>> Ade
> 
> 
> __________________________________________________
> Do You Yahoo!?
> Yahoo! - Official partner of 2002 FIFA World Cup
> http://fifaworldcup.yahoo.com
> 






From charles at softwareprototypes.com  Wed Jun 19 23:46:51 2002
From: charles at softwareprototypes.com (charles at softwareprototypes.com)
Date: Wed, 19 Jun 2002 23:46:51 -0400
Subject: [nycphp-talk] testers wanted - phpguardian.com
Message-ID: <31770-22002642034651375@softwareprototypes.com>

Kyle, at the risk of lacking subtility,

if I loosed some extremely sophisticated search engines (and I've
written AI code and articles for AI Expert) on the intenet on a
hundred PCs and let those search enines run for a year, do you thing
I could find a SINGLE fuckin' competitor of yours who'd even want to
see your fuckin' code? Really now.

You're just fuckin' your clients over and fooling yourself. Try it
with a free-ware, GPLed release of the previous version of your
product and you'll be disgusted at the complete and utter lack of
interest EXCEPT by your existing client base, maybe, if you're lucky.

Code obfuscation is pointless and you'd be surprised how it HURTS you
and HELPS your competitors since they have to reverse engineer with a
clever way of doing what they see your code doing without your own
prejudices. 

They probably come up with shit you never thought of. Much more
clever than anything you came up with in the first place. (I made a
MISTAKE reverse engineering an expert system inference engine and
ended up with a complete enterprise modeling engine which then went
nowhere because the managers of the firm were great real-estate sales
men but couldn't manage an MIS project at gun point. Utter
dick-heads.)

Obfuscation is a mechanical process and if YOU can obfuscate it, it
can be UN-obfuscated almost as fast as you can muddy the waters.
(there were viri written for M$ XL BEFORE XL was even available on
CD-ROM.) And by ditching the variable and function names, (unless the
DDE/OLE maps are available,) the un-obfuscation gets rid of your own
internal slants and just shows things as they really are.

Stop with the code obfuscation BS.

The business and the money is NOT in the product but in the process
of building the product. HOW your company got the product spec in the
first place is much more important than the product to because life
is a moving target and whatever you deliver TODAY is obsolete before
you even deliver it.

Obfuscation is for long-term losers. phpguardian is a sham, a waste
of time and money and utterly counter-productive. AND NOBODY needs it.

-Ch-A.

> From: "Kyle Tuskey" <ktuskey at exostream.com>
> Organization: New York PHP
> Reply-To: talk at nyphp.org
> Date: Wed, 19 Jun 2002 19:55:06 -0400
> To: NYPHP Talk <talk at nyphp.org>
> Subject: RE: [nycphp-talk] testers wanted - phpguardian.com
> 
> I don't necessarily think this product is amazing, but I think
saying
> that code obfuscation isn't needed because "it isn't open source
> friendly" is a bold statement.  Some of us develop commercial
> redistributable software that needs obfuscation to protect the
code.  It
> is also a valuable tool for certain contracting circumstances.  I do
> feel that the zend encoder is the best obfuscator on the market, but
> then again I'm jaded since I know zeev and support his company.
> 
> 
> -- Kyle
> 
> 
> 
> -----Original Message-----
> From: charles at softwareprototypes.com
> [mailto:charles at softwareprototypes.com] 
> Sent: Wednesday, June 19, 2002 2:00 PM
> To: NYPHP Talk
> Subject: Re: [nycphp-talk] testers wanted - phpguardian.com
> 
> uh, php runs on the server side. It never gets off of the server
> because that's pointless.
> 
> Just who are we shielding the code from exactly? 
> 
> - Ourselves? Get real.
> - The "competition"? It entirely defeats the purpose and spirit of
> open source. 
> - "Crackers?" They just stress test your back-up and recovery
> procedures. 
> 
> Use CVS or SourceSafe or some other file versioning system and put
> checked-out copies of the the files in a tree under a shared
> directory or under the various home directories.
> 
> This abomination entirely defeats the purpose and spirit of open
> source. I say ignore it. If you're really in a snit, boycott it.
> 
> Its a __bad__ idea. ON par with charging for your OS.
> 
> -Ch-A.
> 
>> From: Hans Zaunere <zaunere at yahoo.com>
>> Organization: New York PHP
>> Reply-To: talk at nyphp.org
>> Date: Wed, 19 Jun 2002 10:29:14 -0400
>> To: NYPHP Talk <talk at nyphp.org>
>> Subject: [nycphp-talk] testers wanted - phpguardian.com
>> 
>> 
>> There's been some talk lately of source protection.  This package
> looks
>> very nice after a quick glance.
>> 
>>> From: "ade_inovica" <mrwowza at hotmail.com>
>>> 
>>> Hi there
>>> 
>>> We're just about ready to release an application called
> phpguardian -
>>> an application which will protect php source code.  We are really 
>>> keen to get some people to try it, so if anyone is interested, 
>>> please visit http://www.phpguardian.com and go to the download
link
>>> 
>>> All the best to everyone!
>>> 
>>> Ade
>> 
>> 
>> __________________________________________________
>> Do You Yahoo!?
>> Yahoo! - Official partner of 2002 FIFA World Cup
>> http://fifaworldcup.yahoo.com
>> 
> 
> 
> 
> 
> 




From ktuskey at exostream.com  Wed Jun 19 23:50:12 2002
From: ktuskey at exostream.com (Kyle Tuskey)
Date: Wed, 19 Jun 2002 23:50:12 -0400
Subject: [nycphp-talk] testers wanted - phpguardian.com
In-Reply-To: <200206200342.g5K3gYP49377@slipdisc.virul.net>
Message-ID: <000b01c2180d$946d7cc0$e1072744@win2kbox>


Charles,

I don't respond to people who are narrow minded and need to curse to
make a point.  Protecting code is a valid practice.  I'm sorry you don't
agree, but please don't bring it to an infantile level. Thanks.

Kyle




-----Original Message-----
From: charles at softwareprototypes.com
[mailto:charles at softwareprototypes.com] 
Sent: Wednesday, June 19, 2002 11:43 PM
To: NYPHP Talk
Subject: Re: [nycphp-talk] testers wanted - phpguardian.com

Kyle, at the risk of lacking subtility,

if I loosed some extremely sophisticated search engines (and I've
written AI code and articles for AI Expert) on the intenet on a
hundred PCs and let those search enines run for a year, do you thing
I could find a SINGLE fuckin' competitor of yours who'd even want to
see your fuckin' code? Really now.

You're just fuckin' your clients over and fooling yourself. Try it
with a free-ware, GPLed release of the previous version of your
product and you'll be disgusted at the complete and utter lack of
interest EXCEPT by your existing client base, maybe, if you're lucky.

Code obfuscation is pointless and you'd be surprised how it HURTS you
and HELPS your competitors since they have to reverse engineer with a
clever way of doing what they see your code doing without your own
prejudices. 

They probably come up with shit you never thought of. Much more
clever than anything you came up with in the first place. (I made a
MISTAKE reverse engineering an expert system inference engine and
ended up with a complete enterprise modeling engine which then went
nowhere because the managers of the firm were great real-estate sales
men but couldn't manage an MIS project at gun point. Utter
dick-heads.)

Obfuscation is a mechanical process and if YOU can obfuscate it, it
can be UN-obfuscated almost as fast as you can muddy the waters.
(there were viri written for M$ XL BEFORE XL was even available on
CD-ROM.) And by ditching the variable and function names, (unless the
DDE/OLE maps are available,) the un-obfuscation gets rid of your own
internal slants and just shows things as they really are.

Stop with the code obfuscation BS.

The business and the money is NOT in the product but in the process
of building the product. HOW your company got the product spec in the
first place is much more important than the product to because life
is a moving target and whatever you deliver TODAY is obsolete before
you even deliver it.

Obfuscation is for long-term losers. phpguardian is a sham, a waste
of time and money and utterly counter-productive. AND NOBODY needs it.

-Ch-A.

> From: "Kyle Tuskey" <ktuskey at exostream.com>
> Organization: New York PHP
> Reply-To: talk at nyphp.org
> Date: Wed, 19 Jun 2002 19:55:06 -0400
> To: NYPHP Talk <talk at nyphp.org>
> Subject: RE: [nycphp-talk] testers wanted - phpguardian.com
> 
> I don't necessarily think this product is amazing, but I think
saying
> that code obfuscation isn't needed because "it isn't open source
> friendly" is a bold statement.  Some of us develop commercial
> redistributable software that needs obfuscation to protect the
code.  It
> is also a valuable tool for certain contracting circumstances.  I do
> feel that the zend encoder is the best obfuscator on the market, but
> then again I'm jaded since I know zeev and support his company.
> 
> 
> -- Kyle
> 
> 
> 
> -----Original Message-----
> From: charles at softwareprototypes.com
> [mailto:charles at softwareprototypes.com] 
> Sent: Wednesday, June 19, 2002 2:00 PM
> To: NYPHP Talk
> Subject: Re: [nycphp-talk] testers wanted - phpguardian.com
> 
> uh, php runs on the server side. It never gets off of the server
> because that's pointless.
> 
> Just who are we shielding the code from exactly? 
> 
> - Ourselves? Get real.
> - The "competition"? It entirely defeats the purpose and spirit of
> open source. 
> - "Crackers?" They just stress test your back-up and recovery
> procedures. 
> 
> Use CVS or SourceSafe or some other file versioning system and put
> checked-out copies of the the files in a tree under a shared
> directory or under the various home directories.
> 
> This abomination entirely defeats the purpose and spirit of open
> source. I say ignore it. If you're really in a snit, boycott it.
> 
> Its a __bad__ idea. ON par with charging for your OS.
> 
> -Ch-A.
> 
>> From: Hans Zaunere <zaunere at yahoo.com>
>> Organization: New York PHP
>> Reply-To: talk at nyphp.org
>> Date: Wed, 19 Jun 2002 10:29:14 -0400
>> To: NYPHP Talk <talk at nyphp.org>
>> Subject: [nycphp-talk] testers wanted - phpguardian.com
>> 
>> 
>> There's been some talk lately of source protection.  This package
> looks
>> very nice after a quick glance.
>> 
>>> From: "ade_inovica" <mrwowza at hotmail.com>
>>> 
>>> Hi there
>>> 
>>> We're just about ready to release an application called
> phpguardian -
>>> an application which will protect php source code.  We are really 
>>> keen to get some people to try it, so if anyone is interested, 
>>> please visit http://www.phpguardian.com and go to the download
link
>>> 
>>> All the best to everyone!
>>> 
>>> Ade
>> 
>> 
>> __________________________________________________
>> Do You Yahoo!?
>> Yahoo! - Official partner of 2002 FIFA World Cup
>> http://fifaworldcup.yahoo.com
>> 
> 
> 
> 
> 
> 






From jchristian at hotshed.com  Thu Jun 20 00:16:24 2002
From: jchristian at hotshed.com (John Christian)
Date: Thu, 20 Jun 2002 14:16:24 +1000
Subject: [nycphp-talk] testers wanted - phpguardian.com
In-Reply-To: <200206200342.g5K3gYP49377@slipdisc.virul.net>
Message-ID: <005d01c21811$3d7fc6d0$3901a8c0@user>


Charles, 

You are obviously not in a position where you have non stop DoS
attempts, gumby hackers trying to penetrate your servers or employees
wanting to walk away with a cut-and-paste of your source! While
Obfuscation is not the holy grail of internet security - its certainly a
stepping stone to separate the wannabes from the serious attacks and
save unneeded stress. You wouldn't post your root password on your
website, but its possible someone could tap that information or bypass
it altogether - same principles apply at all levels of security - best
practices. 

For $us250 - I think only someone who has got nothing to loose wouldn't
consider the option!

That's just my 2 cents
John




-----Original Message-----
From: charles at softwareprototypes.com
[mailto:charles at softwareprototypes.com] 
Sent: Thursday, 20 June 2002 1:43 PM
To: NYPHP Talk
Subject: Re: [nycphp-talk] testers wanted - phpguardian.com


Kyle, at the risk of lacking subtility,

if I loosed some extremely sophisticated search engines (and I've
written AI code and articles for AI Expert) on the intenet on a hundred
PCs and let those search enines run for a year, do you thing I could
find a SINGLE fuckin' competitor of yours who'd even want to see your
fuckin' code? Really now.

You're just fuckin' your clients over and fooling yourself. Try it with
a free-ware, GPLed release of the previous version of your product and
you'll be disgusted at the complete and utter lack of interest EXCEPT by
your existing client base, maybe, if you're lucky.

Code obfuscation is pointless and you'd be surprised how it HURTS you
and HELPS your competitors since they have to reverse engineer with a
clever way of doing what they see your code doing without your own
prejudices. 

They probably come up with shit you never thought of. Much more clever
than anything you came up with in the first place. (I made a MISTAKE
reverse engineering an expert system inference engine and ended up with
a complete enterprise modeling engine which then went nowhere because
the managers of the firm were great real-estate sales men but couldn't
manage an MIS project at gun point. Utter
dick-heads.)

Obfuscation is a mechanical process and if YOU can obfuscate it, it can
be UN-obfuscated almost as fast as you can muddy the waters. (there were
viri written for M$ XL BEFORE XL was even available on
CD-ROM.) And by ditching the variable and function names, (unless the
DDE/OLE maps are available,) the un-obfuscation gets rid of your own
internal slants and just shows things as they really are.

Stop with the code obfuscation BS.

The business and the money is NOT in the product but in the process of
building the product. HOW your company got the product spec in the first
place is much more important than the product to because life is a
moving target and whatever you deliver TODAY is obsolete before you even
deliver it.

Obfuscation is for long-term losers. phpguardian is a sham, a waste of
time and money and utterly counter-productive. AND NOBODY needs it.

-Ch-A.

> From: "Kyle Tuskey" <ktuskey at exostream.com>
> Organization: New York PHP
> Reply-To: talk at nyphp.org
> Date: Wed, 19 Jun 2002 19:55:06 -0400
> To: NYPHP Talk <talk at nyphp.org>
> Subject: RE: [nycphp-talk] testers wanted - phpguardian.com
> 
> I don't necessarily think this product is amazing, but I think
saying
> that code obfuscation isn't needed because "it isn't open source 
> friendly" is a bold statement.  Some of us develop commercial 
> redistributable software that needs obfuscation to protect the
code.  It
> is also a valuable tool for certain contracting circumstances.  I do 
> feel that the zend encoder is the best obfuscator on the market, but 
> then again I'm jaded since I know zeev and support his company.
> 
> 
> -- Kyle
> 
> 
> 
> -----Original Message-----
> From: charles at softwareprototypes.com 
> [mailto:charles at softwareprototypes.com]
> Sent: Wednesday, June 19, 2002 2:00 PM
> To: NYPHP Talk
> Subject: Re: [nycphp-talk] testers wanted - phpguardian.com
> 
> uh, php runs on the server side. It never gets off of the server 
> because that's pointless.
> 
> Just who are we shielding the code from exactly?
> 
> - Ourselves? Get real.
> - The "competition"? It entirely defeats the purpose and spirit of 
> open source.
> - "Crackers?" They just stress test your back-up and recovery 
> procedures.
> 
> Use CVS or SourceSafe or some other file versioning system and put 
> checked-out copies of the the files in a tree under a shared directory

> or under the various home directories.
> 
> This abomination entirely defeats the purpose and spirit of open 
> source. I say ignore it. If you're really in a snit, boycott it.
> 
> Its a __bad__ idea. ON par with charging for your OS.
> 
> -Ch-A.
> 
>> From: Hans Zaunere <zaunere at yahoo.com>
>> Organization: New York PHP
>> Reply-To: talk at nyphp.org
>> Date: Wed, 19 Jun 2002 10:29:14 -0400
>> To: NYPHP Talk <talk at nyphp.org>
>> Subject: [nycphp-talk] testers wanted - phpguardian.com
>> 
>> 
>> There's been some talk lately of source protection.  This package
> looks
>> very nice after a quick glance.
>> 
>>> From: "ade_inovica" <mrwowza at hotmail.com>
>>> 
>>> Hi there
>>> 
>>> We're just about ready to release an application called
> phpguardian -
>>> an application which will protect php source code.  We are really
>>> keen to get some people to try it, so if anyone is interested, 
>>> please visit http://www.phpguardian.com and go to the download
link
>>> 
>>> All the best to everyone!
>>> 
>>> Ade
>> 
>> 
>> __________________________________________________
>> Do You Yahoo!?
>> Yahoo! - Official partner of 2002 FIFA World Cup 
>> http://fifaworldcup.yahoo.com
>> 
> 
> 
> 
> 
> 





From charles at softwareprototypes.com  Thu Jun 20 01:08:05 2002
From: charles at softwareprototypes.com (charles at softwareprototypes.com)
Date: Thu, 20 Jun 2002 01:08:05 -0400
Subject: [nycphp-talk] testers wanted - phpguardian.com
Message-ID: <99510-220026420585406@softwareprototypes.com>

Kyle, my dear man,

I have no problem with you or with much of anything else. My mind is
as broad as the ocean. And I don't let language upset me.

I was emphasising to get your attention. And I did, didn't I?

Sorry if you got offended (they're only words, your face is not
smarting and your car alarm didn't go off,) but my point still
remains.

Your alleged need to obfuacate is based on a fallacy. Obfuscation is
fundamentally, thoroughly, deeply and irremediably counter-productive.

Its so easy to defeat, you would be utterly crestfallen.

I KNOW this from having worked both sides of that street.

I have had code classified on me by NATO that would not have remotely
interested anyone in the then Soviet Union under the wildest and most
remote of circumstances. (I don't know anyone who'd be remotely
interested in the supply chain for ammunition for the Frigate mounted
Bofors Phalanx gun.)

And I have written about and published techniques in trade journals,
useful code fragments and entire programs to universal yawns. Nobody
cared then. Nobody cares now. (Well, maybe, except for the eponymous
dialog definition, specification, documentation and test-planning
technique. That one even got written about itself.)

Until you can show me, or anyone else, ANYONE who has ever been
financially damaged by having code revealed, you're, uh, not to
further offend your sensibilities, just whistling the the dark.

The product is a bad idea on the wrong platform and an utter waste of
cycles to implement, execute and deploy. It has no market except for
deluded fools who think anyone actually cares and it has no future.

Sorry if you thought it was a neat hack, and I'm sure it was, but its
like a glow-in-the-dark brassiere, completely useless. I won't
mention other comparisons that spring, unbidden, to my lips.

I bet it screws up acceleration engines too unless you merely mapped
the source code and eliminated variable names and function names. You
should see the Smalltalk decompiler one day. You'll be in for a rude
awakening. (Worse than my [expletive deleted] phraseology. :-)

-Ch-A.

> From: "Kyle Tuskey" <ktuskey at exostream.com>
> Organization: New York PHP
> Reply-To: talk at nyphp.org
> Date: Wed, 19 Jun 2002 23:49:21 -0400
> To: NYPHP Talk <talk at nyphp.org>
> Subject: RE: [nycphp-talk] testers wanted - phpguardian.com
> 
> 
> Charles,
> 
> I don't respond to people who are narrow minded and need to curse to
> make a point.  Protecting code is a valid practice.  I'm sorry you
don't
> agree, but please don't bring it to an infantile level. Thanks.
> 
> Kyle



From louie at zibi.co.il  Thu Jun 20 04:09:12 2002
From: louie at zibi.co.il (louie)
Date: Thu, 20 Jun 2002 01:09:12 -0700
Subject: [nycphp-talk] testers wanted - phpguardian.com
References: <200206200349.g5K3nLP49464@slipdisc.virul.net>
Message-ID: <001801c21831$c37230a0$b35efea9@w3j5c4>

greetings !

protecting code  in open source is kinda lame,
every line of code sould be publish.
knowlage sharing, and coding expirance 
is the only plus in Advance web development.
is used to code in asp.
now i'm using LAMP to almost any project i got.
i do think php is going to overcome anythin' out there.
and zeev rocks ^-^ (but just cuz he's from israel.)

chap chap,
louie.

-Marilyn Monroe had six toes.  


----- Original Message ----- 
From: "Kyle Tuskey" <ktuskey at exostream.com>
To: "NYPHP Talk" <talk at nyphp.org>
Sent: Wednesday, June 19, 2002 8:49 PM
Subject: RE: [nycphp-talk] testers wanted - phpguardian.com


> 
> Charles,
> 
> I don't respond to people who are narrow minded and need to curse to
> make a point.  Protecting code is a valid practice.  I'm sorry you don't
> agree, but please don't bring it to an infantile level. Thanks.
> 
> Kyle
> 
> 
> 
> 
> -----Original Message-----
> From: charles at softwareprototypes.com
> [mailto:charles at softwareprototypes.com] 
> Sent: Wednesday, June 19, 2002 11:43 PM
> To: NYPHP Talk
> Subject: Re: [nycphp-talk] testers wanted - phpguardian.com
> 
> Kyle, at the risk of lacking subtility,
> 
> if I loosed some extremely sophisticated search engines (and I've
> written AI code and articles for AI Expert) on the intenet on a
> hundred PCs and let those search enines run for a year, do you thing
> I could find a SINGLE fuckin' competitor of yours who'd even want to
> see your fuckin' code? Really now.
> 
> You're just fuckin' your clients over and fooling yourself. Try it
> with a free-ware, GPLed release of the previous version of your
> product and you'll be disgusted at the complete and utter lack of
> interest EXCEPT by your existing client base, maybe, if you're lucky.
> 
> Code obfuscation is pointless and you'd be surprised how it HURTS you
> and HELPS your competitors since they have to reverse engineer with a
> clever way of doing what they see your code doing without your own
> prejudices. 
> 
> They probably come up with shit you never thought of. Much more
> clever than anything you came up with in the first place. (I made a
> MISTAKE reverse engineering an expert system inference engine and
> ended up with a complete enterprise modeling engine which then went
> nowhere because the managers of the firm were great real-estate sales
> men but couldn't manage an MIS project at gun point. Utter
> dick-heads.)
> 
> Obfuscation is a mechanical process and if YOU can obfuscate it, it
> can be UN-obfuscated almost as fast as you can muddy the waters.
> (there were viri written for M$ XL BEFORE XL was even available on
> CD-ROM.) And by ditching the variable and function names, (unless the
> DDE/OLE maps are available,) the un-obfuscation gets rid of your own
> internal slants and just shows things as they really are.
> 
> Stop with the code obfuscation BS.
> 
> The business and the money is NOT in the product but in the process
> of building the product. HOW your company got the product spec in the
> first place is much more important than the product to because life
> is a moving target and whatever you deliver TODAY is obsolete before
> you even deliver it.
> 
> Obfuscation is for long-term losers. phpguardian is a sham, a waste
> of time and money and utterly counter-productive. AND NOBODY needs it.
> 
> -Ch-A.
> 
> > From: "Kyle Tuskey" <ktuskey at exostream.com>
> > Organization: New York PHP
> > Reply-To: talk at nyphp.org
> > Date: Wed, 19 Jun 2002 19:55:06 -0400
> > To: NYPHP Talk <talk at nyphp.org>
> > Subject: RE: [nycphp-talk] testers wanted - phpguardian.com
> > 
> > I don't necessarily think this product is amazing, but I think
> saying
> > that code obfuscation isn't needed because "it isn't open source
> > friendly" is a bold statement.  Some of us develop commercial
> > redistributable software that needs obfuscation to protect the
> code.  It
> > is also a valuable tool for certain contracting circumstances.  I do
> > feel that the zend encoder is the best obfuscator on the market, but
> > then again I'm jaded since I know zeev and support his company.
> > 
> > 
> > -- Kyle
> > 
> > 
> > 
> > -----Original Message-----
> > From: charles at softwareprototypes.com
> > [mailto:charles at softwareprototypes.com] 
> > Sent: Wednesday, June 19, 2002 2:00 PM
> > To: NYPHP Talk
> > Subject: Re: [nycphp-talk] testers wanted - phpguardian.com
> > 
> > uh, php runs on the server side. It never gets off of the server
> > because that's pointless.
> > 
> > Just who are we shielding the code from exactly? 
> > 
> > - Ourselves? Get real.
> > - The "competition"? It entirely defeats the purpose and spirit of
> > open source. 
> > - "Crackers?" They just stress test your back-up and recovery
> > procedures. 
> > 
> > Use CVS or SourceSafe or some other file versioning system and put
> > checked-out copies of the the files in a tree under a shared
> > directory or under the various home directories.
> > 
> > This abomination entirely defeats the purpose and spirit of open
> > source. I say ignore it. If you're really in a snit, boycott it.
> > 
> > Its a __bad__ idea. ON par with charging for your OS.
> > 
> > -Ch-A.
> > 
> >> From: Hans Zaunere <zaunere at yahoo.com>
> >> Organization: New York PHP
> >> Reply-To: talk at nyphp.org
> >> Date: Wed, 19 Jun 2002 10:29:14 -0400
> >> To: NYPHP Talk <talk at nyphp.org>
> >> Subject: [nycphp-talk] testers wanted - phpguardian.com
> >> 
> >> 
> >> There's been some talk lately of source protection.  This package
> > looks
> >> very nice after a quick glance.
> >> 
> >>> From: "ade_inovica" <mrwowza at hotmail.com>
> >>> 
> >>> Hi there
> >>> 
> >>> We're just about ready to release an application called
> > phpguardian -
> >>> an application which will protect php source code.  We are really 
> >>> keen to get some people to try it, so if anyone is interested, 
> >>> please visit http://www.phpguardian.com and go to the download
> link
> >>> 
> >>> All the best to everyone!
> >>> 
> >>> Ade
> >> 
> >> 
> >> __________________________________________________
> >> Do You Yahoo!?
> >> Yahoo! - Official partner of 2002 FIFA World Cup
> >> http://fifaworldcup.yahoo.com
> >> 
> > 
> > 
> > 
> > 
> > 
> 
> 
> 
> 
> 
> 
> 



From prutwo at onebox.com  Thu Jun 20 09:01:32 2002
From: prutwo at onebox.com (ophir prusak)
Date: Thu, 20 Jun 2002 06:01:32 -0700
Subject: [nycphp-talk] testers wanted - phpguardian.com
Message-ID: <20020620130132.ONHP318.mta10.onebox.com@onebox.com>


In a perfect world :
1. No one would use software they didn't pay for or use it beyond the
licesnse agreement they purchased.
2. Everyone could distribute source code with their application.

But, we don't live in a perfect world.
We live in a world where the majority of napster users honestly think
they're not doing anything wrong.
We live in a world where most people don't think much of copying a program
from a friend, or downloading a crack, serial, etc.

I'm a strong believer of open source, and I think it makes sense (even
business sense) for many types of software and projects.

I'm also a strong beleiver in people getting paid for their work.
When I'm doing a project there's a difference if I'm selling my (source)
code or I'm selling a solution.

As long as their are people using software they didn't pay for (or in
a way/amount they didn't pay for) - we'll need ways to help protect people
who write software from being abused. This includes products like Zend
Encoder (and others).


---- "louie" <louie at zibi.co.il> wrote:
> greetings !
> 
> protecting code  in open source is kinda lame,
> every line of code sould be publish.
> knowlage sharing, and coding expirance 
> is the only plus in Advance web development.
> is used to code in asp.
> now i'm using LAMP to almost any project i got.
> i do think php is going to overcome anythin' out there.
> and zeev rocks ^-^ (but just cuz he's from israel.)
> 
> chap chap,
> louie.
> 
> -Marilyn Monroe had six toes.  
> 
> 
> ----- Original Message ----- 
> From: "Kyle Tuskey" <ktuskey at exostream.com>
> To: "NYPHP Talk" <talk at nyphp.org>
> Sent: Wednesday, June 19, 2002 8:49 PM
> Subject: RE: [nycphp-talk] testers wanted - phpguardian.com
> 
> 
> > 
> > Charles,
> > 
> > I don't respond to people who are narrow minded and need to curse
> to
> > make a point.  Protecting code is a valid practice.  I'm sorry you
> don't
> > agree, but please don't bring it to an infantile level. Thanks.
> > 
> > Kyle
> > 
> > 
> > 
> > 
> > -----Original Message-----
> > From: charles at softwareprototypes.com
> > [mailto:charles at softwareprototypes.com] 
> > Sent: Wednesday, June 19, 2002 11:43 PM
> > To: NYPHP Talk
> > Subject: Re: [nycphp-talk] testers wanted - phpguardian.com
> > 
> > Kyle, at the risk of lacking subtility,
> > 
> > if I loosed some extremely sophisticated search engines (and I've
> > written AI code and articles for AI Expert) on the intenet on a
> > hundred PCs and let those search enines run for a year, do you thing
> > I could find a SINGLE fuckin' competitor of yours who'd even want
> to
> > see your fuckin' code? Really now.
> > 
> > You're just fuckin' your clients over and fooling yourself. Try it
> > with a free-ware, GPLed release of the previous version of your
> > product and you'll be disgusted at the complete and utter lack of
> > interest EXCEPT by your existing client base, maybe, if you're lucky.
> > 
> > Code obfuscation is pointless and you'd be surprised how it HURTS
> you
> > and HELPS your competitors since they have to reverse engineer with
> a
> > clever way of doing what they see your code doing without your own
> > prejudices. 
> > 
> > They probably come up with shit you never thought of. Much more
> > clever than anything you came up with in the first place. (I made
> a
> > MISTAKE reverse engineering an expert system inference engine and
> > ended up with a complete enterprise modeling engine which then went
> > nowhere because the managers of the firm were great real-estate sales
> > men but couldn't manage an MIS project at gun point. Utter
> > dick-heads.)
> > 
> > Obfuscation is a mechanical process and if YOU can obfuscate it,
> it
> > can be UN-obfuscated almost as fast as you can muddy the waters.
> > (there were viri written for M$ XL BEFORE XL was even available on
> > CD-ROM.) And by ditching the variable and function names, (unless
> the
> > DDE/OLE maps are available,) the un-obfuscation gets rid of your
> own
> > internal slants and just shows things as they really are.
> > 
> > Stop with the code obfuscation BS.
> > 
> > The business and the money is NOT in the product but in the process
> > of building the product. HOW your company got the product spec in
> the
> > first place is much more important than the product to because life
> > is a moving target and whatever you deliver TODAY is obsolete before
> > you even deliver it.
> > 
> > Obfuscation is for long-term losers. phpguardian is a sham, a waste
> > of time and money and utterly counter-productive. AND NOBODY needs
> it.
> > 
> > -Ch-A.
> > 
> > > From: "Kyle Tuskey" <ktuskey at exostream.com>
> > > Organization: New York PHP
> > > Reply-To: talk at nyphp.org
> > > Date: Wed, 19 Jun 2002 19:55:06 -0400
> > > To: NYPHP Talk <talk at nyphp.org>
> > > Subject: RE: [nycphp-talk] testers wanted - phpguardian.com
> > > 
> > > I don't necessarily think this product is amazing, but I think
> > saying
> > > that code obfuscation isn't needed because "it isn't open source
> > > friendly" is a bold statement.  Some of us develop commercial
> > > redistributable software that needs obfuscation to protect the
> > code.  It
> > > is also a valuable tool for certain contracting circumstances.
>  I do
> > > feel that the zend encoder is the best obfuscator on the market,
> but
> > > then again I'm jaded since I know zeev and support his company.
> > > 
> > > 
> > > -- Kyle
> > > 
> > > 
> > > 
> > > -----Original Message-----
> > > From: charles at softwareprototypes.com
> > > [mailto:charles at softwareprototypes.com] 
> > > Sent: Wednesday, June 19, 2002 2:00 PM
> > > To: NYPHP Talk
> > > Subject: Re: [nycphp-talk] testers wanted - phpguardian.com
> > > 
> > > uh, php runs on the server side. It never gets off of the server
> > > because that's pointless.
> > > 
> > > Just who are we shielding the code from exactly? 
> > > 
> > > - Ourselves? Get real.
> > > - The "competition"? It entirely defeats the purpose and spirit
> of
> > > open source. 
> > > - "Crackers?" They just stress test your back-up and recovery
> > > procedures. 
> > > 
> > > Use CVS or SourceSafe or some other file versioning system and
> put
> > > checked-out copies of the the files in a tree under a shared
> > > directory or under the various home directories.
> > > 
> > > This abomination entirely defeats the purpose and spirit of open
> > > source. I say ignore it. If you're really in a snit, boycott it.
> > > 
> > > Its a __bad__ idea. ON par with charging for your OS.
> > > 
> > > -Ch-A.
> > > 
> > >> From: Hans Zaunere <zaunere at yahoo.com>
> > >> Organization: New York PHP
> > >> Reply-To: talk at nyphp.org
> > >> Date: Wed, 19 Jun 2002 10:29:14 -0400
> > >> To: NYPHP Talk <talk at nyphp.org>
> > >> Subject: [nycphp-talk] testers wanted - phpguardian.com
> > >> 
> > >> 
> > >> There's been some talk lately of source protection.  This package
> > > looks
> > >> very nice after a quick glance.
> > >> 
> > >>> From: "ade_inovica" <mrwowza at hotmail.com>
> > >>> 
> > >>> Hi there
> > >>> 
> > >>> We're just about ready to release an application called
> > > phpguardian -
> > >>> an application which will protect php source code.  We are really
> 
> > >>> keen to get some people to try it, so if anyone is interested,
> 
> > >>> please visit http://www.phpguardian.com and go to the download
> > link
> > >>> 
> > >>> All the best to everyone!
> > >>> 
> > >>> Ade
> > >> 
> > >> 
> > >> __________________________________________________
> > >> Do You Yahoo!?
> > >> Yahoo! - Official partner of 2002 FIFA World Cup
> > >> http://fifaworldcup.yahoo.com
> > >> 
> > > 
> > > 
> > > 
> > > 
> > > 
> > 
> > 
> > 
> > 
> > 
> > 
> > 
> 
> 
>  


From jhise at linuxforbusiness.org  Thu Jun 20 09:42:00 2002
From: jhise at linuxforbusiness.org (Jeremy Hise)
Date: 20 Jun 2002 09:42:00 -0400
Subject: PHP Versions and GLOBALS
Message-ID: <1024580522.3094.8.camel@localhost.localdomain>

Hi All:

I have an app that runs fine on php4.0.4 but acts all funky on php4.0.6.
Places in .4 that use $GLOBALS[varname] suddenly require that I do
$GLOBALS[HTTP_POST_VARS][varname].

I think I remember something about this but I'm not sure and I can't
really find anything on the php site.

Do any of you know what the story is with regards to how GLOBALS work
between these versions?

Thank you!

Jeremy 






From oktay at datapipe.com  Thu Jun 20 10:16:47 2002
From: oktay at datapipe.com (Oktay Altunergil)
Date: Thu, 20 Jun 2002 10:16:47 -0400
Subject: [nycphp-talk] testers wanted - phpguardian.com
In-Reply-To: <200206200342.g5K3gYP49377@slipdisc.virul.net>
References: <200206200342.g5K3gYP49377@slipdisc.virul.net>
Message-ID: <20020620101647.6e2c715e.oktay@datapipe.com>


At work I cannot code some apps in PHP because the code will be copied by customers/competitors and used on other servers.  I personally could not care less and would love to have all of my code open sourced. However this is a business, and any kind of distinct features you have make the difference between you and your competitors. Granted, they can reverse engineer or just get your idea and design an even better system than you could ever do myself. But that is not the point. In the business world, open source fans are not the people who make decisions. It's the management who decides what you can and cannot do. For this reason I am actually interested in the product mentioned. 

Now I'm not an expert at this but the product seems to do key based encyrption. This is a few steps ahead of mangling the code to make it unreadable by humans. On the other hand, for PHP to parse to code it has to be decrypted and if PHP can decrypt it so can you. I would like more information about this in the FAQ if the developers are tuned in.

Oktay Altunergil

On Wed, 19 Jun 2002 23:42:34 -0400
charles at softwareprototypes.com wrote:

> Kyle, at the risk of lacking subtility,
> 
> if I loosed some extremely sophisticated search engines (and I've
> written AI code and articles for AI Expert) on the intenet on a
> hundred PCs and let those search enines run for a year, do you thing
> I could find a SINGLE fuckin' competitor of yours who'd even want to
> see your fuckin' code? Really now.
> 
> You're just fuckin' your clients over and fooling yourself. Try it
> with a free-ware, GPLed release of the previous version of your
> product and you'll be disgusted at the complete and utter lack of
> interest EXCEPT by your existing client base, maybe, if you're lucky.
> 
> Code obfuscation is pointless and you'd be surprised how it HURTS you
> and HELPS your competitors since they have to reverse engineer with a
> clever way of doing what they see your code doing without your own
> prejudices. 
> 
> They probably come up with shit you never thought of. Much more
> clever than anything you came up with in the first place. (I made a
> MISTAKE reverse engineering an expert system inference engine and
> ended up with a complete enterprise modeling engine which then went
> nowhere because the managers of the firm were great real-estate sales
> men but couldn't manage an MIS project at gun point. Utter
> dick-heads.)
> 
> Obfuscation is a mechanical process and if YOU can obfuscate it, it
> can be UN-obfuscated almost as fast as you can muddy the waters.
> (there were viri written for M$ XL BEFORE XL was even available on
> CD-ROM.) And by ditching the variable and function names, (unless the
> DDE/OLE maps are available,) the un-obfuscation gets rid of your own
> internal slants and just shows things as they really are.
> 
> Stop with the code obfuscation BS.
> 
> The business and the money is NOT in the product but in the process
> of building the product. HOW your company got the product spec in the
> first place is much more important than the product to because life
> is a moving target and whatever you deliver TODAY is obsolete before
> you even deliver it.
> 
> Obfuscation is for long-term losers. phpguardian is a sham, a waste
> of time and money and utterly counter-productive. AND NOBODY needs it.
> 
> -Ch-A.
> 
> > From: "Kyle Tuskey" <ktuskey at exostream.com>
> > Organization: New York PHP
> > Reply-To: talk at nyphp.org
> > Date: Wed, 19 Jun 2002 19:55:06 -0400
> > To: NYPHP Talk <talk at nyphp.org>
> > Subject: RE: [nycphp-talk] testers wanted - phpguardian.com
> > 
> > I don't necessarily think this product is amazing, but I think
> saying
> > that code obfuscation isn't needed because "it isn't open source
> > friendly" is a bold statement.  Some of us develop commercial
> > redistributable software that needs obfuscation to protect the
> code.  It
> > is also a valuable tool for certain contracting circumstances.  I do
> > feel that the zend encoder is the best obfuscator on the market, but
> > then again I'm jaded since I know zeev and support his company.
> > 
> > 
> > -- Kyle
> > 
> > 
> > 
> > -----Original Message-----
> > From: charles at softwareprototypes.com
> > [mailto:charles at softwareprototypes.com] 
> > Sent: Wednesday, June 19, 2002 2:00 PM
> > To: NYPHP Talk
> > Subject: Re: [nycphp-talk] testers wanted - phpguardian.com
> > 
> > uh, php runs on the server side. It never gets off of the server
> > because that's pointless.
> > 
> > Just who are we shielding the code from exactly? 
> > 
> > - Ourselves? Get real.
> > - The "competition"? It entirely defeats the purpose and spirit of
> > open source. 
> > - "Crackers?" They just stress test your back-up and recovery
> > procedures. 
> > 
> > Use CVS or SourceSafe or some other file versioning system and put
> > checked-out copies of the the files in a tree under a shared
> > directory or under the various home directories.
> > 
> > This abomination entirely defeats the purpose and spirit of open
> > source. I say ignore it. If you're really in a snit, boycott it.
> > 
> > Its a __bad__ idea. ON par with charging for your OS.
> > 
> > -Ch-A.
> > 
> >> From: Hans Zaunere <zaunere at yahoo.com>
> >> Organization: New York PHP
> >> Reply-To: talk at nyphp.org
> >> Date: Wed, 19 Jun 2002 10:29:14 -0400
> >> To: NYPHP Talk <talk at nyphp.org>
> >> Subject: [nycphp-talk] testers wanted - phpguardian.com
> >> 
> >> 
> >> There's been some talk lately of source protection.  This package
> > looks
> >> very nice after a quick glance.
> >> 
> >>> From: "ade_inovica" <mrwowza at hotmail.com>
> >>> 
> >>> Hi there
> >>> 
> >>> We're just about ready to release an application called
> > phpguardian -
> >>> an application which will protect php source code.  We are really 
> >>> keen to get some people to try it, so if anyone is interested, 
> >>> please visit http://www.phpguardian.com and go to the download
> link
> >>> 
> >>> All the best to everyone!
> >>> 
> >>> Ade
> >> 
> >> 
> >> __________________________________________________
> >> Do You Yahoo!?
> >> Yahoo! - Official partner of 2002 FIFA World Cup
> >> http://fifaworldcup.yahoo.com
> >> 
> > 
> > 
> > 
> > 
> > 
> 
> 
> 


From nyphp at altunergil.com  Thu Jun 20 10:17:23 2002
From: nyphp at altunergil.com (Oktay Altunergil)
Date: Thu, 20 Jun 2002 10:17:23 -0400
Subject: [nycphp-talk] testers wanted - phpguardian.com
In-Reply-To: <200206200342.g5K3gYP49377@slipdisc.virul.net>
References: <200206200342.g5K3gYP49377@slipdisc.virul.net>
Message-ID: <20020620101723.0da6af05.nyphp@altunergil.com>

my 2 cents on this..

At work I cannot code some apps in PHP because the code will be copied by customers/competitors and used on other servers.  I personally could not care less and would love to have all of my code open sourced. However this is a business, and any kind of distinct features you have make the difference between you and your competitors. Granted, they can reverse engineer or just get your idea and design an even better system than you could ever do myself. But that is not the point. In the business world, open source fans are not the people who make decisions. It's the management who decides what you can and cannot do. For this reason I am actually interested in the product mentioned. 

Now I'm not an expert at this but the product seems to do key based encyrption. This is a few steps ahead of mangling the code to make it unreadable by humans. On the other hand, for PHP to parse to code it has to be decrypted and if PHP can decrypt it so can you. I would like more information about this in the FAQ if the developers are tuned in.

Oktay Altunergil

On Wed, 19 Jun 2002 23:42:34 -0400
charles at softwareprototypes.com wrote:

> Kyle, at the risk of lacking subtility,
> 
> if I loosed some extremely sophisticated search engines (and I've
> written AI code and articles for AI Expert) on the intenet on a
> hundred PCs and let those search enines run for a year, do you thing
> I could find a SINGLE fuckin' competitor of yours who'd even want to
> see your fuckin' code? Really now.
> 
> You're just fuckin' your clients over and fooling yourself. Try it
> with a free-ware, GPLed release of the previous version of your
> product and you'll be disgusted at the complete and utter lack of
> interest EXCEPT by your existing client base, maybe, if you're lucky.
> 
> Code obfuscation is pointless and you'd be surprised how it HURTS you
> and HELPS your competitors since they have to reverse engineer with a
> clever way of doing what they see your code doing without your own
> prejudices. 
> 
> They probably come up with shit you never thought of. Much more
> clever than anything you came up with in the first place. (I made a
> MISTAKE reverse engineering an expert system inference engine and
> ended up with a complete enterprise modeling engine which then went
> nowhere because the managers of the firm were great real-estate sales
> men but couldn't manage an MIS project at gun point. Utter
> dick-heads.)
> 
> Obfuscation is a mechanical process and if YOU can obfuscate it, it
> can be UN-obfuscated almost as fast as you can muddy the waters.
> (there were viri written for M$ XL BEFORE XL was even available on
> CD-ROM.) And by ditching the variable and function names, (unless the
> DDE/OLE maps are available,) the un-obfuscation gets rid of your own
> internal slants and just shows things as they really are.
> 
> Stop with the code obfuscation BS.
> 
> The business and the money is NOT in the product but in the process
> of building the product. HOW your company got the product spec in the
> first place is much more important than the product to because life
> is a moving target and whatever you deliver TODAY is obsolete before
> you even deliver it.
> 
> Obfuscation is for long-term losers. phpguardian is a sham, a waste
> of time and money and utterly counter-productive. AND NOBODY needs it.
> 
> -Ch-A.
> 
> > From: "Kyle Tuskey" <ktuskey at exostream.com>
> > Organization: New York PHP
> > Reply-To: talk at nyphp.org
> > Date: Wed, 19 Jun 2002 19:55:06 -0400
> > To: NYPHP Talk <talk at nyphp.org>
> > Subject: RE: [nycphp-talk] testers wanted - phpguardian.com
> > 
> > I don't necessarily think this product is amazing, but I think
> saying
> > that code obfuscation isn't needed because "it isn't open source
> > friendly" is a bold statement.  Some of us develop commercial
> > redistributable software that needs obfuscation to protect the
> code.  It
> > is also a valuable tool for certain contracting circumstances.  I do
> > feel that the zend encoder is the best obfuscator on the market, but
> > then again I'm jaded since I know zeev and support his company.
> > 
> > 
> > -- Kyle
> > 
> > 
> > 
> > -----Original Message-----
> > From: charles at softwareprototypes.com
> > [mailto:charles at softwareprototypes.com] 
> > Sent: Wednesday, June 19, 2002 2:00 PM
> > To: NYPHP Talk
> > Subject: Re: [nycphp-talk] testers wanted - phpguardian.com
> > 
> > uh, php runs on the server side. It never gets off of the server
> > because that's pointless.
> > 
> > Just who are we shielding the code from exactly? 
> > 
> > - Ourselves? Get real.
> > - The "competition"? It entirely defeats the purpose and spirit of
> > open source. 
> > - "Crackers?" They just stress test your back-up and recovery
> > procedures. 
> > 
> > Use CVS or SourceSafe or some other file versioning system and put
> > checked-out copies of the the files in a tree under a shared
> > directory or under the various home directories.
> > 
> > This abomination entirely defeats the purpose and spirit of open
> > source. I say ignore it. If you're really in a snit, boycott it.
> > 
> > Its a __bad__ idea. ON par with charging for your OS.
> > 
> > -Ch-A.
> > 
> >> From: Hans Zaunere <zaunere at yahoo.com>
> >> Organization: New York PHP
> >> Reply-To: talk at nyphp.org
> >> Date: Wed, 19 Jun 2002 10:29:14 -0400
> >> To: NYPHP Talk <talk at nyphp.org>
> >> Subject: [nycphp-talk] testers wanted - phpguardian.com
> >> 
> >> 
> >> There's been some talk lately of source protection.  This package
> > looks
> >> very nice after a quick glance.
> >> 
> >>> From: "ade_inovica" <mrwowza at hotmail.com>
> >>> 
> >>> Hi there
> >>> 
> >>> We're just about ready to release an application called
> > phpguardian -
> >>> an application which will protect php source code.  We are really 
> >>> keen to get some people to try it, so if anyone is interested, 
> >>> please visit http://www.phpguardian.com and go to the download
> link
> >>> 
> >>> All the best to everyone!
> >>> 
> >>> Ade
> >> 
> >> 
> >> __________________________________________________
> >> Do You Yahoo!?
> >> Yahoo! - Official partner of 2002 FIFA World Cup
> >> http://fifaworldcup.yahoo.com
> >> 
> > 
> > 
> > 
> > 
> > 
> 
> 
> 


From gherson at snet.net  Thu Jun 20 10:51:14 2002
From: gherson at snet.net (George Herson)
Date: Thu, 20 Jun 2002 10:51:14 -0400
Subject: [nycphp-talk] testers wanted - phpguardian.com
References: <200206201417.g5KEHRP56576@slipdisc.virul.net>
Message-ID: <3D11EBE2.1090203@snet.net>



Oktay Altunergil wrote:
 > my 2 cents on this..
 >
 > At work I cannot code some apps in PHP because the code will be copied by
 > customers/competitors and used on other servers.  I personally could not care
 > less and would love to have all of my code open sourced. However this is a
 > business, and any kind of distinct features you have make the difference
 > between you and your competitors. Granted, they can reverse engineer or just
 > get your idea and design an even better system than you could ever do myself.
 > But that is not the point. In the business world, open source fans are not
 > the people who make decisions. It's the management who decides what you can
 > and cannot do. For this reason I am actually interested in the product
 > mentioned.
 >
 > Now I'm not an expert at this but the product seems to do key based
 > encyrption. This is a few steps ahead of mangling the code to make it
 > unreadable by humans. On the other hand, for PHP to parse to code it has to
 > be decrypted and if PHP can decrypt it so can you.

Key-based encryption means a key is required for decryption, so neither PHP nor 
a human will be able to decrypt w/o it.  (Short of a brute force attack, 
assuming any of the common, good algorithms (DES, RSA) are used).

My take on the code encryption controversy, such as it is, is that since a 
significanct percentage of consulting customers are dead-beatish (late or no 
pay), anything you can do to create an incentive for eventual payment, such as 
making modification to delivered code v. difficult, is a good thing.  And that's 
just one application for code-encryption technology, so to say it is never 
useful is silly, IMO.

cheers,
george

 > I would like more
 > information about this in the FAQ if the developers are tuned in.
 >
 > Oktay Altunergil
 >




From markjia at yahoo.com  Thu Jun 20 11:00:13 2002
From: markjia at yahoo.com (Mark Jia)
Date: Thu, 20 Jun 2002 08:00:13 -0700 (PDT)
Subject: [nycphp-talk] browser issue?
In-Reply-To: <200206192214.g5JMEjP45930@slipdisc.virul.net>
Message-ID: <20020620150013.41470.qmail@web10007.mail.yahoo.com>


Do you setup the error log file? what does it say?
Mark
  Kenneth Schwartz <kenschwartz at nyc.rr.com> wrote: I have my first PHP site up in production right now (I've developed ColdFusion for years and recently jumped on the PHP bandwagon) and I've got a funny problem I'm wondering if anyone out there can assist me with.

The main client tested all of my scripts when they were in beta and everything was fine. He was using his home box at the time. Now that we went to production and he is using his work machine, the script is erroring out. I'm not having any problems when I hit the production site, none of my colleagues are, and we've checked it out with numerous friends who can all use the page successfully across a wide variety of browsers and platforms.

This client appears to be the only one using IE 6.0. Any potential problems there or anyone have an idea of what I should pursue? His security settings are all apparently nornal.


Thanks
Kenneth Schwartz





---------------------------------
Do You Yahoo!?
Sign-up for Video Highlights of 2002 FIFA World Cup
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20020620/f185b07b/attachment.html>

From LarryC at indexstock.com  Thu Jun 20 12:22:20 2002
From: LarryC at indexstock.com (Larry Chuon)
Date: Thu, 20 Jun 2002 12:22:20 -0400
Subject: Load Balancer
Message-ID: <86713EAB93BD5F40B94A0C8E604C7C91AEB3A2@index-exchange.indexstock.com>

I'm using Cisco Local Director now.  It doesn't serve my purpose.  There new
product CSS will not achieve what I am looking to do either.  However, it
does have a feature that allow me to write customize Perl script to monitor
the performance on my server farm.  I feel that spending $$$ on such feature
is a waste of money.  May be there is an open source software that enable me
to do this. Does anybody know of any load balancer software?  I need an LB
that can load balance services and threads (and CPU time if possible) on my
servers.
 
 
 
 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20020620/69c733d6/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Ivy.gif
Type: image/gif
Size: 5665 bytes
Desc: not available
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20020620/69c733d6/attachment.gif>

From prutwo at onebox.com  Thu Jun 20 12:34:40 2002
From: prutwo at onebox.com (ophir prusak)
Date: Thu, 20 Jun 2002 09:34:40 -0700
Subject: [nycphp-talk] Load Balancer
Message-ID: <20020620163440.XHFP7375.mta06.onebox.com@onebox.com>


Zeus has a product that aint open source but it is software based:

http://www.zeus.com/products/zlb/

----
Ophir Prusak
Internet developer 
prutwo at onebox.com | http://www.prusak.com/ 



---- Larry Chuon <LarryC at indexstock.com> wrote:
> <paralist>This message contained 1 file(s) and is available at http://nyphp.org/list/paralist_archive.html?L_mid=464</paralist>
> 
> I'm using Cisco Local Director now.  It doesn't serve my purpose. 
> There new
> product CSS will not achieve what I am looking to do either.  However,
> it
> does have a feature that allow me to write customize Perl script to
> monitor
> the performance on my server farm.  I feel that spending $$$ on such
> feature
> is a waste of money.  May be there is an open source software that
> enable me
> to do this. Does anybody know of any load balancer software?  I need
> an LB
> that can load balance services and threads (and CPU time if possible)
> on my
> servers.
>  
>  
>  
>  
> 
> 
>  


From ben at tanjero.com  Thu Jun 20 12:35:32 2002
From: ben at tanjero.com (Benjamin Stiglitz)
Date: Thu, 20 Jun 2002 12:35:32 -0400
Subject: [nycphp-talk] PHP Versions and GLOBALS
In-Reply-To: <200206201343.g5KDhTP56162@slipdisc.virul.net>
Message-ID: <BD512B2A-846B-11D6-BD96-00039396A660@tanjero.com>

The register_globals setting in php.ini is no longer on by default in 
PHP 4.0.6+, as it poses a security risk.
See http://www.php.net/manual/en/security.registerglobals.php

Thank you,
Benjamin Stiglitz
Tanjero
ben at tanjero.com

On Thursday, June 20, 2002, at 09:43  AM, Jeremy Hise wrote:

> Hi All:
>
> I have an app that runs fine on php4.0.4 but acts all funky on php4.0.6.
> Places in .4 that use $GLOBALS[varname] suddenly require that I do
> $GLOBALS[HTTP_POST_VARS][varname].
>
> I think I remember something about this but I'm not sure and I can't
> really find anything on the php site.
>
> Do any of you know what the story is with regards to how GLOBALS work
> between these versions?
>
> Thank you!
>
> Jeremy
>
>
>
>
>
>
>



From adam at ecamp.net  Thu Jun 20 13:05:54 2002
From: adam at ecamp.net (Adam)
Date: Thu, 20 Jun 2002 13:05:54 -0400
Subject: [nycphp-talk] Load Balancer
In-Reply-To: <200206201634.g5KGYnP58287@slipdisc.virul.net>
Message-ID: <E1858F33EF60D411AC120008C74C668A465F72@EXCHANGE>

Mod_backhand works wonders...
Backhand.org



-----Original Message-----
From: ophir prusak [mailto:prutwo at onebox.com] 
Sent: Thursday, June 20, 2002 12:35 PM
To: NYPHP Talk
Subject: Re: [nycphp-talk] Load Balancer


Zeus has a product that aint open source but it is software based:

http://www.zeus.com/products/zlb/

----
Ophir Prusak
Internet developer 
prutwo at onebox.com | http://www.prusak.com/ 



---- Larry Chuon <LarryC at indexstock.com> wrote:
> <paralist>This message contained 1 file(s) and is available at
http://nyphp.org/list/paralist_archive.html?L_mid=464</paralist>
> 
> I'm using Cisco Local Director now.  It doesn't serve my purpose. 
> There new
> product CSS will not achieve what I am looking to do either.  However,
> it
> does have a feature that allow me to write customize Perl script to
> monitor
> the performance on my server farm.  I feel that spending $$$ on such
> feature
> is a waste of money.  May be there is an open source software that
> enable me
> to do this. Does anybody know of any load balancer software?  I need
> an LB
> that can load balance services and threads (and CPU time if possible)
> on my
> servers.
>  
>  
>  
>  
> 
> 
>  




From steven at sohh.com  Thu Jun 20 16:09:16 2002
From: steven at sohh.com (Steven Samuel)
Date: Thu, 20 Jun 2002 13:09:16 -0700
Subject: [nycphp-talk] Load Balancer
In-Reply-To: <200206201634.g5KGYnP58287@slipdisc.virul.net>
Message-ID: <NFBBLGJHPCPLFPHPHJOLEECCAHAB.steven@sohh.com>

Not sure if this would help but it's increased my CPU performance.  Try PHP
Acceralator.
http://www.php-accelerator.co.uk/

-----Original Message-----
From: ophir prusak [mailto:prutwo at onebox.com]
Sent: Thursday, June 20, 2002 9:35 AM
To: NYPHP Talk
Subject: Re: [nycphp-talk] Load Balancer



Zeus has a product that aint open source but it is software based:

http://www.zeus.com/products/zlb/

----
Ophir Prusak
Internet developer
prutwo at onebox.com | http://www.prusak.com/



---- Larry Chuon <LarryC at indexstock.com> wrote:
> <paralist>This message contained 1 file(s) and is available at
http://nyphp.org/list/paralist_archive.html?L_mid=464</paralist>
>
> I'm using Cisco Local Director now.  It doesn't serve my purpose.
> There new
> product CSS will not achieve what I am looking to do either.  However,
> it
> does have a feature that allow me to write customize Perl script to
> monitor
> the performance on my server farm.  I feel that spending $$$ on such
> feature
> is a waste of money.  May be there is an open source software that
> enable me
> to do this. Does anybody know of any load balancer software?  I need
> an LB
> that can load balance services and threads (and CPU time if possible)
> on my
> servers.
>
>
>
>
>
>
>



From charles at softwareprototypes.com  Thu Jun 20 13:29:06 2002
From: charles at softwareprototypes.com (charles at softwareprototypes.com)
Date: Thu, 20 Jun 2002 13:29:06 -0400
Subject: Getin' paranoid with php code protection
Message-ID: <43110-22002642017296500@softwareprototypes.com>

Who's paying who for what, when and where seems to be something
nobody has touched on in this code obfuscation discussion.

1) Who paid for the development? 

Somebody else or yourself? If you did code-for-hire, its not your
call and not your problem. If its your code, read on.

2) How much did it cost? How much is it worth, now in a week, in a
year? 

If it cost a lot (>$10k,) to develop its probably tied into some
domain specific experience and would cost that much again to
integrate it into another site. If its less, if not worth stealing,
or protecting by making the maintainance of it more difficult. 

Specially since its machine code (even VM code) so its trivial to
disassemble, map variable and function names onto and if you've got a
DDE/OLE type convention, its dishearteningly easy to recover
everything but stack/frame temp var names.

3) Why was it developed?

4) Why would anyone want steal it?

How is whoever owns the code making money off of this code? Are you
selling your code or could/should you use any code that escapes as
free advertising for your coding skills.

5) How vulnerable is it anyway?

You haven't told me how is the thief supposed to steal these php
pages since php runs on the server and those pages should be spewing
html out to the client.

5a) Having php code on anything but the server-side is, uh, silly,
because it won't get executed and therefore I certainly wouldn't want
to steal a page which was written to have some php code making its
way out of the server because the writer obviously didn't know what
he was doing.

5b) If you're worried about somebody FTPing into your box, remember,
you can password protect subdirectories, make them belong to another
user, make the files non-world visible but group accessible. If
someone does steal your pages (that a stupid concept since your
publishing them on your web site for everyone to access,) he'd have
to also duplicate your database schema and your database content.
That gets a bit harder to pull off and is prosecutable. 

Complusion:

Stealing code is not that easy and not that simple. Stealing code and
getting it to work is orders of magnitude more complicated.

Unless your php code could be turned outright into a shrink-wrappable
solution for a broad class of problems, I wouldn't worry about it
getting loose.

Why would you be writing a "shirk"-ware app in php? C++ would give
you that kind of control while saddling you with the responsability
for maintainance, updates, correctness, training and support.

You're right, " We live in a world where the majority of Napster
users honestly think they're not doing anything wrong."

And you know what? They're right. 

As galling as it might seem to you to hear this, since you're NOT
living in a perfect world, using a business model which requires that
everybody play by rules that can't be enforced is stupid, leads to
oppression, coercion, supression, censorship. All the things we hate
and chafe at the very suggestion of.

Find some other, more reality-based, way to make a buck.

Rent out your skills and your ability to learn adapt and code. You
have nothing else thats truly your own.

The distance between past and future is a user-illusion, a dream-thin
shock-wave. Be a shock-wave rider or wipe out. Those are the choices.

-Ch-A.



From jhise at nextsource.com  Thu Jun 20 13:27:52 2002
From: jhise at nextsource.com (Jeremy Hise)
Date: 20 Jun 2002 13:27:52 -0400
Subject: [nycphp-talk] PHP Versions and GLOBALS
In-Reply-To: <200206201635.g5KGZcP58308@slipdisc.virul.net>
References: <200206201635.g5KGZcP58308@slipdisc.virul.net>
Message-ID: <1024594087.4529.42.camel@localhost.localdomain>

Hey. That looks like it may be it.

Thanks a lot!

Jeremy

On Thu, 2002-06-20 at 12:35, Benjamin Stiglitz wrote:
> The register_globals setting in php.ini is no longer on by default in 
> PHP 4.0.6+, as it poses a security risk.
> See http://www.php.net/manual/en/security.registerglobals.php
> 
> Thank you,
> Benjamin Stiglitz
> Tanjero
> ben at tanjero.com
> 
> On Thursday, June 20, 2002, at 09:43  AM, Jeremy Hise wrote:
> 
> > Hi All:
> >
> > I have an app that runs fine on php4.0.4 but acts all funky on php4.0.6.
> > Places in .4 that use $GLOBALS[varname] suddenly require that I do
> > $GLOBALS[HTTP_POST_VARS][varname].
> >
> > I think I remember something about this but I'm not sure and I can't
> > really find anything on the php site.
> >
> > Do any of you know what the story is with regards to how GLOBALS work
> > between these versions?
> >
> > Thank you!
> >
> > Jeremy
> >
> >
> >
> >
> >
> >
> >
> 
> 
> 
> 




From louie at zibi.co.il  Thu Jun 20 17:24:24 2002
From: louie at zibi.co.il (louie)
Date: Thu, 20 Jun 2002 14:24:24 -0700
Subject: [nycphp-talk] Getin' paranoid with php code protection
References: <200206201724.g5KHOmP58958@slipdisc.virul.net>
Message-ID: <003301c218a0$e4812ca0$b35efea9@w3j5c4>

greetings !

see the big picture !!!

well, lets clear things,
napster user i believe know that they doing something wrong !
but they are not stealing! they are price adjusters, music disk's should be
way cheaper
than what it is right now, and thanks to napster price did drop down.
the only people who makes the big bucks are not and never will be the
artists.
the only person with the fat bank account are the manager/record companies.

i also believe that each of you can pick at least one computer Application
that should be cheaper to the public for using and license.

As for coding/programs I believe that as employee in the tech world
you make less money than what you should make only cuz a lot of programs
are not free or open source.
i can give an example: the team that develop win XP
they got money for there coding time and maybe some bonus.
but microsoft is the company that makes the money of there hard work.
think, is out there was a program that is free to the public
and can help you with your web application, you still need the knowledge,
to implant the program in to your source, and if you NOT a programmer,
probably you will need to hire one to do so.
witch give money to the php community, if you still feel like its stealing,
pay pal to the program owner to show your gratitude.

look what heppen to SEGA with the dream case,
since #dcisos and the UTOPIA.

chap chap
louie.
-"Never trust a program unless you have the source."



----- Original Message -----
From: <charles at softwareprototypes.com>
To: "NYPHP Talk" <talk at nyphp.org>
Sent: Thursday, June 20, 2002 10:24 AM
Subject: [nycphp-talk] Getin' paranoid with php code protection


> Who's paying who for what, when and where seems to be something
> nobody has touched on in this code obfuscation discussion.
>
> 1) Who paid for the development?
>
> Somebody else or yourself? If you did code-for-hire, its not your
> call and not your problem. If its your code, read on.
>
> 2) How much did it cost? How much is it worth, now in a week, in a
> year?
>
> If it cost a lot (>$10k,) to develop its probably tied into some
> domain specific experience and would cost that much again to
> integrate it into another site. If its less, if not worth stealing,
> or protecting by making the maintainance of it more difficult.
>
> Specially since its machine code (even VM code) so its trivial to
> disassemble, map variable and function names onto and if you've got a
> DDE/OLE type convention, its dishearteningly easy to recover
> everything but stack/frame temp var names.
>
> 3) Why was it developed?
>
> 4) Why would anyone want steal it?
>
> How is whoever owns the code making money off of this code? Are you
> selling your code or could/should you use any code that escapes as
> free advertising for your coding skills.
>
> 5) How vulnerable is it anyway?
>
> You haven't told me how is the thief supposed to steal these php
> pages since php runs on the server and those pages should be spewing
> html out to the client.
>
> 5a) Having php code on anything but the server-side is, uh, silly,
> because it won't get executed and therefore I certainly wouldn't want
> to steal a page which was written to have some php code making its
> way out of the server because the writer obviously didn't know what
> he was doing.
>
> 5b) If you're worried about somebody FTPing into your box, remember,
> you can password protect subdirectories, make them belong to another
> user, make the files non-world visible but group accessible. If
> someone does steal your pages (that a stupid concept since your
> publishing them on your web site for everyone to access,) he'd have
> to also duplicate your database schema and your database content.
> That gets a bit harder to pull off and is prosecutable.
>
> Complusion:
>
> Stealing code is not that easy and not that simple. Stealing code and
> getting it to work is orders of magnitude more complicated.
>
> Unless your php code could be turned outright into a shrink-wrappable
> solution for a broad class of problems, I wouldn't worry about it
> getting loose.
>
> Why would you be writing a "shirk"-ware app in php? C++ would give
> you that kind of control while saddling you with the responsability
> for maintainance, updates, correctness, training and support.
>
> You're right, " We live in a world where the majority of Napster
> users honestly think they're not doing anything wrong."
>
> And you know what? They're right.
>
> As galling as it might seem to you to hear this, since you're NOT
> living in a perfect world, using a business model which requires that
> everybody play by rules that can't be enforced is stupid, leads to
> oppression, coercion, supression, censorship. All the things we hate
> and chafe at the very suggestion of.
>
> Find some other, more reality-based, way to make a buck.
>
> Rent out your skills and your ability to learn adapt and code. You
> have nothing else thats truly your own.
>
> The distance between past and future is a user-illusion, a dream-thin
> shock-wave. Be a shock-wave rider or wipe out. Those are the choices.
>
> -Ch-A.
>
>
>
>



From nyphp at websapp.com  Thu Jun 20 14:51:17 2002
From: nyphp at websapp.com (Daniel Kushner)
Date: Thu, 20 Jun 2002 14:51:17 -0400
Subject: InformationWeek  Marketing Move  IBM To Open Manhattan Linux Showroom  June 19,
Message-ID: <OKEHLLMAFAOHECBMOGEPIEBACFAA.nyphp@websapp.com>

 FYI:
 
 http://www.informationweek.com/story/IWK20020619S0003


From zaunere at yahoo.com  Thu Jun 20 15:13:00 2002
From: zaunere at yahoo.com (Hans Zaunere)
Date: Thu, 20 Jun 2002 12:13:00 -0700 (PDT)
Subject: [nycphp-talk] InformationWeek  Marketing Move  IBM To Open Manhattan Linux Showroom  June 19,
In-Reply-To: <200206201853.g5KIrRP60217@slipdisc.virul.net>
Message-ID: <20020620191300.25573.qmail@web12805.mail.yahoo.com>

--- Daniel Kushner <nyphp at websapp.com> wrote:
>  FYI:
>  
>  http://www.informationweek.com/story/IWK20020619S0003

And similarly:

[watch the wrap]

http://computerworld.com/softwaretopics/os/linux/story/0,10801,72128,00.html

Very exciting IMO, as I pointed out on NYLUG-Talk.

HZ


__________________________________________________
Do You Yahoo!?
Yahoo! - Official partner of 2002 FIFA World Cup
http://fifaworldcup.yahoo.com


From j_r_sanchez at yahoo.com  Thu Jun 20 16:27:40 2002
From: j_r_sanchez at yahoo.com (jose sanchez)
Date: Thu, 20 Jun 2002 13:27:40 -0700 (PDT)
Subject: formmail script
Message-ID: <20020620202740.653.qmail@web11702.mail.yahoo.com>

Hello:

Has anyone written a formmail script in php that I can
use? Or please guide me to where I can find one...

Thanks.

=====
"An ounce of gold cannot buy an ounce of time."
- Anonymous


www.whmicro.com

__________________________________________________
Do You Yahoo!?
Yahoo! - Official partner of 2002 FIFA World Cup
http://fifaworldcup.yahoo.com


From ktuskey at exostream.com  Thu Jun 20 16:34:02 2002
From: ktuskey at exostream.com (Kyle Tuskey)
Date: Thu, 20 Jun 2002 16:34:02 -0400
Subject: [nycphp-talk] formmail script
In-Reply-To: <200206202027.g5KKRjP61591@slipdisc.virul.net>
Message-ID: <001701c21899$d07cfbf0$e1072744@win2kbox>

Jose,

I would think that would be an incredibly quick script to write.  If you
don't want to take the time though, try sniffing around in a script
repository like hotscripts.com.


Kyle



-----Original Message-----
From: jose sanchez [mailto:j_r_sanchez at yahoo.com] 
Sent: Thursday, June 20, 2002 4:28 PM
To: NYPHP Talk
Subject: [nycphp-talk] formmail script

Hello:

Has anyone written a formmail script in php that I can
use? Or please guide me to where I can find one...

Thanks.

=====
"An ounce of gold cannot buy an ounce of time."
- Anonymous


www.whmicro.com

__________________________________________________
Do You Yahoo!?
Yahoo! - Official partner of 2002 FIFA World Cup
http://fifaworldcup.yahoo.com




From brian at preston-campbell.com  Thu Jun 20 16:41:12 2002
From: brian at preston-campbell.com (Preston-Campbell)
Date: Thu, 20 Jun 2002 16:41:12 -0400
Subject: [nycphp-talk] formmail script
References: <200206202027.g5KKRjP61591@slipdisc.virul.net>
Message-ID: <3D123DE8.FB7BEBE9@preston-campbell.com>

http://www.hotscripts.com should have several form processors.  Formmail
has become a spammer's best friend as of late.  It would probably be
advisable to find one with decent security features for that same
reason.

Brian

jose sanchez wrote:

> Hello:
>
> Has anyone written a formmail script in php that I can
> use? Or please guide me to where I can find one...
>
> Thanks.
>
> =====
> "An ounce of gold cannot buy an ounce of time."
> - Anonymous
>
> www.whmicro.com
>
> __________________________________________________
> Do You Yahoo!?
> Yahoo! - Official partner of 2002 FIFA World Cup
> http://fifaworldcup.yahoo.com



From tom at supertom.com  Thu Jun 20 16:48:06 2002
From: tom at supertom.com (tom at supertom.com)
Date: Thu, 20 Jun 2002 16:48:06 -0400
Subject: [nycphp-talk] formmail script
In-Reply-To: <200206202027.g5KKRjP61591@slipdisc.virul.net>
Message-ID: <LBEDJMJGLEPEKJAJMHBDOEHLCGAA.tom@supertom.com>

Can't speak for it, but here's formmail.php:

http://www.lumbroso.com/scripts/

Supposely supports all of the same features and syntax as formmail.pl

Tom

-----Original Message-----
From: jose sanchez [mailto:j_r_sanchez at yahoo.com]
Sent: Thursday, June 20, 2002 4:28 PM
To: NYPHP Talk
Subject: [nycphp-talk] formmail script


Hello:

Has anyone written a formmail script in php that I can
use? Or please guide me to where I can find one...

Thanks.

=====
"An ounce of gold cannot buy an ounce of time."
- Anonymous


www.whmicro.com

__________________________________________________
Do You Yahoo!?
Yahoo! - Official partner of 2002 FIFA World Cup
http://fifaworldcup.yahoo.com



From nyphp at jimbishop.org  Thu Jun 20 17:11:09 2002
From: nyphp at jimbishop.org (nyphp at jimbishop.org)
Date: Thu, 20 Jun 2002 14:11:09 -0700 (PDT)
Subject: [nycphp-talk] formmail script
In-Reply-To: <200206202052.g5KKqlP61991@slipdisc.virul.net>
Message-ID: <Pine.LNX.4.21.0206201407500.26420-100000@cypress.he.net>

> Has anyone written a formmail script in php that I can
> use? Or please guide me to where I can find one...

i've used this one:

http://lwest.free.fr/doc/php/lib/index.php3?page=mail&lang=en

and it has been good.



From ian at plusfour.org  Thu Jun 20 17:57:55 2002
From: ian at plusfour.org (Ian Forsyth)
Date: Thu, 20 Jun 2002 17:57:55 -0400
Subject: nice and easy sendmail interface.. 
In-Reply-To: <200206202111.g5KLBEP62290@slipdisc.virul.net>
Message-ID: <DEEKJLBPBMNHDEECLKBEIEBGCGAA.ian@plusfour.org>

Does any one no of an equivalent to qmailadmin
(http://mail.inter7.com/cgi-bin/qmailadmin login with domain of test.com and
password test) for sendmail?

Currently I am using http://webmin.com which has a bunch of sendmail
modules, though I do not know much about setting up alias/forwards, and such
across multiple domains and am looking for a very simple interface that
would allow me to do so.

Or if such an interface does not exist/ I would certainly appreciate some
urls having some getting started with sendmail with multiple domains type
information..

Or.. should i just install qmail? is it a superior package?

Ian.



From nyphp at altunergil.com  Thu Jun 20 18:01:21 2002
From: nyphp at altunergil.com (Oktay Altunergil)
Date: Thu, 20 Jun 2002 18:01:21 -0400
Subject: [nycphp-talk] formmail script
In-Reply-To: <200206202037.g5KKbjP61751@slipdisc.virul.net>
References: <200206202037.g5KKbjP61751@slipdisc.virul.net>
Message-ID: <20020620180121.61a9f069.nyphp@altunergil.com>

For the record, formmail.pl from Matt's Script Archive has been the spammers' best friend.I have not heard anything about other formmail variants being vulnerable, though as well they might be. Formmail.pl actually has a drop in replacement as part of a project hosted on sourceforge. Matt himself encourages people to use this replacement. 

PS: These are both PERL scripts.

Oktay Altunergil

On Thu, 20 Jun 2002 16:37:45 -0400
Preston-Campbell <brian at preston-campbell.com> wrote:

> http://www.hotscripts.com should have several form processors.  Formmail
> has become a spammer's best friend as of late.  It would probably be
> advisable to find one with decent security features for that same
> reason.
> 
> Brian
> 
> jose sanchez wrote:
> 
> > Hello:
> >
> > Has anyone written a formmail script in php that I can
> > use? Or please guide me to where I can find one...
> >
> > Thanks.
> >
> > =====
> > "An ounce of gold cannot buy an ounce of time."
> > - Anonymous
> >
> > www.whmicro.com
> >
> > __________________________________________________
> > Do You Yahoo!?
> > Yahoo! - Official partner of 2002 FIFA World Cup
> > http://fifaworldcup.yahoo.com
> 
> 


From gherson at snet.net  Thu Jun 20 18:23:03 2002
From: gherson at snet.net (George Herson)
Date: Thu, 20 Jun 2002 18:23:03 -0400
Subject: [nycphp-talk] nice and easy sendmail interface..
References: <200206202157.g5KLvfP63015@slipdisc.virul.net>
Message-ID: <3D1255C7.3080307@snet.net>

 From what i know (a few days investigation), qmail is a superior package.  I 
would go with it unless you need functionality that only sendmail has.  qmail 
has been v. solid for me since set up.  Set up wasn't that easy, though.

Qmail's author, Dan Bernstein, or "DJB", has a reputation for great code that is 
not great re: friendliness and documentation, and I think that's true of qmail. 
  There are supposed to be a couple of good, proprietary books on it, however. 
Might also try newsgroup alt.comp.mail.qmail when/if you get stuck.

george

Ian Forsyth wrote:
> Does any one no of an equivalent to qmailadmin
> (http://mail.inter7.com/cgi-bin/qmailadmin login with domain of test.com and
> password test) for sendmail?
> 
> Currently I am using http://webmin.com which has a bunch of sendmail
> modules, though I do not know much about setting up alias/forwards, and such
> across multiple domains and am looking for a very simple interface that
> would allow me to do so.
> 
> Or if such an interface does not exist/ I would certainly appreciate some
> urls having some getting started with sendmail with multiple domains type
> information..
> 
> Or.. should i just install qmail? is it a superior package?
> 
> Ian.
> 
> 
> 





From ktuskey at exostream.com  Thu Jun 20 18:38:40 2002
From: ktuskey at exostream.com (Kyle Tuskey)
Date: Thu, 20 Jun 2002 18:38:40 -0400
Subject: [nycphp-talk] nice and easy sendmail interface..
In-Reply-To: <200206202223.g5KMNeP63532@slipdisc.virul.net>
Message-ID: <001901c218ab$39e469a0$e1072744@win2kbox>

We run qmail for at eXostream for our customers.  It is a great piece of
software.  DJB knows how to program and has security on his mind at all
times.  As for sendmail, though it has fixed it's large security holes,
it's fundamental design is weak and insecure.  I would not recommend
unless absolutely necessary.  Also, you can use one of the qmail
binaries to simulate the sendmail binary.


Kyle

-----Original Message-----
From: George Herson [mailto:gherson at snet.net] 
Sent: Thursday, June 20, 2002 6:24 PM
To: NYPHP Talk
Subject: Re: [nycphp-talk] nice and easy sendmail interface..

 From what i know (a few days investigation), qmail is a superior
package.  I 
would go with it unless you need functionality that only sendmail has.
qmail 
has been v. solid for me since set up.  Set up wasn't that easy, though.

Qmail's author, Dan Bernstein, or "DJB", has a reputation for great code
that is 
not great re: friendliness and documentation, and I think that's true of
qmail. 
  There are supposed to be a couple of good, proprietary books on it,
however. 
Might also try newsgroup alt.comp.mail.qmail when/if you get stuck.

george

Ian Forsyth wrote:
> Does any one no of an equivalent to qmailadmin
> (http://mail.inter7.com/cgi-bin/qmailadmin login with domain of
test.com and
> password test) for sendmail?
> 
> Currently I am using http://webmin.com which has a bunch of sendmail
> modules, though I do not know much about setting up alias/forwards,
and such
> across multiple domains and am looking for a very simple interface
that
> would allow me to do so.
> 
> Or if such an interface does not exist/ I would certainly appreciate
some
> urls having some getting started with sendmail with multiple domains
type
> information..
> 
> Or.. should i just install qmail? is it a superior package?
> 
> Ian.
> 
> 
> 







From louie at zibi.co.il  Fri Jun 21 04:01:28 2002
From: louie at zibi.co.il (louie)
Date: Fri, 21 Jun 2002 01:01:28 -0700
Subject: [nycphp-talk] formmail script
References: <200206202201.g5KM1PP63095@slipdisc.virul.net>
Message-ID: <002501c218f9$d96392a0$b35efea9@w3j5c4>

greetings !


try this one
http://www.boaddrink.com

later
louie


----- Original Message -----
From: "Oktay Altunergil" <nyphp at altunergil.com>
To: "NYPHP Talk" <talk at nyphp.org>
Sent: Thursday, June 20, 2002 3:01 PM
Subject: Re: [nycphp-talk] formmail script


> For the record, formmail.pl from Matt's Script Archive has been the
spammers' best friend.I have not heard anything about other formmail
variants being vulnerable, though as well they might be. Formmail.pl
actually has a drop in replacement as part of a project hosted on
sourceforge. Matt himself encourages people to use this replacement.
>
> PS: These are both PERL scripts.
>
> Oktay Altunergil
>
> On Thu, 20 Jun 2002 16:37:45 -0400
> Preston-Campbell <brian at preston-campbell.com> wrote:
>
> > http://www.hotscripts.com should have several form processors.  Formmail
> > has become a spammer's best friend as of late.  It would probably be
> > advisable to find one with decent security features for that same
> > reason.
> >
> > Brian
> >
> > jose sanchez wrote:
> >
> > > Hello:
> > >
> > > Has anyone written a formmail script in php that I can
> > > use? Or please guide me to where I can find one...
> > >
> > > Thanks.
> > >
> > > =====
> > > "An ounce of gold cannot buy an ounce of time."
> > > - Anonymous
> > >
> > > www.whmicro.com
> > >
> > > __________________________________________________
> > > Do You Yahoo!?
> > > Yahoo! - Official partner of 2002 FIFA World Cup
> > > http://fifaworldcup.yahoo.com
> >
> >
>
>
>



From zaunere at yahoo.com  Fri Jun 21 09:16:04 2002
From: zaunere at yahoo.com (Hans Zaunere)
Date: Fri, 21 Jun 2002 06:16:04 -0700 (PDT)
Subject: [nycphp-talk] POST method not passing on a cgi-version of PHP 4.1.2
In-Reply-To: <200206192050.g5JKoFP45018@slipdisc.virul.net>
Message-ID: <20020621131604.62223.qmail@web12808.mail.yahoo.com>


--- Jim Musil <jim at nettmedia.com> wrote:
> 
> Hi,
> 
> I've run across a client who is using a cgi-version of php and for
> some
> reason it will not allow me to submit data from a form via POST.
> Submitting
> via GET works great, POST gives nothing.
> 
> I realize this is vague, but I'm hoping someone else has run across
> the same
> problem.

Vague is an understatement.  :)

But consider some of these settings: track_vars, variable_order, and of
course register_globals might be biting you.  Do the POST vars show up
in phpinfo() ?  or  print_r($GLOBALS);  Also take a look at the value
of 'cfg_file_path' to see the config file situation.

HZ



> 
> Jim
> 
> 


__________________________________________________
Do You Yahoo!?
Yahoo! - Official partner of 2002 FIFA World Cup
http://fifaworldcup.yahoo.com


From zaunere at yahoo.com  Fri Jun 21 09:19:21 2002
From: zaunere at yahoo.com (Hans Zaunere)
Date: Fri, 21 Jun 2002 06:19:21 -0700 (PDT)
Subject: [nycphp-talk] PHP Versions and GLOBALS
In-Reply-To: <200206201343.g5KDhTP56162@slipdisc.virul.net>
Message-ID: <20020621131921.87215.qmail@web12804.mail.yahoo.com>


--- Jeremy Hise <jhise at linuxforbusiness.org> wrote:
> Hi All:
> 
> I have an app that runs fine on php4.0.4 but acts all funky on
> php4.0.6.
> Places in .4 that use $GLOBALS[varname] suddenly require that I do
> $GLOBALS[HTTP_POST_VARS][varname].

This is certainly a register_globals and/or track_vars issue.

Also, never use, for example, $_POST[varname]   but rather 
$_POST['varname']

Take a look at http://www.php.net/manual/en/language.types.array.php
under the heading "Array do's and don'ts"

HZ


> 
> I think I remember something about this but I'm not sure and I can't
> really find anything on the php site.
> 
> Do any of you know what the story is with regards to how GLOBALS work
> between these versions?
> 
> Thank you!
> 
> Jeremy 
> 
> 
> 
> 
> 


__________________________________________________
Do You Yahoo!?
Yahoo! - Official partner of 2002 FIFA World Cup
http://fifaworldcup.yahoo.com


From zaunere at yahoo.com  Fri Jun 21 09:36:05 2002
From: zaunere at yahoo.com (Hans Zaunere)
Date: Fri, 21 Jun 2002 06:36:05 -0700 (PDT)
Subject: [nycphp-talk] nice and easy sendmail interface..
In-Reply-To: <200206202157.g5KLvfP63015@slipdisc.virul.net>
Message-ID: <20020621133605.19273.qmail@web12801.mail.yahoo.com>


--- Ian Forsyth <ian at plusfour.org> wrote:
> Does any one no of an equivalent to qmailadmin
> (http://mail.inter7.com/cgi-bin/qmailadmin login with domain of
> test.com and
> password test) for sendmail?

Simply, no, or at least not that are publicly floating around.  qmail
is a very clean package, and was designed with virtual hosting in mind.

> Currently I am using http://webmin.com which has a bunch of sendmail
> modules, though I do not know much about setting up alias/forwards,
> and such
> across multiple domains and am looking for a very simple interface
> that
> would allow me to do so.

Nothing concerning sendmail is simple :)

> Or if such an interface does not exist/ I would certainly appreciate
> some
> urls having some getting started with sendmail with multiple domains
> type
> information..

Google for 'sendmail virtual hosting'.  Basically you'll need to edit
the /etc/mail/local-host-names, /etc/mail/virtualusertable, and
possibly the sendmail.cf/mc files themselves.  And in the end, when
working with sendmail, I've found the best reference to be:

1) a 70 year old sendmail admin who has done it their whole life.
2) the o'reilly book

(in that order).

> Or.. should i just install qmail? is it a superior package?

It's hard to call one superior than the other - sendmail is the 800
pound gorilla, while qmail is the chimpanzee.  Some argue that sendmail
has more features and is faster - while this may be true, 99% of those
features are useless to the average user, and performance is
negligable.  qmail is certainly the more modern and well put together
package.

pure-ftpd vs wu-ftpd?  

HZ



__________________________________________________
Do You Yahoo!?
Yahoo! - Official partner of 2002 FIFA World Cup
http://fifaworldcup.yahoo.com


From Arno.Vanmosel at wwecorp.com  Fri Jun 21 11:35:18 2002
From: Arno.Vanmosel at wwecorp.com (Arno Vanmosel)
Date: Fri, 21 Jun 2002 11:35:18 -0400
Subject: CMS Systems
Message-ID: <7101D732D17CD311AEFF00508B55857203F72818@NT-EXCH-TOWER2>

I'm looking for a PHP CMS System that is highly configurable for our
site/member usage.
We currently run a CMS that I wrote a year ago, but this lacked some
options, a year went 
by and are ready to build something large. So instead of writing it I
thought that there 
must be a CMS out there that does this all ... I just modify it and I'm done
...

This CMS would be used by a clan/squad site (50 + members) and it should
include:
Calendars, Polls, Schedules, easy document publishing with history feature,
Image gallery, 
Message board, Forum, Email handling, Admin with email the group feature,
email a friend,
Password Protected areas, etc... (MSQL Support)
Certain members are allowed to publish, some don't.

I know that there are "some" out there, but I don't want to go with another
Nuke ...
Any Ideas? ..... There are so many out there .... I got lost! 

Thanks ...

Arno


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20020621/41004cee/attachment.html>

From Arno.Vanmosel at wwecorp.com  Fri Jun 21 12:48:22 2002
From: Arno.Vanmosel at wwecorp.com (Arno Vanmosel)
Date: Fri, 21 Jun 2002 12:48:22 -0400
Subject: CMS Systems
Message-ID: <7101D732D17CD311AEFF00508B55857203F7281A@NT-EXCH-TOWER2>



I'm looking for a PHP CMS System that is highly configurable for our
site/member usage.
We currently run a CMS that I wrote a year ago, but this lacked some
options, a year went 
by and are ready to build something large. So instead of writing it I
thought that there 
must be a CMS out there that does this all ... I just modify it and I'm done
...

This CMS would be used by a clan/squad site (50 + members) and it should
include:
Calendars, Polls, Schedules, easy document publishing with history feature,
Image gallery, 
Message board, Forum, Email handling, Admin with email the group feature,
email a friend,
Password Protected areas, etc... (MSQL Support)
Certain members are allowed to publish, some don't.

I know that there are "some" out there, but I don't want to go with another
Nuke ...
Any Ideas? ..... There are so many out there .... I got lost! 

Thanks ...

Arno

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20020621/1d151854/attachment.html>

From soazine at pop.mail.rcn.net  Fri Jun 21 13:55:11 2002
From: soazine at pop.mail.rcn.net (soazine@pop.erols.com)
Date: Fri, 21 Jun 2002 13:55:11 -0400
Subject: PHP as Enterprise Level - any large companies using PHP?
Message-ID: <RELAY1trc3pXYuyJQSs0000417d@relay1.softcomca.com>

Could someone confirm if PHP is being used as an Enterprise Level Application anywhere, or if any large companies use PHP in their development and application development solutions?

My ColdFusion friend refuses to believe that PHP can be used that way because of its structure vs ColdFusion MX.

Thanx
Phil

--------------------------------------------------------------------
mail2web - Check your email from the web at
http://mail2web.com/ .



From JMKing at ipro.org  Fri Jun 21 14:04:18 2002
From: JMKing at ipro.org (Jaz-Michael King)
Date: Fri, 21 Jun 2002 14:04:18 -0400
Subject: [nycphp-talk] CMS Systems
Message-ID: <sd1332d5.027@mail.ipro.org>

I'm currently using Sitellite from www.simian.ca, it's a great framework, definitely worth checking out.

j

******************************
Jaz-Michael King
Online Services Manager
IPRO
http://ipro.org
******************************


>>> Arno Vanmosel <Arno.Vanmosel at wwecorp.com> 06/21/02 01:01PM >>>


I'm looking for a PHP CMS System that is highly configurable for our
site/member usage.
We currently run a CMS that I wrote a year ago, but this lacked some
options, a year went 
by and are ready to build something large. So instead of writing it I
thought that there 
must be a CMS out there that does this all ... I just modify it and I'm done
..

This CMS would be used by a clan/squad site (50 + members) and it should
include:
Calendars, Polls, Schedules, easy document publishing with history feature,
Image gallery, 
Message board, Forum, Email handling, Admin with email the group feature,
email a friend,
Password Protected areas, etc... (MSQL Support)
Certain members are allowed to publish, some don't.

I know that there are "some" out there, but I don't want to go with another
Nuke ...
Any Ideas? ..... There are so many out there .... I got lost! 

Thanks ...

Arno






From zinfany at hotmail.com  Fri Jun 21 15:59:57 2002
From: zinfany at hotmail.com (zinfany)
Date: Fri, 21 Jun 2002 15:59:57 -0400
Subject: [nycphp-talk] CMS Systems
References: <200206211701.g5LH1NP83182@slipdisc.virul.net>
Message-ID: <OE21R0rmTIVvLVKi3s1000097d9@hotmail.com>

My favorites are PHP-Nuke and Post-Nuke.

Both have all the things you are looking for. See http://www.phpnuke.org or
http://www.postnuke.com


----- Original Message -----
From: "Arno Vanmosel" <Arno.Vanmosel at wwecorp.com>
To: "NYPHP Talk" <talk at nyphp.org>
Sent: Friday, June 21, 2002 1:01 PM
Subject: [nycphp-talk] CMS Systems


>
>
> I'm looking for a PHP CMS System that is highly configurable for our
> site/member usage.
> We currently run a CMS that I wrote a year ago, but this lacked some
> options, a year went
> by and are ready to build something large. So instead of writing it I
> thought that there
> must be a CMS out there that does this all ... I just modify it and I'm
done
> ..
>
> This CMS would be used by a clan/squad site (50 + members) and it should
> include:
> Calendars, Polls, Schedules, easy document publishing with history
feature,
> Image gallery,
> Message board, Forum, Email handling, Admin with email the group feature,
> email a friend,
> Password Protected areas, etc... (MSQL Support)
> Certain members are allowed to publish, some don't.
>
> I know that there are "some" out there, but I don't want to go with
another
> Nuke ...
> Any Ideas? ..... There are so many out there .... I got lost!
>
> Thanks ...
>
> Arno
>
>
>
>


From ktuskey at exostream.com  Fri Jun 21 16:07:59 2002
From: ktuskey at exostream.com (Kyle Tuskey)
Date: Fri, 21 Jun 2002 16:07:59 -0400
Subject: [nycphp-talk] CMS Systems
In-Reply-To: <200206211956.g5LJukP86492@slipdisc.virul.net>
Message-ID: <000c01c2195f$5716e160$e1072744@win2kbox>

PHPNuke is horrid bloatware.  I remember zeev told me they used it to
test high loads because of how poorly it was coded.  I've heard postnuke
is a little better, but still nothing amazing.


Kyle

-----Original Message-----
From: zinfany [mailto:zinfany at hotmail.com] 
Sent: Friday, June 21, 2002 3:57 PM
To: NYPHP Talk
Subject: Re: [nycphp-talk] CMS Systems

My favorites are PHP-Nuke and Post-Nuke.

Both have all the things you are looking for. See http://www.phpnuke.org
or
http://www.postnuke.com


----- Original Message -----
From: "Arno Vanmosel" <Arno.Vanmosel at wwecorp.com>
To: "NYPHP Talk" <talk at nyphp.org>
Sent: Friday, June 21, 2002 1:01 PM
Subject: [nycphp-talk] CMS Systems


>
>
> I'm looking for a PHP CMS System that is highly configurable for our
> site/member usage.
> We currently run a CMS that I wrote a year ago, but this lacked some
> options, a year went
> by and are ready to build something large. So instead of writing it I
> thought that there
> must be a CMS out there that does this all ... I just modify it and
I'm
done
> ..
>
> This CMS would be used by a clan/squad site (50 + members) and it
should
> include:
> Calendars, Polls, Schedules, easy document publishing with history
feature,
> Image gallery,
> Message board, Forum, Email handling, Admin with email the group
feature,
> email a friend,
> Password Protected areas, etc... (MSQL Support)
> Certain members are allowed to publish, some don't.
>
> I know that there are "some" out there, but I don't want to go with
another
> Nuke ...
> Any Ideas? ..... There are so many out there .... I got lost!
>
> Thanks ...
>
> Arno
>
>
>
>




From petr at linux.ru  Fri Jun 21 22:42:48 2002
From: petr at linux.ru (Petr Pomorov)
Date: Fri, 21 Jun 2002 22:42:48 -0400
Subject: [nycphp-talk] testers wanted - phpguardian.com
In-Reply-To: <200206201301.g5KD1cP55691@slipdisc.virul.net>
References: <200206201301.g5KD1cP55691@slipdisc.virul.net>
Message-ID: <200206220242.g5M2gnm02421@biggie>

This would probably be a good time to name this thread a flame and end it :)
However, the voice of Free Software Advocates has not been heard, so allow me 
:)
Frankly, the United Nations making a release of an upcoming drinking water 
shortage in the whole world was a final nail into the closed source advocates 
coffin.  
Why? Because there are multiple and effective technologies out there 
to solve the problems of pollution, ineffective technology, etc, that are 
hidden from the public by intellectual property owners.
It's a well proven fact- i'm sure you're aware of the multiple plots to 
prevent the creation of an alternative combustion engine as an example .
just google "combustion engine conspiracy" 
http://www.google.com/search?q=combustion+engine+conspiracy

Just like there are multiple excellent drugs available out there that are not 
being tested, and the formulas for which will never be published.
Why? Because it's not in the best interestes of those proud intellectual 
rights holders. 
Individualism is one thing, but getting humanity on the brinks of extinction 
while making 1% of the Globe's population ridiculously rich  is another. 
I run my  web development business entirely based on Free Software (with 
chunks of Open Source thrown in) and publish my own bits of code under the 
GNU license (poorly done as they are). I make money providing the -service-, 
not the code.
There are many fine articles out there proving my point- that making code 
proprietary is not the best business model, and in fact prevents you from 
making money.
http://www.opensource.org/advocacy/case_for_business.html as one example

And if all human knowledge were shared the same way, we would be riding
cars running on hydrogen , global hunger would be eliminated, and there would
be no illiteracy and....
But hey, we'll all get the gist of my point- that OPEN knowledge and 
technology is the only solution to human problems and that sharing it is the 
best thing to do- in 30 years max.  That's when it will finaly and totally 
hit the fan.

To me, freedom is more important than making a buck. But , i manage to earn 
my living thanks to Free Software. 

Case closed?


From liquidm3 at hotmail.com  Sat Jun 22 18:25:57 2002
From: liquidm3 at hotmail.com (Ted Shieh)
Date: Sat, 22 Jun 2002 18:25:57 -0400
Subject: [nycphp-talk] testers wanted - phpguardian.com
Message-ID: <F159Btci6JRwEQzq85l00010820@hotmail.com>

I'm always delighted when other people choose to open-source their code, 
though I wouldn't want to force them to do so anymore than I myself would 
want to be forced to open-source my code.

I would be interested in seeing what open source code has been released by 
our most ardent open source fans, who seem to be, apparently,
charles at softwareprototypes.com, louie at zibi.co.il, and Petr Pomorov.  
Personally, I think that open source is a great thing, but code protection 
can useful in some situations (particularly those in which a product, rather 
than service, is being sold) to ensure that the programmer is properly 
compensated for his/her efforts.

My main contribution to open source so far has been phpSQLGen, which is now 
at version 0.2.  This version includes a class called TableMaker which uses 
PEAR's HTML_Table class to display data from either an ADOdb result set or 
an array.  Also new in this version: I've packaged the SQL generation 
functions in a SQLGen class.  You can read more about it at 
http://www.liquidmarkets.com/m.php?m=XForum&file=viewthread&tid=2 or 
http://sourceforge.net/projects/phpsqlgen/


Ted
Place a free classified ad at http://www.liquidmarkets.com/m.php?m=ads

_________________________________________________________________
MSN Photos is the easiest way to share and print your photos: 
http://photos.msn.com/support/worldwide.aspx



From ian at plusfour.org  Sat Jun 22 20:11:21 2002
From: ian at plusfour.org (Ian Forsyth)
Date: Sat, 22 Jun 2002 20:11:21 -0400
Subject: eval();
In-Reply-To: <200206222226.g5MMQ7P19026@slipdisc.virul.net>
Message-ID: <DEEKJLBPBMNHDEECLKBEOECDCGAA.ian@plusfour.org>

I am setting a basic CMS type thing.

Speediness aside, I am storing any all content in the db.

Basically i am trying to store php in the db that I want to do and eval();
on. To get started I inserted the following into the db -

echo "hello";

and am doing the following for the result set

$str = eval($row['content']);

question-

Storing the value in $str does nothing and output buffering didn't seem to
work; how can i control where the eval gets spit out?

I have read about doing addslashes and stripslashes, but that does not seem
to work in my case....

regards,
Ian



From ktuskey at exostream.com  Sat Jun 22 20:30:44 2002
From: ktuskey at exostream.com (Kyle Tuskey)
Date: Sat, 22 Jun 2002 20:30:44 -0400
Subject: [nycphp-talk] eval;
In-Reply-To: <200206230011.g5N0B8P20975@slipdisc.virul.net>
Message-ID: <002501c21a4d$364c4fd0$e1072744@win2kbox>

You don't need to eval(), in fact you shouldn't use it as it is a waste
of code and resources.

$str = $row["content"];  // this will work


Why even assign it to a new var in the first place unless you plan on
editing one and want a copy.

Kyle 


-----Original Message-----
From: Ian Forsyth [mailto:ian at plusfour.org] 
Sent: Saturday, June 22, 2002 8:11 PM
To: NYPHP Talk
Subject: [nycphp-talk] eval;

I am setting a basic CMS type thing.

Speediness aside, I am storing any all content in the db.

Basically i am trying to store php in the db that I want to do and
eval();
on. To get started I inserted the following into the db -

echo "hello";

and am doing the following for the result set

$str = eval($row['content']);

question-

Storing the value in $str does nothing and output buffering didn't seem
to
work; how can i control where the eval gets spit out?

I have read about doing addslashes and stripslashes, but that does not
seem
to work in my case....

regards,
Ian





From ktuskey at exostream.com  Sat Jun 22 21:09:21 2002
From: ktuskey at exostream.com (Kyle Tuskey)
Date: Sat, 22 Jun 2002 21:09:21 -0400
Subject: [nycphp-talk] eval;
In-Reply-To: <200206230011.g5N0B8P20975@slipdisc.virul.net>
Message-ID: <002601c21a52$9b817bf0$e1072744@win2kbox>

I think I misread your problem, so you can disregard my previous
response.  As for $str, eval() doesn't necessarily return a value.  If
you need to handle output buffer control, look into the ob_* functions.
I'd also like to suggest that you find a better way to do this.  Using
eval() on code from a db isn't the most efficient way of doing what you
want.


Kyle



-----Original Message-----
From: Ian Forsyth [mailto:ian at plusfour.org] 
Sent: Saturday, June 22, 2002 8:11 PM
To: NYPHP Talk
Subject: [nycphp-talk] eval;

I am setting a basic CMS type thing.

Speediness aside, I am storing any all content in the db.

Basically i am trying to store php in the db that I want to do and
eval();
on. To get started I inserted the following into the db -

echo "hello";

and am doing the following for the result set

$str = eval($row['content']);

question-

Storing the value in $str does nothing and output buffering didn't seem
to
work; how can i control where the eval gets spit out?

I have read about doing addslashes and stripslashes, but that does not
seem
to work in my case....

regards,
Ian





From charles at softwareprototypes.com  Sun Jun 23 00:31:48 2002
From: charles at softwareprototypes.com (charles at softwareprototypes.com)
Date: Sun, 23 Jun 2002 00:31:48 -0400
Subject: Finishing with the open-versus source debate.
Message-ID: <43410-220026023431480@softwareprototypes.com>

Hello, 

you bring about a very good point. 

What have WE done for or with open source. What is the measure of our
contribution?

If we can ever get the project to the next step, I hope to provide a
sound O-O footing for OpenBiblio.

Some history:

I also hope to provide some enhancements to phpwiki with some dialog
and transaction processing and state machine/transition engine
plugins.

When I started in Smalltalk in the late eighties until the late
nineties when Digitalk found a way hide the source code ALL my code
was open source. Smalltalk products didn't ship as anything BUT
because they have to be integrated into an image file which the VM
then loads and runs with.

This led to some tighter and neater code. You KNEW everybody would be
seeing it.

Code I wrote that was used in a course I tried to give on Compuserve.
That was simply too early in my own evolution and in Smalltalk's
acceptance (more the failure thereof,) to get widely used or
disseminated. 

Code I wrote for converting TIFF and GIF images to/from images that
were internal to Smalltalk.

Code I wrote for convolving images (edge detection, shade smoothing,
contrast enhancing and other image manipulation code,) was all open
source.

Code I developped for the Government of Canada (expert systems,
expert applications, some in Smalltalk and some using "standard"
expert system shells a.k.a. inference engines.)

Code I wrote for and wrote about in Smalltalk report, Byte Magazine,
Computer Language Magazine, AI Expert.

Code I wrote for various other projects was all open source and the
client got the source along with the product.

Actually, it wasn't until I hit the United States in '95 that people
began locking up my code and tying my tongue with confidentiality
agreements. That's also when I started seeing code that was
inexcusably lousy, amateurish and fragile.

The project's I had worked on before had had some pretty poor code
but nothing so universaly lousy as what was being developped and
"shirk"-wrapped for general consumption. I'm ashamed of some of the
comments I have written and read in commercial code or that the code
itself was so sloppy.

When I was working in Montreal in 1984, I had to maintain an
accounting package written by McCormack and Dodge. It was in COBOL
and we had the source code. We'd find and fix bugs and submit them
for inclusion into the package and our efforts were apppreciated and
acknowleged.

In fact, NOBODY who's going to lay out significant money ($100k+) for
software is NOT going to get the source code. Its NOT happening. You
may have to sign non-competition agreements but you're getting the
source code or they're NOT making the sale.

Likewise, you're NOT getting code on a mainframe unless you have the
source code and it gets subjected to "code efficiency" peer-review,
process "weight" aanlysis for performance metrics and capacity
planning, data base access method (DBAM) review and a complete
security audit. Your code is not getting installed unless they can
compile the source with their own compilers. Its NOT happening.

We in the PC arena seem to have problems and issues that were solved
decades ago on mainframes. Its only the PC arena which refuses to
listen and arrogantly assumes that nothing will go wrong with the
code when all evidence gathered from all experience in everything
else is that "Shit Happens!"

The help desk advice of "re-install and retry" would get you a ticket
on a bus in a mainframe shop.

-Charles-A.

P.S.

Some MORE history:

Closed-source did not exist at all as a concept until a whiney Bill
Gates published something in Byte magazine in the mid-to-late
seventies. Aactually, he bought an ad, ranting that people were
ripping off his BASIC interpreter (that he himself had ripped off
without paying royalties of acknowledging the originators) and it was
costing him money in lost sales. That's who closed source has been
good to. He's worth hundred's of billions of dollars and you're worth
squat.

Closed source doesn't exist except on PCs. ("Big Iron" get the source
and compiles it with its own trusted compilers in a series of
development, test, QA, Integration and, finally, production
environments.)

Its called trying to sell me a pig-in-a-poke and it ain't happening.
It shouldn't happen to anybody.



From liquidm3 at hotmail.com  Sun Jun 23 17:59:18 2002
From: liquidm3 at hotmail.com (Ted Shieh)
Date: Sun, 23 Jun 2002 17:59:18 -0400
Subject: [nycphp-talk] Finishing with the open-versus source debate.
Message-ID: <F201y0Dll7fnp3eEHJt000008bc@hotmail.com>

Charles,

That's great that you have written so much open source code.  But it's not 
clear to me where on the web I could go to view and download it.  
softwareprototypes.com would seem to me to be a natural place where you 
could place your open source code, as coding samples for potential clients 
to examine.  Many clients lack the necessary background to evaluate code 
quality, but sometimes clients do have a technical background, or at least a 
team member with a technical background.  Even if the code is in Smalltalk, 
I'd think it would be a plus for potential clients to have a chance to 
evaluate your understanding of algorithms and OOP.

Ted


>From: charles at softwareprototypes.com
>Reply-To: talk at nyphp.org
>To: NYPHP Talk <talk at nyphp.org>
>Subject: [nycphp-talk] Finishing with the open-versus source debate.
>Date: Sun, 23 Jun 2002 00:27:34 -0400
>
>Hello,
>
>you bring about a very good point.
>
>What have WE done for or with open source. What is the measure of our
>contribution?
>
>If we can ever get the project to the next step, I hope to provide a
>sound O-O footing for OpenBiblio.
>
>Some history:
>
>I also hope to provide some enhancements to phpwiki with some dialog
>and transaction processing and state machine/transition engine
>plugins.
>
>When I started in Smalltalk in the late eighties until the late
>nineties when Digitalk found a way hide the source code ALL my code
>was open source. Smalltalk products didn't ship as anything BUT
>because they have to be integrated into an image file which the VM
>then loads and runs with.
>
>This led to some tighter and neater code. You KNEW everybody would be
>seeing it.
>
>Code I wrote that was used in a course I tried to give on Compuserve.
>That was simply too early in my own evolution and in Smalltalk's
>acceptance (more the failure thereof,) to get widely used or
>disseminated.
>
>Code I wrote for converting TIFF and GIF images to/from images that
>were internal to Smalltalk.
>
>Code I wrote for convolving images (edge detection, shade smoothing,
>contrast enhancing and other image manipulation code,) was all open
>source.
>
>Code I developped for the Government of Canada (expert systems,
>expert applications, some in Smalltalk and some using "standard"
>expert system shells a.k.a. inference engines.)
>
>Code I wrote for and wrote about in Smalltalk report, Byte Magazine,
>Computer Language Magazine, AI Expert.
>
>Code I wrote for various other projects was all open source and the
>client got the source along with the product.
>
>Actually, it wasn't until I hit the United States in '95 that people
>began locking up my code and tying my tongue with confidentiality
>agreements. That's also when I started seeing code that was
>inexcusably lousy, amateurish and fragile.
>
>The project's I had worked on before had had some pretty poor code
>but nothing so universaly lousy as what was being developped and
>"shirk"-wrapped for general consumption. I'm ashamed of some of the
>comments I have written and read in commercial code or that the code
>itself was so sloppy.
>
>When I was working in Montreal in 1984, I had to maintain an
>accounting package written by McCormack and Dodge. It was in COBOL
>and we had the source code. We'd find and fix bugs and submit them
>for inclusion into the package and our efforts were apppreciated and
>acknowleged.
>
>In fact, NOBODY who's going to lay out significant money ($100k+) for
>software is NOT going to get the source code. Its NOT happening. You
>may have to sign non-competition agreements but you're getting the
>source code or they're NOT making the sale.
>
>Likewise, you're NOT getting code on a mainframe unless you have the
>source code and it gets subjected to "code efficiency" peer-review,
>process "weight" aanlysis for performance metrics and capacity
>planning, data base access method (DBAM) review and a complete
>security audit. Your code is not getting installed unless they can
>compile the source with their own compilers. Its NOT happening.
>
>We in the PC arena seem to have problems and issues that were solved
>decades ago on mainframes. Its only the PC arena which refuses to
>listen and arrogantly assumes that nothing will go wrong with the
>code when all evidence gathered from all experience in everything
>else is that "Shit Happens!"
>
>The help desk advice of "re-install and retry" would get you a ticket
>on a bus in a mainframe shop.
>
>-Charles-A.
>
>P.S.
>
>Some MORE history:
>
>Closed-source did not exist at all as a concept until a whiney Bill
>Gates published something in Byte magazine in the mid-to-late
>seventies. Aactually, he bought an ad, ranting that people were
>ripping off his BASIC interpreter (that he himself had ripped off
>without paying royalties of acknowledging the originators) and it was
>costing him money in lost sales. That's who closed source has been
>good to. He's worth hundred's of billions of dollars and you're worth
>squat.
>
>Closed source doesn't exist except on PCs. ("Big Iron" get the source
>and compiles it with its own trusted compilers in a series of
>development, test, QA, Integration and, finally, production
>environments.)
>
>Its called trying to sell me a pig-in-a-poke and it ain't happening.
>It shouldn't happen to anybody.
>
>



Place a free classified ad with LiquidMarkets
http://www.liquidmarkets.com/m.php?m=ads

_________________________________________________________________
Join the world?s largest e-mail service with MSN Hotmail. 
http://www.hotmail.com



From charles at softwareprototypes.com  Sun Jun 23 20:15:54 2002
From: charles at softwareprototypes.com (charles at softwareprototypes.com)
Date: Sun, 23 Jun 2002 20:15:54 -0400
Subject: No subject
Message-ID: <239420-22002612401554281@softwareprototypes.com>

Hello Ted,

another argument for OpenSource is that not all software is meant to
last forever.

SoftwarePrototypes.com is moribund, in case you hadn't noticed, and
was never meant to be a repository for any of my software. Its
moribund because despite the fact that everybody knows the prototyoes
ave money in the developmnent stage, nobody buys 'em because they ALL
always assume that everything will be okay.

Remember all of my open source stuff was writen before the birth of
the web. Some of it is older than most of the people reading this.
Some of it was written over twenty-five, Oh shit!, almost thirty,
(I've gotten old,) years ago. That almost a two hundred and ten in
dog/internet years. :-)

The first piece of software that I ever wrote (a payroll system) is
STILL RUNNING in at least one municipality that I know of.

But I have learned so much since then that I could do a much better
job of it. However the software belonged to (Cogebec, a since defunct
system house,) and I am NOT going to touch it. 

I'd rewrite it for the public domain but the calculation enines and
the pre- & post-tax allocations and calculations are so ideosyncratic
that I'd need a re-immersion into the domain before attempting it
again.

If I wanted to set up something like that on SoftwarePrototypes.com
I'd have to re-implement all of it (in php?) since the software
platform I was using (Digitalk Smalltalk /V, /V286, /V PM, /V Win,
VisualSmalltalk Enterprise,) is also defunct. (Man I feel old.) Some
of the stuff in VisualWorks and Visualge Smalltalk would land me in
jail for violating conditions of employment and confidentiality
agreements.

-Charles-A.

> From: "Ted Shieh" <liquidm3 at hotmail.com>
> Organization: New York PHP
> Reply-To: talk at nyphp.org
> Date: Sun, 23 Jun 2002 17:59:29 -0400
> To: NYPHP Talk <talk at nyphp.org>
> Subject: Re: [nycphp-talk] Finishing with the open-versus source
debate.
> 
> Charles,
> 
> That's great that you have written so much open source code.  But
it's not 
> clear to me where on the web I could go to view and download it.  
> softwareprototypes.com would seem to me to be a natural place where
you 
> could place your open source code, as coding samples for potential
clients 
> to examine.  Many clients lack the necessary background to evaluate
code 
> quality, but sometimes clients do have a technical background, or
at least a 
> team member with a technical background.  Even if the code is in
Smalltalk, 
> I'd think it would be a plus for potential clients to have a chance
to 
> evaluate your understanding of algorithms and OOP.
> 
> Ted




From kayraotaner at yahoo.com  Sun Jun 23 21:20:56 2002
From: kayraotaner at yahoo.com (Kayra Otaner)
Date: Sun, 23 Jun 2002 18:20:56 -0700 (PDT)
Subject: [nycphp-talk] eval;
In-Reply-To: <200206230011.g5N0B8P20975@slipdisc.virul.net>
Message-ID: <20020624012056.91111.qmail@web10101.mail.yahoo.com>

Did you try to start output buffering in the code that you used in eval function? I think it may
work. Simply replace your code with output buffered version :

ob_start();
echo "hello";
$output = ob_get_contents();
ob_end_clean();

and then echo $output for echoing content of your php code stored in database.

Kayra Otaner


--- Ian Forsyth <ian at plusfour.org> wrote:
> I am setting a basic CMS type thing.
> 
> Speediness aside, I am storing any all content in the db.
> 
> Basically i am trying to store php in the db that I want to do and eval();
> on. To get started I inserted the following into the db -
> 
> echo "hello";
> 
> and am doing the following for the result set
> 
> $str = eval($row['content']);
> 
> question-
> 
> Storing the value in $str does nothing and output buffering didn't seem to
> work; how can i control where the eval gets spit out?
> 
> I have read about doing addslashes and stripslashes, but that does not seem
> to work in my case....
> 
> regards,
> Ian
> 
> 


__________________________________________________
Do You Yahoo!?
Yahoo! - Official partner of 2002 FIFA World Cup
http://fifaworldcup.yahoo.com


From soazine at erols.com  Sun Jun 23 23:55:24 2002
From: soazine at erols.com (Phil Powell)
Date: Sun, 23 Jun 2002 23:55:24 -0400
Subject: Help! Can't include PHP file in <!--#INCLUDE VIRTUAL=... -->
Message-ID: <010c01c21b32$f8ac4770$53bd6444@scandinawa1bo6>

I have to include a PHP file as a server-side include into an .shtml file, however I constantly get this error no matter what I do:

[an error occurred while processing this directive] 

Please, any ideas?  This is kind of an emergency!!

Thanx
Phil
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20020623/295f8fef/attachment.html>

From robl at emerchant.ca  Tue Jun 25 00:10:53 2002
From: robl at emerchant.ca (Robert Lanciault)
Date: Tue, 25 Jun 2002 00:10:53 -0400
Subject: [nycphp-talk] Help! Can't include PHP file in <!--#INCLUDE VIRTUAL=... -->
References: <200206240356.g5O3u2P52230@slipdisc.virul.net>
Message-ID: <001301c21bfe$5ec35d20$77010a0a@internal.theonlinecreator.net>

There was a post a couple weeks back about an online book site. Does anyone
have the link on file


----- Original Message -----
From: "Phil Powell" <soazine at erols.com>
To: "NYPHP Talk" <talk at nyphp.org>
Sent: Sunday, June 23, 2002 11:56 PM
Subject: [nycphp-talk] Help! Can't include PHP file in <!--#INCLUDE
VIRTUAL=... -->


> I have to include a PHP file as a server-side include into an .shtml file,
however I constantly get this error no matter what I do:
>
> [an error occurred while processing this directive]
>
> Please, any ideas?  This is kind of an emergency!!
>
> Thanx
> Phil
>
>
>



From ken_11223 at yahoo.com  Mon Jun 24 00:56:05 2002
From: ken_11223 at yahoo.com (ken wu)
Date: Sun, 23 Jun 2002 21:56:05 -0700 (PDT)
Subject: [nycphp-talk] Help! Can't include PHP file in <!--#INCLUDE VIRTUAL=... -->
In-Reply-To: <200206240356.g5O3u2P52230@slipdisc.virul.net>
Message-ID: <20020624045605.9084.qmail@web12805.mail.yahoo.com>

oh. did u check up your apache error logs? Experience
tells me that there are often valuable clues to any
kind of errors....

good luck ~~~



--- Phil Powell <soazine at erols.com> wrote:
> I have to include a PHP file as a server-side
> include into an .shtml file, however I constantly
> get this error no matter what I do:
> 
> [an error occurred while processing this directive] 
> 
> Please, any ideas?  This is kind of an emergency!!
> 
> Thanx
> Phil
> 
> 


=====
Ken Wu

718-788-0661
168 35 Street Apt 2
Broooklyn, NY 11232-2320

http://www.kenfile.com

__________________________________________________
Do You Yahoo!?
Yahoo! - Official partner of 2002 FIFA World Cup
http://fifaworldcup.yahoo.com


From soazine at erols.com  Mon Jun 24 05:31:40 2002
From: soazine at erols.com (Phil Powell)
Date: Mon, 24 Jun 2002 05:31:40 -0400
Subject: [nycphp-talk] Help! Can't include PHP file in <!--#INCLUDE VIRTUAL=... -->
References: <200206240456.g5O4uCP53290@slipdisc.virul.net>
Message-ID: <002b01c21b61$f2604bd0$53bd6444@scandinawa1bo6>

Cannot check my apache server logs.. this is on a remote server that is not
my own.

Sorry
Phil
----- Original Message -----
From: "ken wu" <ken_11223 at yahoo.com>
To: "NYPHP Talk" <talk at nyphp.org>
Sent: Monday, June 24, 2002 12:56 AM
Subject: Re: [nycphp-talk] Help! Can't include PHP file in <!--#INCLUDE
VIRTUAL=... -->


> oh. did u check up your apache error logs? Experience
> tells me that there are often valuable clues to any
> kind of errors....
>
> good luck ~~~
>
>
>
> --- Phil Powell <soazine at erols.com> wrote:
> > I have to include a PHP file as a server-side
> > include into an .shtml file, however I constantly
> > get this error no matter what I do:
> >
> > [an error occurred while processing this directive]
> >
> > Please, any ideas?  This is kind of an emergency!!
> >
> > Thanx
> > Phil
> >
> >
>
>
> =====
> Ken Wu
>
> 718-788-0661
> 168 35 Street Apt 2
> Broooklyn, NY 11232-2320
>
> http://www.kenfile.com
>
> __________________________________________________
> Do You Yahoo!?
> Yahoo! - Official partner of 2002 FIFA World Cup
> http://fifaworldcup.yahoo.com
>



From ian at plusfour.org  Mon Jun 24 11:36:20 2002
From: ian at plusfour.org (Ian Forsyth)
Date: Mon, 24 Jun 2002 11:36:20 -0400
Subject: [nycphp-talk] eval;
In-Reply-To: <200206240121.g5O1KxP49568@slipdisc.virul.net>
Message-ID: <DEEKJLBPBMNHDEECLKBEIECJCGAA.ian@plusfour.org>

Thanks,

that worked perfectly. So in my code I do.. 

eval($row['content']);

then in the space where I want the content to be echoed, i do echo $output;

regards
Ian

> -----Original Message-----
> From: Kayra Otaner [mailto:kayraotaner at yahoo.com]
> Sent: Sunday, June 23, 2002 9:21 PM
> To: NYPHP Talk
> Subject: Re: [nycphp-talk] eval;
> 
> 
> Did you try to start output buffering in the code that you used 
> in eval function? I think it may
> work. Simply replace your code with output buffered version :
> 
> ob_start();
> echo "hello";
> $output = ob_get_contents();
> ob_end_clean();
> 
> and then echo $output for echoing content of your php code stored 
> in database.
> 
> Kayra Otaner
> 
> 
> --- Ian Forsyth <ian at plusfour.org> wrote:
> > I am setting a basic CMS type thing.
> > 
> > Speediness aside, I am storing any all content in the db.
> > 
> > Basically i am trying to store php in the db that I want to do 
> and eval();
> > on. To get started I inserted the following into the db -
> > 
> > echo "hello";
> > 
> > and am doing the following for the result set
> > 
> > $str = eval($row['content']);
> > 
> > question-
> > 
> > Storing the value in $str does nothing and output buffering 
> didn't seem to
> > work; how can i control where the eval gets spit out?
> > 
> > I have read about doing addslashes and stripslashes, but that 
> does not seem
> > to work in my case....
> > 
> > regards,
> > Ian
> > 
> > 
> 
> 
> __________________________________________________
> Do You Yahoo!?
> Yahoo! - Official partner of 2002 FIFA World Cup
> http://fifaworldcup.yahoo.com
> 
> 


From petr at linux.ru  Mon Jun 24 17:16:23 2002
From: petr at linux.ru (Petr Pomorov)
Date: Mon, 24 Jun 2002 17:16:23 -0400
Subject: [nycphp-talk] Help! Can't include PHP file in <!--#INCLUDE VIRTUAL=... -->
In-Reply-To: <200206240933.g5O9X0P58298@slipdisc.virul.net>
References: <200206240933.g5O9X0P58298@slipdisc.virul.net>
Message-ID: <200206242116.g5OLGO102318@biggie>

Is it apache?  /the server/  
On Monday 24 June 2002 05:33 am, you wrote:
> Cannot check my apache server logs.. this is on a remote server that is not
> my own.
>
> Sorry
> Phil
> ----- Original Message -----
> From: "ken wu" <ken_11223 at yahoo.com>
> To: "NYPHP Talk" <talk at nyphp.org>
> Sent: Monday, June 24, 2002 12:56 AM
> Subject: Re: [nycphp-talk] Help! Can't include PHP file in <!--#INCLUDE
> VIRTUAL=... -->
>
> > oh. did u check up your apache error logs? Experience
> > tells me that there are often valuable clues to any
> > kind of errors....
> >
> > good luck ~~~
> >
> > --- Phil Powell <soazine at erols.com> wrote:
> > > I have to include a PHP file as a server-side
> > > include into an .shtml file, however I constantly
> > > get this error no matter what I do:
> > >
> > > [an error occurred while processing this directive]
> > >
> > > Please, any ideas?  This is kind of an emergency!!
> > >
> > > Thanx
> > > Phil
> >
> > =====
> > Ken Wu
> >
> > 718-788-0661
> > 168 35 Street Apt 2
> > Broooklyn, NY 11232-2320
> >
> > http://www.kenfile.com
> >
> > __________________________________________________
> > Do You Yahoo!?
> > Yahoo! - Official partner of 2002 FIFA World Cup
> > http://fifaworldcup.yahoo.com


From ian at plusfour.org  Mon Jun 24 17:24:57 2002
From: ian at plusfour.org (Ian Forsyth)
Date: Mon, 24 Jun 2002 17:24:57 -0400
Subject: [nycphp-talk] Help! Can't include PHP file in <!--#INCLUDE VIRTUAL=... -->
In-Reply-To: <200206242111.g5OLBsP87730@slipdisc.virul.net>
Message-ID: <DEEKJLBPBMNHDEECLKBECECPCGAA.ian@plusfour.org>

what about <!-- include exe="/cgi-bin/phpscript.php"-->

> -----Original Message-----
> From: Petr Pomorov [mailto:petr at linux.ru]
> Sent: Monday, June 24, 2002 5:12 PM
> To: NYPHP Talk
> Subject: Re: [nycphp-talk] Help! Can't include PHP file in <!--#INCLUDE
> VIRTUAL=... -->
> 
> 
> Is it apache?  /the server/  
> On Monday 24 June 2002 05:33 am, you wrote:
> > Cannot check my apache server logs.. this is on a remote server 
> that is not
> > my own.
> >
> > Sorry
> > Phil
> > ----- Original Message -----
> > From: "ken wu" <ken_11223 at yahoo.com>
> > To: "NYPHP Talk" <talk at nyphp.org>
> > Sent: Monday, June 24, 2002 12:56 AM
> > Subject: Re: [nycphp-talk] Help! Can't include PHP file in <!--#INCLUDE
> > VIRTUAL=... -->
> >
> > > oh. did u check up your apache error logs? Experience
> > > tells me that there are often valuable clues to any
> > > kind of errors....
> > >
> > > good luck ~~~
> > >
> > > --- Phil Powell <soazine at erols.com> wrote:
> > > > I have to include a PHP file as a server-side
> > > > include into an .shtml file, however I constantly
> > > > get this error no matter what I do:
> > > >
> > > > [an error occurred while processing this directive]
> > > >
> > > > Please, any ideas?  This is kind of an emergency!!
> > > >
> > > > Thanx
> > > > Phil
> > >
> > > =====
> > > Ken Wu
> > >
> > > 718-788-0661
> > > 168 35 Street Apt 2
> > > Broooklyn, NY 11232-2320
> > >
> > > http://www.kenfile.com
> > >
> > > __________________________________________________
> > > Do You Yahoo!?
> > > Yahoo! - Official partner of 2002 FIFA World Cup
> > > http://fifaworldcup.yahoo.com
> 
> 


From ian at plusfour.org  Tue Jun 25 10:12:00 2002
From: ian at plusfour.org (Ian Forsyth)
Date: Tue, 25 Jun 2002 10:12:00 -0400
Subject: mysql command line
In-Reply-To: <200206242124.g5OLOhP87928@slipdisc.virul.net>
Message-ID: <DEEKJLBPBMNHDEECLKBEOEDDCGAA.ian@plusfour.org>


Is there any utility out there that allows you to import selective records
from a mysqldump.sql file?

for instance..

On June 12 I made a back up of the database on june 13 i deleted products
having a compandy_id = 20, on june 14 we needed those products back, and
lots of other products where updated so i can't just dump the table and
replace it..

so is there any thing already made that would allow me to import the records
from the product table that have a company_id = 20 from a mysqldump.sql file
(meaning it has create table and insert statements, its no tab seperated)...

Ian



From sklar at sklar.com  Tue Jun 25 10:24:51 2002
From: sklar at sklar.com (David Sklar)
Date: Tue, 25 Jun 2002 10:24:51 -0400
Subject: [nycphp-talk] mysql command line
In-Reply-To: <200206251412.g5PEC7P02786@slipdisc.virul.net>
Message-ID: <NFBBJNKBNKCIKGKJIFPJCENKDBAA.sklar@sklar.com>

Some possibilities:

1. grep (just pick out the lines you care about)

2. emacs (or your favorite editor) to edit the dump file

3. create a dummy database, load the dumpfile into the dummy database, and
then pull out the data from there with something like "INSERT INTO
actual_db.table SELECT * FROM dummy_db.table WHERE company_id = 20"


-dave

> -----Original Message-----
> From: Ian Forsyth [mailto:ian at plusfour.org]
> Sent: Tuesday, June 25, 2002 10:12 AM
> To: NYPHP Talk
> Subject: [nycphp-talk] mysql command line
>
>
>
> Is there any utility out there that allows you to import selective records
> from a mysqldump.sql file?
>
> for instance..
>
> On June 12 I made a back up of the database on june 13 i deleted products
> having a compandy_id = 20, on june 14 we needed those products back, and
> lots of other products where updated so i can't just dump the table and
> replace it..
>
> so is there any thing already made that would allow me to import
> the records
> from the product table that have a company_id = 20 from a
> mysqldump.sql file
> (meaning it has create table and insert statements, its no tab
> seperated)...
>
> Ian
>



From nyphp at altunergil.com  Tue Jun 25 10:24:48 2002
From: nyphp at altunergil.com (Oktay Altunergil)
Date: Tue, 25 Jun 2002 10:24:48 -0400
Subject: [nycphp-talk] mysql command line
In-Reply-To: <200206251412.g5PEC7P02786@slipdisc.virul.net>
References: <200206251412.g5PEC7P02786@slipdisc.virul.net>
Message-ID: <20020625102448.4c66d754.nyphp@altunergil.com>

I recommend creating a seperate database and importing all records into that temp database. Rung a few sql statements ( DELETE FROM blah WHERE company_id <> 20 ) to end up with just what you want. Then take a dump of that database with the -t switch (do not include CREATE TABLE statements) and import that into your real database. Hoping you will only have to do this kind of thing one or two times during your lifetime, there should be no need to look for software that does this. Having said that, an application that can read the SQL statements and represent them in a format that you can work with (select/delete portions etc) shouldn't be too hard to code for people who can actually code that kind of stuff (not me).

Oktay Altunergil

On Tue, 25 Jun 2002 10:12:07 -0400
Ian Forsyth <ian at plusfour.org> wrote:

> 
> Is there any utility out there that allows you to import selective records
> from a mysqldump.sql file?
> 
> for instance..
> 
> On June 12 I made a back up of the database on june 13 i deleted products
> having a compandy_id = 20, on june 14 we needed those products back, and
> lots of other products where updated so i can't just dump the table and
> replace it..
> 
> so is there any thing already made that would allow me to import the records
> from the product table that have a company_id = 20 from a mysqldump.sql file
> (meaning it has create table and insert statements, its no tab seperated)...
> 
> Ian
> 
> 


From ian at plusfour.org  Tue Jun 25 10:44:22 2002
From: ian at plusfour.org (Ian Forsyth)
Date: Tue, 25 Jun 2002 10:44:22 -0400
Subject: [nycphp-talk] mysql command line
In-Reply-To: <200206251424.g5PEOsP02975@slipdisc.virul.net>
Message-ID: <DEEKJLBPBMNHDEECLKBEOEDECGAA.ian@plusfour.org>

That is a great idea.. making a seperate table..

thanks..

Ian

> -----Original Message-----
> From: Oktay Altunergil [mailto:nyphp at altunergil.com]
> Sent: Tuesday, June 25, 2002 10:25 AM
> To: NYPHP Talk
> Subject: Re: [nycphp-talk] mysql command line
>
>
> I recommend creating a seperate database and importing all
> records into that temp database. Rung a few sql statements (
> DELETE FROM blah WHERE company_id <> 20 ) to end up with just
> what you want. Then take a dump of that database with the -t
> switch (do not include CREATE TABLE statements) and import that
> into your real database. Hoping you will only have to do this
> kind of thing one or two times during your lifetime, there should
> be no need to look for software that does this. Having said that,
> an application that can read the SQL statements and represent
> them in a format that you can work with (select/delete portions
> etc) shouldn't be too hard to code for people who can actually
> code that kind of stuff (not me).
>
> Oktay Altunergil
>
> On Tue, 25 Jun 2002 10:12:07 -0400
> Ian Forsyth <ian at plusfour.org> wrote:
>
> >
> > Is there any utility out there that allows you to import
> selective records
> > from a mysqldump.sql file?
> >
> > for instance..
> >
> > On June 12 I made a back up of the database on june 13 i
> deleted products
> > having a compandy_id = 20, on june 14 we needed those products back, and
> > lots of other products where updated so i can't just dump the table and
> > replace it..
> >
> > so is there any thing already made that would allow me to
> import the records
> > from the product table that have a company_id = 20 from a
> mysqldump.sql file
> > (meaning it has create table and insert statements, its no tab
> seperated)...
> >
> > Ian
> >
> >
>
>



From drydell at worldnet.att.net  Tue Jun 25 16:16:28 2002
From: drydell at worldnet.att.net (David Rydell)
Date: Tue, 25 Jun 2002 16:16:28 -0400
Subject: [nycphp-talk] PHP Versions and GLOBALS
Message-ID: <011f01c21c85$311e69a0$656b580c@david>

if you have lots of scripts expecting register_globals=on, just prepend them
with code like this and you'll never need to worry about it...

if ($GLOBALS)

    reset ($GLOBALS);
    while (list ($key, $value) = each ($GLOBALS)) { ${$key} = $value; }
}

if ($HTTP_SERVER_VARS)

    reset ($HTTP_SERVER_VARS);
    while (list ($key, $value) = each ($HTTP_SERVER_VARS)) { ${$key} =
$value; }
}

if ($HTTP_GET_VARS)

    reset ($HTTP_GET_VARS);
    while (list ($key, $value) = each ($HTTP_GET_VARS)) { ${$key} =
$value; }
}

if ($HTTP_POST_VARS)

    reset ($HTTP_POST_VARS);
    while (list ($key, $value) = each ($HTTP_POST_VARS)) { ${$key} =
$value; }
}




From drydell at att.net  Tue Jun 25 16:41:47 2002
From: drydell at att.net (David Rydell)
Date: Tue, 25 Jun 2002 16:41:47 -0400
Subject: [nycphp-talk] PHP Versions and GLOBALS
Message-ID: <013201c21c88$ba296440$656b580c@david>

if you have lots of scripts expecting register_globals=on, just prepend them
with code like this and you'll never need to worry about it...

if ($GLOBALS)
{
    reset ($GLOBALS);
    while (list ($key, $value) = each ($GLOBALS)) { ${$key} = $value; }
}

if ($HTTP_SERVER_VARS)
{
    reset ($HTTP_SERVER_VARS);
    while (list ($key, $value) = each ($HTTP_SERVER_VARS)) { ${$key} =
$value; }
}

if ($HTTP_GET_VARS)
{
    reset ($HTTP_GET_VARS);
    while (list ($key, $value) = each ($HTTP_GET_VARS)) { ${$key} =
$value; }
}

if ($HTTP_POST_VARS)
{
    reset ($HTTP_POST_VARS);
    while (list ($key, $value) = each ($HTTP_POST_VARS)) { ${$key} =
$value; }
}




From jhise at linuxforbusiness.org  Tue Jun 25 17:43:56 2002
From: jhise at linuxforbusiness.org (Jeremy Hise)
Date: 25 Jun 2002 17:43:56 -0400
Subject: Apache Rendering
Message-ID: <1025041441.2720.14.camel@localhost.localdomain>

Hi!

I've got a very strange problem. I'm running PHP on Apache on intel86
and some of my webpages suddenly stop rendering...at different pages. I
look at the source and there are no errors or anything. Nothing
complains even when I turn up the PHP error reporting all the way.

Have any of you ever run into a problem like this before?

Thank you,

jhise






From jbishop at jimbishop.org  Tue Jun 25 17:45:51 2002
From: jbishop at jimbishop.org (jim.bishop)
Date: Tue, 25 Jun 2002 14:45:51 -0700 (PDT)
Subject: [nycphp-talk] mysql command line
In-Reply-To: <200206251412.g5PEC7P02786@slipdisc.virul.net>
Message-ID: <Pine.LNX.4.21.0206251444240.24918-100000@cypress.he.net>

> Is there any utility out there that allows you to import selective records
> from a mysqldump.sql file?

if you still have the original file, i saw this perl util on freshmeat a
couple of days ago:
http://freshmeat.net/projects/mysqldiff/?topic_id=66%2C45%2C67

i downloaded it, but haven't had occasion to use it yet.


jim.bishop






|| jim.bishop
|| i heart n y
|| http://www.jimbishop.org/tidbytes/




From nyphp at jimbishop.org  Tue Jun 25 17:53:17 2002
From: nyphp at jimbishop.org (nyphp at jimbishop.org)
Date: Tue, 25 Jun 2002 14:53:17 -0700 (PDT)
Subject: [nycphp-talk] Apache Rendering
In-Reply-To: <200206252145.g5PLjZP15242@slipdisc.virul.net>
Message-ID: <Pine.LNX.4.21.0206251452360.24918-100000@cypress.he.net>

> I've got a very strange problem. I'm running PHP on Apache on intel86
> and some of my webpages suddenly stop rendering...at different pages.
> I look at the source and there are no errors or anything. Nothing
> complains even when I turn up the PHP error reporting all the way.
> 
> Have any of you ever run into a problem like this before?


my isp had the same problem the other day.  they restarted apache and
everything magically began to work again.  no idea why.

jim.bishop



From zaunere at yahoo.com  Tue Jun 25 21:10:40 2002
From: zaunere at yahoo.com (Hans Zaunere)
Date: Tue, 25 Jun 2002 18:10:40 -0700 (PDT)
Subject: MEETING - Open NYPHP Meeting Tomorrow
Message-ID: <20020626011040.57708.qmail@web12806.mail.yahoo.com>


Hello all,

The monthly NYPHP meeting will be tomorrow in Manhattan, at our usual
location at 6:30pm.  Details are available at http://nyphp.org.

Tomorrow's meeting focus will be open Q&A, networking, and adhoc
talks/presentations.  An LCD projector is available with web access,
and a large portion of the meeting will be available for informal
breakout discussions.

As I'm sure many know, the PC Expo is in session, and contains a Web
Services exhibit floor.  While many may be tired after the expo (I was
today), I hope that you will still attend tomorrow's meeting, as there
will be much to talk about.

Hope to see everyone there!

Regards,

Hans Z.



__________________________________________________
Do You Yahoo!?
Yahoo! - Official partner of 2002 FIFA World Cup
http://fifaworldcup.yahoo.com


From zaunere at yahoo.com  Tue Jun 25 21:13:05 2002
From: zaunere at yahoo.com (Hans Zaunere)
Date: Tue, 25 Jun 2002 18:13:05 -0700 (PDT)
Subject: NYPHP Library - Don't Forget Your Books Please!
Message-ID: <20020626011305.4527.qmail@web12801.mail.yahoo.com>


As a reminder, if you have a borrowed book from the NYPHP Library,
please don't forget to return it at tomorrow's meeting!  Meeting time
and location details can be found at http://nyphp.org.

If you are unable to attend tomorrow, and have a borrowed book, please
contact library at nyphp.org as soon as possible.

Thank you,

Hans Z.


__________________________________________________
Do You Yahoo!?
Yahoo! - Official partner of 2002 FIFA World Cup
http://fifaworldcup.yahoo.com


From petr at linux.ru  Wed Jun 26 04:56:18 2002
From: petr at linux.ru (Petr Pomorov)
Date: Wed, 26 Jun 2002 04:56:18 -0400
Subject: RedHat 7.3 Distro
Message-ID: <200206260856.g5Q8uJg02689@biggie>

Anyone got the latest RedHat distro on CD they could loan me at the meeting 
for a couple of days to make a copy? I just need the CDs. 
Thanks.


From LarryC at indexstock.com  Wed Jun 26 10:21:33 2002
From: LarryC at indexstock.com (Larry Chuon)
Date: Wed, 26 Jun 2002 10:21:33 -0400
Subject: [nycphp-talk] MEETING - Open NYPHP Meeting Tomorrow
Message-ID: <86713EAB93BD5F40B94A0C8E604C7C91AEB3D4@index-exchange.indexstock.com>

Sorry, I won't make it to our meeting again today.  My employer needs me for
the softball game, not that it makes any differences if I am there or not.
Good luck.  Hopefully someone share the minutes.

Larry Chuon, IT Director
Indexstock Imagery, Inc.
http://www.photostogo.com
http://www.indexstock.com
http://www.webspice.com
p:	212.929.4644
f: 	212.633.1914


-----Original Message-----
From: Hans Zaunere [mailto:zaunere at yahoo.com]
Sent: Tuesday, June 25, 2002 9:11 PM
To: NYPHP Talk
Subject: [nycphp-talk] MEETING - Open NYPHP Meeting Tomorrow


Hello all,

The monthly NYPHP meeting will be tomorrow in Manhattan, at our usual
location at 6:30pm.  Details are available at http://nyphp.org.

Tomorrow's meeting focus will be open Q&A, networking, and adhoc
talks/presentations.  An LCD projector is available with web access,
and a large portion of the meeting will be available for informal
breakout discussions.

As I'm sure many know, the PC Expo is in session, and contains a Web
Services exhibit floor.  While many may be tired after the expo (I was
today), I hope that you will still attend tomorrow's meeting, as there
will be much to talk about.

Hope to see everyone there!

Regards,

Hans Z.



__________________________________________________
Do You Yahoo!?
Yahoo! - Official partner of 2002 FIFA World Cup
http://fifaworldcup.yahoo.com


From jon at corporatelords.org  Wed Jun 26 11:44:34 2002
From: jon at corporatelords.org (Jon Britton)
Date: Wed, 26 Jun 2002 11:44:34 -0400
Subject: [nycphp-talk] RedHat 7.3 Distro
In-Reply-To: <200206260851.g5Q8peP22032@slipdisc.virul.net>
References: <200206260851.g5Q8peP22032@slipdisc.virul.net>
Message-ID: <20020626154434.GA16911@breakwindows.com>

On Wed, Jun 26, 2002 at 04:51:40AM -0400, Petr Pomorov wrote:
> Anyone got the latest RedHat distro on CD they could loan me at the meeting 
> for a couple of days to make a copy? I just need the CDs. 
> Thanks.

I think there are 3 CD's?  That's all I have (RH7.3, x86 only)...I'm 
pretty sure I'll be at the meeting, so I'll burn off copies for you.

- Jon


-- 
Steve Jobs is like the bastard child of Ayn Rand and Horatio Alger 
starring in a David Lynch movie.


From tom at supertom.com  Thu Jun 27 10:25:14 2002
From: tom at supertom.com (tom at supertom.com)
Date: Thu, 27 Jun 2002 10:25:14 -0400
Subject: MySQL question
In-Reply-To: <200206202027.g5KKRjP61591@slipdisc.virul.net>
Message-ID: <LBEDJMJGLEPEKJAJMHBDCEANCHAA.tom@supertom.com>

I know this is off topic as it is a MySQL question, but I figured that this
PHP list may have the answer (I'm using PHP, if that helps!).

I'm storing both HTML and text in a field, and I now want to search that
field.  My question is: Is it possible to have MySQL ignore the HTML
somehow?  I know that I could grab the data out of the db, then use PHP's
strip_tags and find the text that way, but that takes the performance
benefits of the db right out of the equation.

An example of this would be:

If the user searches for the word 'size', I don't want them pulling back a
row that contains '<font size=3>'

Any suggestions on how to do this with just MySQL?

Thanks,

Tom



From brian at preston-campbell.com  Thu Jun 27 12:20:09 2002
From: brian at preston-campbell.com (Preston-Campbell)
Date: Thu, 27 Jun 2002 12:20:09 -0400
Subject: [nycphp-talk] MySQL question
References: <200206271429.g5RETxP37442@slipdisc.virul.net>
Message-ID: <001501c21df6$83ff4460$a77cfea9@p1n1w5>

it is possible to use regex in MySQL queries so you could eliminate anything
between < and > for example.

MySQL by Paul Dubois covers this subject quite well.

Brian


----- Original Message -----
From: <tom at supertom.com>
To: "NYPHP Talk" <talk at nyphp.org>
Sent: Thursday, June 27, 2002 10:29 AM
Subject: [nycphp-talk] MySQL question


> I know this is off topic as it is a MySQL question, but I figured that
this
> PHP list may have the answer (I'm using PHP, if that helps!).
>
> I'm storing both HTML and text in a field, and I now want to search that
> field.  My question is: Is it possible to have MySQL ignore the HTML
> somehow?  I know that I could grab the data out of the db, then use PHP's
> strip_tags and find the text that way, but that takes the performance
> benefits of the db right out of the equation.
>
> An example of this would be:
>
> If the user searches for the word 'size', I don't want them pulling back a
> row that contains '<font size=3>'
>
> Any suggestions on how to do this with just MySQL?
>
> Thanks,
>
> Tom
>
>
>




From tom at supertom.com  Thu Jun 27 13:18:26 2002
From: tom at supertom.com (tom at supertom.com)
Date: Thu, 27 Jun 2002 13:18:26 -0400
Subject: [nycphp-talk] MySQL question
In-Reply-To: <200206271620.g5RGKPP38487@slipdisc.virul.net>
Message-ID: <LBEDJMJGLEPEKJAJMHBDEEBBCHAA.tom@supertom.com>

That is a very good idea!  I will give that a try!

Thanks,

Tom

-----Original Message-----
From: Preston-Campbell [mailto:brian at preston-campbell.com]
Sent: Thursday, June 27, 2002 12:20 PM
To: NYPHP Talk
Subject: Re: [nycphp-talk] MySQL question


it is possible to use regex in MySQL queries so you could eliminate anything
between < and > for example.

MySQL by Paul Dubois covers this subject quite well.

Brian


----- Original Message -----
From: <tom at supertom.com>
To: "NYPHP Talk" <talk at nyphp.org>
Sent: Thursday, June 27, 2002 10:29 AM
Subject: [nycphp-talk] MySQL question


> I know this is off topic as it is a MySQL question, but I figured that
this
> PHP list may have the answer (I'm using PHP, if that helps!).
>
> I'm storing both HTML and text in a field, and I now want to search that
> field.  My question is: Is it possible to have MySQL ignore the HTML
> somehow?  I know that I could grab the data out of the db, then use PHP's
> strip_tags and find the text that way, but that takes the performance
> benefits of the db right out of the equation.
>
> An example of this would be:
>
> If the user searches for the word 'size', I don't want them pulling back a
> row that contains '<font size=3>'
>
> Any suggestions on how to do this with just MySQL?
>
> Thanks,
>
> Tom
>
>
>





From jay at trans-city.com  Thu Jun 27 13:42:53 2002
From: jay at trans-city.com (Jay Greenspan)
Date: Thu, 27 Jun 2002 13:42:53 -0400
Subject: [nycphp-talk] MySQL question
In-Reply-To: <200206271620.g5RGKPP38487@slipdisc.virul.net>
Message-ID: <B940C6DD.3848%jay@trans-city.com>

Here's the basics with some pretty lame regex:

mysql> create table size_test(afield varchar(255));
mysql> insert into size_test values(' blah blah <font size>');
mysql> insert into size_test values(' blah blah <font size> the size is');
mysql> select afield from size_test where afield regexp '>.*size.*';
+------------------------------------+
| afield                             |
+------------------------------------+
|  blah blah <font size> the size is |
+------------------------------------+
1 row in set (0.00 sec)


-j

On 6/27/02 12:20 PM, "Preston-Campbell" <brian at preston-campbell.com> wrote:

> it is possible to use regex in MySQL queries so you could eliminate anything
> between < and > for example.
> 
> MySQL by Paul Dubois covers this subject quite well.



From zaunere at yahoo.com  Thu Jun 27 15:39:21 2002
From: zaunere at yahoo.com (Hans Zaunere)
Date: Thu, 27 Jun 2002 12:39:21 -0700 (PDT)
Subject: PHP and Javascript/HTML
Message-ID: <20020627193921.71800.qmail@web12805.mail.yahoo.com>


I have a co-worker who will be working with me on a couple pages.  He
knows a little about Javascript and PHP and will be doing mostly
frontend work, including taking a static HTML page and marking it up
with PHP, so dynamic tables/etc can be generated from DB data that I
supply (so I don't have to - YES!).

Does anyone have resources that they've found particularly useful for
implementing PHP in HTML/Javascript/layout/generation/etc.  I'd like to
stay away from templates/"supply a couple vars and out comes a
table"/class systems - just good old fashioned HTML markup with PHP.


Thanks,

HZ


__________________________________________________
Do You Yahoo!?
Yahoo! - Official partner of 2002 FIFA World Cup
http://fifaworldcup.yahoo.com


From jonbaer at digitalanywhere.com  Thu Jun 27 15:44:55 2002
From: jonbaer at digitalanywhere.com (Jon Baer)
Date: Thu, 27 Jun 2002 15:44:55 -0400
Subject: [nycphp-talk] PHP and Javascript/HTML
References: <200206271939.g5RJdQP40258@slipdisc.virul.net>
Message-ID: <3D1B6B37.1060204@digitalanywhere.com>

Hmm, not sure if it applies but Ive found this little hidden resource 
extremely helpful:

http://ashleyit.com/rs/

Remote scripting w/ PHP works very nicely :-)

- Jon

Hans Zaunere wrote:

>I have a co-worker who will be working with me on a couple pages.  He
>knows a little about Javascript and PHP and will be doing mostly
>frontend work, including taking a static HTML page and marking it up
>with PHP, so dynamic tables/etc can be generated from DB data that I
>supply (so I don't have to - YES!).
>
>Does anyone have resources that they've found particularly useful for
>implementing PHP in HTML/Javascript/layout/generation/etc.  I'd like to
>stay away from templates/"supply a couple vars and out comes a
>table"/class systems - just good old fashioned HTML markup with PHP.
>
>
>Thanks,
>
>HZ
>
>
>__________________________________________________
>Do You Yahoo!?
>Yahoo! - Official partner of 2002 FIFA World Cup
>http://fifaworldcup.yahoo.com
>
>  
>





From ktuskey at exostream.com  Thu Jun 27 17:08:02 2002
From: ktuskey at exostream.com (Kyle Tuskey)
Date: Thu, 27 Jun 2002 17:08:02 -0400
Subject: Meeting
In-Reply-To: <200206271948.g5RJmVP40346@slipdisc.virul.net>
Message-ID: <001e01c21e1e$b99691a0$e1072744@win2kbox>

Just wanted to say I had a good time at the meeting.  It was nice and
more personal than I expected.  For those of you that need my contact
info, it is below.  See everyone at the next one.


Kyle Tuskey
ktuskey at exostream.com
AIM: artguru



From evan.heller at alum.rpi.edu  Thu Jun 27 22:45:01 2002
From: evan.heller at alum.rpi.edu (evan heller)
Date: Thu, 27 Jun 2002 22:45:01 -0400
Subject: [nycphp-talk] PHP and Javascript/HTML
References: <200206271948.g5RJmVP40346@slipdisc.virul.net>
Message-ID: <3D1BCDAD.768CAC72@alum.rpi.edu>

Well, a weird way of doing it is to have the page
use the javascript include method to include a
javascript file such as:

<script language="JavaScript"
src="http://www.nyphp.org/somephpscript.php?content=blah
"></script>
but instead of returning a php page, it rather
creates a javascript page which contains 
things like document.write("<br>some text from a
database");   then all you have to do is tell your
user to
include the javascript bits wherever needed and
walla...it should work across most browsers and is
great method of getting
data. HTMLGear.com uses it extensively if you want
like Wired.com headlines or guest books or
whatever.

-Evan

Jon Baer wrote:
> 
> Hmm, not sure if it applies but Ive found this little hidden resource
> extremely helpful:
> 
> http://ashleyit.com/rs/
> 
> Remote scripting w/ PHP works very nicely :-)
> 
> - Jon
> 
> Hans Zaunere wrote:
> 
> >I have a co-worker who will be working with me on a couple pages.  He
> >knows a little about Javascript and PHP and will be doing mostly
> >frontend work, including taking a static HTML page and marking it up
> >with PHP, so dynamic tables/etc can be generated from DB data that I
> >supply (so I don't have to - YES!).
> >
> >Does anyone have resources that they've found particularly useful for
> >implementing PHP in HTML/Javascript/layout/generation/etc.  I'd like to
> >stay away from templates/"supply a couple vars and out comes a
> >table"/class systems - just good old fashioned HTML markup with PHP.
> >
> >
> >Thanks,
> >
> >HZ
> >
> >
> >__________________________________________________
> >Do You Yahoo!?
> >Yahoo! - Official partner of 2002 FIFA World Cup
> >http://fifaworldcup.yahoo.com
> >
> >
> >

-- 

Evan Heller     
evan.heller at alum.rpi.edu


From dkrook at hotmail.com  Fri Jun 28 10:18:06 2002
From: dkrook at hotmail.com (D C Krook)
Date: Fri, 28 Jun 2002 10:18:06 -0400
Subject: [nycphp-talk] PHP and Javascript/HTML
Message-ID: <F92Dg6NKKUSqyK5Qrnf0000076d@hotmail.com>

Heh, that's the way we hack around TeamSite, which doesn't allow for dynamic 
content in its templates.  It's a good way to include something like a 
common navigation box shared across a series of articles.

It also comes in pretty handy if you are using Atomz search for your site 
and would like to use your dynamic elements in the static wrapper template 
that you provide them which resides on their servers.



>From: evan heller <evan.heller at alum.rpi.edu>
>Reply-To: talk at nyphp.org
>To: NYPHP Talk <talk at nyphp.org>
>Subject: Re: [nycphp-talk] PHP and Javascript/HTML
>Date: Thu, 27 Jun 2002 22:46:02 -0400
>Received: from hotmail.com ([65.54.237.23]) by hotmail.com with Microsoft 
>SMTPSVC(5.0.2195.4905); Thu, 27 Jun 2002 19:50:09 -0700
>Received: from slipdisc.virul.net ([66.114.66.188]) by hotmail.com with 
>Microsoft SMTPSVC(5.0.2195.4905); Thu, 27 Jun 2002 19:47:02 -0700
>Received: from nyphp.org (slipdisc.virul.net [66.114.66.188])by 
>slipdisc.virul.net (8.11.6/8.11.6) with ESMTP id g5S2k2P44169;Thu, 27 Jun 
>2002 22:46:02 -0400 (EDT)(envelope-from listmaster at nyphp.org)
>Message-Id: <200206280246.g5S2k2P44169 at slipdisc.virul.net>
>X-Paralist-Archived: 
><http://nyphp.org/list/paralist_archive.html?L_mid=549>
>X-List-Software: Paralist 0.6
>List-ID: <nyphptalk.nyphp.org>
>List-Owner: <mailto:listmaster at nyphp.org>
>List-Archive: <http://nyphp.org/list/paralist_archive.html?L_lid=1>
>List-Subscribe: <http://nyphp.org/list/>
>List-Unsubscribe: <http://nyphp.org/list/>
>Organization: New York PHP
>X-Mailer: Paramail 0.5
>Return-Path: listmaster at nyphp.org
>X-OriginalArrivalTime: 28 Jun 2002 02:47:02.0768 (UTC) 
>FILETIME=[14F50700:01C21E4E]
>
>Well, a weird way of doing it is to have the page
>use the javascript include method to include a
>javascript file such as:
>
><script language="JavaScript"
>src="http://www.nyphp.org/somephpscript.php?content=blah
>"></script>
>but instead of returning a php page, it rather
>creates a javascript page which contains
>things like document.write("<br>some text from a
>database");   then all you have to do is tell your
>user to
>include the javascript bits wherever needed and
>walla...it should work across most browsers and is
>great method of getting
>data. HTMLGear.com uses it extensively if you want
>like Wired.com headlines or guest books or
>whatever.
>
>-Evan
>
>Jon Baer wrote:
> >
> > Hmm, not sure if it applies but Ive found this little hidden resource
> > extremely helpful:
> >
> > http://ashleyit.com/rs/
> >
> > Remote scripting w/ PHP works very nicely :-)
> >
> > - Jon
> >
> > Hans Zaunere wrote:
> >
> > >I have a co-worker who will be working with me on a couple pages.  He
> > >knows a little about Javascript and PHP and will be doing mostly
> > >frontend work, including taking a static HTML page and marking it up
> > >with PHP, so dynamic tables/etc can be generated from DB data that I
> > >supply (so I don't have to - YES!).
> > >
> > >Does anyone have resources that they've found particularly useful for
> > >implementing PHP in HTML/Javascript/layout/generation/etc.  I'd like to
> > >stay away from templates/"supply a couple vars and out comes a
> > >table"/class systems - just good old fashioned HTML markup with PHP.
> > >
> > >
> > >Thanks,
> > >
> > >HZ
> > >
> > >
> > >__________________________________________________
> > >Do You Yahoo!?
> > >Yahoo! - Official partner of 2002 FIFA World Cup
> > >http://fifaworldcup.yahoo.com
> > >
> > >
> > >
>
>--
>
>Evan Heller
>evan.heller at alum.rpi.edu






=======================================
D C Krook
http://krook.net/ || http://krook.info/


_________________________________________________________________
Join the world?s largest e-mail service with MSN Hotmail. 
http://www.hotmail.com



From ian at plusfour.org  Fri Jun 28 10:26:33 2002
From: ian at plusfour.org (Ian Forsyth)
Date: Fri, 28 Jun 2002 10:26:33 -0400
Subject: using exec or backticks
In-Reply-To: <200206280246.g5S2k2P44169@slipdisc.virul.net>
Message-ID: <DEEKJLBPBMNHDEECLKBEOEFGCGAA.ian@plusfour.org>

I am trying to do a mysqldump using php..

$command = "mysqldump -h localhost -u ian --password=something --opt
adatabase > db.sql";
$result = `$command`;

or exec("mysqldump -h localhost -u ian --password=something --opt adatabase
> db.sql");

but on red-hat or mac os X (aka freebsd) i get nothing.. not even an empty
file named db.sql..

On my windows machine even is my login was incorrect, a file was still
generated..

which leads me to believe, for linux, is it an issue of permissions?

$a = array();
$int = 1;
$c = "ls";
exec($c,$a,$int);
print_r($a);

on both linux and windows. I get the same results from the above.. so it
must be permissions.. should i try running it as a cgi?

Ian..



From rainman at deroo.net  Fri Jun 28 14:17:27 2002
From: rainman at deroo.net (Raymond DeRoo)
Date: Fri, 28 Jun 2002 14:17:27 -0400
Subject: [nycphp-talk] using exec or backticks
In-Reply-To: <200206281426.g5SEQJP50406@slipdisc.virul.net>
References: <200206281426.g5SEQJP50406@slipdisc.virul.net>
Message-ID: <200206281817.g5SIHK1G027552@base.deroo.net>

Ian--

> $command = "mysqldump -h localhost -u ian --password=something --opt
> adatabase > db.sql";
> $result = `$command`;
>
> or exec("mysqldump -h localhost -u ian --password=something --opt adatabase
>
> > db.sql");

Can the user your httpd runs as execute mysqldump? Even if it can, I doubt 
that mysqldump is in the path of the environment your httpd runs as. Try 
specifying the complete path to mysqldump and see if that works.

.r


From cthorn at wt.net  Fri Jun 28 15:04:19 2002
From: cthorn at wt.net (Chauncey Thorn)
Date: Fri, 28 Jun 2002 14:04:19 -0500
Subject: [nycphp-talk] using exec or backticks
References: <200206281426.g5SEQJP50406@slipdisc.virul.net>
Message-ID: <3D1CB333.9C327152@wt.net>

How are you doing?

Permissions needed for web server "user" to dump a file.

somewhere under web root
chown -R root.nobody dirname/
chmod -R g+w dirname/



Ian Forsyth wrote:

> I am trying to do a mysqldump using php..
>
> $command = "mysqldump -h localhost -u ian --password=something --opt
> adatabase > db.sql";
> $result = `$command`;
>
> or exec("mysqldump -h localhost -u ian --password=something --opt adatabase
> > db.sql");
>
> but on red-hat or mac os X (aka freebsd) i get nothing.. not even an empty
> file named db.sql..
>
> On my windows machine even is my login was incorrect, a file was still
> generated..
>
> which leads me to believe, for linux, is it an issue of permissions?
>
> $a = array();
> $int = 1;
> $c = "ls";
> exec($c,$a,$int);
> print_r($a);
>
> on both linux and windows. I get the same results from the above.. so it
> must be permissions.. should i try running it as a cgi?
>
> Ian..

--
Chauncey Thorn                  Internet: cthorn at wt.net
Linux Administrator - MCP       http://PCCS-Linux.COM
--------------------------------------------------------------
"Views expressed by this individual may differ from your own..."





From seth at ghiek.com  Fri Jun 28 20:38:25 2002
From: seth at ghiek.com (Seth)
Date: Fri, 28 Jun 2002 20:38:25 -0400
Subject: [nycphp-talk] using exec or backticks
References: <200206290032.g5T0WVP62294@slipdisc.virul.net>
Message-ID: <014401c21f05$481db840$0602a8c0@GHIEKJT5HZPBAD>

Ian --

fwiw, I have a .php script that will dump an entire database out as an
ascii, comma-delimited file to the directory of your choice. It runs from
the web, generally from within my Admin section.

spirits,

seth
----- Original Message -----
From: "Chauncey Thorn" <cthorn at wt.net>
To: "NYPHP Talk" <talk at nyphp.org>
Sent: Friday, June 28, 2002 8:32 PM
Subject: Re: [nycphp-talk] using exec or backticks


> How are you doing?
>
> Permissions needed for web server "user" to dump a file.
>
> somewhere under web root
> chown -R root.nobody dirname/
> chmod -R g+w dirname/
>
>
>
> Ian Forsyth wrote:
>
> > I am trying to do a mysqldump using php..
> >
> > $command = "mysqldump -h localhost -u ian --password=something --opt
> > adatabase > db.sql";
> > $result = `$command`;
> >
> > or exec("mysqldump -h localhost -u ian --password=something --opt
adatabase
> > > db.sql");
> >
> > but on red-hat or mac os X (aka freebsd) i get nothing.. not even an
empty
> > file named db.sql..
> >
> > On my windows machine even is my login was incorrect, a file was still
> > generated..
> >
> > which leads me to believe, for linux, is it an issue of permissions?
> >
> > $a = array();
> > $int = 1;
> > $c = "ls";
> > exec($c,$a,$int);
> > print_r($a);
> >
> > on both linux and windows. I get the same results from the above.. so it
> > must be permissions.. should i try running it as a cgi?
> >
> > Ian..
>
> --
> Chauncey Thorn                  Internet: cthorn at wt.net
> Linux Administrator - MCP       http://PCCS-Linux.COM
> --------------------------------------------------------------
> "Views expressed by this individual may differ from your own..."
>
>
>
>
>
>



From jkapron at NewAgeWeb.com  Sat Jun 29 03:34:33 2002
From: jkapron at NewAgeWeb.com (Jerry Kapron)
Date: Sat, 29 Jun 2002 03:34:33 -0400
Subject: procmail and book(s)
References: <200206290045.g5T0jqP62421@slipdisc.virul.net>
Message-ID: <3D1D6308.33D4BF6A@NewAgeWeb.com>

in case someone noticed that I'm keeping a library book for more than 2 months
already (i think).. now I know that the Visual QuickPro Guide - PHP Advanced  is
too *visual* for me.. I also hate to see 'four pages' at the same time when I
open a book, and when I flip a page..things look totally different.. I tried to
get into this book a few times already - it just doesn't work .. I wanted to
return it last wednesday but I got stuck at work..  however, when I read the new
O'Reilly  PHP book on the train after work I feel like I'm becoming a better
person..it gets me relaxed and fed with the right information to move ahead ..
please consider this an extra brief review of two books insted ..
   also, does anybody here know procmail like the back of their hand? this is
kinda off topic but i'm sure that there are others who would like to learn more
about it..
-jerry